DevHeads.net

Postings by Niki Kovacs

GNOME lockscreen freeze on notification

Hi,

I just installed CentOS 7 with GNOME on my new Dell Latitude E6230
laptop. So far, everything runs nicely. I just have one problem with the
GNOME lockscreen.

I launched the OwnCloud client and started to synchronize about 20 GB of
data from my OwnCloud server. During the sync, I left the laptop
unattended. After about 15 minutes, the desktop was replaced by the
lockscreen, as it should.

As soon as the OwnCloud sync was finished, there was a corresponding
notification that displayed on the lockscreen.

Usually I hit [Enter] to exit the lockscreen by providing my user
password.

Xfce vs. VirtualBox : font size problem

Hi,

I'm running CentOS 7 with Xfce on my main workstation. I just installed
VirtualBox, and the application is running nicely. The only problem is
that VirtualBox fonts are too tiny. How can I make the application
behave and use the system-wide font settings ?

Cheers,

Niki

CentOS 7 + MATE : Folder contents not refreshed in file manager

Hi,

I just migrated my workstation running CentOS 7 from KDE to MATE.

It looks like I'm having the same problem with the Caja file manager
than with Dolphin. Folder contents don't get refreshed automatically,
and I have to hit F5.

For example, when I download a file (say, a compressed archive) from the
Internet, I have to hit F5 to see the file in Caja. And when I extract
the archive, I have to hit F5 again.

Anybody knows where this nagging problem comes from?

Cheers,

Niki

CentOS 7 + MATE : no sound in Firefox

Hi,

I recently switched my main workstation running CentOS 7 from KDE to
MATE. Migration went well, but now I have a couple issues. First things
first.

I have no sound in the Firefox browser. Applications like Audacious, VLC
or MPlayer have sound, but Firefox is mute.

Any idea how I can fix that?

Cheers,

Niki

Dolphin fails to refresh files (cont'd)

Hi,

Some time ago I reported a problem with Dolphin on bugs.centos.org. When
extracting an archive, the new files don't appear, and I have to press
F5 to refresh the current directory display.

I just found out a specificity of this bug. This only seem to happen on
those installations where I run the 4.4.x kernel (kernel-lt package from
elrepo-kernel repository).

Any idea how I could solve that problem ?

Cheers,

Niki

Postfix, system notifications and local servers

Hi,

I have CentOS 7 running on half a dozen public servers. For some stuff
like automatic updates using yum-cron, I have Postfix installed with a
relatively basic configuration. This allows me to send important
notifications to my mail address <a href="mailto: ... at microlinux dot fr"> ... at microlinux dot fr</a>. When there's a
batch of updates, I get one mail per machine, so I can check quickly if
everything went OK without having to connect to the server.

Now I'd also like to use this setup on machines that aren't in a
datacenter and facing the Internet.

Problem with bugs.centos.org

Hi,

I wanted to create an account on bugs.centos.org to report a minor but
annoying bug with Dolphin.

After trying to register by providing the login (kikinovak) and email
address (<a href="mailto: ... at microlinux dot fr"> ... at microlinux dot fr</a>), I'm told that the email is already in use.
Uh oh. Maybe I already created an account years ago and then forgot
about it. So I click on the field for forgotten passwords, only to be
told that there is no one under that name or email address.

So I'm hitting a wall. Maybe one of the admins of bugs.centos.org is
reading this and can help me out?

Cheers,

Niki

Slightly OT : write bootable CentOS USB disk under Windows 10 and Mac OS X ?

Hi,

I'm currently writing my fourth book about Linux, for the french editor
Eyrolles.

Questions about yum-cron

Hi,

Up until now I always kept my servers up-to-date manually. Currently I'm
experimenting with yum-cron to automate this process.

I read through various online tutorials, and now I have a couple questions.

1. As far as I know, when editing /etc/yum/yum-cron.conf, I can only use
the following value for update_cmd :

update_cmd = default

If I understand this correctly, 'update_cmd = security' would have no
effect, since contrary to RHEL, CentOS doesn't provide the necessary
metadata to operate the distinction between security updates and other
updates like mere bugfixes.

Password recovery trick not working on CentOS

Hi,

I remember back in the days, there was a neat trick to recover a lost
root password, or more exactly, redefine a new password for root.

1. In the bootloader, boot the system with the 'init=/bin/bash' kernel
argument.

2. Remount the root partition in read-write mode:

# mount -o remount,rw /

3. Set the password for root:

# passwd

4. Remount the root partition in read-only mode:

# mount -o remount,ro /

5. Switch off the computer.

I tried this out of curiosity on a CentOS 7 sandbox machine, and this
doesn't seem to work anymore.

