[CentOS] Is it okay?

Fri Jan 21 19:35:11 UTC 2011
m.roth at 5-cent.us <m.roth at 5-cent.us>

Lamar Owen wrote:
> On Friday, January 21, 2011 01:33:03 pm m.roth at 5-cent.us wrote:
>> Lamar Owen wrote:
>> > On Friday, January 21, 2011 12:34:57 pm m.roth at 5-cent.us wrote:
>> >> Haven't seen the kernel break things, with the exception of *sigh*
>> >> NVidia drivers.... I've also seen it reorder ethernet ports, but
>> >> finally found the simple solution
(/etc/sysconfig/network-scripts/ifcfg-ethx, and
>> >> add the HWADDR)
>> >
>> > You use the RPMfusion kmod's, and use the yum plugin to protect them,
>> > right?
>>
>> For nVIdia? I've been manually building the driver using the proprietary
>> kit. One of these days, I'll try the... who is it, rpmforge? that has
>> the packages? If that works, I'll have a literal handful of machines that
>> I'll do that for.
>
> Sorry, not RPMfusion, but ELrepo.  See elrepo.org

Right. That's the one.
>
> Install yum-kmod (I have also install yum-kernel-module), then install
> whichever nvidia kmod you need from elrepo.  That should prevent kernel
> updates until the matching nvidia kmod is available.  The yum-kmod and
> yum-kernel-module plugins are part of regular CentOS, not third-party
> repos.
>
Thanks for that - I really will get around to it, one of these days. It
gets tedious, rebuilding.

>> > Linux localhost.localdomain 2.0.36 #3 Fri Apr 9 15:36:11 EDT 1999 i586
>>
>> Argh! You're one of *those*....
>
> Yep.  I have a couple of VAXstation 4000's here, and soon will have a
> smallish SGI multiprocessor box that I'm planning to load CentOS on..... I
> like old kit.  If I still had my PDP-8 now that would be interesting.....
> :-)

I have a friend with several RISC 6000's, and of course his MicroVAX. You
had a PDP-8? When I was taking an o/s class in the mid-eighties, I was on
a PDP-11/780. *Nice* machine, running RSTS, I think it was.
>
>> Right, and it's not online. Big changes, if it ever does go online. Hey,
>> I was just using my box a year and a half ago. But I built it for its
>> purpose: no compilers, no X, no diddly-squat, *and* I'd run Bastille
>> Linux on it. To the best of my knowledge, over 10 years, I'd never had an
>> intrusion.
>
> I have had intrusions; that box actually was originally RH 4.2, but got
> upgraded after an intrusion (which is when its direct internet went
> away....bind 4 vulnerability).  I've learned from those intrusions; good
> experience.  One was on a Ubuntu box, fully up-to-date at the time.  Turns

Have you looked into Bastille Linux? It's not a distro, it's a set of
scripts to harden a system.
<snip>
> about it, too.  Now I don't allow outbound port 22 to just anywhere (among

Ah, no. When I've had a home network with the old machine running, the
*only* place it would accept ssh from was the inside NIC.
<snip>
>> > Filed a bug report, right? :-)
>>
>> *If* I could pin down the exact cause, and I can't play around with the
>> machine, since the user needed it *now*....
>
> Just *now* and not *yesterday* ? :-)  But I understand; the goal of filing
> a report is to file a useful report, and 'it broke' is not a useful
> report....

Yup. That's what most of us jump up and down about, when a user says "it's
Broke!!!", when they mean something went wrong in a package. And by *now*,
I meant that he's working on a project hot and heavy, and will for a week
or two or more, and I don't want to shove him out of his cube to screw
with this, rebooting for hours.

    mark