DevHeads.net

Postings by Alessandro Baggi

C7 Bacula and Selinux

Hi list,
I'm trying to understand SELinux on C7.
I encountered problem running bacula when system is enforced.
The problem is when bacula try to run BeforeJobScript.

rpmbuild errors

Hi list,
I need a more updated version of bacula because I need to backup a
debian workstation.

So I decided to build my own bacula package base on bacula 9.2.0.

I'm new to rpmbuild and I created my bacula.spec file but when running
rpmbuild -ba bacula.spec I got error about check-rpaths like:

ERROR 0001: file '/usr/sbin/bregex' contains a standard rpath
'/usr/lib64' in [/usr/lib64]

Running rpmbuild as suggested, adding QA_RPATHS=$[ 0x0001|0x0010 ] works
without problem but I don't understand what is wrong with my spec files.

Another issue that I found is when installing this rpm.

C7 and NVIDIA driver

Hi all,
I'm running C7 on i7 8700k/asus z370-a with an GTX1050.
I noticed that there are several problems installing Nvidia proprietary
driver. After one week of troubleshooting I got my solution. Hope that
can help other user.

I found this <a href="https://access.redhat.com/solutions/3438891" title="https://access.redhat.com/solutions/3438891">https://access.redhat.com/solutions/3438891</a> but I've not
access to this content. In this content seems that the workaround is
using lightdm and mask gdm.

The case:

I tried using proprietary driver from nvidia site and from elrepo.
In all the case I got system that hungs during boot.

LVM and Backups

Hey there,
I'm testing LVM snapshot to make backups and I've some questions about
snapshot lvm.

In my test case I have httpd, postgresql db and a dataset on a VM.

Running a backup I follow this steps:

1) Stop httpd
2) Create lvm snapshot on the dataset
3) Backup database
4) restart httpd (to avoid more downtime)
5) mount the snapshot and execute backup
6) umount and remove the snapshot

I think that this could be fine (if not please correct me)

Now when bacula performs the backup what happen if bacula are copying a
specified file and this specified file is modified?

Bacula will copy th

BOINC

Hi list,
I've installed boinc-client and boinc-manager from epel.
After starting boinc-client with systemctl when I try to connect from
boincmgr I get "Unable to connect to boinc client".

I've added to unit file --allow_remote_gui_rpc

and on netstat I get:

tcp 0 0 0.0.0.0:31416 0.0.0.0:*
LISTEN 4762/boinc_client

On this machine there aren't iptables rules

I've also added my current user to boinc group without success.

I've tried also to run boincmgr from root without success.

Reading from <a href="https://boinc.berkeley.edu/wiki/Client_configuration" title="https://boinc.berkeley.edu/wiki/Client_configuration">https://boinc.berkeley.edu/wiki/Client_configuration</a>
I've not found a

vsftp problem C7

Hi list,
I've a problem with vsftpd on C7.3. This is a dedicated server protected
by a Zywall5.

sshd problem on reboot

Hi list,
I have a dedicated server managed through ssh and this morning I have
upgraded my system from 7.2 to 7.3. After yum finished his work, and
rebooted my server.
After reboot I tried to log in with ssh and got "Connection refused".
I've noticed that all public services were online.

So I've contacted my provider to get access to the server and I've
noticed that ssh was started with my specified port. I've tried to log
locally on server and I got connection refused.

virt-manager problem

Hi list,
this morning I've update my centos to 1611.
Running virt-manager, and trying to open virt-viewer by clicking on
"Open", I get this error:

Errore nell'avvio dell'installazione: 'nome-mv'

This bug is reported on rh bugzilla (for Fedora 24) and closed
2016-07-02 11:24:51 EDT
This problem is locale related.
To solve this problem (for other user) I've removed this file:

/usr/share/locale/it/LC_MESSAGES/virt-manager.mo.

and restarting virt-manager all works fine.

Hope that helps for other user with same problem.

Best regards.

Alessandro.

ACPI ERROR

Hi list,
I've installed C7 1511 (kernel 3.10.x) on a skylake mother board with
i3-6100.
I know about skylake problems.
For the iGPU I've used i915.preliminary_support and ok.
Some days ago, I get different strange error on this machine. When
screensaver starts or when monitor will be in energy saving, if I try to
get access to the system I get different strange behaviour and can't use
my machine.

