Search results for query "Linux ./configure"

6358 messages

Re: [CentOS-es] Resumen de CentOS-es, Vol 31, Envío 55

by Ramón Megías

Para solucionar este error: >> "No puede iniciar su sesión, asegurese de que su nombre de usuario y >> dominio sean correctos, luego repita su contraseña" >> Debe sacar del dominio el PC con el usuario administrador de Dominio y posteriormente del reinicio, volver a meter ese PC en el dominio. Con esto creo que el problema se solucionará. Un saludo. Ramón Megías El 30/07/09, centos-es-request(a)centos.org <centos-es-request(a)centos.org> escribió: > Envíe los mensajes para la lista CentOS-es a > centos-es(a)centos.org > > Para subscribirse o anular su subscripción a través de la WEB > http://lists.centos.org/mailman/listinfo/centos-es > > O por correo electrónico, enviando un mensaje con el texto "help" en > el asunto (subject) o en el cuerpo a: > centos-es-request(a)centos.org > > Puede contactar con el responsable de la lista escribiendo a: > centos-es-owner(a)centos.org > > Si responde a algún contenido de este mensaje, por favor, edite la > linea del asunto (subject) para que el texto sea mas especifico que: > "Re: Contents of CentOS-es digest...". Además, por favor, incluya en > la respuesta sólo aquellas partes del mensaje a las que está > respondiendo. > > > Asuntos del día: > > 1. Re: Crisis en el proyecto CentOS (Victor Padro) > 2. Re: Crisis en el proyecto CentOS (Victor Padro) > 3. Re: Crisis en el proyecto CentOS (Victor Padro) > 4. Re: modem 3g (Victor Padro) > 5. Re: problema de validacion con samba como PDC y LDAP > (samuel correa) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Thu, 30 Jul 2009 15:27:00 -0500 > From: Victor Padro <vpadro(a)gmail.com> > Subject: Re: [CentOS-es] Crisis en el proyecto CentOS > To: centos-es(a)centos.org > Message-ID: > <beee84cb0907301327n4a1f9627yc443ad0572d69ca1(a)mail.gmail.com> > Content-Type: text/plain; charset=UTF-8 > > 2009/7/30 Arturo Limon <limonavila(a)gmail.com>: >> Espero y deseo fervientemente que esto no dé al traste con el proyecto. >> Estoy apostando mucho por Centos (concretamente K12LTSP en su encarnación >> Centos) y una interrupción del proyecto me crearía serios problemas para >> cambiar de distribución. >> Vaya todo mi apoyo al equipo Centos y a toda la gente que hace posible >> esta >> distribución. >> Saludos. >> Arturo Limón. >> El 30 de julio de 2009 20:07, Eduardo Grosclaude >> <eduardo.grosclaude(a)gmail.com> escribió: >>> >>> Hola, quizás no todos los miembros de la lista en castellano lean la >>> lista en inglés de CentOS. Me parece apropiado comunicarles que en >>> estos momentos la lista inglesa literalmente hierve a causa de un >>> problema ocurrido con uno de los fundadores del proyecto, Lance Davis. >>> Esta era la única persona que tenía acceso al registro del dominio >>> centos.org y... a los fondos de las donaciones recibidas por el >>> proyecto, y... ¡¡¡no se lo ubica por ningún lado!!! >>> >>> En el sitio de CentOS está publicada una carta abierta a este (ex?) >>> miembro del proyecto, firmada por un núcleo de los desarrolladores que >>> están más involucrados con el proyecto, y el hilo de discusión >>> generado en la lista inglesa se puede seguir en >>> http://lists.centos.org/pipermail/centos/2009-July/079767.html >>> >>> Aunque la situación es incierta, y seguramente lamentable, >>> personalmente no creo que sea una crisis grave ni mucho menos. La >>> totalidad de los demás desarrolladores del proyecto están alineados y >>> gran cantidad de los usuarios está en estos momentos manifestando >>> solidaridad con las acciones tomadas. No quiero traer alarma a la >>> comunidad, sino información objetiva; y posiblemente reflexionar sobre >>> las complicaciones de mantener las cosas de un proyecto comunitario en >>> las manos de una sola persona. >>> >>> Si la lista quiere discutir alguna medida a tomar como sector de habla >>> hispana de la comunidad, o simplemente discutir la situación, me >>> gustaría saber su opinión. Más allá de los problemas que pueda tener >>> esta persona y el impacto sobre el proyecto, como usuarios que >>> reconocemos el esfuerzo de los desarrolladores, me parece adecuado >>> mostrarles apoyo y ofrecerse para lo que podamos ayudar. >>> >>> Un saludo cordial! >>> >>> -- >>> Eduardo Grosclaude >>> Universidad Nacional del Comahue >>> Neuquen, Argentina >>> _______________________________________________ >>> CentOS-es mailing list >>> CentOS-es(a)centos.org >>> http://lists.centos.org/mailman/listinfo/centos-es >> >> >> _______________________________________________ >> CentOS-es mailing list >> CentOS-es(a)centos.org >> http://lists.centos.org/mailman/listinfo/centos-es >> >> > > No se preocupen Karanbir acaba de mencionar hace unos minutos que el > proyecto CentOS continuara, lo que realmente tiene el problema es el > dominio centos.org sin embargo que ello se resolvera de alguna manera > u otra, no hay que preocuparse! > > si pueden lean esto tambien: > http://dag.wieers.com/blog/the-burden-of-keeping-things-private > > -- > Usuario Linux Registrado #452368 > Usuario Ubuntu Registrado #28025 > > "Doing a thing well is often a waste of time." > ---------------------------------------------------------------------------------------------------------------------------------- > //Netbook - HP Mini 1035NR 2GB 60GB - Windows XP/Ubuntu 9.04 > //Desktop - Core 2 Duo 1.86Ghz 8GB 500GB - Windows 7(testing) > //Desktop - Core 2 Duo 2.40Ghz 8GB 320GB - MacOS Leopard > //Desktop - Athlon 64 2.7Ghz 8GB 400GB - Ubuntu Jaunty > //Server - Pentium D 3.2Ghz 8GB 1TB - Debian Lenny > //Server - Celeron 1.8Ghz 1GB 160GB - Pfsense > //Server - NSLU2 266Mhz 32MB 1TB - Debian Lenny > > > ------------------------------ > > Message: 2 > Date: Thu, 30 Jul 2009 15:28:18 -0500 > From: Victor Padro <vpadro(a)gmail.com> > Subject: Re: [CentOS-es] Crisis en el proyecto CentOS > To: centos-es(a)centos.org > Message-ID: > <beee84cb0907301328r5c77e426p3994bca9df369b29(a)mail.gmail.com> > Content-Type: text/plain; charset=UTF-8 > > 2009/7/30 Victor Padro <vpadro(a)gmail.com>: >> 2009/7/30 Arturo Limon <limonavila(a)gmail.com>: >>> Espero y deseo fervientemente que esto no dé al traste con el proyecto. >>> Estoy apostando mucho por Centos (concretamente K12LTSP en su encarnación >>> Centos) y una interrupción del proyecto me crearía serios problemas para >>> cambiar de distribución. >>> Vaya todo mi apoyo al equipo Centos y a toda la gente que hace posible >>> esta >>> distribución. >>> Saludos. >>> Arturo Limón. >>> El 30 de julio de 2009 20:07, Eduardo Grosclaude >>> <eduardo.grosclaude(a)gmail.com> escribió: >>>> >>>> Hola, quizás no todos los miembros de la lista en castellano lean la >>>> lista en inglés de CentOS. Me parece apropiado comunicarles que en >>>> estos momentos la lista inglesa literalmente hierve a causa de un >>>> problema ocurrido con uno de los fundadores del proyecto, Lance Davis. >>>> Esta era la única persona que tenía acceso al registro del dominio >>>> centos.org y... a los fondos de las donaciones recibidas por el >>>> proyecto, y... ¡¡¡no se lo ubica por ningún lado!!! >>>> >>>> En el sitio de CentOS está publicada una carta abierta a este (ex?) >>>> miembro del proyecto, firmada por un núcleo de los desarrolladores que >>>> están más involucrados con el proyecto, y el hilo de discusión >>>> generado en la lista inglesa se puede seguir en >>>> http://lists.centos.org/pipermail/centos/2009-July/079767.html >>>> >>>> Aunque la situación es incierta, y seguramente lamentable, >>>> personalmente no creo que sea una crisis grave ni mucho menos. La >>>> totalidad de los demás desarrolladores del proyecto están alineados y >>>> gran cantidad de los usuarios está en estos momentos manifestando >>>> solidaridad con las acciones tomadas. No quiero traer alarma a la >>>> comunidad, sino información objetiva; y posiblemente reflexionar sobre >>>> las complicaciones de mantener las cosas de un proyecto comunitario en >>>> las manos de una sola persona. >>>> >>>> Si la lista quiere discutir alguna medida a tomar como sector de habla >>>> hispana de la comunidad, o simplemente discutir la situación, me >>>> gustaría saber su opinión. Más allá de los problemas que pueda tener >>>> esta persona y el impacto sobre el proyecto, como usuarios que >>>> reconocemos el esfuerzo de los desarrolladores, me parece adecuado >>>> mostrarles apoyo y ofrecerse para lo que podamos ayudar. >>>> >>>> Un saludo cordial! >>>> >>>> -- >>>> Eduardo Grosclaude >>>> Universidad Nacional del Comahue >>>> Neuquen, Argentina >>>> _______________________________________________ >>>> CentOS-es mailing list >>>> CentOS-es(a)centos.org >>>> http://lists.centos.org/mailman/listinfo/centos-es >>> >>> >>> _______________________________________________ >>> CentOS-es mailing list >>> CentOS-es(a)centos.org >>> http://lists.centos.org/mailman/listinfo/centos-es >>> >>> >> >> No se preocupen Karanbir acaba de mencionar hace unos minutos que el >> proyecto CentOS continuara, lo que realmente tiene el problema es el >> dominio centos.org sin embargo que ello se resolvera de alguna manera >> u otra, no hay que preocuparse! >> >> si pueden lean esto tambien: >> http://dag.wieers.com/blog/the-burden-of-keeping-things-private >> >> -- >> Usuario Linux Registrado #452368 >> Usuario Ubuntu Registrado #28025 >> >> "Doing a thing well is often a waste of time." >> ---------------------------------------------------------------------------------------------------------------------------------- >> //Netbook - HP Mini 1035NR 2GB 60GB - Windows XP/Ubuntu 9.04 >> //Desktop - Core 2 Duo 1.86Ghz 8GB 500GB - Windows 7(testing) >> //Desktop - Core 2 Duo 2.40Ghz 8GB 320GB - MacOS Leopard >> //Desktop - Athlon 64 2.7Ghz 8GB 400GB - Ubuntu Jaunty >> //Server - Pentium D 3.2Ghz 8GB 1TB - Debian Lenny >> //Server - Celeron 1.8Ghz 1GB 160GB - Pfsense >> //Server - NSLU2 266Mhz 32MB 1TB - Debian Lenny >> > > Ooops, se me paso copiarles esto: > > Karanbir comento que: > However, the one thing that most people seem to be moving on already is > the assumption that CentOS is about to go away - which isnt correct at > all. For the users, we will make sure that there is as little an impact > as possible. > > -- > Usuario Linux Registrado #452368 > Usuario Ubuntu Registrado #28025 > > "Doing a thing well is often a waste of time." > ---------------------------------------------------------------------------------------------------------------------------------- > //Netbook - HP Mini 1035NR 2GB 60GB - Windows XP/Ubuntu 9.04 > //Desktop - Core 2 Duo 1.86Ghz 8GB 500GB - Windows 7(testing) > //Desktop - Core 2 Duo 2.40Ghz 8GB 320GB - MacOS Leopard > //Desktop - Athlon 64 2.7Ghz 8GB 400GB - Ubuntu Jaunty > //Server - Pentium D 3.2Ghz 8GB 1TB - Debian Lenny > //Server - Celeron 1.8Ghz 1GB 160GB - Pfsense > //Server - NSLU2 266Mhz 32MB 1TB - Debian Lenny > > > ------------------------------ > > Message: 3 > Date: Thu, 30 Jul 2009 15:29:43 -0500 > From: Victor Padro <vpadro(a)gmail.com> > Subject: Re: [CentOS-es] Crisis en el proyecto CentOS > To: centos-es(a)centos.org > Message-ID: > <beee84cb0907301329m75fdd69qd192f43eca626f1d(a)mail.gmail.com> > Content-Type: text/plain; charset=UTF-8 > > 2009/7/30 Victor Padro <vpadro(a)gmail.com>: >> 2009/7/30 Victor Padro <vpadro(a)gmail.com>: >>> 2009/7/30 Arturo Limon <limonavila(a)gmail.com>: >>>> Espero y deseo fervientemente que esto no dé al traste con el proyecto. >>>> Estoy apostando mucho por Centos (concretamente K12LTSP en su >>>> encarnación >>>> Centos) y una interrupción del proyecto me crearía serios problemas para >>>> cambiar de distribución. >>>> Vaya todo mi apoyo al equipo Centos y a toda la gente que hace posible >>>> esta >>>> distribución. >>>> Saludos. >>>> Arturo Limón. >>>> El 30 de julio de 2009 20:07, Eduardo Grosclaude >>>> <eduardo.grosclaude(a)gmail.com> escribió: >>>>> >>>>> Hola, quizás no todos los miembros de la lista en castellano lean la >>>>> lista en inglés de CentOS. Me parece apropiado comunicarles que en >>>>> estos momentos la lista inglesa literalmente hierve a causa de un >>>>> problema ocurrido con uno de los fundadores del proyecto, Lance Davis. >>>>> Esta era la única persona que tenía acceso al registro del dominio >>>>> centos.org y... a los fondos de las donaciones recibidas por el >>>>> proyecto, y... ¡¡¡no se lo ubica por ningún lado!!! >>>>> >>>>> En el sitio de CentOS está publicada una carta abierta a este (ex?) >>>>> miembro del proyecto, firmada por un núcleo de los desarrolladores que >>>>> están más involucrados con el proyecto, y el hilo de discusión >>>>> generado en la lista inglesa se puede seguir en >>>>> http://lists.centos.org/pipermail/centos/2009-July/079767.html >>>>> >>>>> Aunque la situación es incierta, y seguramente lamentable, >>>>> personalmente no creo que sea una crisis grave ni mucho menos. La >>>>> totalidad de los demás desarrolladores del proyecto están alineados y >>>>> gran cantidad de los usuarios está en estos momentos manifestando >>>>> solidaridad con las acciones tomadas. No quiero traer alarma a la >>>>> comunidad, sino información objetiva; y posiblemente reflexionar sobre >>>>> las complicaciones de mantener las cosas de un proyecto comunitario en >>>>> las manos de una sola persona. >>>>> >>>>> Si la lista quiere discutir alguna medida a tomar como sector de habla >>>>> hispana de la comunidad, o simplemente discutir la situación, me >>>>> gustaría saber su opinión. Más allá de los problemas que pueda tener >>>>> esta persona y el impacto sobre el proyecto, como usuarios que >>>>> reconocemos el esfuerzo de los desarrolladores, me parece adecuado >>>>> mostrarles apoyo y ofrecerse para lo que podamos ayudar. >>>>> >>>>> Un saludo cordial! >>>>> >>>>> -- >>>>> Eduardo Grosclaude >>>>> Universidad Nacional del Comahue >>>>> Neuquen, Argentina >>>>> _______________________________________________ >>>>> CentOS-es mailing list >>>>> CentOS-es(a)centos.org >>>>> http://lists.centos.org/mailman/listinfo/centos-es >>>> >>>> >>>> _______________________________________________ >>>> CentOS-es mailing list >>>> CentOS-es(a)centos.org >>>> http://lists.centos.org/mailman/listinfo/centos-es >>>> >>>> >>> >>> No se preocupen Karanbir acaba de mencionar hace unos minutos que el >>> proyecto CentOS continuara, lo que realmente tiene el problema es el >>> dominio centos.org sin embargo que ello se resolvera de alguna manera >>> u otra, no hay que preocuparse! >>> >>> si pueden lean esto tambien: >>> http://dag.wieers.com/blog/the-burden-of-keeping-things-private >>> >>> -- >>> Usuario Linux Registrado #452368 >>> Usuario Ubuntu Registrado #28025 >>> >>> "Doing a thing well is often a waste of time." >>> ---------------------------------------------------------------------------------------------------------------------------------- >>> //Netbook - HP Mini 1035NR 2GB 60GB - Windows XP/Ubuntu 9.04 >>> //Desktop - Core 2 Duo 1.86Ghz 8GB 500GB - Windows 7(testing) >>> //Desktop - Core 2 Duo 2.40Ghz 8GB 320GB - MacOS Leopard >>> //Desktop - Athlon 64 2.7Ghz 8GB 400GB - Ubuntu Jaunty >>> //Server - Pentium D 3.2Ghz 8GB 1TB - Debian Lenny >>> //Server - Celeron 1.8Ghz 1GB 160GB - Pfsense >>> //Server - NSLU2 266Mhz 32MB 1TB - Debian Lenny >>> >> >> Ooops, se me paso copiarles esto: >> >> Karanbir comento que: >> However, the one thing that most people seem to be moving on already is >> the assumption that CentOS is about to go away - which isnt correct at >> all. For the users, we will make sure that there is as little an impact >> as possible. >> >> -- >> Usuario Linux Registrado #452368 >> Usuario Ubuntu Registrado #28025 >> >> "Doing a thing well is often a waste of time." >> ---------------------------------------------------------------------------------------------------------------------------------- >> //Netbook - HP Mini 1035NR 2GB 60GB - Windows XP/Ubuntu 9.04 >> //Desktop - Core 2 Duo 1.86Ghz 8GB 500GB - Windows 7(testing) >> //Desktop - Core 2 Duo 2.40Ghz 8GB 320GB - MacOS Leopard >> //Desktop - Athlon 64 2.7Ghz 8GB 400GB - Ubuntu Jaunty >> //Server - Pentium D 3.2Ghz 8GB 1TB - Debian Lenny >> //Server - Celeron 1.8Ghz 1GB 160GB - Pfsense >> //Server - NSLU2 266Mhz 32MB 1TB - Debian Lenny >> > > Por ultimo acaban de postear esto: > http://www.centos.org/ > > Saludos. > > -- > Usuario Linux Registrado #452368 > Usuario Ubuntu Registrado #28025 > > "Doing a thing well is often a waste of time." > ---------------------------------------------------------------------------------------------------------------------------------- > //Netbook - HP Mini 1035NR 2GB 60GB - Windows XP/Ubuntu 9.04 > //Desktop - Core 2 Duo 1.86Ghz 8GB 500GB - Windows 7(testing) > //Desktop - Core 2 Duo 2.40Ghz 8GB 320GB - MacOS Leopard > //Desktop - Athlon 64 2.7Ghz 8GB 400GB - Ubuntu Jaunty > //Server - Pentium D 3.2Ghz 8GB 1TB - Debian Lenny > //Server - Celeron 1.8Ghz 1GB 160GB - Pfsense > //Server - NSLU2 266Mhz 32MB 1TB - Debian Lenny > > > ------------------------------ > > Message: 4 > Date: Thu, 30 Jul 2009 15:30:44 -0500 > From: Victor Padro <vpadro(a)gmail.com> > Subject: Re: [CentOS-es] modem 3g > To: centos-es(a)centos.org > Message-ID: > <beee84cb0907301330n6b81d559mccefd8d21e4e455d(a)mail.gmail.com> > Content-Type: text/plain; charset=UTF-8 > > 2009/7/30 alejandro <alejandro_garrido(a)click.com.py>: >> hola, tengo el modem huawei E226 y fedora 11. >> >> mi proble es que al conectar el modem al equipo, lo detecta todo bien y >> dice que esta conectado a la red banda ancha GSM, y hasta ahi todo bien, >> pero despues quiero navegar y nada, no abre la pagina. >> >> nadie sabe porque debe ser, busque y probe un monton de cosas como, >> direcciones DNS pero nada de nada, si alguien me puede dar una mano les >> voy a estar agradecido. >> >> un saludo >> >> AG >> _______________________________________________ >> CentOS-es mailing list >> CentOS-es(a)centos.org >> http://lists.centos.org/mailman/listinfo/centos-es >> > > Te recuerdo que esta es una lista de CentOS no de Fedora. > ya buscaste en google algo acerca de tu problematica? > > -- > Usuario Linux Registrado #452368 > Usuario Ubuntu Registrado #28025 > > "Doing a thing well is often a waste of time." > ---------------------------------------------------------------------------------------------------------------------------------- > //Netbook - HP Mini 1035NR 2GB 60GB - Windows XP/Ubuntu 9.04 > //Desktop - Core 2 Duo 1.86Ghz 8GB 500GB - Windows 7(testing) > //Desktop - Core 2 Duo 2.40Ghz 8GB 320GB - MacOS Leopard > //Desktop - Athlon 64 2.7Ghz 8GB 400GB - Ubuntu Jaunty > //Server - Pentium D 3.2Ghz 8GB 1TB - Debian Lenny > //Server - Celeron 1.8Ghz 1GB 160GB - Pfsense > //Server - NSLU2 266Mhz 32MB 1TB - Debian Lenny > > > ------------------------------ > > Message: 5 > Date: Thu, 30 Jul 2009 16:11:43 -0500 > From: samuel correa <samuel.correa(a)gmail.com> > Subject: Re: [CentOS-es] problema de validacion con samba como PDC y > LDAP > To: centos-es(a)centos.org > Message-ID: > <40f21f6a0907301411m1a6d508at36a32819546c6790(a)mail.gmail.com> > Content-Type: text/plain; charset="utf-8" > > Hola. > > Gracias por responder, lamento decirlo pero la solución que me propones no > me dió el resultado esperado, es decir, sigo con el mismo problema... > > alguna otra sugerencia??... > > (es de caracter HYPERIMPORTANTE!) > > Samuel > > > > On Thu, Jul 30, 2009 at 12:24 PM, Germán C. Basisty < > german.basisty(a)eipsistemas.com.ar> wrote: > >> Tenes que modificar el registro de xp. >> >> >> >> Hklm\system\currentcontrolset\services\netlogon\parameters\requiresignorseal >> que esta en 1 pasarlo a 0. >> >> >> >> Si esta todo bien tiene que salir andando derecho. >> >> >> >> Saludos. >> >> >> >> >> >> *Germán C. Basisty* >> >> *EIP SISTEMAS* >> >> *Consultor - Tecnología Informática* >> >> tel./fax +54 (299) 436 6929 >> >> cel. +54 (2942) 15 472 223 >> >> german.basisty(a)eipsistemas.com.ar >> >> http://ww.eipsistemas.com.ar >> >> >> >> >> >> *De:* centos-es-bounces(a)centos.org [mailto:centos-es-bounces@centos.org] >> *En >> nombre de *samuel correa >> *Enviado el:* jueves, 30 de julio de 2009 02:20 p.m. >> *Para:* centos-es(a)centos.org >> *Asunto:* Re: [CentOS-es] problema de validacion con samba como PDC y LDAP >> >> >> >> Hola.. no se si ya me respondieron.. es que no estaba inscrito a la lista >> y >> no sabria si ya respondieron o no.. si ya respondieron podrian hacerlo de >> nuevo que ya si estoy inscrito en la lista... de lo contrario.. podrian >> colaborarme con esto??? >> >> gracias. >> >> >> --------------- >> >> Buenas Tardes a todos. >> >> Tengo el siguiente problema: >> >> Tengo un servidor con la ultima version de Centos 5. >> Luego instale y configure OpenLdap (openldap-servers-2.3.43-3. >> >> el5). >> Luego configure el dominio Samba (Version 3.0.33-3.7.el5) con OpenLdap. >> >> Todo parecia estar funcionando correctamente pero no fue asi. >> >> Al final de la configuración del Samba las maquinas (que tienen Win XP >> pro) >> se estaban agregando al dominio PDC que habia configurado previamente, >> pero >> luego de reiniciar esa maquina e intentar iniciar con una cuenta creada en >> LDAP no puedo niniciar. El error de validación que aparece en el windows >> es >> el siguiente: >> >> "El sistema no puede iniciar su sesión debido al siguiente error: >> >> Uno de los dispositivos vinculados al sistema no funciona. >> >> Intentelo de nuevo o consulte con el administrador del sistema" >> >> >> Lo curioso es que si está buscando ese usuario, ya que si con ese usuario >> ingreso una contraseña erronea el me saca el error: >> >> "No puede iniciar su sesión, asegurese de que su nombre de usuario y >> dominio sean correctos, luego repita su contraseña" >> >> >> Quisiera que me colaboraran con la validación del usuario de LDAP en el >> equipo Windows que ha sido previamente agregado al dominio de Samba. >> Mis archivos de configuración son los siguientes, si necesitan alguno más >> me avisan que con gusto lo mostraré. >> >> >> --------------------------------------------------------------------------------------------------------------------------------------- >> */etc/openldap/ldap.conf* >> >> >> HOST 192.168.30.100 >> BASE dc=siona,dc=cs,dc=udea,dc=edu,dc=co >> >> SIZELIMIT 12 >> TLS_CACERTDIR /etc/openldap/cacerts >> >> --------------------------------------------------------------------------------------------------------------------------------------- >> */etc/ldap.conf* >> >> host 127.0.0.1 >> >> base dc=prueba,dc=cs,dc=udea,dc=edu,dc=co >> >> ssl no >> tls_cacertdir /etc/openldap/cacerts >> pam_password md5 >> >> --------------------------------------------------------------------------------------------------------------------------------------- >> */etc/openldap/slapd.conf* >> >> include /etc/openldap/schema/core.schema >> include /etc/openldap/schema/autofs.schema >> include /etc/openldap/schema/misc.schema >> include /etc/openldap/schema/cosine.schema >> include /etc/openldap/schema/dyngroup.schema >> include /etc/openldap/schema/java.schema >> include /etc/openldap/schema/inetorgperson.schema >> include /etc/openldap/schema/nis.schema >> include /etc/openldap/schema/samba.schema >> >> >> pidfile /var/run/openldap/slapd.pid >> argsfile /var/run/openldap/slapd.args >> >> schemacheck on >> >> loglevel 512 >> >> password-hash {CRYPT} >> >> database ldbm >> suffix "dc=prueba,dc=cs,dc=udea,dc=edu,dc=co" >> rootdn "cn=cacique,dc=prueba,dc=cs,dc=udea,dc=edu,dc=co" >> >> rootpw {MD5}V0L/mtFz0HPxFqPffgV >> >> >> directory /var/lib/ldap >> >> index sambaSID eq >> index sambaPrimaryGroupSID eq >> index sambaDomainName eq >> index objectClass,uid,uidNumber,gidNumber,memberUid eq >> index cn,mail,surname,givenname eq,subinitial >> >> >> >> #access to >> attrs=userPassword,sambaNTPassword,sambaLMPassword,sambaPwdLastSet,sambaPwdMustChange,sambaAcctFlags,sambaPasswordHistory >> >> access to >> attrs=userPassword,sambaNTPassword,sambaLMPassword,sambaPwdLastSet,sambaPwdMustChange,sambaAcctFlags,sambaPasswordHistory >> by dn="cn=cacique,dc=prueba,dc=cs,dc=udea,dc=edu,dc=co" write >> by anonymous auth >> by self write >> by * none >> >> >> # The admin dn has full write access >> access to * >> by dn="cn=cacique,dc=prueba,dc=cs,dc=udea,dc=edu,dc=co" write >> by * read >> >> >> >> >> >> --------------------------------------------------------------------------------------------------------------------------------------- >> */etc/samba/smb.conf >> * >> [global] >> >> workgroup = PDC-SMB3 >> >> netbios name = PRUEBA >> server string = Servidor Samba con LDAP %v >> >> security = user >> encrypt passwords = Yes >> min passwd length = 3 >> >> obey pam restrictions = No >> >> ldap passwd sync = Yes >> log level = 0 >> syslog = 0 >> log file = /var/log/samba/%m.log >> max log size = 100000 >> time server = Yes >> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 >> mangling method = hash2 >> Dos charset = 850 >> Unix charset = ISO8859-1 >> logon script = logon.bat >> logon drive = X: >> logon home = >> logon path = >> >> >> domain logons = Yes >> os level = 65 >> preferred master = Yes >> domain master = Yes >> wins support = Yes >> >> passwd program = /usr/sbin/smbldap-passwd %u >> passdb backend = ldapsam:ldap://192.168.30.100/ >> ldap admin dn = cn=cacique,dc=prueba,dc=cs,dc=udea,dc=edu,dc=co >> ldap suffix = dc=prueba,dc=cs,dc=udea,dc=edu,dc=co >> ldap group suffix = ou=grupos >> ldap user suffix = ou=estudiantes >> ldap machine suffix = ou=maquinas >> ldap idmap suffix = ou=estudiantes >> ldap ssl = no >> >> add user script = /usr/sbin/smbldap-useradd -m "%u" >> ldap delete dn = Yes >> add machine script = /usr/sbin/smbldap-useradd -w "%u" >> add group script = /usr/sbin/smbldap-groupadd -p "%g" >> add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" >> delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" >> "%g" >> set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" >> >> >> idmap uid = 16777216-33554431 >> idmap gid = 16777216-33554431 >> template shell = /bin/false >> winbind use default domain = no >> >> >> #============================ Share Definitions ====================== >> >> [homes] >> comment = Privado de %U, %u >> read only = No >> create mask = 0644 >> directory mask = 0775 >> browseable = No >> >> >> [netlogon] >> path = /export/admstaff/samba/netlogon/ >> browseable = No >> read only = yes >> >> >> [Profiles] >> path = /export/admstaff/samba/profiles >> >> >> writeable = yes >> create mask = 0600 >> directory mask = 0700 >> browseable = No >> guest ok = Yes >> profile acls = yes >> csc policy = disable >> # next line is a great way to secure the profiles >> force user = %U >> # next line allows administrator to access all profiles >> # valid users = %U @"Domain Admins" >> [printers] >> comment = Impresoras en la Red >> printer admin = @"Print Operators" >> >> >> guest ok = yes >> printable = yes >> path = /export/admstaff/samba >> browseable = No >> read only = Yes >> print command = /usr/bin/lpr -P%p -r %s >> lpq command = /usr/bin/lpq -P%p >> lprm command = /usr/bin/lprm -P%p %j >> >> [printers-1] >> path = /export/admstaff/samba/printers >> guest ok = No >> ; browseable = Yes >> read only = Yes >> valid users = @"Print Operators" >> write list = @"Print Operators" >> create mask = 0664 >> directory mask = 0775 >> >> >> [publico-siona] >> comment = Directorios Publicos >> path = /export/publico >> browseable = Yes >> read only = No >> guest ok = Yes >> directory mask = 0775 >> >> --------------------------------------------------------------------------------------------------------------------------------------- >> >> >> Les agradezco mucho su ayuda... >> >> hasta luego. >> >> >> pueden responderme a samuel.correa at gmail >> >> >> >> _______________________________________________ >> CentOS-es mailing list >> CentOS-es(a)centos.org >> http://lists.centos.org/mailman/listinfo/centos-es >> >> > ------------ pr?a parte ------------ > Se ha borrado un adjunto en formato HTML... > URL: > http://lists.centos.org/pipermail/centos-es/attachments/20090730/431bf969/a… > > ------------------------------ > > _______________________________________________ > CentOS-es mailing list > CentOS-es(a)centos.org > http://lists.centos.org/mailman/listinfo/centos-es > > > Fin de Resumen de CentOS-es, Vol 31, Envío 55 > ********************************************* >

