Postings by Gordon Messmer

Accessing KRB5 NFS from local system accounts

I recently noticed that spamassassin (running as the local "daemon"
account) will hang some of the time when processing messages, and
tracked it to the process attempting to access
~user/.spamassassin/user_prefs.  I believe that should return an access
failure, but sometimes the process stalls instead.

In any case, I'd like to allow access, but my understanding is that
processes without a Kerberos ticket cannot access an NFS4 filesystem
with sec=krb5.  Is that correct?  If so, how would I allow a local
system account to access globally readable files?

serial guests not booting until console attached

Since the update to 7.4.1708, I've got one KVM host that behaves very
similarly to:

<a href="" title=""></a>

These guests were installed with (snipped for brevity):

virt-install --name xxx --memory 2048 --vcpus 2 --location xxx --disk
xxx --disk xxx --network bridge=br0 --graphics none --autostart
--extra-args "console=ttyS0 ks=xxx" --rng /dev/urandom

Those guests simply hang until I use "virsh console <guest>", at which
time I see kernel messages immediately, so it seems like the guest's
GRUB2 runs normally, but the guest kernel does not.

Is anyone se

kickstart problems since 7.3

I just tried a kickstart setup for the first time since 7.3 and got an
error similar to the error in this unresolved Fedora bug report:

<a href="" title=""></a>

Has anyone successfully done a kickstart setup using 7.3 on x86_64? I'd
imagine this is part of QA, so the answer is almost certainly "yes," but
I'm not sure where to start debugging this.

Disable gnome-initial-setup

Prior to 7.3, I could disable the post-first-boot GNOME initial setup
window by turning off the "initial-setup-graphical" systemd service.
That service no longer exists, so I no longer know how to disable the
setup window. I know that I can remove the "gnome-initial-setup"
package, but I expect that at some point, it'll be brought in by
dependencies or group membership, so I'd like to find a way to turn it
off regardless of that package's presence.

Avago (LSI) SAS-3 controller, poor performance on CentOS 7

I have a handful of new systems where I've seen unexpectedly low disk
performance on an Avago SAS controller, when using CentOS 7. It looked
like a regression, so I installed CentOS 6 on one of them and reloaded
CentOS 7 on the other. Immediately after install, a difference is
apparent in the RAID rebuild speed.

Eclipse rpms

I use Fedora for most workstations, so I've only just noticed that
CentOS and EPEL don't appear to have packages for eclipse. All of the
Google search results I've seen that contain a process for installation
merely document downloading the tarball from

Is there a yum repo for these packages? Does CentOS not rebuild the Red
Hat software collections?

<a href="" title=""></a>

Secure boot

After updates to grub2 and kernel in CentOS 7, today, systems will no
longer boot in Secure Boot mode. I'm not positive, but I think grub2 is
the culprit.

Is anyone else seeing the same problem?

build c7 packages for i686 using mock

This might be an embarrassingly simple question. How are people
building multi-arch library packages on CentOS 7? On older releases one
could "mock -r epel-6-i386" and "mock -r epel-6-x86_64" to build a
library twice. With no 32-bit release, there's no epel-7-i386 target
for mock. Specifying --target=i386 or --arch-i386 both fail.

Do we have to set up the environment manually and rpm --rebuild inside
the mock root?

Slow TCP performance from Win2k8R2 guests under Linux KVM

Would anyone be so kind as to test the performance of TCP streams on
Windows 2k8R2 guests of KVM virt servers?

virtio-win-1.6.3 was published to address a problem described as "low
performance" on Win2k8 guests. Actual performance was not recorded in
the bug report.

On my KVM servers, Windows 2k8R2 guests are able to send data at less
than 4Mbps. I test this by using netcat on Windows and piping a file to
its input. The receiving end of the transfer is an un-virtualized
CentOS system.