DevHeads.net

Postings by Jobst Schmalenbach

Where to report (possible) bugs? Redhat? Bugzilla?

Hi

I want to know whether this is a bug and report it but I do
not know where to report it. Upstream?

Background:

It seems upon booting there is a problem where the ifup-route
file is called before the actual interface is up.

I put some "logger -t ifup-route.jobst ...

Upgrade from 7.6.1810 to 7.7.1908 -> Interfaces order not static

Hi

For years (long time) I had " net.ifnames=0 biosdevname=0 " and it worked as it should (6.X, 7.X)

I never had any problems, until yesterday.

I started upgrading my machines and I stopped after the first one showed
issues and I will not update all the other ones until this is sorted.

I have problems keeping the interfaces in order as I wanted them to be assigned
to eth0, eth1 ..

Increase logging verbosity of saslauthd?

Hi

CentOS 7.X, sendmail.x86_64 8.14.7-5.el7, cyrus-sasl.x86_64 2.1.26-23.el7

There are conflicting message on how to increase the logging of saslauthd.

I know I can do this:
/usr/sbin/saslauthd -d -n0 -m /var/run/saslauthd -a pam

but that requires a terminal as saslauthd logs the output to STDOUT, this is not what I want.

I would like to have it started as a daemon and verbosity of logging increased into a log file.

How can I increase the verbosity of logging for saslauthd?

thanks

Performance issues/difference of two servers running same task (one is quicker)

Hi

I need some advice what to do next, even if someone tells me to
check out (an)other mailing list(s), tuning site or point me in a better
direction how to solve my annoying problem: one server is much faster
for certain tasks although on "shitty" hardware.

I have tried many things to solve my issue
- changed buffer/pool/cache/etc mysqld
- changed server settings apache/php
- changed various OS settings (sysctl) e.g.

Older versions of samba that work with CentOS 7?

Hi.

Are there any places I can download older versions of Samba working with CentOS 7?

Reason:

I have been upgrading all of my servers from 6.X to 7.X.
This alone is a massive task for me as I am a one man band.

Samba made massive changes not allowing NT style domains anymore in the 4.10 branch.

If I can find older samba RPM's for CentOS 7 than I can finish all upgrades of the OS, then later upgrade samba once I am finished when I have more time.

Any ideas anyone?

thanks
Jobst

yum remove iptables problem

Hi

Just got a new server replacing another server.
I had to use iptables to protect it until I could move a hardware firewall from the old server to the new server.

Now I am trying to delete iptables but it wants to delete lots of other dependency packages, e.g. sendmail, cyrus-sasl and even plymouth.

Can I just use "force" and "no-dependecies" to get rid of it?
Are there other implications I do not know about?

thanks
Jobst

Systemd's [ OK ] in green beginning of line

Hi

I have to (re-)write many bootup scripts to move a bunch of servers from CentOS6 to CentOS7

In sysvinit the "echo_success" and "echo_failure" used to do this.

What is the equivalent for systemd?

thanks
Jobst

What files to edit when changing the sdX of hard drives?

Hi

I have read instructions for udev, I also found many example on how to do this.
I want to lock in the SDA/SDB/SDC for my drives and I came up with a rule like this

KERNEL=="sd?", SUBSYSTEM=="block", ENV{ID_SERIAL}=="ST500DM002-1BC142_W2A56H8A", NAME="sda", RUN+="/usr/bin/logger ID_SERIAL=$ENV{ID_SERIAL} set to /dev/sda ", GOTO="END_PERSISTENT_DISK"

However, it is not clear to me is in what files I need to add my rules.

Do I add a random file "99-my-rules.rules" in "/etc/udev/rules.d/"?

Do I copy a file from "/usr/lib/udev" to "/etc/udev/rules.d/" and add my rules?

Do I need to be c

Problem with mdadm, raid1 and automatically adds any disk to raid

Hi.

CENTOS 7.6.1810, fresh install - use this as a base to create/upgrade new/old machines.

I was trying to setup two disks as a RAID1 array, using these lines

mdadm --create --verbose /dev/md0 --level=0 --raid-devices=2 /dev/sdb1 /dev/sdc1
mdadm --create --verbose /dev/md1 --level=0 --raid-devices=2 /dev/sdb2 /dev/sdc2
mdadm --create --verbose /dev/md2 --level=0 --raid-devices=2 /dev/sdb3 /dev/sdc3

then I did a lsblk and realized that I used --level=0 instead of --level=1 (spelling mistake)
The SIZE was reported double as I created a striped set by mistake, yet I wanted the mirrored

Apache upgrade 2.2 -> 2.4 and "PerlAuthenHandler Authen::Simple::IMAP"

Hi

I have just started upgrading all of my CentOS servers from 6.X to 7.X.
With that Apache gets upgraded from 2.2 to 2.4.

While I have fixed most of the issues one that I cannot solve is the
"PerlAuthenHandler Authen::Simple::IMAP" in .htaccess files.