Clone a custom CentOS 7 desktop using G4L over FTP

Hi,

A couple months ago, I migrated our local school (two servers, 20
desktop clients) from Slackware 14.1 to CentOS 7. The desktop clients
are running a customized lightweight desktop based on Xfce:

<a href="https://blog.microlinux.fr/poste-de-travail-xfce-centos-7/" title="https://blog.microlinux.fr/poste-de-travail-xfce-centos-7/">https://blog.microlinux.fr/poste-de-travail-xfce-centos-7/</a>

Home directories are all on the server, and authentication is
centralized. Everything works fine so far.

With Slackware I had found a neat trick to install the desktop clients.
First I installed and configured one single client PC from start to
finish.

CentOS 7 + KDE : Dolphin weirdness

Hi,

I'm running CentOS 7 + KDE on my workstation. Since the latest big batch
of updates, Dolphin behaves a bit weirdly. When I download a .zip
archive and then right click and "Extract here", the extracted files
don't show. I have to hit F5 to refresh the current directory view and
display the new files.

Cheers,

Niki

Vsftpd vs. iptables firewall script

Hi,

I'm currently setting up a local FTP server, to receive disk images sent
with G4L (Ghost4Linux).

This server has been running Slackware Linux before, and the Vsftpd
setup was relatively simple.

With CentOS things seem to be slightly different, so I'm currently
trying to work things out. For the moment, two things seem to be
creating problems, the simple iptables firewall and SELinux.

When I disable the firewall and SELinux, Vsftp works as expected. So far
so good.

Now let's tackle this one dragon at a time. First the firewall.

Use EPEL without redirection ?

Hi,

Is there any way to deactivate the redirection to a mirror when using
the third-party EPEL repository ?

Our network uses a transparent HTTP/HTTPS proxy with a local AC. We can
create exceptions for sites like centos.org or
download.fedoraproject.org, but whenever we want to install a package
from EPEL, the mirror redirection causes an error due to redirection.

Any suggestions ?

Niki

kernel-lt from ELRepo vs. GRUB: define default boot kernel

Hi,

After upgrading my workstation to CentOS 7.5 (1804), I had to upgrade my
kernel from vanilla to kernel-lt from ELRepo. My NVidia GeForce 210
would only work with the driver provided by NVidia, which in turn
required a more recent kernel than 3.0.10.

Squid and log files

Hi,

I have Squid running on several CentOS proxy servers. Here's what the
Squid log file directory looks like on my own server:

access.log
access.log-20180311.gz
access.log-20180319.gz
access.log-20180429.gz
access.log-20180506.gz
access.log-20180514.gz
cache.log
cache.log-20180416.gz
cache.log-20180422.gz
cache.log-20180430.gz
cache.log-20180506.gz
cache.log-20180514.gz
squidGuard.log

I don't know if the compressed and archived *.gz log files are supposed
to be erased some time. Anyway, I'd like to make sure they are kept at
least for one full year.

Where is this defined ?

Niki

CentOS 7.5 (1804) and NetworkManager

Hi,

I'm running CentOS on all kinds of setups: servers, workstations,
desktops and laptops.

Up until now, I'm only using NetworkManager on laptops, since it makes
sense to use it there. On servers and desktop clients, I usually remove
it and configure the network "traditionally" by simply editing
/etc/sysconfig/network-scripts/ifcfg-whatever, /etc/resolv.conf,
/etc/hosts, /etc/hostname and /etc/sysconfig/network.

Video troubles after 7.5 upgrade using CR repo

Hi,

Our desktop clients are running CentOS 7 with the Xfce desktop from
EPEL. The CR repository is enabled. A few days ago I launched an update,
which brought in close to 1 GB of packages.

I had some weird problems on two clients. One is an old Dell Optiplex
330 with a legacy video card.

[root@cybermule:/] # lspci | grep -i vga

01:05.0 VGA compatible controller: Advanced Micro Devices, Inc.
[AMD/ATI] RC410 [Radeon Xpress 200/1100]

After the update, X wouldn't start anymore, and there was no way to make
it behave.

Replacement for Pdftk under CentOS 7 ?

Hi,

Two weeks ago I migrated all our local school's servers and clients from
Slackware 14.1 to CentOS 7. Everything went perfectly, and now I'm busy
sanding down some edges.

The previous installation sported pdftk and a frontend (can't remember
the name) which allowed some basic operations on PDF files such as
splitting and concatenation. The school's staff used this application
all the time. Unfortunately it's not available under CentOS 7.

Can you suggest any replacement for this application? On a side note, it
should be something with a point-and-click GUI.

Cheers,

Niki

HPLIP vs. CentOS

Hi,

Our local school has recently acquired an HP PageWide Pro 477
professional printer.