16 years, 8 months

Re: [CentOS-pt-br] Cluster no CentOS. Ajuda..

by Antonio da Silva Martins Junior

----- "CássioElias ." <cassioelias(a)hotmail.com> escreveu: > De: "CássioElias ." <cassioelias(a)hotmail.com> > Para: "Lista de Discussão CentOS-BR" <centos-pt-br(a)centos.org> > Enviadas: Segunda-feira, 9 de Setembro de 2013 7:28:46 (GMT-0300) Auto-Detected > Assunto: Re: [CentOS-pt-br] Cluster no CentOS. Ajuda.. > > Por exemplo Antônio. Se eu fizesse assim > > > Servidor 1 = urano1 > Servidor 2 = urano2 > Servidor 3 = urano3 > > > Durante todo o dia, o servico do drbd estaria parado no servidor > urano3. Dai a meia noite eu daria um stop no serviço do drbd no > servidor urano2 e daria um start no serviço do drbd no servidor > urano3. Funcionaria assim também? Somente dando start e stop ? Olá Cássio, Bem, existem algumas formas de se fazer isso. A primeira é usar um recurso do DRBD aqui: http://www.drbd.org/users-guide-8.3/s-three-nodes.html Você teria uma sincronização entre 1 e 2, e outra entre o disco já replicado e 3. Funciona, mas não é exatamente como a sincronização, e para 3 ser usado deverá ser de forma manual. Mas, como é para uma recuperação de desastre é uma forma muito bom. Tenho um colega que tem os servidores 1 e 2 lado a lado, e o 3 em outro prédio. Outra forma, que pode facilitar a recuperação, é ter em 1 dois arquivos de configuração, o primeiro para a operação normal entre 1 e 2, e outro para o "backup", entre 1 e 3. Ai durante a noite, para o drbd em 1 e 2, altera o arquivo e sobre entre 1 e 3. Após sincronizar, volta ao estado original. Caso ocorra uma pane em 1, pode-se sincronizar 2 e 3. Espero não ter lhe confundido ainda mais. Mas, o método na documentação do DRBD é o que vai funcionar de forma mais simples. Att., Antonio. > > > > Date: Fri, 6 Sep 2013 08:28:30 -0300 > > From: asmartins(a)uem.br > > To: centos-pt-br(a)centos.org > > Subject: Re: [CentOS-pt-br] Cluster no CentOS. Ajuda.. > > > > Olá Cássio, > > > > Legal que funcionou! Como lhe disse, temos máquinas aqui funcionando > já a um bom tempo! > > > > Quanto a replicação para mais de 2 nós, tem com 3 (um backup) veja: > http://www.drbd.org/users-guide-8.3/s-three-way-repl.html > > > > E com imaginação dá para fazer muita coisa também! Como o tempo de > sync do DRBD não é muito grande > > se a quantidade de alterações de seus dados não for enorme, você > pode montar um > > esquema em que, p.ex., toda noite, você "troca" o nó secundário, > sincronizando com outros nós. > > Dai em caso de uma perda total do hardware do primário, você já tem > outra máquina para assumir. > > > > Att., > > > > Antonio. > > > > ----- "CássioElias ." <cassioelias(a)hotmail.com> escreveu: > > > > > De: "CássioElias ." <cassioelias(a)hotmail.com> > > > Para: "Lista de Discussão CentOS-BR" <centos-pt-br(a)centos.org> > > > Enviadas: Sexta-feira, 6 de Setembro de 2013 8:16:53 (GMT-0300) > Auto-Detected > > > Assunto: Re: [CentOS-pt-br] Cluster no CentOS. Ajuda.. > > > > > > É...vivendo e tentando aprender.... XD. > > > > > > > > > Acredito que a saga do Cluster no CentOS 6 chegou ao fim Antônio. > > > Ontem fiquei até 00:00 "brincando" um pouco nesses servidores e > nas > > > replicações. > > > Agora está funcionando beleza. Os servidores fazem a ajuda entre > si e > > > as replicações. As replicações está perfeitas. Configurei tudo > ontem > > > no pacemaker. O failover também está perfeito. Quando uma estação > cái, > > > ou entra em standby a outra assume na hora. > > > Fiz tudo em 2 máquinas virtuais criadas no VMWare ESXi. > > > O ideal era eu deixar uma virtual e outra em Servidor Físico. Mas > isso > > > eu vejo com a parte financeira da empresa depois..hehe. > > > > > > > > > Outra pergunta, o DRBD não trabalha com mais de 2 servidores não > né? > > > Andei lendo que ele trabalha apenas com 2 servidores. Se quiser > > > trabalhar com mais de 2 tem que ser com a ferramenta paga deles. > > > > > > > > > Bom, veja como ficou minhas configurações: > > > > > > > > > Informações do Servidor Urano1 que são as mesmas do Urano2: > > > > > > > > > > > > [root@urano1 ~]# uname -a > > > Linux urano1 2.6.32-358.18.1.el6.x86_64 #1 SMP Wed Aug 28 17:19:38 > UTC > > > 2013 x86_64 x86_64 x86_64 GNU/Linux > > > > > > > > > > > > # /etc/corosync/corosync.conf > > > > > > > > > #Opção do protocolo totem > > > totem { > > > version: 2 > > > > > > > > > #Tempo para verificar perca de pacotes em (ms) > > > token: 3000 > > > > > > > > > #Quantas verificações antes de gerar notificações > > > token_retransmits_before_loss_const: 10 > > > > > > > > > #Quanto tempo esperar para agrupar as notificações em (ms) > > > join: 60 > > > > > > > > > #Quanto tempo esperar para uma solução antes de começar uma nova > > > verificação (ms) > > > consensus: 3600 > > > > > > > > > #Filtro de sincronismo virtual desabilitado > > > vsftype: none > > > > > > > > > #Número de mensagens processadas na recepção de pacotes > > > max_messages: 20 > > > > > > > > > #Limite de cluster assinados > > > clear_node_high_bit: yes > > > > > > > > > #Criptografia desabilitada > > > secauth: off > > > > > > > > > #Quantas threads usadas para criptografar/descriptografar > > > threads: 0 > > > > > > > > > #Atribui ID em um cluster fixo (opcional) > > > # nodeid: 1234 > > > > > > > > > #Especifica que em modo de redundancia, não pode havar nenhum > cluster > > > ativo ou passivo. > > > rrp_mode: none > > > > > > > > > interface { > > > #Número de clusters (0 default) > > > ringnumber: 0 > > > #Início de ips utilizados por cluster 10.101.0.0 é 10.101.0.0/24 > aqui > > > mude para > > > #O endereço da sua rede ex: 192.168.0.0 que seria 192.168.0.0/24 > > > bindnetaddr: 192.168.0.0 > > > #Fim de ips utilizados por cluster > > > mcastaddr: 226.94.1.1 > > > #Porta utilizaad pelo corosync > > > mcastport: 5405 > > > } > > > } > > > > > > > > > #Configuração de AIS Availability Management Framework > > > amf { > > > mode: disabled > > > } > > > > > > > > > service { > > > #Carregamento do serviço para gerenciamento > > > ver: 1 > > > name: pacemaker > > > } > > > > > > > > > #Temos que setar o usuário e grupo como root para o ais ser capaz > de > > > gerenciar os recursos do pacemaker > > > aisexec { > > > user: root > > > group: root > > > } > > > > > > > > > > > > > > > #Configuração de log > > > logging { > > > fileline: off > > > to_stderr: yes > > > to_logfile: yes > > > logfile: /var/log/corosync/corosync.log > > > #Aqui estou desabilitando os logs para o syslog, pq senão zoa > demais o > > > arquivo > > > to_syslog: no > > > syslog_facility: daemon > > > debug: off > > > timestamp: on > > > logger_subsys { > > > subsys: AMF > > > debug: off > > > tags: enter|leave|trace1|trace2|trace3|trace4|trace6 > > > } > > > > > > > > > > > > [root@urano1 ~]# ls /etc/drbd.d > > > global_common.conf http.res mysql.res > > > > > > > > > > > > [root@urano1 ~]# cat /etc/drbd.d/http.res > > > resource http { > > > on urano1{ > > > device /dev/drbd1; > > > disk /dev/vg_urano1/lv_web; > > > address 192.168.0.181:7789; > > > meta-disk internal; > > > } > > > > > > > > > on urano2{ > > > device /dev/drbd1; > > > disk /dev/vg_urano2/lv_web; > > > address 192.168.0.182:7789; > > > meta-disk internal; > > > } > > > } > > > > > > > > > > > > [root@urano1 ~]# cat /etc/drbd.d/mysql.res > > > resource mysql { > > > on urano1{ > > > device /dev/drbd0; > > > disk /dev/vg_urano1/lv_mysql; > > > address 192.168.0.181:7790; > > > meta-disk internal; > > > } > > > > > > > > > on urano2{ > > > device /dev/drbd0; > > > disk /dev/vg_urano2/lv_mysql; > > > address 192.168.0.182:7790; > > > meta-disk internal; > > > } > > > } > > > > > > > > > > > > [root@urano1 ~]# lvs > > > LV VG Attr LSize Pool Origin Data% Move Log Cpy%Sync Convert > > > lv_home vg_urano1 -wi-ao--- 4,88g > > > lv_mysql vg_urano1 -wi-ao--- 4,88g > > > lv_root vg_urano1 -wi-ao--- 4,88g > > > lv_swap vg_urano1 -wi-ao--- 3,94g > > > lv_usr vg_urano1 -wi-ao--- 4,88g > > > lv_var vg_urano1 -wi-ao--- 4,88g > > > lv_web vg_urano1 -wi-ao--- 4,88g > > > > > > > > > > > > [root@urano1 ~]# crm configure show > > > node urano1 \ > > > attributes standby="off" > > > node urano2 \ > > > attributes standby="off" > > > primitive Failover ocf:heartbeat:IPaddr2 \ > > > params ip="192.168.0.200" cidr_netmask="24" nic="eth0" \ > > > op monitor interval="10s" > > > primitive Httpd lsb:httpd > > > primitive MysqlData ocf:linbit:drbd \ > > > params drbd_resource="mysql" \ > > > op monitor interval="60s" > > > primitive MysqlFS ocf:heartbeat:Filesystem \ > > > params device="/dev/drbd0" directory="/var/lib/mysql" > fstype="ext4" > > > primitive Mysqld lsb:mysqld > > > primitive Vsftpd lsb:vsftpd > > > primitive WebData ocf:linbit:drbd \ > > > params drbd_resource="http" \ > > > op monitor interval="60s" > > > primitive WebFS ocf:heartbeat:Filesystem \ > > > params device="/dev/drbd1" directory="/var/www/html" fstype="ext4" > > > ms MysqlDataClone MysqlData \ > > > meta master-max="1" master-node-max="1" clone-max="2" > > > clone-node-max="1" notify="true" > > > ms WebDataClone WebData \ > > > meta master-max="1" master-node-max="1" clone-max="2" > > > clone-node-max="1" notify="true" > > > location cli-prefer-Httpd Httpd \ > > > rule $id="cli-prefer-rule-Httpd" inf: #uname eq urano1 > > > location cli-prefer-Mysqld Mysqld \ > > > rule $id="cli-prefer-rule-Mysqld" inf: #uname eq urano1 > > > location cli-prefer-Vsftpd Vsftpd \ > > > rule $id="cli-prefer-rule-Vsftpd" inf: #uname eq urano1 > > > colocation Htpd-with-WebFS inf: Httpd WebFS > > > colocation Mysqld-with-MysqlFS inf: Mysqld MysqlFS > > > colocation fs_on_drbd inf: MysqlFS MysqlDataClone:Master > > > colocation fs_on_drbd1 inf: WebFS WebDataClone:Master > > > colocation website-with-ip inf: Httpd Failover > > > order Httpd-after-WebFS inf: WebFS Httpd > > > order MysqlFS-after-MysqlData inf: MysqlDataClone:promote > > > MysqlFS:start > > > order Mysqld-after-MysqlFS inf: MysqlFS Mysqld > > > order WebFS-after-WebData inf: WebDataClone:promote WebFS:start > > > order httpd-after-ip inf: Failover Httpd > > > property $id="cib-bootstrap-options" \ > > > dc-version="1.1.9-2.2-2db99f1" \ > > > cluster-infrastructure="classic openais (with plugin)" \ > > > expected-quorum-votes="2" \ > > > stonith-enabled="false" \ > > > no-quorum-policy="ignore" > > > > > > > > > > > > [root@urano1 ~]# crm_mon -1 > > > Last updated: Fri Sep 6 08:13:19 2013 > > > Last change: Fri Sep 6 07:44:54 2013 via crm_attribute on urano1 > > > Stack: classic openais (with plugin) > > > Current DC: urano2 - partition with quorum > > > Version: 1.1.9-2.2-2db99f1 > > > 2 Nodes configured, 2 expected votes > > > 10 Resources configured. > > > > > > > > > > > > > > > Online: [ urano1 urano2 ] > > > > > > > > > Failover (ocf::heartbeat:IPaddr2): Started urano1 > > > Httpd (lsb:httpd): Started urano1 > > > Mysqld (lsb:mysqld): Started urano1 > > > Vsftpd (lsb:vsftpd): Started urano1 > > > Master/Slave Set: MysqlDataClone [MysqlData] > > > Masters: [ urano1 ] > > > Slaves: [ urano2 ] > > > MysqlFS (ocf::heartbeat:Filesystem): Started urano1 > > > Master/Slave Set: WebDataClone [WebData] > > > Masters: [ urano1 ] > > > Slaves: [ urano2 ] > > > WebFS (ocf::heartbeat:Filesystem): Started urano1 > > > > > > > > > > > > [root@urano1 ~]# cat /proc/drbd > > > version: 8.3.15 (api:88/proto:86-97) > > > GIT-hash: 0ce4d235fc02b5c53c1c52c53433d11a694eab8c build by > > > phil@Build64R6, 2012-12-20 20:09:51 > > > 0: cs:Connected ro:Primary/Secondary ds:UpToDate/UpToDate C r----- > > > ns:372 nr:316 dw:688 dr:4109 al:0 bm:7 lo:0 pe:0 ua:0 ap:0 ep:1 > wo:f > > > oos:0 > > > 1: cs:Connected ro:Primary/Secondary ds:UpToDate/UpToDate C r----- > > > ns:104 nr:180 dw:284 dr:792 al:0 bm:4 lo:0 pe:0 ua:0 ap:0 ep:1 > wo:f > > > oos:0 > > > > > > > > > > > > > > > Tudo funcionando redondinho...Agradeço muito a sua ajuda Antônio. > Você > > > foi peça chave para eu conseguir fazer essa configuração. Muito > > > obrigado mesmo. E muito obrigado a comunidade também que também me > > > ajudou muito! > > > > > > > > > Fica a dica ai para quem quiser fazer cluster no CentOS. Funciona, > tem > > > que ralar um pouco mais funciona! > > > > > > > > > Hehe :) > > > > > > > > > > Date: Fri, 6 Sep 2013 07:46:50 -0300 > > > > From: asmartins(a)uem.br > > > > To: centos-pt-br(a)centos.org > > > > Subject: Re: [CentOS-pt-br] Cluster no CentOS. Ajuda.. > > > > > > > > > > > > ----- "CássioElias ." <cassioelias(a)hotmail.com> escreveu: > > > > > > > > > De: "CássioElias ." <cassioelias(a)hotmail.com> > > > > > Para: "Lista de Discussão CentOS-BR" <centos-pt-br(a)centos.org> > > > > > Enviadas: Quinta-feira, 5 de Setembro de 2013 17:12:49 > (GMT-0300) > > > Auto-Detected > > > > > Assunto: Re: [CentOS-pt-br] Cluster no CentOS. Ajuda.. > > > > > > > > > > Certo...entendido.. > > > > > > > > > > > > > > > Outra pergunta. Mas para o pacemaker entender isso, eu terei > que > > > > > configura-lo ou ele entende isso por padrão? > > > > > > > > > > > > > Olá Cássio, > > > > > > > > Você tem que configurar o Pacemaker, da mesma forma que faz para > o > > > > Apache/MySQL/IPAddr2 são recursos. Você vai configurar um > recurso > > > DRBD, > > > > tem OCF::Resource para isso também (é preferivel a usar o lsb, > como > > > você > > > > fez com o Apache). > > > > > > > > De uma olhada aqui: > > > http://www.drbd.org/users-guide-8.3/ch-pacemaker.html > > > > > > > > E por falar em documentação! Você deveria ler a documentação do > > > Pacemaker e > > > > do DRBD toda, e não ficar atrás de receita de bolo (HowTo). :D > Tem > > > muita coisa > > > > que a turma faz errado nestes HowTos, a principal é instalar a > > > partir dos fontes > > > > quando existem pacotes nos repositórios! Se é para usar fonte, > use > > > Slackware! > > > > > > > > Att., > > > > > > > > Antonio. > > > > > > > > -- > > > > Antonio da Silva Martins Jr. > > > > Analista de Suporte > > > > NPD - Núcleo de Processamento de Dados > > > > UEM - Universidade Estadual de Maringá > > > > email: asmartins(a)uem.br > > > > fone: +55 (44) 3011-4015 / 3011-4411 > > > > inoc-dba: 263076*100 > > > > > > > > "Real Programmers don’t need comments — the code is obvious." > > > > > > > > -- > > > > Esta mensagem foi verificada pelo sistema de antivirus e > > > > acredita-se estar livre de perigo. > > > > > > > > _______________________________________________ > > > > CentOS-pt-br mailing list > > > > CentOS-pt-br(a)centos.org > > > > http://lists.centos.org/mailman/listinfo/centos-pt-br > > > > > > -- > > > Esta mensagem foi verificada pelo sistema de antivírus e > > > acredita-se estar livre de perigo. > > > _______________________________________________ > > > CentOS-pt-br mailing list > > > CentOS-pt-br(a)centos.org > > > http://lists.centos.org/mailman/listinfo/centos-pt-br > > > > -- > > Antonio da Silva Martins Jr. > > Analista de Suporte > > NPD - Núcleo de Processamento de Dados > > UEM - Universidade Estadual de Maringá > > email: asmartins(a)uem.br > > fone: +55 (44) 3011-4015 / 3011-4411 > > inoc-dba: 263076*100 > > > > "Real Programmers don’t need comments — the code is obvious." > > > > -- > > Esta mensagem foi verificada pelo sistema de antivirus e > > acredita-se estar livre de perigo. > > > > _______________________________________________ > > CentOS-pt-br mailing list > > CentOS-pt-br(a)centos.org > > http://lists.centos.org/mailman/listinfo/centos-pt-br > > -- > Esta mensagem foi verificada pelo sistema de antivírus e > acredita-se estar livre de perigo. > _______________________________________________ > CentOS-pt-br mailing list > CentOS-pt-br(a)centos.org > http://lists.centos.org/mailman/listinfo/centos-pt-br -- Antonio da Silva Martins Jr. Analista de Suporte NPD - Núcleo de Processamento de Dados UEM - Universidade Estadual de Maringá email: asmartins(a)uem.br fone: +55 (44) 3011-4015 / 3011-4411 inoc-dba: 263076*100 "Real Programmers don’t need comments — the code is obvious." -- Esta mensagem foi verificada pelo sistema de antivirus e acredita-se estar livre de perigo.

