[CentOS] Is it okay?
Lamar Owen
lowen at pari.edu
Fri Jan 21 19:13:39 UTC 2011
On Friday, January 21, 2011 01:33:03 pm m.roth at 5-cent.us wrote:
> Lamar Owen wrote:
> > On Friday, January 21, 2011 12:34:57 pm m.roth at 5-cent.us wrote:
> >> Haven't seen the kernel break things, with the exception of *sigh*
> >> NVidia drivers.... I've also seen it reorder ethernet ports, but
> finally found
> >> the simple solution (/etc/sysconfig/network-scripts/ifcfg-ethx, and add
> >> the HWADDR)
> >
> > You use the RPMfusion kmod's, and use the yum plugin to protect them,
> > right?
>
> For nVIdia? I've been manually building the driver using the proprietary
> kit. One of these days, I'll try the... who is it, rpmforge? that has the
> packages? If that works, I'll have a literal handful of machines that I'll
> do that for.
Sorry, not RPMfusion, but ELrepo. See elrepo.org
Install yum-kmod (I have also install yum-kernel-module), then install whichever nvidia kmod you need from elrepo. That should prevent kernel updates until the matching nvidia kmod is available. The yum-kmod and yum-kernel-module plugins are part of regular CentOS, not third-party repos.
> > Linux localhost.localdomain 2.0.36 #3 Fri Apr 9 15:36:11 EDT 1999 i586
>
> Argh! You're one of *those*....
Yep. I have a couple of VAXstation 4000's here, and soon will have a smallish SGI multiprocessor box that I'm planning to load CentOS on..... I like old kit. If I still had my PDP-8 now that would be interesting..... :-)
> Right, and it's not online. Big changes, if it ever does go online. Hey, I
> was just using my box a year and a half ago. But I built it for its
> purpose: no compilers, no X, no diddly-squat, *and* I'd run Bastille Linux
> on it. To the best of my knowledge, over 10 years, I'd never had an
> intrusion.
I have had intrusions; that box actually was originally RH 4.2, but got upgraded after an intrusion (which is when its direct internet went away....bind 4 vulnerability). I've learned from those intrusions; good experience. One was on a Ubuntu box, fully up-to-date at the time. Turns out the password I thought was pretty unique wasn't; and it was a 'strong' password by most tools' estimation, being it had mixed case, numbers, and a punctuation symbol in it; it got infected with a slow-brute-forcer ssh worm, and when I saw the strange ssh traffic I shut it down; got a note about it, too. Now I don't allow outbound port 22 to just anywhere (among a few other things; it's becoming to where I'm tempted to firewall outgoing as aggressively as I firewall incoming, but we still do too many academic 'things' that connect to unusual port numbers.....).
> > Filed a bug report, right? :-)
>
> *If* I could pin down the exact cause, and I can't play around with the
> machine, since the user needed it *now*....
Just *now* and not *yesterday* ? :-) But I understand; the goal of filing a report is to file a useful report, and 'it broke' is not a useful report....
More information about the CentOS
mailing list