I use this frequently on many machines as it is real easy for me to look after this,

Using apache 2.2 this used to work like a charm with an .htaccess file in the directory to protect:

satisfy any
Order deny,allow
deny from all

AuthName "Protected by IMAP credentials"
AuthType Basic
require user USER1 USER2
Per

CentOS 6.X, iptables 1.47 and GeoLite2 Country Database

Hi

Specs in subject line: CentOS 6.X all latest patches), iptables 1.47, Apache2.2

I use the Geolite legacy databases together with iptables 1.47 to filter traffic for a variety of ports and only allow .AU traffic to have access.

Maxmind (<a href="https://dev.maxmind.com/geoip/geoip2/geolite2/" title="https://dev.maxmind.com/geoip/geoip2/geolite2/">https://dev.maxmind.com/geoip/geoip2/geolite2/</a>) changed the default DB to the latest version which is GeoLite2, this leaves all users in need of the old Geolite Legacy database in the dark, they cannot update.

If I download a later version of xtables it will complain that it requires iptable>1.6 which I do not think I can get going on CentOS 6.X.

Is the

Possible to have EthX acting like the ipaddress of the attached device (aka bridge) having no ipaddress?

Hi

I have a Centos 6.X router/firewall/gateway for a /29 network all connected to one ETHX that has a switch behind it.

This setup works very well but does NOT allow me to QOS one of the devices (a VOIP phone, many lines) as for "tc" to work I need a device, not ipaddress.

I thought to connect the VOIP phone directly to the router, but in doing so I need that interface to ACT like the IPADDRESS of the VOIP box, meaning the ethernet interface has no ipaddress acting like a bridge:

Internet
|

Weird bandwith behaviour (download throughput) on CentOS based gateway

Hi.

I have a company gateway that is connected to a 30/30 Fiber connection, network termination point is a MRV OS-904.
It acts as a firewall/router for the DMZ/hosts/lans behind.

Software: CentOS 6.9, bare minimum install, all latest patches.
Hardware: Xeon CPU, Intel server MB with two Intel PRO 1000 (e1000, e1000e) network cards, adaptec RAID, 8GB RAM

On the hosts/lan behind I can happily achieve 28.8 mbs - it seems it's being capped at that speed by the provider.

However, on the host itself I cannot get passed 820k/s max, even if I switch off iptables and anything else that could inter

Problem with IPTABLES logging message to the screen/console

Hi

I am not sure how to solve this.

I am constantly getting messages that should go into the kern/message log printed on screen - MOSTLY from iptables.
The messages are ALSO logged to the syslog files.

It still prints those message onto the console screen even if I am logged off (security issue).

When logged in on the console its anoying as I constantly have to hit CTRL-L to refresh the screen to get rid of those messages.

However it does NOT happen when I ssh into the machine.

How can I solve this that those messages are NOT printed.

thanks
Jobst

Domain Logout, then domain login again, profile corrupt -> replaced by TEMP profile

Hi

I have had this problem for a while, but waited to post this until I upgraded to see whether the upgrade would fix it.
I upgraded samba to the 4.2.X stream from 3.6.X stream, but it happens on both, 3.6.X and 4.2.10.

Whenever someone logs out, then in again the profile gets corrupted and a new TEMP profile is created (the dreadful "creating new desktop").

saslauth logging

Hi

Not sure whether this is the correct list to ask ... if it's not please direct me to the correct one.

Is it possible on to log a bit more detail when auth failure occurs when using saslauthd?

saslauthd[2119]: do_auth : auth failure: [user=DELETED] [service=smtp] [realm=DELETED] [mech=pam] [reason=PAM auth error]

What I want is the IP address and if possible the incorrect password (just to see how far they are off).
Is this possible?

thanks
Jobst

httpd 2.3 or 2.4 repository for CentOS 6.X anywhere?

Hi

is there a yum repository for httpd 2.3 or 2.4 for CentOS 6.X anywhere?

Like remi for php/mysql?

thanks
Jobst

After reboot of web-server accessing website shows "Forbidden", restarting httpd all is fine

Hi.

I am stuck with this one and I do not know where and how to search for this problem nor do I know how to fix it.

When I reboot one of our servers (CentOS 6.7, selinux target, yum fully updated) the http server loads fine (no erros) but when accessing one of the server's websites it displays "Forbidden", restarting the httpd server (command line) will give full access and all is fine.

What troubles me that a simple restart of the daemon fixes everything but it does not come up on reboot.

[Sat Nov 07 13:02:44 2015] [notice] caught SIGTERM, shutting down
[Sat Nov 07 13:02:45 2015] [notice

CLAMAV problem: Error message "outdated version" although "yum list installed" reports correct version

Hi.