12 years, 7 months

Re: [CentOS-devel] Minishift in PaaS SIG

by Marcin Dulak

On Thu, Mar 16, 2017 at 11:58 AM, Marcin Dulak <marcin.dulak(a)gmail.com> wrote: > > > On Thu, Mar 16, 2017 at 11:55 AM, Lalatendu Mohanty <lmohanty(a)redhat.com> > wrote: > >> >> >> On Wed, Mar 15, 2017 at 1:30 AM, Marcin Dulak <marcin.dulak(a)gmail.com> >> wrote: >> >>> Hi, >>> >>> On Tue, Mar 14, 2017 at 7:17 PM, Lalatendu Mohanty <lmohanty(a)redhat.com> >>> wrote: >>> >>>> Hi All, >>>> >>>> In last couple of Paas SIG meetings we discussed around if we should >>>> provide Minishift from PaaS SIG and the general agreement was that it will >>>> benefit the CentOS community. As a member of Minishift project and PaaS >>>> SIG member I will work to build Minishift in the CentOS build system and >>>> doing the releases through PaaS SIG. I have copied the recent release >>>> announcement of Minishift in this mail to give you some context about >>>> Minishift . >>>> >>>> Previously we were working on Atomic Developer Bundle (ADB) which was >>>> part of Atomic SIG. Minishift is the next generation tool to replace ADB >>>> as it address lot of ADB's short comings. It is written in Go and it is >>>> light weight and designed to provide better user experience. >>>> >>>> We have been doing couple of beta releases in Minishift project as we >>>> move towards the 1.0.0 release. The next release is planned to be a release >>>> candidate release then followed by 1.0.0 release. >>>> >>>> If you are interested to help us in building, testing, releasing >>>> Minishift through PaaS SIG, please let us know. >>>> >>> >>> I would like to help. >>> Got https://github.com/minishift/minishift/blob/master/READM >>> E.md#deploying-a-sample-application run with virtualbox 5.1.14r112924 >>> and minishift-1.0.0-beta.5-linux-amd64.tgz >>> >>> My packaging experience: >>> https://admin.fedoraproject.org/pkgdb/packager/marcindulak/ >>> >> >> Thanks for the offer for helping with Minishift. >> >>> >>> Any specific tasks that may correspond to my profile? >>> >> >> There are two tasks for Minishift. First we need to create a RPM for >> Minishift binary. >> > > OK, I think I can contribute to this. > https://copr.fedorainfracloud.org/coprs/marcindulak/minishift/builds/ - it looks like the following dependencies are needed on CentOS7, and a couple packages less on Fedora: DEBUG util.py:439: Error: No Package found for golang(github.com/DATA-DOG/godog) DEBUG util.py:439: Error: No Package found for golang(github.com/DATA-DOG/godog/gherkin) DEBUG util.py:439: Error: No Package found for golang(github.com/asaskevich/govalidator) DEBUG util.py:439: Error: No Package found for golang(github.com/blang/semver) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/go-units) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/drivers/fakedriver) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/drivers/hyperv) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/drivers/virtualbox) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/drivers/vmwarefusion) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine/auth) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine/drivers) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine/drivers/plugin) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine/drivers/plugin/localbinary) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine/engine) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine/host) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine/log) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine/mcnerror) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine/mcnflag) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine/mcnutils) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine/provision) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine/provision/pkgaction) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine/provision/provisiontest) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine/provision/serviceaction) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine/shell) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine/ssh) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine/state) DEBUG util.py:439: Error: No Package found for golang(github.com/docker/machine/libmachine/swarm) DEBUG util.py:439: Error: No Package found for golang(github.com/golang/glog) DEBUG util.py:439: Error: No Package found for golang(github.com/google/go-github/github) DEBUG util.py:439: Error: No Package found for golang(github.com/inconshreveable/go-update) DEBUG util.py:439: Error: No Package found for golang(github.com/kardianos/osext) DEBUG util.py:439: Error: No Package found for golang(github.com/olekukonko/tablewriter) DEBUG util.py:439: Error: No Package found for golang(github.com/pborman/uuid) DEBUG util.py:439: Error: No Package found for golang(github.com/pkg/browser) DEBUG util.py:439: Error: No Package found for golang(github.com/spf13/viper) DEBUG util.py:439: Error: No Package found for golang(golang.org/x/oauth2) DEBUG util.py:439: Error: No Package found for golang(k8s.io/kubernetes/pkg/api) DEBUG util.py:439: Error: No Package found for golang(k8s.io/kubernetes/pkg/api/v1) DEBUG util.py:439: Error: No Package found for golang(k8s.io/kubernetes/pkg/client/unversioned) DEBUG util.py:439: Error: No Package found for golang(k8s.io/kubernetes/pkg/client/unversioned/clientcmd) DEBUG util.py:439: Error: No Package found for golang(k8s.io/kubernetes/pkg/client/unversioned/clientcmd/api) DEBUG util.py:439: Error: No Package found for golang(k8s.io/kubernetes/pkg/client/unversioned/clientcmd/api/latest) Don't know about the required dependencies versions. I see also that several dependencies have been added to minishift git 250c9ed compared to beta5. https://copr.fedorainfracloud.org/coprs/logic/vault/ seems working on getting some of the dependencies into Fedora, but there are also several packages present in Fedora but absent in EPEL7 (the main one: k8s). Marcin > > >> Second we need to build the minishift-centos ISO in CBS. I will send you >> a separate mail on this and lets collaborate. >> > > Marcin > > >> Thanks, >> Lala >> >>> >>> Marcin >>> >>> >>>> >>>> >>>> >>>> *Release announcement for Minishift 1.0.0-Beta.5 : * >>>> >>>> The Minishift team is pleased to announce the release of Minishift >>>> 1.0.0 Beta 5. >>>> >>>> Minishift [1] is a command-line tool that provisions and manages >>>> single-node OpenShift clusters optimized for development workflows. You can >>>> run Minishift on GNU/Linux, Microsoft Windows or macOS. >>>> >>>> Release highlights >>>> >>>> ------------------------ >>>> >>>> This release adds several features, enhancements, and bug fixes, >>>> including: >>>> >>>> - >>>> >>>> Minishift is now configured to use nip.io instead of xip.io [4]. >>>> - >>>> >>>> The default routes for application will be created with the <VM >>>> IP>.nip.io routing suffix. >>>> - >>>> >>>> The sudoers role was added to the “developer” user [5]. >>>> - >>>> >>>> This role allows the “developer” to impersonate system:admin >>>> when running a command. For example, you can run “$ oc get nodes --as >>>> system:admin” while logged in as the developer user. >>>> - >>>> >>>> An important bug for proxy server (http/https) support was fixed >>>> [10]. >>>> - >>>> >>>> We had a bug where registration was failing in proxy >>>> environments. >>>> - >>>> >>>> OpenShift related subcommands from the root context were moved >>>> under the “minishift openshift” command [11]. >>>> >>>> >>>> This release also includes many changes and bug fixes, which are >>>> detailed in the release notes [2] and milestone [3] . For information >>>> about getting started, using, and developing Minishift, see the >>>> documentation [6]. >>>> >>>> Additional components >>>> >>>> ----------------------------- >>>> >>>> >>>> - >>>> >>>> We released new versions of the Boot2Docker ISO (v1.0.2) [ 8] and >>>> the CentOS ISO (v1.0.0-rc3) [7] images. >>>> - >>>> >>>> We added the ‘fuse-sshfs’ package to both the ISO images. With >>>> SSHFS, users can mount host folders. Currently this is a manual process [9] >>>> but we are working on automating it. >>>> >>>> >>>> Please give the new release a try and let us know your feedback. The >>>> Minishift community hangs out at #minishift channel on Freenode and it is >>>> the perfect place to discuss anything Minishift related. >>>> >>>> [1] https://github.com/minishift/minishift >>>> >>>> [2] https://github.com/minishift/minishift/releases/tag/v1.0.0-beta.5 >>>> >>>> [3] https://github.com/minishift/minishift/milestone/10 >>>> >>>> [4] https://github.com/minishift/minishift/issues/501 >>>> >>>> [5] https://github.com/minishift/minishift/issues/509 >>>> >>>> [6] https://github.com/minishift/minishift#documentation >>>> >>>> [7] https://github.com/minishift/minishift-centos-iso/releases/t >>>> ag/v1.0.0-rc.3 >>>> >>>> [8] https://github.com/minishift/minishift-b2d-iso/releases/tag/v1.0.2 >>>> >>>> [9] https://github.com/minishift/minishift/blob/master/docs/mana >>>> ging-minishift.md#sshfs >>>> >>>> [10] https://github.com/minishift/minishift/issues/489 >>>> >>>> [11] https://github.com/minishift/minishift/issues/465 >>>> >>>> >>>> Thanks, >>>> Lala >>>> >>>> >>>> >>>> >>>> _______________________________________________ >>>> CentOS-devel mailing list >>>> CentOS-devel(a)centos.org >>>> https://lists.centos.org/mailman/listinfo/centos-devel >>>> >>>> >>> >>> _______________________________________________ >>> CentOS-devel mailing list >>> CentOS-devel(a)centos.org >>> https://lists.centos.org/mailman/listinfo/centos-devel >>> >>> >> >> _______________________________________________ >> CentOS-devel mailing list >> CentOS-devel(a)centos.org >> https://lists.centos.org/mailman/listinfo/centos-devel >> >> >

9 years

[CentOS-es] Problema con USB Disk HELP!!

by Federico Don

Hola lista, tengo un problema con un disco usb, cuando enchufo el disco al server me asigno /dev/sdc1, el disco esta en EXT4 y mi centos es Linux version 2.6.18-164.11.1.el5 (Red Hat 4.1.2-46). Bien el problema es el siguiente, de un momento a otro ls: reading directory .: Input/output error, tiro un dmesg y veo qeu cambio el disco usb de particion: sdc: Write Protect is off sdc: Mode Sense: 38 00 00 00 sdc: assuming drive cache: write through SCSI device sdc: 1953525168 512-byte hdwr sectors (1000205 MB) sdc: Write Protect is off sdc: Mode Sense: 38 00 00 00 sdc: assuming drive cache: write through sdc:<6>EXT3 FS on dm-0, internal journal kjournald starting. Commit interval 5 seconds EXT3 FS on dm-1, internal journal EXT3-fs: mounted filesystem with ordered data mode. kjournald starting. Commit interval 5 seconds EXT3 FS on dm-5, internal journal EXT3-fs: mounted filesystem with ordered data mode. kjournald starting. Commit interval 5 seconds EXT3 FS on dm-2, internal journal EXT3-fs: mounted filesystem with ordered data mode. kjournald starting. Commit interval 5 seconds EXT3 FS on dm-6, internal journal EXT3-fs: mounted filesystem with ordered data mode. kjournald starting. Commit interval 5 seconds EXT3 FS on dm-7, internal journal EXT3-fs: mounted filesystem with ordered data mode. kjournald starting. Commit interval 5 seconds EXT3 FS on dm-3, internal journal EXT3-fs: mounted filesystem with ordered data mode. kjournald starting. Commit interval 5 seconds EXT3 FS on dm-8, internal journal EXT3-fs: mounted filesystem with ordered data mode. kjournald starting. Commit interval 5 seconds EXT3 FS on sda1, internal journal EXT3-fs: mounted filesystem with ordered data mode. Adding 8552440k swap on /dev/VolGroup00/LVSwap. Priority:-1 extents:1 across:8552440k powernow-k8: Pre-initialization of ACPI failed powernow-k8: Found 1 AMD Athlon(tm) II X2 245 Processor processors (2 cpu cores) (version 2.20.00) powernow-k8: Your BIOS does not provide _PSS objects. PowerNow! does not work on SMP systems without _PSS objects. Complain to your BIOS vendor. powernow-k8: Your BIOS does not provide _PSS objects. PowerNow! does not work on SMP systems without _PSS objects. Complain to your BIOS vendor. sdc1 sd 2:0:0:0: Attached scsi disk sdc sd 2:0:0:0: Attached scsi generic sg2 type 0 usb-storage: device scan complete NET: Registered protocol family 10 lo: Disabled Privacy Extensions IPv6 over IPv4 tunneling driver eth0: no IPv6 routers present EXT4-fs: barriers enabled kjournald2 starting: pid 2815, dev sdc1:8, commit interval 5 seconds EXT4 FS on sdc1, internal journal on sdc1:8 EXT4-fs: delayed allocation enabled EXT4-fs: file extents enabled EXT4-fs: mballoc enabled EXT4-fs: mounted filesystem sdc1 with ordered data mode eth0: link down. eth0: link up. eth0: link down. eth0: link up. eth0: link down. eth0: link up. eth0: link down. eth0: link up. eth0: link down. eth0: link up. eth0: link down. eth0: link up. eth0: link down. eth0: link up. eth0: link down. eth0: link up. tnslsnr[2946]: segfault at 0000000000000018 rip 0000003115a70485 rsp 00007fff0bcb96b0 error 4 tnslsnr[9084]: segfault at 0000000000000018 rip 0000003115a70485 rsp 00007fff101eaed0 error 4 usb 1-4: reset high speed USB device using ehci_hcd and address 2 usb 1-4: USB disconnect, address 2 sd 2:0:0:0: SCSI error: return code = 0x00010000 end_request: I/O error, dev sdc, sector 393094152 sd 2:0:0:0: rejecting I/O to device being removed sd 2:0:0:0: rejecting I/O to device being removed sd 2:0:0:0: rejecting I/O to device being removed sd 2:0:0:0: SCSI error: return code = 0x00010000 end_request: I/O error, dev sdc, sector 393094392 Aborting journal on device sdc1:8. sd 2:0:0:0: rejecting I/O to device being removed Buffer I/O error on device sdc1, logical block 121667584 lost page write due to I/O error on sdc1 JBD2: I/O error detected when updating journal superblock for sdc1:8. journal commit I/O error sd 2:0:0:0: rejecting I/O to device being removed Buffer I/O error on device sdc1, logical block 13107232 lost page write due to I/O error on sdc1 sd 2:0:0:0: rejecting I/O to device being removed Buffer I/O error on device sdc1, logical block 50855968 lost page write due to I/O error on sdc1 sd 2:0:0:0: rejecting I/O to device being removed Buffer I/O error on device sdc1, logical block 61866016 lost page write due to I/O error on sdc1 scsi 2:0:0:0: rejecting I/O to dead device ext4_abort called. EXT4-fs error (device sdc1): ext4_journal_start_sb: Detected aborted journal Remounting filesystem read-only usb 1-4: new high speed USB device using ehci_hcd and address 3 usb 1-4: configuration #1 chosen from 1 choice scsi3 : SCSI emulation for USB Mass Storage devices usb-storage: device found at 3 usb-storage: waiting for device to settle before scanning Vendor: ST310005 Model: 20AS Rev: Type: Direct-Access ANSI SCSI revision: 04 SCSI device sdd: 1953525168 512-byte hdwr sectors (1000205 MB) sdd: Write Protect is off sdd: Mode Sense: 38 00 00 00 sdd: assuming drive cache: write through SCSI device sdd: 1953525168 512-byte hdwr sectors (1000205 MB) sdd: Write Protect is off sdd: Mode Sense: 38 00 00 00 sdd: assuming drive cache: write through sdd: sdd1 sd 3:0:0:0: Attached scsi disk sdd sd 3:0:0:0: Attached scsi generic sg2 type 0 usb-storage: device scan complete scsi 2:0:0:0: rejecting I/O to dead device scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device scsi 2:0:0:0: rejecting I/O to dead device scsi 2:0:0:0: rejecting I/O to dead device scsi 2:0:0:0: rejecting I/O to dead device scsi 2:0:0:0: rejecting I/O to dead device scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 EXT3-fs: sdd1: couldn't mount because of unsupported optional features (240). scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs error (device sdc1): ext4_find_entry: reading directory #2 offset 0 scsi 2:0:0:0: rejecting I/O to dead device scsi 2:0:0:0: rejecting I/O to dead device EXT4-fs: barriers enabled kjournald2 starting: pid 15697, dev sdd1:8, commit interval 5 seconds EXT4 FS on sdd1, internal journal on sdd1:8 EXT4-fs: delayed allocation enabled EXT4-fs: file extents enabled EXT4-fs: mballoc enabled EXT4-fs: recovery complete. EXT4-fs: mounted filesystem sdd1 with ordered data mode usbcore: registered new driver usbserial drivers/usb/serial/usb-serial.c: USB Serial support registered for generic usbcore: registered new driver usbserial_generic drivers/usb/serial/usb-serial.c: USB Serial Driver core drivers/usb/serial/usb-serial.c: USB Serial support registered for GSM modem (1-port) usbcore: registered new driver option drivers/usb/serial/option.c: USB Driver for GSM modems: v0.7.1 El equipo no se reinicio " uptime 10:51:04 up 6 days, 15:14, 1 user, load average: 0.03, 0.91, 2.25 " Alguien me puede guiar por donde puede venir el problema de que cambie por si solo!!?? ahora tengo montado asi= /dev/sdc1 917G 221G 650G 26% /mnt/disk2 /dev/sdd1 917G 221G 650G 26% /mnt/disk2 donde sdd1 es donde se encuentra en este momento y sdc1 no me permite desmontar umount /dev/sdc1 umount: /mnt/disk2: device is busy umount: /mnt/disk2: device is busy Help me!!!!! Gracias a todos por su tiempo!!

