DevHeads.net

Postings by m.roth

OT, hardware: new router and a USB winprinter

Well, the router I've had for some years now, that I had DD-WRT on, borked
itself. Went out and bought a new one, an Asus RT-AC66U. Now, I've got
this 11 yr old cute HP Laserjet... and it's a winprinter. With the version
of the DD-WRT I had, all I had to do was send the magic M$ data to it, it
would wake up, the lights on the printer telling me that it was installing
that.

New printer magically actually recognizes the printer...

Danger, Will Robinson: Visual Studio with CentOS

Had a manager come by, to tell me one server seemed to be running slow,
but nothing much was on it.

Well, it turned out to be a user who was using Visual Studio on his Win10
laptop to edit files on the server. And VS used sftp to get to the files.

Yeah, about that: ssh in about 4 times a second.... Things sped up with he
killed that.

Be warned.

mark

Civ 6 on CentOS?

Being as how we're looking at putting my SO on Linux (she's *so* fed up with
Windoze), big question for her: Civ 6 on CentOS? Will it run on C 7? Wait for
C 8 (which I was sort of thinking of doing, anyway)?

mark

systemd-sleep

I found that one of my users' workstation is, for some reason, running
systemd-sleep. I cannot find, anywhere on the system. system-sleep.conf
(or systemd-sleep.conf), nor do I find systemctl status system[d]-sleep.

How can I turn this thing off, other than renaming
/usr/lib/systemd/systemd-sleep?

mark

zfs

Hi, folks,

testing zfs. I'd created a zpoolz2, ran a large backup onto it. Then I
pulled one drive (11-drive, one hot spare pool), and it resilvered with
the hot spare. zpool status -x shows me
state: DEGRADED
status: One or more devices could not be used because the label is missing or
invalid.

Gnome annoyances

How do I disable /usr/libexec/gsd-backlight-helper on a user's
WORKSTATION? This is clearly something that should NEVER, EVER be running
if it's not a laptop....

mark

os-prober

Semi-OT question: os-prober is in CentOS, but I never see it running.

df

<rant>
I *swear*, I may get aggravated enough to write a drh - d *real* h.
Between C7, with all the /tmpfs, and this debian 18.04 that has a dozen
/snap all showing up.... All I want it to display is physical drive
partition space....
</rant>

mark

system unresponsive

Ok, we used to get this occasionally on cluster nodes, and we just got it
on a fileserver (very bad). The system is discovered to be unresponsive:
it doesn't ping, and plugging a console in, you can see that it's not
dead, but there nothing at all on the screen, nor does it respond to even
<ctrl-alt-del>. The only answer is to power cycle it; it comes up fine.

Nothing in /var/log/dmesg or /var/log/messages. No abrts I can find. sar
tells me it went unredponsive between 18:10 and 10:20 yesterday.

Issues trying to change the selinux context

We're forced to use Siteminder, by CA, who have no clue what they're doing
in *nix. No packages, tarballs...

Anyway, I'm trying clean up some stuff, and in /*/smwa/webagent/bin (all
their binaries, including .so's, are in there, duh...

gssproxy segmentation fault]

Hi, folks,

Especially Johnny - could you possibly push this fix through as soon as
upstream puts it out?

FYI: C 7, broken cron, sort of SOLVED

I was fighting this a few weeks ago, and asking here. I *finally* solved
it yesterday... and the answer isn't pleasant.

Running the command

authconfig --enablesssd --enablesssdauth --enablesmartcard
--smartcardmodule=sssd --smartcardaction=0 --updateall

breaks crond, as per bugzilla # Bug 1650314.

A strange situation with MegaCli64 and smartctl

We have a system - it's C 7 - that a while back lost three drives of a
large array. The other admin here replaced the failed drives, but never
went through the MegaRAID replace series of commands.

I've just brought it back up and put a new filesystem on it, but here's
what's odd: if I do smartctl -a -d megaraid,x /dev/sda, where x=drive
number, for all the other drives, I get smart info.

Re: [CentOS] BhkMbpU

=?utf-8?Q?=E6=9C=8D=E5=8A=A1=E4=B8=9A=E6=99=AE=E9=80=9A=E7=99=BC=E7=A5=A8
=E9=9C=80=E8=A6=81=E8=81=94=E7=B3=BB
=E7=94=B5+V=EF=BC=9A131289=E2=92=8F0961=E6=9D=A8=E7=94=9F?= wrote:
Ah, yes, the joys of a plain text mailing list... where this garbage shows
up as just garbage. Now, HTML email, or, as I often refer to it,
malware-spreading email....

MegaRAID, and creating a RAID 1 while live

I've started searching, but if anyone here has a link.... I *just*
discovered yesterday, to my dismay, that a previous admin built a box that
has four hot-swap bays as two as RAID 1... and the other two as RAID 0.

Honest, I thought I was pulling the failing drive out of a RAID 1, not
that the RAID 0 contained all the websites for a production box....

So, what I want to do is this: it's a Dell, with a PERC 710. Let's call
the two drives I'm dealing with sdb and sdc. With mdadm, what I'd do is
1. copy what's on the the RAID 0 of sdc to the RAID 0 of sdb,
2.

CUPS issues

We've got this huge HP DesignJet Z9 printer, for printing posters.
Except... I got the latest hplips installed, it knows this printer... but
there are no poster-sized settings.

Now, I've started hacking the .ppd, as I did six year ago for the old
poster printer, but it seems, after a good bit of googling, that it would
be easier, when I hit print from okular, and get the dialog window, to go
to properties->page, and set it to custom, and set the width and height...
except I can't: both width and height are grayed out.