Disk near failure

Hi list,
on my workstation I've a md raid (mirror) for / on md1. This raid has 2
ssd as members (each corsair GT force 120GB MLC).

Bacula Restore

Hi list,
another question about bacula, but this time about restoring backups.

I've a server that I must backup every day. My plan is:

from mon to sat incrimental backup
and on sunday full backup.

When I will perform a restore I must restore from last valid full
backup and then all valid incremental backup from last backup to
specific date.

This server has aweb managed application where user can update data or
delete data.

Suppose that after a full backup, on monday the user upload a file and
incrimental backup is performed.

C7 and WOL

Hi list,
I've encountered a problem with wol. I'm not new to this but this time I
found unwanted behaviuor.

I'm triyng to wol another c7 machine. When I run ether-wake @mac the
system is started. When I shutdown the system after 3 seconds it start
again and again and again.

To block this wol-loop I must disable wol on uefi or shutdown the switch.

I don't know what check.

Any suggestions?

THanks in advance

Backup Suggestion on C7

Hi list,
I'm building a backup server for 3 hosts (1 workstation, 2 server). I
will use bacula to perform backups. The backup is performed on disks (2
x 3TB on mdraid mirror) and for each hosts I've created a logical volume
with related size.

This 3 hosts have different data size with different disk change rate.
Each host must have a limited sized resource and a reserved space.

C7 Backup problem

Good morning list,
I've a question about backup performed with bacula.
I manage a DELL server (dedicated on provider) with C7. I use bacula as
backup system with volumes on disk. System performs mon-sat incremental
backups and Sun full backup at 03.00 AM. I've another pool (named
update) where I performs backup before each software update. Storage is
on and external disk 2.5' of 1TB.

Yesterday, I've applied centos update and I've performed a full backup
before apply updates.

HEIST https

Hey there,
today I've ridden about HEIST.

<a href="https://www.google.it/url?sa=t&amp;rct=j&amp;q=&amp;esrc=s&amp;source=web&amp;cd=3&amp;ved=0ahUKEwjP1_y84anOAhUIUhQKHaApBRYQFggsMAI&amp;url=https%3A%2F%2Fwww.blackhat.com%2Fdocs%2Fus-16%2Fmaterials%2Fus-16-VanGoethem-HEIST-HTTP-Encrypted-Information-Can-Be-Stolen-Through-TCP-Windows-wp.pdf&amp;usg=AFQjCNGF78yNRziN_1fTOzDTrsjmOC3IpA&amp;bvm=bv.128617741,d.d24&amp;cad=rja" title="https://www.google.it/url?sa=t&amp;rct=j&amp;q=&amp;esrc=s&amp;source=web&amp;cd=3&amp;ved=0ahUKEwjP1_y84anOAhUIUhQKHaApBRYQFggsMAI&amp;url=https%3A%2F%2Fwww.blackhat.com%2Fdocs%2Fus-16%2Fmaterials%2Fus-16-VanGoethem-HEIST-HTTP-Encrypted-Information-Can-Be-Stolen-Through-TCP-Windows-wp.pdf&amp;usg=AFQjCNGF78yNRziN_1fTOzDTrsjmOC3IpA&amp;bvm=bv.128617741,d.d24&amp;cad=rja">https://www.google.it/url?sa=t&amp;rct=j&amp;q=&amp;esrc=s&amp;source=web&amp;cd=3&amp;ved=0ahUK...</a>

What about Centos?

SELinux C7 audit

Hi list,
I'm studying SELinux on my workstation and for this I've enforced.
In a first time selinux was permissive and when switched to enforcing I
had relabel some things.
Due to my "nescience" about selinux and what I must configure, I'm
waiting avc denied for specified services.

Until today, I've configured successfully httpd, smbd.
Today I've noticed that my bacula system does not work due to selinux
denied because when bacula try to run pre/post job script I get access
denied due to differences about context.

Bacula is on bacula_t and in pre script I call commands in other context

remote backup

Hi list,
i've need to backup a partition of ~200GB with a local connection of 8/2
mbps.