14 years, 7 months

Re: [CentOS] [CentOS Stream 8] Update of IPA server broken - bind-dyndb-ldap needs to be rebuilt?

by Johnny Hughes

On 2/9/22 01:01, Mathieu Baudier wrote: > Hello, > > We are testing an IPA/IDM infrastructure which is a mix of RHEL 8 and > CentOS Stream 8 environments. > The configuration has been completed since last summer, and it is working > fine between updates. > > Currently, the CentOS Stream 8 IPA servers cannot upgrade. I put the whole > error message below, but after analyzing a bit, it seems to be that the > problem is between: > bind-dyndb-ldap (for which there is no new update) > and > bind-libs-lite (for which a new update is available) > > $ sudo dnf upgrade bind-libs-lite* > Error: > Problem: problem with installed package > bind-dyndb-ldap-11.6-2.module_el8.5.0+750+c59b186b.x86_64 > - package bind-dyndb-ldap-11.6-2.module_el8.5.0+750+c59b186b.x86_64 > requires libdns.so.1112()(64bit), but none of the providers can be installed > - cannot install both bind-libs-lite-32:9.11.36-2.el8.x86_64 and > bind-libs-lite-32:9.11.26-6.el8.x86_64 > - cannot install both bind-libs-lite-32:9.11.36-2.el8.x86_64 and > bind-libs-lite-32:9.11.26-3.el8.x86_64 > - cannot install both bind-libs-lite-32:9.11.36-2.el8.x86_64 and > bind-libs-lite-32:9.11.26-4.el8_4.x86_64 > - cannot install the best update candidate for package > bind-libs-lite-32:9.11.26-6.el8.x86_64 > > The update bind-libs-lite (32:9.11.36-2) seems to offer: > /usr/lib64/libdns.so.1115 > while bind-dyndb-ldap (11.6-2.module_el8.5.0+750+c59b186b) seems to still > require precisely: > /usr/lib64/libdns.so.1112 > > $ sudo dnf provides */libdns.so* > ... > bind-libs-lite-32:9.11.26-6.el8.x86_64 : Libraries for working with the DNS > protocol > Repo : @System > Matched from: > Filename : /usr/lib64/libdns.so.1112 > Filename : /usr/lib64/libdns.so.1112.0.2 > ... > bind-libs-lite-32:9.11.36-2.el8.x86_64 : Libraries for working with the DNS > protocol > Repo : appstream > Matched from: > Filename : /usr/lib64/libdns.so.1115 > Filename : /usr/lib64/libdns.so.1115.0.3 > ... > > $ sudo dnf list bind-libs-lite bind-dyndb-ldap > Installed Packages > bind-dyndb-ldap.x86_64 11.6-2.module_el8.5.0+750+c59b186b > @appstream > bind-libs-lite.x86_64 32:9.11.26-6.el8 > @appstream > Available Packages > bind-libs-lite.i686 32:9.11.36-2.el8 > appstream > bind-libs-lite.x86_64 32:9.11.36-2.el8 > appstream > > Please note that, of course, the module stream idm:DL1 is enabled: > > $ sudo dnf module list idm* > CentOS Stream 8 - AppStream > Name Stream Profiles > Summary > > idm DL1 [e] adtrust, client, common [d], dns > [i], server The Red Hat Enterprise Linux Identity Management > system module > idm client [d] common [d] > RHEL IdM long term support client module > > Also, as can be expected, these updates are not yet available on the *RHEL > 8* IPA servers: > > $ sudo dnf list bind-libs-lite bind-dyndb-ldap > Updating Subscription Management repositories. > Installed Packages > bind-dyndb-ldap.x86_64 11.6-2.module+el8.4.0+9328+4ec4e316 > @rhel-8-for-x86_64-appstream-rpms > bind-libs-lite.x86_64 32:9.11.26-6.el8 > @rhel-8-for-x86_64-appstream-rpms > Available Packages > bind-libs-lite.i686 32:9.11.26-6.el8 > rhel-8-for-x86_64-appstream-rpms > > So, is there any workaround, or should we simply wait for the IPA/IDM > server DL1 module stream to be updated? > (there are updates of the ipa packages which are pending there, juts not > bind-dyndb-ldap) > > Also, should I rather send such reports of our CentOS Stream testing to > another mailing-list? (devel?) > Or book them into Red Hat's bugzilla? > > Thanks in advance for your comments! > > Mathieu > > ## Full error log when trying to update a CentOS Stream 8 IPA/IDM server > > $ sudo ipactl status > Directory Service: RUNNING > krb5kdc Service: RUNNING > kadmin Service: RUNNING > named Service: RUNNING > httpd Service: RUNNING > ipa-custodia Service: RUNNING > ipa-otpd Service: RUNNING > ipa-dnskeysyncd Service: RUNNING > ipa: INFO: The ipactl command was successful > > $ sudo dnf upgrade --refresh > CentOS Stream 8 - AppStream > 13 kB/s | > 4.4 kB 00:00 > CentOS Stream 8 - BaseOS > 26 kB/s > | 3.9 kB 00:00 > CentOS Stream 8 - Extras > 15 kB/s > | 3.0 kB 00:00 > Error: > Problem 1: package > bind-dyndb-ldap-11.6-2.module_el8.5.0+750+c59b186b.x86_64 requires > libdns.so.1112()(64bit), but none of the providers can be installed > - cannot install both bind-libs-lite-32:9.11.36-2.el8.x86_64 and > bind-libs-lite-32:9.11.26-6.el8.x86_64 > - cannot install both bind-libs-lite-32:9.11.36-2.el8.x86_64 and > bind-libs-lite-32:9.11.26-3.el8.x86_64 > - cannot install both bind-libs-lite-32:9.11.36-2.el8.x86_64 and > bind-libs-lite-32:9.11.26-4.el8_4.x86_64 > - cannot install the best update candidate for package > bind-libs-lite-32:9.11.26-6.el8.x86_64 > - cannot install the best update candidate for package > bind-dyndb-ldap-11.6-2.module_el8.5.0+750+c59b186b.x86_64 > Problem 2: problem with installed package > bind-dyndb-ldap-11.6-2.module_el8.5.0+750+c59b186b.x86_64 > - package bind-dyndb-ldap-11.6-2.module_el8.5.0+750+c59b186b.x86_64 > requires libdns.so.1112()(64bit), but none of the providers can be installed > - cannot install both bind-libs-lite-32:9.11.36-2.el8.x86_64 and > bind-libs-lite-32:9.11.26-6.el8.x86_64 > - cannot install both bind-libs-lite-32:9.11.36-2.el8.x86_64 and > bind-libs-lite-32:9.11.26-3.el8.x86_64 > - cannot install both bind-libs-lite-32:9.11.36-2.el8.x86_64 and > bind-libs-lite-32:9.11.26-4.el8_4.x86_64 > - package bind-32:9.11.36-2.el8.x86_64 requires libdns.so.1115()(64bit), > but none of the providers can be installed > - package bind-32:9.11.36-2.el8.x86_64 requires bind-libs-lite(x86-64) = > 32:9.11.36-2.el8, but none of the providers can be installed > - cannot install the best update candidate for package > bind-32:9.11.26-6.el8.x86_64 > Problem 3: package > ipa-server-dns-4.9.8-2.module_el8.6.0+1053+0ac05726.noarch requires > bind-dyndb-ldap >= 11.2-2, but none of the providers can be installed > - package bind-dyndb-ldap-11.6-2.module_el8.5.0+750+c59b186b.x86_64 > requires libdns.so.1112()(64bit), but none of the providers can be installed > - package bind-dyndb-ldap-11.6-2.module_el8.4.0+639+a88aab78.x86_64 > requires libdns.so.1112()(64bit), but none of the providers can be installed > - cannot install both bind-libs-lite-32:9.11.36-2.el8.x86_64 and > bind-libs-lite-32:9.11.26-6.el8.x86_64 > - cannot install both bind-libs-lite-32:9.11.36-2.el8.x86_64 and > bind-libs-lite-32:9.11.26-3.el8.x86_64 > - cannot install both bind-libs-lite-32:9.11.36-2.el8.x86_64 and > bind-libs-lite-32:9.11.26-4.el8_4.x86_64 > - package bind-libs-32:9.11.36-2.el8.x86_64 requires > libdns.so.1115()(64bit), but none of the providers can be installed > - package bind-libs-32:9.11.36-2.el8.x86_64 requires > bind-libs-lite(x86-64) = 32:9.11.36-2.el8, but none of the providers can be > installed > - cannot install the best update candidate for package > ipa-server-dns-4.9.8-2.module_el8.6.0+1053+0ac05726.noarch > - cannot install the best update candidate for package > bind-libs-32:9.11.26-6.el8.x86_64 > Problem 4: problem with installed package > ipa-server-dns-4.9.8-2.module_el8.6.0+1053+0ac05726.noarch > - package ipa-server-dns-4.9.8-2.module_el8.6.0+1053+0ac05726.noarch > requires bind-dyndb-ldap >= 11.2-2, but none of the providers can be > installed > - package bind-dyndb-ldap-11.6-2.module_el8.5.0+750+c59b186b.x86_64 > requires libdns.so.1112()(64bit), but none of the providers can be installed > - package bind-dyndb-ldap-11.6-2.module_el8.4.0+639+a88aab78.x86_64 > requires libdns.so.1112()(64bit), but none of the providers can be installed > - package bind-libs-lite-32:9.11.26-6.el8.x86_64 requires bind-license = > 32:9.11.26-6.el8, but none of the providers can be installed > - package bind-libs-lite-32:9.11.26-3.el8.x86_64 requires bind-license = > 32:9.11.26-3.el8, but none of the providers can be installed > - package bind-libs-lite-32:9.11.26-4.el8_4.x86_64 requires bind-license > = 32:9.11.26-4.el8_4, but none of the providers can be installed > - cannot install both bind-license-32:9.11.36-2.el8.noarch and > bind-license-32:9.11.26-6.el8.noarch > - cannot install both bind-license-32:9.11.36-2.el8.noarch and > bind-license-32:9.11.26-3.el8.noarch > - cannot install both bind-license-32:9.11.36-2.el8.noarch and > bind-license-32:9.11.26-4.el8_4.noarch > - cannot install the best update candidate for package > bind-license-32:9.11.26-6.el8.noarch > (try to add '--allowerasing' to command line to replace conflicting > packages or '--skip-broken' to skip uninstallable packages or '--nobest' to > use not only best candidate packages) > _______________________________________________ Fixed: https://bugzilla.redhat.com/show_bug.cgi?id=2051108 Caused by a rebase of bind, but the new idm:DL1 module lagged behind a little bit. Was fixed with the push about 9 hours ago.

4 years, 2 months

Re: [CentOS-devel] Problems with custom centos-atomic-host build

by Karanbir Singh

On 07/07/15 20:05, Andres Toomsalu wrote: > Solved the "connection refused" issue - seems that it was complaining > about internet connection from imagefactory build VM - which was blocked > because shutting down firewalld changed libvirt iptables ruleset (and > libvirtd wasnt restarted after shutting down firewalld). Im still > puzzled why image build process requires outside connection - if ostree > repo should be coming from host (192.168.122.1)? should not need outside connection, when its built in the centos bsys, the machine does not even have an outside connection to the internet. > >> Andres Toomsalu <mailto:andres@opennodecloud.com> >> 7. juuli 2015 16:45 >> Update: >> >> As of >> https://github.com/CentOS/sig-atomic-buildscripts/commit/44a145ebf65fd61010… >> Im now able to build and commit ostree (by executing >> build_ostree_components.sh) - and installer images build step seems to >> complete successfully. >> >> But imagefactory build fails when executing: >> >> rpm-ostree-toolbox imagefactory --overwrite --tdl >> ${GitDir}/atomic-7.1.tdl -c ${GitDir}/config.ini -i kvm -i >> vagrant-libvirt -i vagrant-virtualbox -k ${GitDir}/atomic-7.1-cloud.ks >> --vkickstart ${GitDir}/atomic-7.1-vagrant.ks -o ${BuildDir}/virt |& >> tee ${LogFile} >> >> Debug info >> ------------------------------- >> # Build host is CentOS 7.1 as Parallels Desktop 10 VM - with nested >> virtualization for running imagefactory KVM VMs. >> >> # Error screenshot from imagefactory VM: http://prntscr.com/7ptic2 >> >> # HTTPServer log from build host: >> [root@nf-builder builddir]# Serving HTTP on 0.0.0.0 port 8000 ... >> 192.168.122.1 - - [06/Jul/2015 23:41:19] "HEAD /installer/images/ >> HTTP/1.1" 200 - >> 192.168.122.1 - - [06/Jul/2015 23:41:19] "HEAD >> /installer/images//.treeinfo HTTP/1.1" 200 - >> 192.168.122.1 - - [06/Jul/2015 23:41:19] "GET >> /installer/images//.treeinfo HTTP/1.1" 200 - >> 192.168.122.1 - - [06/Jul/2015 23:41:19] "HEAD >> /installer/images/images/pxeboot/vmlinuz HTTP/1.1" 200 - >> 192.168.122.1 - - [06/Jul/2015 23:41:19] "HEAD >> /installer/images/images/pxeboot/initrd.img HTTP/1.1" 200 - >> 192.168.122.236 - - [06/Jul/2015 23:41:44] "GET >> /installer/images//.treeinfo HTTP/1.1" 200 - >> 192.168.122.236 - - [06/Jul/2015 23:41:44] "GET >> /installer/images//LiveOS/squashfs.img HTTP/1.1" 200 - >> 192.168.122.236 - - [06/Jul/2015 23:41:52] code 404, message File not >> found >> 192.168.122.236 - - [06/Jul/2015 23:41:52] "GET >> /installer/images//images/updates.img HTTP/1.1" 404 - >> 192.168.122.236 - - [06/Jul/2015 23:41:52] code 404, message File not >> found >> 192.168.122.236 - - [06/Jul/2015 23:41:52] "GET >> /installer/images//images/product.img HTTP/1.1" 404 - >> >> # Program log screenshot from Anaconda installer: >> http://prntscr.com/7ptiz7 >> >> # Anaconda log screenshot: http://prntscr.com/7ptjl0 >> >> # Network ping test from imagefactory build VM to host 192.168.122.1: >> http://prntscr.com/7ptk3w >> >> # Successful curl http://192.168.122.1:8000/repo/ test from >> imagefactory build VM : http://prntscr.com/7ptku6 >> >> # Ostreesetup line from kickstart: >> >> [root@nf-builder sig-atomic-buildscripts]# cat atomic-7.1-cloud.ks | >> grep ostreesetup >> ostreesetup --osname="centos-atomic-host" >> --remote="centos-atomic-host" >> --ref="centos-atomic-host/7/x86_64/standard" >> --url="http://192.168.122.1:8000/repo/" --nogpg >> >> # Installer images: >> [root@nf-builder sig-atomic-buildscripts]# ls -lh >> /srv/builddir/installer/images/images/ >> total 686M >> -rw-r--r-- 1 root root 6.3M Jul 7 01:00 efiboot.img >> -rw-r--r-- 1 root root 680M Jul 7 01:00 installer.iso >> drwxr-xr-x 2 root root 55 Jul 7 01:00 pxeboot >> >> [root@nf-builder sig-atomic-buildscripts]# ls -lh >> /srv/builddir/installer/images/LiveOS/ >> total 594M >> -rw-r--r-- 1 root root 594M Jul 7 00:56 squashfs.img >> >> >> Any ideas why anaconda gets "connection refused" in ostreesetup step? >> Any ideas how to debug it further? >> >> Kind regards, >> >> -- >> <http://www.getpostbox.com>---------------------------------------------- >> >> Andres Toomsalu, andres(a)opennodecloud.com >> <mailto:andres@opennodecloud.com> >> >> >> >> >> Andres Toomsalu <mailto:andres@opennodecloud.com> >> 27. juuni 2015 20:01 >> Hi, >> >> Im trying to do custom centos-atomic-host build - from unmodified >> https://github.com/CentOS/sig-atomic-buildscripts configuration source >> and following instruction in >> https://developerblog.redhat.com/2015/01/08/creating-custom-atomic-trees-im… >> blog post series. >> >> Im able to produce ostree and installer.iso image - BUT >> rpm-ostree-toolbox creates ostree tree with missing grub file, >> resulting in a failing installer. >> More details about this problem here: >> https://github.com/projectatomic/rpm-ostree-toolbox/issues/77 >> >> Commands used for ostree and installer creation were: >> --- >> rpm-ostree-toolbox treecompose -c >> ~/repos/sig-atomic-buildscripts/config.ini --ostreerepo >> /srv/rpm-ostree/centos-atomic-host/7/ >> >> rpm-ostree-toolbox installer -c >> /root/repos/sig-atomic-buildscripts/config.ini \ >> --ostreerepo /srv/rpm-ostree/centos-atomic-host/7/ \ >> --outputdir /var/www/html/latest/ --overwrite >> >> cp ~/repos/sig-atomic-buildscripts/centos-atomic-host-7.ks >> /var/www/html/ >> virt-install --name=atomic-iso --memory=1024 --vcpus=1 \ >> --disk=/var/lib/libvirt/images/test.qcow2,size=5 \ >> --location /var/www/html/latest/images/installer.iso \ >> --noautoconsole --accelerate --os-type=linux --os-variant=rhel7 \ >> --extra-args "ks=http://192.168.122.1/centos-atomic-host-7.ks" >> --- >> >> Another issue is that also imagefactory KVM centos-atomic-host image >> build fails in anaconda install stage - complaining about unknown >> missing file - might be the same problem - not sure... >> >> Command used for kvm image creation: >> --- >> rpm-ostree-toolbox imagefactory \ >> -c /root/repos/sig-atomic-buildscripts/config.ini -i kvm \ >> --ostreerepo /srv/rpm-ostree/centos-atomic-host/7/ \ >> --outputdir /srv/rpm-ostree/centos-atomic-host/7/images >> --- >> >> Error screenshot from imagefactory launched build VM console: >> http://prntscr.com/7lq38e >> >> >From the build VM /tmp/anaconda.log: >> --- >> 21:40:35,454 INFO anaconda: Creating xfs on /dev/vda1 >> 21:40:36,242 INFO anaconda: executing >> ostreesetup=<pykickstart.commands.ostreesetup.RHEL7_OSTreeSetup object >> at 0x7fdd038d3110> >> 21:40:36,570 ERR anaconda: Failed to pull from repository: Server >> returned status 404: Not Found >> --- >> >> Last lines from the build VM /tmp/program.log: >> --- >> 21:40:36,339 INFO program: Running... ostree >> --repo=/mnt/sysimage/ostree/repo remote add --set=gpg-verify=false >> installmedia http://192.168.122.1:47990/ >> 21:40:36,377 DEBUG program: Return code: 0 >> --- >> >> Any suggestions how to debug it further? Where should I file a bug report? >> >> Kind regards, > > -- > <http://www.getpostbox.com>---------------------------------------------- > > Andres Toomsalu, andres(a)opennodecloud.com <mailto:andres@opennodecloud.com> > > > > _______________________________________________ > CentOS-devel mailing list > CentOS-devel(a)centos.org > http://lists.centos.org/mailman/listinfo/centos-devel > -- Karanbir Singh +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh GnuPG Key : http://www.karan.org/publickey.asc