Now, I'm running as me.

C 7 anacron issue

Has anyone else seen a problem recently (like, the last few weeks) with
anacron? We've got a couple of recently-built systems and we're seeing
Mar 4 17:20:01 <system> crond[25767]: (root) PAM ERROR (Failure setting
user credentials)
Mar 4 17:20:01 <system> crond[25767]: (root) FAILED to authorize user
with PAM (Failure setting user credentials)

mark

gpg?

I just wanted to set up to send an encrypted message, so I went to generate a
public/private key pair using gpg on C 6.

Version 2.0.14, copyright 2009?

Isn't there something newer than 10 years old?

mark

hplips

Yeah, about that... Back in '12, we got a nice HP poster printer. They
don't support Linux, but a co-worker got the .ppd out of the Mac support
file.

I tried it, then I looked at the file in vi... and found it *only*
supported the 24" printer, *not* the 44" printer that we had.

Well, we just bought a replacement, since the old printer was EOL'd. This
time, I went to hplips, d/l and built the current one, and sure enough,
there's a .ppd for the DesignJet Z9.

Any bets on what I found? No?

Policy issue: C7 and motion

Not sure who's package let an error slip in, but I don't believe I've had
this issue before: SELinux is preventing /usr/bin/motion from map access
on the chr_file /dev/video1

Yes, that should be allowed by default.

mark

iptables 2 firewalld

Y'all may remember me fighting this a few weeks back. I did finally
succeed, and thought that my awk script might be helpful to others. Yes,
it's really simple, it uses the build-in FORWARD chain. The line where I
skip the definition of those chains is because it *is* built in. To use
it, I did an iptables-save on the firewall that's currently in use,
changed the physdev devices to match the ones on the new box (I *loathe*
that idiot varying name convention, it is *not* helpful, and then ran it
through this script. I piped the o/p into a file, then sh scriptname did
the actual install.

thunderbird issues

Just updated t-bird, and once again, it wants to open a completely new
browser, other than using the running one.

I started searching, and found something about editing the config, and for
the first one of the two they said to change, I find this:
network.protocol-handler.app.https;/usr/lib64/thunderbird-3.1/open-browser.sh
%s

a) there's only /usr/lib64/thunderbird, and I'm on 60.something. Is this
in my config as a user?

C7 basic install, HATE

I've got an old server, that I'm *trying* to rebuild from C6. Our regular
key, with the kickstarts, etc, simply won't boot. Just a blank screen, and
it never goes anywhere.

So I'm trying to build it from a year-old regular installer.

100% of the time, the graphical screen is screwed. Resolution's so big
that I cannot see the right-hand 10% or 15% of the screen. There doesn't
seem to be any way that I've found yet to make it higher res, so I can
read it.

It's *not* the monitor's fault. It is an ancient Matrox video card...

C7, enable an abrt for a daemon

I've mentioned here before that gssproxy is crashing all over the place
with a SEGV. However, there's no /var/spool/abrt/... when it does. How do
I enable the daemon to give me an abrt with information? I'm just not sure
of what the right word is for systemd, so online searching isn't always
useful.

Thanks in advance.

mark

Back to c7 and firewalld

If I've missed someone's response, apologies.

As I said, my converted rules seem fine, and I can run the script that
issues a bunch of direct rules for the built-in FORWARD rule...

C7 and firewalld, ongoing

I've got my direct rules, converted from a C6 iptables-save. I load them -
they're to add to the built-in FORWARD chain. They all seem to load... but
then, when I try to --reload, I get
Error: BUILTIN_CHAIN: chain 'FORWARD' is built-in chain

and firewall-cmd --direct --get-all-rules returns nothing.

Bug in libreoffice or cups?

C7 My manager's manager sent out a ppt. Nothing fancy, no animation.

1. Page down doesn't get me to the next page.
2. Slide show decides that on my left monitor, it should fill the entire
monitor- no options, with the slide, and the next slide, and that my
right-hand monitor shuold be *COMPLETELY* filled with the slide.
3. Hitting <esc> gets rid of the one on the right... and anything then
crashes all instances of libreoffice.
4. I just tried to print it out...

C7, firewalld and rich rules

Hi, again, folks,

I'm trying to convert a number of iptables rules to firewalld rich
rules. I need to do this, because this is, in fact, a firewall, to
protect access to servers with sensitive data. It will limit access to
the servers behind it to a specific network, and nobody else, and allow
only certain services through.

What I've been trying to find is a script/program that converts the
output of iptables-save to something I can feed to firewall-cmd.
Anyone have a link to such?

I admit this is annoying.

C7, mdadm issues

I've no idea what happened, but the box I was working on last week has a
*second* bad drive. Actually, I'm starting to wonder about that
particulare hot-swap bay.

Anyway, mdadm --detail shows /dev/sdb1 remove. I've added /dev/sdi1... but
see both /dev/sdh1 and /dev/sdi1 as spare, and have yet to find a reliable
way to make either one active.

Actually, I would have expected the linux RAID to replace a failed one
with a spare....

Clues for the poor?

C 7 and gssproxy

Ok, folks,

I brought this up some time ago, and got no replies. We have a good
number of systems - > 100 - and we use sssd. On the C 7 boxen, which is
most of them, gssproxy *frequently* (like once a day or so) dies with a
SEGV. It restarts fine. Dies again eventually.

ARE other people seeing this? If so, I guess we get to file a bug
report with upstream. Speaking as an old C programmer, dying with a
SEGV? Really? In production?

mark