Postings by Paul R. Ganci

DNSSEC Questions

Last weekend I had my DNSSEC keys expire. I discovered that they had
expired the hard way... namely randomly websites could not be found and
email did not get delivered. It seems that the keys were only valid for
what I estimate was about 30 days. It is a real PITA to have update the
keys, restart named and then update Godaddy with new digests.

The first part of the problem is fairly manageable in the sense I
already have a script that partially can do the job of updating the DNS

Help with yum

I just did a fresh minimal install of centos 7 on new hardware. While
playing around with window systems I removed X windows like so:

and then tried to re install

which gives this error:

Maybe run: yum groups mark install (see man yum)
No packages in any requested group available to install or upgrade

I tried running:

and get the same message. I tried different permutations removing the
"s" on groups. Nothing seems to bring back the yum "X Window system"

How to upgrade CentOS 6.9 KVM host to 7.4.1708 and not re-install guests

I have a Windows 7 KVM guest running on a Centos 6.9 KVM host. I would
like to upgrade the host system to CentOS 7.4.1708 without having to
re-install from scratch the KVM guest. What procedure should I use to
move the guest off the host system, upgrade the CentOS version and then
move the KVM Guest back to the host? For example, Is there a recommended
way to move the KVM Guest to a USB stick and then move it back to the
upgraded host? Thank you for your help.

Postfix error

For well over a year and half I have had two incoming mail servers
running postfix + amavisd + spamassassin + clamd on a CentOS 7 system
working flawlessly.

Raspberry PI3 - CentOS armv7hl gnome desktop

Maybe there is a better place to post this message but as my question
was still CentOS related thought I would start here. Please advise if
there is a better forum of which to ask this question.

I am playing around with making a "desktop" workstation out of a
Raspberry PI3. I have had no problems installing the OS and pretty much
have everything working except a Gnome desktop.

I did:

and from what I can tell everything necessary is installed.

Cannot boot CentOS 7 VM after updating Host CentOS 7 Kernel

I have something very strange that occurred. After updating the kernel
on my host CentOS 7 Dell 2950iii I have found that one of my CentOS 7
guest VMs will no longer boot... it just stops at the grub prompt (a
second VM functions just fine). I have no idea why this problem occurred
and have been unable to fix it. On google I have found several
suggestions as to how to repair grub but so far none have worked.

OT DMARC question

I notice that postfix generates bounce messages that without going
through some effort do not get DKIM signed. I have setup my incoming
gateway server so that messages to my email subscribers are bounced
using a local_recipient_map. However I received a report from because a Linked-In subscriber sent a message to an email
address of a non-existent local user. Linked-In flagged the
Mailer-Daemon bounce message.

mysql local_recipient_map

I have setup a mysql data baseto provide a list of of local email
recipients for a gateway email server. The configuration file looks like

If I do a test query ala:

This last command seems to indicate that the query completes

CentOS 6.8 Apache-2.2.15-53 re-write question

I was wondering if somebody could help me with an Apache re-write rule. Apparently CentOS 6.8 is running apache-2.2.15-53. I am trying
to redirect all pages except for two pages. The apache rewrite directives in the httpd config are:

RewriteEngine on
RewriteCond %{REQUEST_URI}!^/test/
RewriteCond %{REQUEST_URI}!^/my-folder/
RewriteRule (.*)$1 [R=301,L]

These commands should cause all requests to get re-directed to <a href="" title=""></a> except for those with a /test or /my-folder on the end of the

Centos 7.1 openldap-2.4.39 question

I have two instances of an openldap-2.4.39 server running with syncrepl
in a master-master replication setup. These are Centos 7.1 test servers
which have been running for over 2 months now with no problems. Partly
the good behavior of the LDAP servers is due to very little exercise.
Yesterday I decided to try and see exactly how well replication was

KVM Questions

I have a system with two CentOS 7.1 guests. When I created the VMs I did
not have enough storage space in the default location
/var/lib/libvirt/images so I moved the default location to a directory
/home/vmimages. While this configuration is functional I regret creating
a new storage pool in /home. I would like to create a separate partition
to place the VM images removing them from their present /home/images
location. The /home partition is presently empty other than the VM
images directory so I can easily steal space from it (using only ~4% of
500GB). However, I have a problem.

Iptables config removed with 7.1 update

I had turned off firewalld and was using iptables when I originally
installed CentOS 7.0. Two days ago I upgraded my CentOS 7.0 to 7.1.
Everything seemed to be fine. Today I discovered that my iptables
configuration was removed with the update. Has anyone else experienced
this on doing upgrade? Literally the /etc/sysconfig/iptables is gone and
the /etc/sysconfig/iptables-config is the blank template that comes with
the distribution. This seems to me to be a serious bug with the upgrade.

LDAP TLS error -8023

Can somebody tell me what this error means (server, domain etc. changed
to protect the innocent)?

ldapsearch -H ldap:// -ZZ -W -D
cn=Boss,dc=example,dc=com -b dc=example,dc=com uid=testuser homeDirectory
ldap_start_tls: Connect error (-11)
additional info: TLS error -8023:A PKCS #11 module returned
CKR_DEVICE_ERROR, indicating that a problem has occurred with the token
or slot.

My google searches do not seem to provide any useful information. I am
just looking for some hints as to what to look for in my configuration.

CentOS 6.6 KVM Windows 7 Pro VM Device USB 04e8:6860

I have a CentOS 6.6 system running KVM with a Win 7 Pro VM. Over the
weekend I was playing around with the VM trying to get it to see my
Samsung Note 4. Apparently I removed the phone without removing the
hardware from the VM. Now the VM will not start because Device USB
0438:6860 is not there. I tried to remove the hardware from the VM using
virt-manager but that does not remove the error message and the VM will
still not start.

samba3x PDC and Win XP

I am at my wits end on this one. Ever since I upgraded to samba3x
(present version 3.5.10-0.110.el5_8) in preparation for adding a Win 7
client, my WinXP client can no longer find their roaming profiles nor
can they assign their home shares to a drive at login. Logins and
authentication work just fine and I can see the home and profile shares
from the Win XP client after login.