10 years, 9 months

Re: [CentOS] Could not complete SSL handshake to Amazon EC2 host

by Tim Dunphy

> > Oh my mistake. I mean nrpe without parameters. It should say something > about SSL/TLS aktiv or so. > You could test nrpe without SSL. Use nrpe -n - H host This is what I see about ssl if I just run nrpe on the client without any flags: [root@ops:~] #nrpe| head -8 NRPE - Nagios Remote Plugin Executor Copyright (c) 1999-2008 Ethan Galstad (nagios(a)nagios.org) Version: 2.15 Last Modified: 09-06-2013 License: GPL v2 with exemptions (-l for more info) SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required TCP Wrappers Available And if I go back to the monitoring host and try to run nrpe with the -n flag, this is what I get: [root@monitor1:~] #/usr/local/nagios/libexec/check_nrpe -n -H ops.jokefire.com *CHECK_NRPE: Error receiving data from daemon.* And still getting the SSL error without the -n flag: [root@monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H ops.jokefire.com *CHECK_NRPE: Error - Could not complete SSL handshake.* Running nmap from the monitor host I can see that the nrpe port is open: [root@monitor1:~] #nmap -p 5666 ops.jokefire.com Starting Nmap 6.40 ( http://nmap.org ) at 2015-05-01 12:38 EDT Nmap scan report for ops.jokefire.com (54.225.218.125) Host is up (0.011s latency). rDNS record for 54.225.218.125: ec2-54-225-218-125.compute-1.amazonaws.com PORT STATE SERVICE *5666/tcp open nrpe* Nmap done: 1 IP address (1 host up) scanned in 0.14 seconds Yet if I try telnetting to it, it connects, then closes the connection immediately: [root@monitor1:~] #telnet ops.jokefire.com 5666 Trying 54.225.218.125... *Connected to ops.jokefire.com <http://ops.jokefire.com>.* Escape character is '^]'. *Connection closed by foreign host.* Going back to the ops host that I want to monitor, I can verify that the port is listening: [root@ops:~] #lsof -i :5666 COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME xinetd 1434 root 5u IPv4 4063 TCP *:nrpe (LISTEN) And I can verify that the nrpe conf is owned by the nagios user and group: [root@ops:~] #ls -l /usr/local/nagios/etc/nrpe.cfg -rw-r--r-- 1 nagios nagios 7988 May 1 00:37 /usr/local/nagios/etc/nrpe.cfg I think that covers all your suggestions. Except for Eero's suggestion to try running nrpe without xinetd. I can try to get to that later, but I may not have time for that suggestion today. But as I demonstrate above, the problem is not that nrpe isn't listening. This remains a really odd situation. Does anyone else have any clues? Thanks, Tim On Fri, May 1, 2015 at 7:43 AM, Eric Lehmann <e.lehmann88(a)gmail.com> wrote: > Oh my mistake. I mean nrpe without parameters. It should say something > about SSL/TLS aktiv or so. > You could test nrpe without SSL. Use nrpe -n - H host > Am 01.05.2015 13:18 schrieb "Eero Volotinen" <eero.volotinen(a)iki.fi>: > > > well. how about trying default setting and running nrped without xinetd. > > > > -- > > Eero > > > > 2015-05-01 14:14 GMT+03:00 Tim Dunphy <bluethundr(a)gmail.com>: > > > > > > This is strange... > > > > Do you have SSL aktive on both systems? Run nrpr localy without > > > parameters > > > > (this should return some nrpe stats) and check ldd for libssl. > > > > > > > > > I don't seem to have that command. > > > > > > > > > [root@monitor1:~] #find / -name "*nrpr" 2> /dev/null > > > [root@monitor1:~] # > > > > > > And that's on either system. > > > > > > And if I do an ldd on both, this is what I can tell: > > > > > > Server: > > > > > > [root@monitor1:~] #ldd /usr/local/nagios/libexec/check_nrpe > > > linux-vdso.so.1 => (0x00007fffd895d000) > > > * libssl.so.10 => /lib64/libssl.so.10 (0x00007fc61722a000)* > > > * libcrypto.so.10 => /lib64/libcrypto.so.10 > (0x00007fc616e43000)* > > > libnsl.so.1 => /lib64/libnsl.so.1 (0x00007fc616c29000) > > > libc.so.6 => /lib64/libc.so.6 (0x00007fc616868000) > > > libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 > > > (0x00007fc61661c000) > > > libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007fc616338000) > > > libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007fc616134000) > > > libk5crypto.so.3 => /lib64/libk5crypto.so.3 > (0x00007fc615f02000) > > > libdl.so.2 => /lib64/libdl.so.2 (0x00007fc615cfd000) > > > libz.so.1 => /lib64/libz.so.1 (0x00007fc615ae7000) > > > /lib64/ld-linux-x86-64.so.2 (0x00007fc6174a0000) > > > libkrb5support.so.0 => /lib64/libkrb5support.so.0 > > > (0x00007fc6158d8000) > > > libkeyutils.so.1 => /lib64/libkeyutils.so.1 > (0x00007fc6156d3000) > > > libresolv.so.2 => /lib64/libresolv.so.2 (0x00007fc6154b9000) > > > libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fc61529d000) > > > libselinux.so.1 => /lib64/libselinux.so.1 (0x00007fc615077000) > > > libpcre.so.1 => /lib64/libpcre.so.1 (0x00007fc614e16000) > > > liblzma.so.5 => /lib64/liblzma.so.5 (0x00007fc614bf1000) > > > > > > > > > Client: > > > > > > [root@ops:~] #ldd /usr/local/nagios/libexec/check_nrpe > > > * libssl.so.6 => /lib64/libssl.so.6 (0x00002aaaaaaba000)* > > > * libcrypto.so.6 => /lib64/libcrypto.so.6 (0x00002aaaaad08000)* > > > libnsl.so.1 => /lib64/libnsl.so.1 (0x00002aaaab05a000) > > > libc.so.6 => /lib64/libc.so.6 (0x00002aaaab273000) > > > libgssapi_krb5.so.2 => /usr/lib64/libgssapi_krb5.so.2 > > > (0x00002aaaab5cc000) > > > libkrb5.so.3 => /usr/lib64/libkrb5.so.3 (0x00002aaaab7fa000) > > > libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00002aaaaba90000) > > > libk5crypto.so.3 => /usr/lib64/libk5crypto.so.3 > > > (0x00002aaaabc92000) > > > libdl.so.2 => /lib64/libdl.so.2 (0x00002aaaabeb7000) > > > libz.so.1 => /lib64/libz.so.1 (0x00002aaaac0bc000) > > > /lib64/ld-linux-x86-64.so.2 (0x0000555555554000) > > > libkrb5support.so.0 => /usr/lib64/libkrb5support.so.0 (0x0 > > > 0002aaaac2d0000) > > > libkeyutils.so.1 => /lib64/libkeyutils.so.1 > (0x00002aaaac4d8000) > > > libresolv.so.2 => /lib64/libresolv.so.2 (0x00002aaaac6db000) > > > libselinux.so.1 => /lib64/libselinux.so.1 (0x00002aaaac8f0000) > > > libsepol.so.1 => /lib64/libsepol.so.1 (0x00002aaaacb09000) > > > > > > > > > So it looks like everything is OK from the SSL end of things. Any other > > > ideas or suggestions? > > > > > > Thanks > > > Tim > > > > > > On Fri, May 1, 2015 at 5:46 AM, Eric Lehmann <e.lehmann88(a)gmail.com> > > > wrote: > > > > > > > This is strange... > > > > Do you have SSL aktive on both systems? Run nrpr localy without > > > parameters > > > > (this should return some nrpe stats) and check ldd for libssl. > > > > Am 01.05.2015 07:32 schrieb "Tim Dunphy" <bluethundr(a)gmail.com>: > > > > > > > > > Hi Eric, > > > > > > > > > > Thanks for your reply. I do have nrpe running under xinetd on the > > host > > > > I'm > > > > > trying to monitor. > > > > > > > > > > And running the nrpe checl locally: > > > > > > > > > > [root@ops:~] #/usr/local/nagios/libexec/check_nrpe -H localhost > > > > > NRPE v2.15 > > > > > > > > > > [root@ops:~] #grep only_from /etc/xinetd.d/nrpe > > > > > only_from = 127.0.0.1 216.120.248.126 > > > > > > > > > > And I do have port 5666 open on the security group for this host. > > > > > > > > > > And I made sure the local firewall was stopped, because I am > blocking > > > > ports > > > > > with the security groups instead. > > > > > > > > > > [root@ops:~] #service iptables status > > > > > Firewall is stopped. > > > > > > > > > > It's only when checking from the monitoring host that nrpe fails: > > > > > > > > > > [root@monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H > > > > > ops.jokefire.com > > > > > CHECK_NRPE: Error - Could not complete SSL handshake. > > > > > > > > > > Really, really puzzling. This is driving me up a wall!! I hopeI can > > > solve > > > > > this soon.... > > > > > > > > > > Thanks for any and all help with this one!! > > > > > Tim > > > > > > > > > > On Fri, May 1, 2015 at 1:02 AM, Eric Lehmann < > e.lehmann88(a)gmail.com> > > > > > wrote: > > > > > > > > > > > Hi > > > > > > Does the deamon run under xinetd? Then you have to configure the > > > > > only_from > > > > > > in */etc/**xinetd.d**/**nrpe* to. > > > > > > > > > > > > Regards > > > > > > Eric > > > > > > Am 01.05.2015 06:46 schrieb "Tim Dunphy" <bluethundr(a)gmail.com>: > > > > > > > > > > > > > Hello, > > > > > > > > > > > > > > I am trying to monitor a host in the Amazon EC2 cloud. > > > > > > > > > > > > > > Yet when I try to check NRPE from the monitoring host I am > > getting > > > an > > > > > SSL > > > > > > > handshake error: > > > > > > > > > > > > > > [root@monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H > > > > > > > ops.jokefire.com > > > > > > > CHECK_NRPE: Error - Could not complete SSL handshake. > > > > > > > > > > > > > > And if I telnet into the host on port 5666 to see if the FW > port > > is > > > > > open, > > > > > > > the connection closes right away: > > > > > > > > > > > > > > [root@monitor1:~] #telnet ops.somewhere.com 5666 > > > > > > > Trying 54.225.218.125... > > > > > > > Connected to ops.somewhere.com. > > > > > > > Escape character is '^]'. > > > > > > > Connection closed by foreign host. > > > > > > > > > > > > > > You can see there it connects, but then it closes immediately > > after > > > > the > > > > > > > connection. > > > > > > > > > > > > > > I have NRPE running on the host I want to monitor: > > > > > > > > > > > > > > [root@ops:~] #lsof -i :5666 > > > > > > > COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME > > > > > > > xinetd 1434 root 5u IPv4 4063 TCP *:nrpe (LISTEN) > > > > > > > > > > > > > > And I have the IP of my nagios server listed in the xinetd conf > > > file: > > > > > > > > > > > > > > [root@ops:~] #cat /etc/xinetd.d/nrpe > > > > > > > # default: on > > > > > > > # description: NRPE (Nagios Remote Plugin Executor) > > > > > > > service nrpe > > > > > > > { > > > > > > > flags = REUSE > > > > > > > socket_type = stream > > > > > > > port = 5666 > > > > > > > wait = no > > > > > > > user = nagios > > > > > > > group = nagios > > > > > > > server = /usr/local/nagios/bin/nrpe > > > > > > > server_args = -c /usr/local/nagios/etc/nrpe.cfg > > --inetd > > > > > > > log_on_failure += USERID > > > > > > > disable = no > > > > > > > only_from = 127.0.0.1 xx.xx.xx.xx # <- > > representing > > > > my > > > > > > real > > > > > > > nagios server IP > > > > > > > } > > > > > > > > > > > > > > > > > > > > > > > > > > > > And I have my default security group for that host open on port > > > 5666 > > > > to > > > > > > the > > > > > > > world for this experiment. I plan on locking that down again > to > > > the > > > > > > single > > > > > > > IP of my monitoring host once I get this resolved. > > > > > > > > > > > > > > Does anyone have any suggestions on how I can get that problem > > > > solved? > > > > > > > > > > > > > > Thanks, > > > > > > > Tim > > > > > > > > > > > > > > -- > > > > > > > GPG me!! > > > > > > > > > > > > > > gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B > > > > > > > _______________________________________________ > > > > > > > CentOS mailing list > > > > > > > CentOS(a)centos.org > > > > > > > http://lists.centos.org/mailman/listinfo/centos > > > > > > > > > > > > > _______________________________________________ > > > > > > CentOS mailing list > > > > > > CentOS(a)centos.org > > > > > > http://lists.centos.org/mailman/listinfo/centos > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > GPG me!! > > > > > > > > > > gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B > > > > > _______________________________________________ > > > > > CentOS mailing list > > > > > CentOS(a)centos.org > > > > > http://lists.centos.org/mailman/listinfo/centos > > > > > > > > > _______________________________________________ > > > > CentOS mailing list > > > > CentOS(a)centos.org > > > > http://lists.centos.org/mailman/listinfo/centos > > > > > > > > > > > > > > > > -- > > > GPG me!! > > > > > > gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B > > > _______________________________________________ > > > CentOS mailing list > > > CentOS(a)centos.org > > > http://lists.centos.org/mailman/listinfo/centos > > > > > _______________________________________________ > > CentOS mailing list > > CentOS(a)centos.org > > http://lists.centos.org/mailman/listinfo/centos > > > _______________________________________________ > CentOS mailing list > CentOS(a)centos.org > http://lists.centos.org/mailman/listinfo/centos > -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B