I posted this on the clamav list as well, as I do not know whether this is a rpm issue or clamav issue.
Strange problem indeed:

[root /tmp] #>yum list installed "clamav*"
Loaded plugins: fastestmirror
Installed Packages
clamav.x86_64 0.98-2.el5.rf installed
clamav-db.x86_64 0.98-2.el5.rf installed
clamav-milter.x86_64 0.98-2.el5.rf installed
[root /tmp] #>

[root /tmp] #>su clamav -c /usr/bin/freshclam
ClamAV update process started at Thu Feb 20 12:37:52 2014
WARNING: Your ClamAV installatio

deleting FakeRaid -> what happens to the partitions/data

Hi

A server has FakeRAID installed, I want to remove it to make it mdadm driven ....

If I delete the FakeRAID including

- disabling it in the BIOS
- removing the dmraid driver from initrd
- deleting all meta data from partitions
- deleting all dmraid packages

is the data still available on the drives, i.e. the partitions, filesystem and files are still ok?

I know that FakeRAID controller is not a real hardware controller and the driver (thus CPU doing the work) makes it look like one drive ...

updated certificate, but certwatch still reporting it needs to be renewed

Hi

I updapted the ssl certificate on the 15th of Jan using the providers update facility.
Then I downloaded the new certificate, installed it and restarted httpd.

Then I checked with the providers "ssl installation diagnostic tool" whether everything is fine - and it is, all reported good.

Then I opened a browser, loaded the https website, checked the certificate and it's valid until 8/02/2017, which was reported by above, as well.

I know I could turn certwatch off, but I like the warning as I have a few certs on different websites, domains and machines.

How come certwatch is still compla

Two external interfaces, one with "default" route and ping problem

Hi

I have two different IP addresses (in a block of /29), one is on port 0 and the other is on port 2 of a Ciso 888.
I am doing this so I can have two different certs with two different ip addresses.

I have tried:

1) one machine, two real interfaces, two cables (eth0 and eth2)
2) one machine, one real interface eth0 and one virtual interface eth0:1, one network cable

Using number 2)
I can ping the two different ip addresses, no problem.

5.9, GNOKII, SMS and Huawei [ E160G | E176 ]

Hi

I want to setup a SMS system for Nagios on a 5.9 box.

I read in a blog that the two modems Huawei [ E160G | E176 ] work with 6.3.

Anybody any experience with those modems and do they work with 5.9?

Are there any other devices that are better/recommended?

Thanks
Jobst

What is bind97 and what are the differences to bind

Hi,

sorry if this has been covered, I searched google for this but can't find an answer (maybe I am trying the incorrect search terms).

What is bind97?
What are the differences between bind97 and bind?

thanks
Jobst

CentOS 5.8, Adaptec 6405 but lsmod lists dmraid?

Hi

I have (actaully on a number of machines) various Adaptec card
installed, yet lsmod shows "dmraid" loaded?

How come?

I thought that dmraid is software raid?

Is this part of the booting and if so How do I tell mkinitrd NOT to make it part of the bootup process?

Jobst

mount -o loop question.

Hi,

I know I can create a file and mount it like this:

dd if=/dev/zero of=/tmp/somefile bs=1024 count=100000
mke2fs /tmp/somefile
mount /tmp/somefile /mnt -o loop

but that has a problem it cannot grow.

Is there a way to do the same (above) but have it not restricted to a size?

Or can I append blocks to the end of the file without distroying it?

Jobst

Permission "nfsnobody" and mounting an nfs share in a datacenter

Hi

A datacenter I use provides mountable nfs shares that are provided
through a subnet, the only person having access to the nfs share is me.

If I do this:

mount -t nfs 192.168.53.21:/USERNAME /mnt/share/

then I get the share:

[root@hostname /mnt/share] #>ls -la
total 12
drwxrwxrwx 2 nfsnobody nfsnobody 4096 Oct 9 18:04 .
drwxr-xr-x 7 root root 4096 Oct 9 17:55 ..
-rw-r--r-- 1 nfsnobody nfsnobody 0 Oct 9 18:01 test

I want to use this as a snapshot backup drive, so I need to
have the permission on the backup the same as on the source,
e.g.

rsync -avH /bin /

Changes to inodes discovered by aide

Hi.

On one of my servers aide just reported inode changes to a large bunch of files in a variety of directories, e.g. /usr/bin, /usr/sbin etc.

Order of sata/sas raid cards

Hi.

I bought a new Adaptec 6405 card including new (much larger) SAS drives (arrays).

I need to copy content of the current SATA (old adaptec 2405) drives to the new SAS drives.

When I put the new controller into the machine, the card is seen and I can see that the kernel loads the new drives and the old drives.

Loading drivers during "linux rescue"

Hi

I got a new Adaptec 6405 card with a set of new harddrives.
Problem that I assumed that the card had kernel drivers, which it has but only from 2.6.39 onwards.

I installed the kmod-aacraid drivers, they see the card and drives, fine.

However, I need to get a "linux rescue" to work, thus I need to load the drivers during the boot of the resuce disk.
How do I do this?

thanks
Jobst