Tool like bacula, amanda can't help me due to low bandwidth in local server.

I'm thinking rsync will be a good choice.

What do you think about?

Thanks in advance.

Realtek 8111GR on C7

Hi list,
I'm planning to buy a mobo (z170-K) that has Realtek 8111GR (nic).

I've tried to search on google about support on C7 but can't fine anything.

There is a way to check if supported?
Is the Realtek 8111GR supported or I must change mobo?

Thanks in advance.

C7 + UEFI + GPT + RAID1

Hi list,
I'm new with UEFI and GPT.
For several years I've used MBR partition table. I've installed my
system on software raid1 (mdadm) using md0(sda1,sdb1) for swap,
md1(sda2, sdb2) for /, md2 (sda3,sdb3) for /home. From several how-to
concerning raid1 installation, I must put each partition on a different
md devices.

Centos and automatic update on server

Hi list, I know that there are automatic update with yum-cron but never
tried.
In my experiences I never did automatic backup because if update was broken
my installation will be broken and I wait some time before apply update.
Today seems to be that automatic update are used more than before.
What do you think about automatic update? It is a good practice on a
server? What is your experiences?

Thanks in advance.

Alessandro

C7 and swap

Hi list,
today I've noticed a strange behaviour during system startup. This is a
workstation.
During mounting swap, system waits at least 90 seconds before continue.
When system is loaded swap seems to be not mounted.
Running free -h , it reports for swap 0 total and 0 for other values.

Always during booting process, when it waits for swap mounting, it
reports the uuid of swap partion.

C7 AD server

Hi there,
I want to setup a AD server with C7. Is this supported using samba
release shipped with C7?

I can't found Centos7 related how-to for study this setup.

Can someone point me in the right direction?

Thanks in advance

C7 and hplip

Hi list,
I've a printer model HP ENVY 5530 (AIO) configured in wifi. I've
configured this printer on my C7(1511) workstation using hplip and cups.
Printer is installed e configured. After installation I try to send a
test print page and it is printed.

CPU Freq Scaling

Hi list,
I'm using C7 and noticed that cpu freq is enabled with governor
conservative. I've used cpupower utils for governor change, but at the
next boot it restart with conservative governor.
I've tried also to start cpupower service and setting OPT in
/etc/sysconfig/cpupower but it does not works.

Can someone point me in the right direction?

Thanks in advance

HDD badblocks

Hi list,
I've a notebook with C7 (1511). This notebook has 2 disk (640 GB) and
I've configured them with MD at level 1.

CentOS and bacula

Hi list,
I've a bacula system based on disk volume that I need to refresh (new
install). There is a way to mantain the "current status" (volumes,
catalog and other if needed) when migrating the system to a new
installation?

Thanks in advance

Rsync and differential Backups

Hi list,
how to perform a differential backup using rsync?

On web there is a great confusion about diff backup concept when
searched with rsync.

Users says diff because it copy only differences. For me differential is
backup from last full backup.

Other users says that to perform a differential backup I must include in
rsync command: --backup --backup-dir=/some/path but from manual page of
rsync:

#############
--backup-dir=DIR
In combination with the --backup option, this tells rsync
to store all backups in the specified directory on the receiving side.

Centos User Privileges.

Hi list,
I've installed C 7.1.1503 and I've noticed that simple user can run from
bash shutdown -h now/reboot without getting special permission (sudo,
su). The machine is a VM without GUI (tested also on physical machine).
From reddit I've got a suggestion: removing/comment out "-session
optional pam_systemd.so" in /etc/pam.d/system-auth the problem is solved.
This is a bug?
If not, why use this policy? There are security implication?

Thanks in advance.

C7 and php mkdir

Hi list,
I've a problem using PHP mkdir() with apache on C7.
I'm trying to create a directory under a specified directory in the tree
of my vhost, and mkdir create this directory but when I try to create a
file in this dir I get error on permission.
For directory creation I use permission 0777 for max perms to ensure
that it works but I get invalid perm:

dr----x--t. 2 apache apache ...

I've tried also using:

$old = umask(0);
mkdir....
umask($old);

with result:

dr------wT.

Virtualization

Hi list,
what solution do you use for virtualizzation?

thanks in advance.