10 years, 11 months

Re: [CentOS-pt-br] Erro ao acesasr centos via Telnet

by Lincoln Zuljewic Silva

Thiago, Dá um "ls -la /usr/sbin/in.telnetd". Para o xinetd "/etc/init.d/xinetd stop" e roda ele em debug: "xinetd -stayalive -pidfile /var/run/xinetd.pid -d" Cola a saída do debug aqui... []'s Lincoln On Thu, May 26, 2011 at 3:32 PM, Thiago Gomes <thiagomespb(a)gmail.com> wrote: > Chain RH-Firewall-1-INPUT (2 references) > target prot opt source destination > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 > ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255 > ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0 > ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0 > ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353 > ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:631 > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state > RELATED,ESTABLISHED > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW > tcp dpt:21 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW > tcp dpt:22 > ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW > udp dpt:137 > ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW > udp dpt:138 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW > tcp dpt:139 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW > tcp dpt:445 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW > tcp dpt:443 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW > tcp dpt:23 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW > tcp dpt:80 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW > tcp dpt:18000 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW > tcp dpt:28000 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW > tcp dpt:3456 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW > tcp dpt:8000 > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW > tcp dpt:8999 > > > 2011/5/26 Thiago Gomes <thiagomespb(a)gmail.com>: >> Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2011-05-26 15:21 BRT >> Interesting ports on sdealer-cvl (127.0.0.1): >> Not shown: 65526 closed ports >> PORT STATE SERVICE >> 139/tcp open netbios-ssn >> 445/tcp open microsoft-ds >> 631/tcp open ipp >> >> >> Em 26 de maio de 2011 15:19, Gabriel Ricardo <gricardo87(a)gmail.com> escreveu: >>> não tem como ver no syslog? o que esta ocorrento, talvez tenha alguma >>> reclamacao la >>> >>> Atenciosamente, >>> Gabriel Ricardo. >>> Skype: gricardo87 >>> MSN: gricardo87(a)gmail.com >>> Twitter: twitter.com/gricardo87 >>> Blog: www.tinotapa.com.br >>> >>> >>> 2011/5/26 Thiago Gomes <thiagomespb(a)gmail.com> >>>> >>>> /etc/rc.d/init.d/xinetd start >>>> Starting xinetd: [ OK ] >>>> # telnet localhost >>>> Trying 127.0.0.1... >>>> telnet: connect to address 127.0.0.1: Connection refused >>>> telnet: Unable to connect to remote host: Connection refused >>>> # chkconfig telnet on >>>> # telnet localhost >>>> Trying 127.0.0.1... >>>> telnet: connect to address 127.0.0.1: Connection refused >>>> telnet: Unable to connect to remote host: Connection refused >>>> >>>> # /etc/rc.d/init.d/xinetd restart >>>> Stopping xinetd: [FAILED] >>>> Starting xinetd: >>>> >>>> # sestatus >>>> SELinux status: disabled >>>> >>>> >>>> Em 26 de maio de 2011 15:05, Luiz Henrique Borges >>>> <lhsborges(a)gmail.com> escreveu: >>>> > É isso ai. Me esqueci desse detalhe! >>>> > >>>> > Em 26 de maio de 2011 15:02, Lucas Timm LH <linuxhelper(a)gmail.com> >>>> > escreveu: >>>> >> >>>> >> Precisa sim, o telnet-server é componente do Xinetd. Vai dizer que você >>>> >> sai instalando coisas a esmo sem ler a descrição do pacote? Dá um yum >>>> >> info >>>> >> telne-server... >>>> >> 2011/5/26 Thiago Gomes <thiagomespb(a)gmail.com> >>>> >>> >>>> >>> nao precisa instalar o telnet-server ? como então eu removo ? >>>> >>> >>>> >>> 2011/5/26 Lucas Timm LH <linuxhelper(a)gmail.com>: >>>> >>> > @Thiago Gomes >>>> >>> > O servidor telnet roda dentro do xinet server. Assim o controle do >>>> >>> > serviço é >>>> >>> > feito pelo daemon xinetd. >>>> >>> > >>>> >>> > 2011/5/26 Lucas Timm LH <linuxhelper(a)gmail.com> >>>> >>> >> >>>> >>> >> service xinetd restart? Olha o iptables também. Aqui na empresa eu >>>> >>> >> tenho o >>>> >>> >> telnet-server rodando no servidor principal, funciona muito bem. >>>> >>> >> [root@rhel01 etc]# uptime >>>> >>> >> 14:53:11 up 54 days, 7:58, 538 users, load average: 0.86, 0.61, >>>> >>> >> 0.45 >>>> >>> >> [root@rhel01 etc]# >>>> >>> >> [root@rhel01 etc]# cat /etc/xinetd.d/telnet >>>> >>> >> # default: on >>>> >>> >> # description: The telnet server serves telnet sessions; it uses \ >>>> >>> >> # unencrypted username/password pairs for authentication. >>>> >>> >> service telnet >>>> >>> >> { >>>> >>> >> flags = REUSE >>>> >>> >> socket_type = stream >>>> >>> >> wait = no >>>> >>> >> user = root >>>> >>> >> server = /usr/sbin/in.telnetd >>>> >>> >> log_on_failure += USERID >>>> >>> >> disable = no >>>> >>> >> } >>>> >>> >> [root@rhel01 etc]# >>>> >>> >> >>>> >>> >> >>>> >>> >> >>>> >>> >> 2011/5/26 Thiago Gomes <thiagomespb(a)gmail.com> >>>> >>> >>> >>>> >>> >>> veja isso >>>> >>> >>> >>>> >>> >>> service telnet start >>>> >>> >>> telnet: unrecognized service >>>> >>> >>> # yum install telnet-server >>>> >>> >>> Loaded plugins: fastestmirror >>>> >>> >>> Loading mirror speeds from cached hostfile >>>> >>> >>> * addons: centos.argohost.net >>>> >>> >>> * base: centos.argohost.net >>>> >>> >>> * extras: centos.argohost.net >>>> >>> >>> * rpmforge: fr2.rpmfind.net >>>> >>> >>> * updates: centos.argohost.net >>>> >>> >>> Excluding Packages in global exclude list >>>> >>> >>> Finished >>>> >>> >>> Setting up Install Process >>>> >>> >>> Package 1:telnet-server-0.17-39.el5.i386 already installed and >>>> >>> >>> latest >>>> >>> >>> version >>>> >>> >>> Nothing to do >>>> >>> >>> >>>> >>> >>> estranho... o telnet-server esta instalado >>>> >>> >>> >>>> >>> >>> >>>> >>> >>> Em 26 de maio de 2011 14:32, Luiz Henrique Borges >>>> >>> >>> <lhsborges(a)gmail.com> escreveu: >>>> >>> >>> > service telnet status >>>> >>> >>> > >>>> >>> >>> > Me parece que o serviço não está rodando!!! >>>> >>> >>> > >>>> >>> >>> > Em 26 de maio de 2011 14:24, Thiago Gomes >>>> >>> >>> > <thiagomespb(a)gmail.com> >>>> >>> >>> > escreveu: >>>> >>> >>> >> >>>> >>> >>> >> nada.. >>>> >>> >>> >> >>>> >>> >>> >> >>>> >>> >>> >> Em 26 de maio de 2011 14:13, Luiz Henrique Borges >>>> >>> >>> >> <lhsborges(a)gmail.com> escreveu: >>>> >>> >>> >> > telnet não, coloca o número 23 no filtro. >>>> >>> >>> >> > >>>> >>> >>> >> > 2011/5/26 Thiago Gomes <thiagomespb(a)gmail.com> >>>> >>> >>> >> >> >>>> >>> >>> >> >> #netstat -a | grep telnet >>>> >>> >>> >> >> # >>>> >>> >>> >> >> >>>> >>> >>> >> >> nada.. >>>> >>> >>> >> >> >>>> >>> >>> >> >> 2011/5/26 Luiz Henrique Borges <lhsborges(a)gmail.com>: >>>> >>> >>> >> >> > netstat -tunape | grep -i 23 >>>> >>> >>> >> >> > >>>> >>> >>> >> >> > O seviço está em LISTEN, ouvindo na porta 23? Cole o >>>> >>> >>> >> >> > retorno >>>> >>> >>> >> >> > desse >>>> >>> >>> >> >> > comando >>>> >>> >>> >> >> > pra gente!!! >>>> >>> >>> >> >> > >>>> >>> >>> >> >> > O firewall não está barrando? >>>> >>> >>> >> >> > >>>> >>> >>> >> >> > 2011/5/26 Thiago Gomes <thiagomespb(a)gmail.com> >>>> >>> >>> >> >> >> >>>> >>> >>> >> >> >> Pessoal, >>>> >>> >>> >> >> >> >>>> >>> >>> >> >> >> Estou com erro de configurar o meu servidor via telnet. >>>> >>> >>> >> >> >> >>>> >>> >>> >> >> >> fiz a instalação.. >>>> >>> >>> >> >> >> >>>> >>> >>> >> >> >> #yum install telnet-server >>>> >>> >>> >> >> >> >>>> >>> >>> >> >> >> # telnet localhost >>>> >>> >>> >> >> >> Trying 127.0.0.1... >>>> >>> >>> >> >> >> telnet: connect to address 127.0.0.1: Connection refused >>>> >>> >>> >> >> >> telnet: Unable to connect to remote host: Connection >>>> >>> >>> >> >> >> refused >>>> >>> >>> >> >> >> >>>> >>> >>> >> >> >> >>>> >>> >>> >> >> >> #/etc/init.d/xinetd reload >>>> >>> >>> >> >> >> Reloading configuration: >>>> >>> >>> >> >> >> [FAILED] >>>> >>> >>> >> >> >> >>>> >>> >>> >> >> >> #chkconfig --list | grep telnet >>>> >>> >>> >> >> >> ekrb5-telnet: off >>>> >>> >>> >> >> >> krb5-telnet: off >>>> >>> >>> >> >> >> telnet: on >>>> >>> >>> >> >> >> >>>> >>> >>> >> >> >> >>>> >>> >>> >> >> >> service telnet >>>> >>> >>> >> >> >> { >>>> >>> >>> >> >> >> disable = no >>>> >>> >>> >> >> >> flags = REUSE >>>> >>> >>> >> >> >> socket_type = stream >>>> >>> >>> >> >> >> wait = no >>>> >>> >>> >> >> >> user = root >>>> >>> >>> >> >> >> server = /usr/sbin/in.telnetd >>>> >>> >>> >> >> >> log_on_failure += USERID >>>> >>> >>> >> >> >> } >>>> >>> >>> >> >> >> >>>> >>> >>> >> >> >> >>>> >>> >>> >> >> >> >>>> >>> >>> >> >> >> Falta alguma coisa. ?? >>>> >>> >>> >> >> >> >>>> >>> >>> >> >> >> -- >>>> >>> >>> >> >> >> Thiago Gomes >>>> >>> >>> >> >> >> _______________________________________________ >>>> >>> >>> >> >> >> CentOS-pt-br mailing list >>>> >>> >>> >> >> >> CentOS-pt-br(a)centos.org >>>> >>> >>> >> >> >> http://lists.centos.org/mailman/listinfo/centos-pt-br >>>> >>> >>> >> >> > >>>> >>> >>> >> >> > >>>> >>> >>> >> >> > >>>> >>> >>> >> >> > -- >>>> >>> >>> >> >> > Luiz Henrique Borges >>>> >>> >>> >> >> > >>>> >>> >>> >> >> > Junior Level Linux Professional (LPIC-1) >>>> >>> >>> >> >> > LPI ID: LPI000214825 >>>> >>> >>> >> >> > Verification Code: akdd5dsk5t >>>> >>> >>> >> >> > https://cs.lpi.org/caf/Xamman/certification >>>> >>> >>> >> >> > >>>> >>> >>> >> >> > Novell Certified Linux Administrator >>>> >>> >>> >> >> > Data Center Technical Specialist >>>> >>> >>> >> >> > >>>> >>> >>> >> >> > >>>> >>> >>> >> >> > _______________________________________________ >>>> >>> >>> >> >> > CentOS-pt-br mailing list >>>> >>> >>> >> >> > CentOS-pt-br(a)centos.org >>>> >>> >>> >> >> > http://lists.centos.org/mailman/listinfo/centos-pt-br >>>> >>> >>> >> >> > >>>> >>> >>> >> >> > >>>> >>> >>> >> >> >>>> >>> >>> >> >> >>>> >>> >>> >> >> >>>> >>> >>> >> >> -- >>>> >>> >>> >> >> Thiago Gomes >>>> >>> >>> >> >> _______________________________________________ >>>> >>> >>> >> >> CentOS-pt-br mailing list >>>> >>> >>> >> >> CentOS-pt-br(a)centos.org >>>> >>> >>> >> >> http://lists.centos.org/mailman/listinfo/centos-pt-br >>>> >>> >>> >> > >>>> >>> >>> >> > >>>> >>> >>> >> > >>>> >>> >>> >> > -- >>>> >>> >>> >> > Luiz Henrique Borges >>>> >>> >>> >> > >>>> >>> >>> >> > Junior Level Linux Professional (LPIC-1) >>>> >>> >>> >> > LPI ID: LPI000214825 >>>> >>> >>> >> > Verification Code: akdd5dsk5t >>>> >>> >>> >> > https://cs.lpi.org/caf/Xamman/certification >>>> >>> >>> >> > >>>> >>> >>> >> > Novell Certified Linux Administrator >>>> >>> >>> >> > Data Center Technical Specialist >>>> >>> >>> >> > >>>> >>> >>> >> > >>>> >>> >>> >> > _______________________________________________ >>>> >>> >>> >> > CentOS-pt-br mailing list >>>> >>> >>> >> > CentOS-pt-br(a)centos.org >>>> >>> >>> >> > http://lists.centos.org/mailman/listinfo/centos-pt-br >>>> >>> >>> >> > >>>> >>> >>> >> > >>>> >>> >>> >> >>>> >>> >>> >> >>>> >>> >>> >> >>>> >>> >>> >> -- >>>> >>> >>> >> Thiago Gomes >>>> >>> >>> >> _______________________________________________ >>>> >>> >>> >> CentOS-pt-br mailing list >>>> >>> >>> >> CentOS-pt-br(a)centos.org >>>> >>> >>> >> http://lists.centos.org/mailman/listinfo/centos-pt-br >>>> >>> >>> > >>>> >>> >>> > >>>> >>> >>> > >>>> >>> >>> > -- >>>> >>> >>> > Luiz Henrique Borges >>>> >>> >>> > >>>> >>> >>> > Junior Level Linux Professional (LPIC-1) >>>> >>> >>> > LPI ID: LPI000214825 >>>> >>> >>> > Verification Code: akdd5dsk5t >>>> >>> >>> > https://cs.lpi.org/caf/Xamman/certification >>>> >>> >>> > >>>> >>> >>> > Novell Certified Linux Administrator >>>> >>> >>> > Data Center Technical Specialist >>>> >>> >>> > >>>> >>> >>> > >>>> >>> >>> > _______________________________________________ >>>> >>> >>> > CentOS-pt-br mailing list >>>> >>> >>> > CentOS-pt-br(a)centos.org >>>> >>> >>> > http://lists.centos.org/mailman/listinfo/centos-pt-br >>>> >>> >>> > >>>> >>> >>> > >>>> >>> >>> >>>> >>> >>> >>>> >>> >>> >>>> >>> >>> -- >>>> >>> >>> Thiago Gomes >>>> >>> >>> _______________________________________________ >>>> >>> >>> CentOS-pt-br mailing list >>>> >>> >>> CentOS-pt-br(a)centos.org >>>> >>> >>> http://lists.centos.org/mailman/listinfo/centos-pt-br >>>> >>> >> >>>> >>> >> >>>> >>> >> >>>> >>> >> -- >>>> >>> >> Lucas Timm, Goiânia/GO. >>>> >>> >> http://timmerman.wordpress.com >>>> >>> >> >>>> >>> >> (62) 8198-0867 >>>> >>> > >>>> >>> > >>>> >>> > >>>> >>> > -- >>>> >>> > Lucas Timm, Goiânia/GO. >>>> >>> > http://timmerman.wordpress.com >>>> >>> > >>>> >>> > (62) 8198-0867 >>>> >>> > >>>> >>> > _______________________________________________ >>>> >>> > CentOS-pt-br mailing list >>>> >>> > CentOS-pt-br(a)centos.org >>>> >>> > http://lists.centos.org/mailman/listinfo/centos-pt-br >>>> >>> > >>>> >>> > >>>> >>> >>>> >>> >>>> >>> >>>> >>> -- >>>> >>> Thiago Gomes >>>> >>> _______________________________________________ >>>> >>> CentOS-pt-br mailing list >>>> >>> CentOS-pt-br(a)centos.org >>>> >>> http://lists.centos.org/mailman/listinfo/centos-pt-br >>>> >> >>>> >> >>>> >> >>>> >> -- >>>> >> Lucas Timm, Goiânia/GO. >>>> >> http://timmerman.wordpress.com >>>> >> >>>> >> (62) 8198-0867 >>>> >> >>>> >> _______________________________________________ >>>> >> CentOS-pt-br mailing list >>>> >> CentOS-pt-br(a)centos.org >>>> >> http://lists.centos.org/mailman/listinfo/centos-pt-br >>>> >> >>>> > >>>> > >>>> > >>>> > -- >>>> > Luiz Henrique Borges >>>> > >>>> > Junior Level Linux Professional (LPIC-1) >>>> > LPI ID: LPI000214825 >>>> > Verification Code: akdd5dsk5t >>>> > https://cs.lpi.org/caf/Xamman/certification >>>> > >>>> > Novell Certified Linux Administrator >>>> > Data Center Technical Specialist >>>> > >>>> > >>>> > _______________________________________________ >>>> > CentOS-pt-br mailing list >>>> > CentOS-pt-br(a)centos.org >>>> > http://lists.centos.org/mailman/listinfo/centos-pt-br >>>> > >>>> > >>>> >>>> >>>> >>>> -- >>>> Thiago Gomes >>>> _______________________________________________ >>>> CentOS-pt-br mailing list >>>> CentOS-pt-br(a)centos.org >>>> http://lists.centos.org/mailman/listinfo/centos-pt-br >>> >>> >>> _______________________________________________ >>> CentOS-pt-br mailing list >>> CentOS-pt-br(a)centos.org >>> http://lists.centos.org/mailman/listinfo/centos-pt-br >>> >>> >> >> >> >> -- >> Thiago Gomes >> > > > > -- > Thiago Gomes > _______________________________________________ > CentOS-pt-br mailing list > CentOS-pt-br(a)centos.org > http://lists.centos.org/mailman/listinfo/centos-pt-br > -- Lincoln Zuljewic Silva More contact info.: http://www.system.adm.br/contact.php "How often must a question be asked before it’s considered a frequently asked question?"