According to HP, the printer requires HPLIP 3.16.3 at least.

Unfortunately, CentOS is only shipping HPLIP 3.15.9.

So I downloaded and installed the hplip/hplipfull package from the HP
site.

Problem with Digikam and libgphoto2 after latest update

Hi,

I have CentOS 7 with KDE on my workstation. I'm using the CR repo. I had
to remove Digikam to be able to do the latest update (1 GB of updates...
wow).

XScreenSaver

Hi,

I'm currently moving all our local school's desktop clients from
Slackware 14.1 to CentOS 7 + Xfce. Right now I'm fine-tuning the default
user profile.

I have a problem with XScreenSaver. The application per se works very
well. Only there's a hard-coded pop-up window that reminds the user that
he's not running the latest version. So, if I'm running version 5.36 as
provided by the EPEL repo and not the latest and greatest 5.38 as
provided upstream, I get a pestering pop-up window informing me that
YOUR VERSION OF XSCREENSAVER IS VERY OLD.

CentOS 7 + Xfce + GDM : disable "switch user" ?

Hi,

I have CentOS 7 + Xfce + GDM installed on all our local school's desktop
clients.

I'd like to disable the "switch user" menu entry, since our desktop
clients have a relatively limited amount of RAM. Most users tend to use
the "switch user" functionality to log off, and at the end of the day,
the computer has no RAM left.

I know there is a way to disable this functionality, I vaguely remember
having it done a few years ago on Slackware.

Any suggestions ?

Niki

How insecure is NIS ? Possible alternatives ?

Hi,

In the past I've setup simple centralized authentication with NIS and
NFS, without bothering about possible security implications.

Over the next month I have to setup a new network in a local school, and
I wonder if I should use NIS/NFS. I still have my own documentation,
it's simple and somewhat bone-headed to setup, and it just works.

RHEL/CentOS 7 still provide NIS, and I vaguely wonder how exactly it is
insecure. So I thought I'd simply ask on this list.

I know there's FreeIPA available.

Install CentOS 7 over serial port on router board ?

Hi,

I have to install CentOS 7 for a client, to act as cache & filtering
proxy using Squid.

I'd like to use this piece of specialized hardware :

<a href="http://store.calexium.com/fr/systeme-pre-assemble/869-systeme-pre-assemble-rackmatrix-apu-amd-gx-412tc-quatre-coeurs-1-ghz.html" title="http://store.calexium.com/fr/systeme-pre-assemble/869-systeme-pre-assemble-rackmatrix-apu-amd-gx-412tc-quatre-coeurs-1-ghz.html">http://store.calexium.com/fr/systeme-pre-assemble/869-systeme-pre-assemb...</a>

There is no VGA or HDMI video output, just a serial port to connect to,
and then three NICs and two USB ports.

I've never installed CentOS over a serial console, so I don't even know
if it's possible in the first place. Has anyone ever done something like
that ?

Any suggestions ?

Niki

Squid + SquidGuard : static block page not working

Hi,

I've been working with Squid + SquidGuard for a few years, though only
on Slackware.

Squid vs. iptables redirection: exception for certain domains ?

Hi,

I'm currently facing a quite tricky problem. Here goes.

I have setup Squid as a transparent HTTP+HTTPS proxy in my local
network. All web traffic gets handed over to Squid by an iptables script
on the server.

SELinux breaks Squid's ssl_crtd helper

Hi,

I've setup a transparent HTTP+HTTPS proxy on my server running CentOS 7,
using Squid.

Squid and HTTPS interception on CentOS 7 ?

Hi,

I've been running Squid successfully on CentOS 7 (and before that on 6
and 5), and it's always been running nicely. I've been using it mostly
as a transparent proxy filter in school networks.

So far, I've only been able to filter HTTP.

Do any of you do transparent HTTPS filtering ? Any suggestions, advice,
caveats, do's and don'ts ?

Cheers from the snowy South of France,

Niki

Going back to a minimal system : strange problem

Hi,

Some time ago I wrote a little script elaguer.sh ("élaguer" means "to
prune") which simply removes all packages that are *not* part of a
minimal installation.

First I created a list of packages that make up a minimal CentOS
installation. On a fresh install, I would do something like this:

# rpm -qa --queryformat '%{NAME}\n' | sort > minimal.txt

Here's the resulting list of packages. I added a comment on top:

<a href="https://github.com/kikinovak/centos-7-server-lan/blob/master/config/pkglists/minimal.txt" title="https://github.com/kikinovak/centos-7-server-lan/blob/master/config/pkglists/minimal.txt">https://github.com/kikinovak/centos-7-server-lan/blob/master/config/pkgl...</a>

And here's the script to prune the installation, e. g.