14 years, 10 months

Re: [CentOS] IPv6 broken on Linode

by James Hogarth

On 16 February 2017 at 12:02, James Hogarth <james.hogarth(a)gmail.com> wrote: > On 16 February 2017 at 11:46, James Hogarth <james.hogarth(a)gmail.com> wrote: >> On 16 February 2017 at 11:35, Alice Wonder <alice(a)domblogger.net> wrote: >>> On 02/16/2017 03:28 AM, James Hogarth wrote: >>>> >>>> On 16 February 2017 at 10:42, Alice Wonder <alice(a)domblogger.net> wrote: >>>>> >>>>> On 02/16/2017 02:32 AM, James Hogarth wrote: >>>>>> >>>>>> >>>>>> On 16 February 2017 at 10:17, Alice Wonder <alice(a)domblogger.net> wrote: >>>>>>> >>>>>>> >>>>>>> On 02/16/2017 02:03 AM, James Hogarth wrote: >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> On 16 February 2017 at 09:09, Alice Wonder <alice(a)domblogger.net> >>>>>>>> wrote: >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> On 02/16/2017 12:54 AM, Tony Mountifield wrote: >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> In article <4cbb9dc4-f063-3434-b7a1-d4d0e6581b5e(a)domblogger.net>, >>>>>>>>>> Alice Wonder <alice(a)domblogger.net> wrote: >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> https://forum.linode.com/viewtopic.php?f=19&t=14570&p=72785 >>>>>>>>>>> >>>>>>>>>>> I can not figure out what I need to do. >>>>>>>>>>> >>>>>>>>>>> Apparently according to linode support, the VM is trying to grab an >>>>>>>>>>> IPv6 >>>>>>>>>>> address with some privacy stuff enabled by default causing it to >>>>>>>>>>> not >>>>>>>>>>> grab the IPv6 address that is assigned to me. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Does the accepted answer at the following link give you any useful >>>>>>>>>> hints? >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> http://superuser.com/questions/243669/how-to-avoid-exposing-my-mac-address-… >>>>>>>>>> >>>>>>>>>> Cheers >>>>>>>>>> Tony >>>>>>>>>> >>>>>>>>> >>>>>>>>> Not really - I tried >>>>>>>>> >>>>>>>>> net.ipv6.conf.all.use_tempaddr = 0 >>>>>>>>> >>>>>>>>> and it still fails to grab the proper IPv6 >>>>>>>>> >>>>>>>>> -=- >>>>>>>>> >>>>>>>>> Just in case, I did ask Linode support to verify that my hardware >>>>>>>>> address >>>>>>>>> is >>>>>>>>> what it is suppose to be. Still waiting to hear on that. >>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> it still is key=value ... it uses the ifcfg- files (via the rh >>>>>>>> plugin) and they are all key=value >>>>>>>> >>>>>>>> It would be helpful if you could paste the journal output (journalctl >>>>>>>> -u NetworkManager) from the time period of attempting to get an >>>>>>>> address ... >>>>>>>> >>>>>>>> also the nmcli conn sh <connection_name> information for the interface >>>>>>>> along with your ifcfg- files >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> ifcfg-lo is the only one that exists on any of the servers - including >>>>>>> the >>>>>>> VMs that grab the correct IPv6 address. >>>>>>> >>>>>>> from /sbin/ifconfig -a : >>>>>>> >>>>>> >>>>>> For a start stop using ifconfig ... it's broken at this point on >>>>>> linux, especially on multi ip and ipv6 scenarios >>>>>> >>>>>> Use `ip -6 addr sh` for ipv6 specfic stuff, or just ip addr sh to see >>>>>> all IP address stuff regardless of family >>>>>> >>>>>>> eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 >>>>>>> inet 178.79.185.217 netmask 255.255.255.0 broadcast >>>>>>> 178.79.185.255 >>>>>>> inet6 fe80::a8ad:d312:4ef4:7272 prefixlen 64 scopeid >>>>>>> 0x20<link> >>>>>>> inet6 2a01:7e00::825f:e564:ad53:72fc prefixlen 64 scopeid >>>>>>> 0x0<global> >>>>>>> ether f2:3c:91:18:8a:7e txqueuelen 1000 (Ethernet) >>>>>>> RX packets 9903 bytes 1088621 (1.0 MiB) >>>>>>> RX errors 0 dropped 0 overruns 0 frame 0 >>>>>>> TX packets 7786 bytes 1087223 (1.0 MiB) >>>>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 >>>>>>> >>>>>>> That hardware address - the 18:8a:7e corresponds with what the IPv6 >>>>>>> address >>>>>>> is suppose to be. But that's not the address it is grabbing, despite >>>>>>> the >>>>>>> fact that net.ipv6.conf.all.use_tempaddr = 0 is set. >>>>>>> >>>>>>> I'm seriously wondering if the real issue is a mis-configured dhcp >>>>>>> server >>>>>>> in >>>>>>> their London facility because nothing makes sense. >>>>>>> >>>>>>> journalctl -u NetworkManager >>>>>>> >>>>>>> reports no journal entries found. >>>>>>> >>>>>> >>>>>> So are you not using NetworkManager then? there should be some logs ... >>>>>> >>>>>> >>>>>>> I think the problem must be on their end. >>>>>>> >>>>>>> It all was working fine until they migrated the VM because of a >>>>>>> hardware >>>>>>> issue, and I suspect now all the hardware address privacy stuff being >>>>>>> the >>>>>>> issue is barking up the wrong tree because all the reading I have done >>>>>>> seems >>>>>>> to indicate that with >>>>>>> >>>>>>> net.ipv6.conf.all.use_tempaddr = 0 >>>>>>> >>>>>>> that a fake temporary hardware address would not be sent to their dhcp >>>>>>> server when obtaining the address, but the real one, that should be >>>>>>> fetching >>>>>>> my assigned address. >>>>>> >>>>>> >>>>>> >>>>>> Only if the kernel is doing SLAAC ... if other things (eg NM) are >>>>>> handling it directly they may act differently ... but then from the >>>>>> lack of logs is NM actually handling this? >>>>>> >>>>>> Does systemctl status NetworkManager show it running and does nmcli >>>>>> show anything? >>>>>> >>>>> >>>>> systemctl status NetworkManager >>>>> ● NetworkManager.service - Network Manager >>>>> Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; >>>>> enabled; >>>>> vendor preset: enabled) >>>>> Active: active (running) since Thu 2017-02-16 08:19:34 UTC; 2h 19min >>>>> ago >>>>> >>>>> * more stuff * >>>>> >>>>> nmcli >>>>> eth0: connected to Wired connection 1 >>>>> "Red Hat Virtio network device" >>>>> ethernet (virtio_net), F2:3C:91:18:8A:7E, hw, mtu 1500 >>>>> ip4 default, ip6 default >>>>> inet4 178.79.185.217/24 >>>>> route4 178.79.187.246/32 >>>>> inet6 2a01:7e00::825f:e564:ad53:72fc/64 >>>>> inet6 fe80::a8ad:d312:4ef4:7272/64 >>>>> route6 2a01:7e00::/64 >>>>> >>>>> * more stuff for other interfaces * >>>>> >>>>> -=- >>>>> >>>>> The output of >>>>> >>>>> sysctl -a | grep net.ipv6 : >>>>> >>>>> https://librelamp.com/sysctl.txt >>>>> >>>>> It looks from that like it should not be hiding the real MAC address. >>>>> >>>> >>>> >>>> do nmcli conn show "Wired connection 1" >>>> >>>> the entries of interest are: >>>> >>>> ipv6.ip6-privacy >>>> ipv6.addr-gen-mode >>>> >>>> man nm-settings to get what they mean >>>> _______________________________________________ >>>> CentOS mailing list >>>> CentOS(a)centos.org >>>> https://lists.centos.org/mailman/listinfo/centos >>>> >>> >>> ipv6.ip6-privacy: -1 (unknown) >>> ipv6.addr-gen-mode: stable-privacy >>> >> >> >> Okay so from the man page: >> >> The permitted values are: >> "eui64", or >> "stable-privacy". If >> the property is set to >> "eui64", the addresses >> will be generated using >> the interface tokens >> derived from hardware >> address. This makes the >> host part of the >> address to stay >> constant, making it >> possible to track >> host's presence when it >> changes networks. The >> address changes when >> the interface hardware >> is replaced. The value >> of "stable-privacy" >> enables use of >> cryptographically >> secure hash of a secret >> host-specific key along >> with the connection >> identification and the >> network address as >> specified by RFC7217. >> This makes it >> impossible to use the >> address track host's >> presence, and makes the >> address stable when the >> network interface >> hardware is replaced. >> >> >> I'm not certain (would have to go get changelogs) but I suspect this >> was a change at 7.3 with the rebase of NetworkManager >> >> From what you say you want it sounds like you want eui64 - the one >> based entire on the current MAC - whereas the present version is using >> stable-privacy to avoid tracking. >> >> Note that this is distinct and different to ip6-privacy which is >> concerned about the automatic generation of temporary addresses to use >> for outbound communication. > > Okay a little more research as I'm curious when it changed from EUI64 > by default ... > > https://blogs.gnome.org/lkundrak/2015/12/03/networkmanager-and-privacy-in-t… > > NM changed upstream to stable-privacy at 1.2 (the privacy extensions > for the external connections were added at 1.0.4) > > RHEL 7.2 enabled privacy extensions by default: > > https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/ht… > > But at that milestone we had NM 1.0.6 > > At the RHEL 7.3 release NM was rebased to 1.4.0 > > It was briefly referenced with this change in the 7.3 release notes > but honestly it's pretty opaque ... > > https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/ht… > > "NetworkManager now supports new device types, improved stacking of > virtual devices, LLDP, stable privacy IPv6 addresses (RFC 7217), > detects duplicate IPv4 addresses, and controls a host name through > systemd-hostnamed. Additionally, the user can set a DHCP timeout > property and DNS priorities." > > Of course unless you knew what RFC 7217 was you'd have no idea this > was the effect and there's no note that stable-privacy is the new > default behaviour ARGH > > Disappointingly it's not listed in the "Networking" part of the > release notes .... > > I think I'll raise the priority on my blog for the article I'm > intending on the NM rebase ... there are nice things in the rebase > like the arbitrary layering of teams, vlans and bridges but then > there's unexpected stuff like this as well which should be made more > visible. > > So ... Alice if you want to configure the system with the older EUI64 > behaviour then in your ifcfg file for that interface you need > IPV6_ADDR_GEN_MODE=eui64 and then restart NetworkManager (or `nmcli > conn reload` rather than a full service restart or `nmcli conn mod > "Wired Connection 1" ipv6.addr-gen-mode eui64` to do it at the CLI > without editing files and needing a connection reload). Oh and last message about this ... This was the email to fedora-devel at the time of the NM 1.2 introduction: https://lists.fedoraproject.org/pipermail/devel/2015-November/216754.html Systems that existed prior to the package didn't change their configuration, it was only newly built systems that picked up the new default - which might explain what you saw depending on how they handled the migration. There's a good reason that stable-privacy was moved to for automatic addressing, but for your setup you may want to set the older eui64 to keep things consistent.

9 years, 1 month

Re: [CentOS] Fwd: Re: SELinux triggered during Libvirt snapshots

by Trey Dockendorf

On Oct 17, 2011 2:06 PM, "Daniel J Walsh" <dwalsh(a)redhat.com> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 10/17/2011 02:09 PM, Trey Dockendorf wrote: > > On Oct 17, 2011 10:30 AM, "Daniel J Walsh" <dwalsh(a)redhat.com > > <mailto:dwalsh@redhat.com>> wrote: > >> > > On 10/17/2011 11:19 AM, Trey Dockendorf wrote: > >> Forwarding back to list. ---------- Forwarded message ---------- > >> From: "Trey Dockendorf" <treydock(a)gmail.com > >> <mailto:treydock@gmail.com>> Date: Oct 17, 2011 10:06 AM Subject: > >> Re: [CentOS] SELinux triggered during Libvirt snapshots To: > >> "Daniel J Walsh" <dwalsh(a)redhat.com <mailto:dwalsh@redhat.com>> > > > > > > > >> On Mon, Oct 17, 2011 at 7:47 AM, Daniel J Walsh > >> <dwalsh(a)redhat.com <mailto:dwalsh@redhat.com>> wrote: > > > >> On 10/14/2011 08:17 PM, Trey Dockendorf wrote: > >>>>> I recently began getting periodic emails from SEalert that > >>>>> SELinux is preventing /usr/libexec/qemu-kvm "getattr" > >>>>> access from the directory I store all my virtual machines > >>>>> for KVM. > >>>>> > >>>>> All VMs are stored under /vmstore , which is it's own > >>>>> mount point, and every file and folder under /vmstore > >>>>> currently has the correct context that was set by doing the > >>>>> following: > >>>>> > >>>>> semanage fcontext -a -t virt_image_t "/vmstore(/.*)?" > >>>>> restorecon -R /vmstore > >>>>> > >>>>> So far I've noticed then when taking snapshots and also > >>>>> when using virsh to make changes to a domain's XML file. > >>>>> I haven't had any problems for the 3 or 4 months I've run > >>>>> this KVM server using SELinux on Enforcing, and so I'm not > >>>>> really sure what information is helpful to debug this. The > >>>>> server is CentOS 6 x86_64 updated to CR. This is the raw > >>>>> audit entry, (hostname removed) > >>>>> > >>>>> node=kvmhost.tld type=AVC msg=audit(1318634450.285:28): > >>>>> avc: denied { getattr } for pid=1842 comm="qemu-kvm" > >>>>> name="/" dev=dm-2 ino=2 > >>>>> scontext=system_u:system_r:svirt_t:s0:c772,c779 > >>>>> tcontext=system_u:object_r:fs_t:s0 tclass=filesystem > >>>>> node=kvmhost.tld type=SYSCALL > >>>>> msg=audit(1318634450.285:28): arch=c000003e syscall=138 > >>>>> success=no exit=-13 a0=9 a1=7fff1cf153f0 a2=0 > >>>>> a3=7fff1cf15170 items=0 ppid=1 pid=1842 auid=4294967295 > >>>>> uid=107 gid=107 euid=107 suid=107 fsuid=107 egid=107 > >>>>> sgid=107 fsgid=107 tty=(none) ses=4294967295 > >>>>> comm="qemu-kvm" exe="/usr/libexec/qemu-kvm" > >>>>> subj=system_u:system_r:svirt_t:s0:c772,c779 key=(null) > >>>>> > >>>>> I've attached the alert email as a quote below, (hostname > >>>>> removed) > >>>>> > >>>>> Any help is greatly appreciated, I've had to deal little > >>>>> with SELinux fortunately, but at the moment am not really > >>>>> sure if my snapshots are actually functional or if this is > >>>>> just some false positive. > >>>>> > >>>>> Thanks - Trey > >>>>> > >>>>> Summary > >>>>>> > >>>>>> SELinux is preventing /usr/libexec/qemu-kvm "getattr" > >>>>>> access on /vmstore. > >>>>>> > >>>>>> Detailed Description > >>>>>> > >>>>>> SELinux denied access requested by qemu-kvm. It is not > >>>>>> expected that this > >>>>>>> access is required by qemu-kvm and this access may > >>>>>>> signal an intrusion attempt. It is also possible that > >>>>>>> the specific version or configuration of the > >>>>>>> application is causing it to require additional > >>>>>>> access. > >>>>>> > >>>>>> Allowing Access > >>>>>> > >>>>>> You can generate a local policy module to allow this > >>>>>> access - see FAQ > >>>>>>> Please file a bug report. > >>>>>> > >>>>>> Additional Information > >>>>>> > >>>>>> Source Context: system_u:system_r:svirt_t:s0:c772,c779 > >>>>>> > >>>>>> Target Context: system_u:object_r:fs_t:s0 > >>>>>> > >>>>>> Target Objects: /vmstore [ filesystem ] > >>>>>> > >>>>>> Source: qemu-kvm > >>>>>> > >>>>>> Source Path: /usr/libexec/qemu-kvm > >>>>>> > >>>>>> Port: <Unknown> > >>>>>> > >>>>>> Host: kvmhost.tld > >>>>>> > >>>>>> Source RPM Packages: qemu-kvm-0.12.1.2-2.160.el6_1.8 > >>>>>> > >>>>>> Target RPM Packages: > >>>>>> > >>>>>> Policy RPM: selinux-policy-3.7.19-93.el6_1.7 > >>>>>> > >>>>>> Selinux Enabled: True > >>>>>> > >>>>>> Policy Type: targeted > >>>>>> > >>>>>> Enforcing Mode: Enforcing > >>>>>> > >>>>>> Plugin Name: catchall > >>>>>> > >>>>>> Host Name: kvmhost.tld > >>>>>> > >>>>>> Platform: Linux kvmhost.tld 2.6.32-71.29.1.el6.x86_64 > >>>>>> #1 SMP Mon Jun 27 > >>>>>>> 19:49:27 BST 2011 x86_64 x86_64 > >>>>>> > >>>>>> Alert Count: 1 > >>>>>> > >>>>>> First Seen: Fri Oct 14 18:20:50 2011 > >>>>>> > >>>>>> Last Seen: Fri Oct 14 18:20:50 2011 > >>>>>> > >>>>>> Local ID: c73c7440-06ee-4611-80ac-712207ef9aa6 > >>>>>> > >>>>>> Line Numbers: > >>>>>> > >>>>>> Raw Audit Messages : > >>>>>> > >>>>>> > >>>>>>> node=kvmhost.tld type=AVC > >>>>>>> msg=audit(1318634450.285:28): avc: denied { getattr } > >>>>>>> for pid=1842 comm="qemu-kvm" name="/" dev=dm-2 ino=2 > >>>>>>> scontext=system_u:system_r:svirt_t:s0:c772,c779 > >>>>>>> tcontext=system_u:object_r:fs_t:s0 tclass=filesystem > >>>>>> > >>>>>> node=kvmhost.tld type=SYSCALL > >>>>>> msg=audit(1318634450.285:28): arch=c000003e > >>>>>>> syscall=138 success=no exit=-13 a0=9 a1=7fff1cf153f0 > >>>>>>> a2=0 a3=7fff1cf15170 items=0 ppid=1 pid=1842 > >>>>>>> auid=4294967295 uid=107 gid=107 euid=107 suid=107 > >>>>>>> fsuid=107 egid=107 sgid=107 fsgid=107 tty=(none) > >>>>>>> ses=4294967295 comm="qemu-kvm" > >>>>>>> exe="/usr/libexec/qemu-kvm" > >>>>>>> subj=system_u:system_r:svirt_t:s0:c772,c779 key=(null) > >>>>>> > >>>>>> > >>>>>> > >>>>> _______________________________________________ CentOS > >>>>> mailing list CentOS(a)centos.org <mailto:CentOS@centos.org> > >>>>> http://lists.centos.org/mailman/listinfo/centos > > > > > >> THis is a bug in policy. It can be allowed for now. > > > >> We have 6.2 selinux-policy preview package available on > >> http://people.redhat.com/dwalsh/SELinux/RHEL6 > > > >> I believe all that is happening is qemu-kvm is noticing you have > >> a file system mounted, and doing a getattr on it. > > > > > >> Thanks for the help Dan. Is there something that could have > >> triggered this between 6.0 and 6.1? This server was updated to > >> 6.0 CR around the same time this began happening, so I want to > >> make sure if it's an issue in CR that I can file a useful bug > >> report. > > > >> When updating selinux-policy, do I have to update all the RPMs > >> listed or will that one package suffice? > > > >> Thanks - Trey _______________________________________________ > >> CentOS mailing list CentOS(a)centos.org <mailto:CentOS@centos.org> > >> http://lists.centos.org/mailman/listinfo/centos > > > > Did you add additional file systems? > > > > Not after the upgrade. The same filesystems were in place using > > 6.0 and 6.0 CR. The only change was the upgrade to CR. > > > > - Trey > > > > Well I have no idea. Anyways it is not a problem allowing this access. > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAk6cfMEACgkQrlYvE4MpobPg6wCg5YzlxAKeZ61E7EneEIkpw/A1 > lNQAn073hud5trqccs4M5QeLI3vUMnD7 > =rQB1 > -----END PGP SIGNATURE----- What do I have to do to allow that access? Or should I update to the selinux-policy you linked ? Ive had little in the way of experience with selinux so this is all new. Thanks - Trey

14 years, 5 months

Jump to page: