From jhonrp at pamapersada.com Mon Aug 1 01:34:13 2005 From: jhonrp at pamapersada.com (Jhon Ramawi Putra) Date: Mon, 1 Aug 2005 08:34:13 +0700 Subject: ADSL, Proxy & Bridge In-Reply-To: <200507261306.05872.nmw@ion.le.ac.uk> Message-ID: redhat-install-list-bounces at redhat.com wrote on 07/26/2005 07:06:05 PM: > On Tuesday 26 Jul 2005 02:49, Jhon Ramawi Putra wrote: > > redhat-install-list-bounces at redhat.com wrote on 07/26/2005 12:45:52 AM: > > > Jhon Ramawi Putra wrote: > > > > Dear Gurus... > > > > > > > > May be this is a beginner question, but any help will be appreciated. > > > > This is existing my network diagram: > > > > > > > > (.....Internet.....) --- [ADSL MODEM]-----[LAN Switch] ---- Desktops > > > > (192.168.0.1, etc....) > > > > 192.168.0.9 > > > > > > > > The ADSL Modem act as gateway. > > > > > > > > Now i want to configure my network to be like this: > > > > > > > > (.....Internet.....) ---[ADSL MODEM] > > > > ip : 10.0.0.1, net mask : 255.0.0.0 > > > > > > > > > > > > eth0: 10.0.0.2, net mask : 255.0.0.0 > > > > [Computer A] > > > > eth1:192.168.0.10 netmask : 255.255.255.0 > > > > > > > > > > > > [LAN Switch] ---- Desktops (192.168.0.1, etc ... with > > > > > > > > netmask : 255.255.255.0) > > > > > > > > The ADSL Modem is attached to Computer A via eth0. Then my eth1 is > > > > connected to LAN. I want to make Computer A as Proxy Server . > > > > > > > > Then i tried to make a "bridge" using brctl, and followed every step > > > > in > > > > > > "How to" documents that i found from googling, but i got no success. > > > > Computer A can ping to LAN Clients dan Browse to Internet. LAN Clients > > > > can > > > > > > ping Computer A, but they can't ping The ADSL Modem and browse > > > > internet. > > > > > > So, i assumed that the bridge didn't working well. > > > > > > You need to enable IP forwarding in computer-a to make it act as a > > > router. For that, either do this: > > > > > > echo 1 >/proc/sys/net/ipv4/ip_forward > > > > > > or change the line in /etc/sysctl.conf that reads: > > > > > > net.ipv4.ip_forward = 0 > > > > > > to > > > > > > net.ipv4.ip_forward = 1 > > > > > > and either reboot or use "sysctl -w net.ipv4.ip_forward=1". For proxy > > > operations, you should install and configure squid. > > > ---------------------------------------------------------------------- > > > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > > > - VitalStream, Inc. http://www.vitalstream.com - > > > - - > > > - Admitting you have a problem is the first step toward getting - > > > - medicated for it. -- Jim Evarts (http://www.TopFive.com) - > > > ---------------------------------------------------------------------- > > > > > > _______________________________________________ > > > Redhat-install-list mailing list > > > Redhat-install-list at redhat.com > > > https://www.redhat.com/mailman/listinfo/redhat-install-list > > > To Unsubscribe Go To ABOVE URL or send a message to: > > > redhat-install-list-request at redhat.com > > > Subject: unsubscribe > > > > Thanks Rick, > > > > I did this: > > > echo 1 >/proc/sys/net/ipv4/ip_forward > > > > but i didn't do this one: > > > and either reboot or use "sysctl -w net.ipv4.ip_forward=1". > > > > Before i configured the bridge, i assigned each NIC card with IP. Then i > > read this in > > http://www.faqs.org/docs/Linux-HOWTO/Ethernet-Bridge-netfilter-HOWTO.html > > > > "But now they became part of the logical bridge device and therefore need > > no IP configuration any longer" > > > > and another tutorial said that i should not assigned IP address first to > > the NICs card before configure the bridge nor set DHCP for it. So, may be > > that was my fault :) > > > > Ok, i'll try to set it up again (end of this week...). Thanks Rick....! > > > > Best Regards, > > Jhon Ramawi Putra > > > > In your case you need Computer A to act as a router, not a bridge. A bridge > sits between different segments of the *same* subnet, and provides a > transparent link between the two. It may, or may not, have an IP address > which is part of the same subnet. > > In your case you have two different networks on either side of Computer A, > 10/8 on one side and 192.168.0/24 on the other side, so the machine needs to > act as a router between these networks. Eth0 and eth1 are already setup to be > part of each network, so all you need is to configure routing to route > packets between eth0 and eth1 for these two networks. > > -- > Nigel Wade, System Administrator, Space Plasma Physics Group, > University of Leicester, Leicester, LE1 7RH, UK > E-mail : nmw at ion.le.ac.uk > Phone : +44 (0)116 2523548, Fax : +44 (0)116 2523555 > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe Hello Nigel.... Finally, i followed your advice and ... the "computer a" now is a router and run perfectly. So, my step are: (1) Reinstall Fedora Core 3 (2) Set eth0 192.168.0.9 netmask 255.255.255.0 and eth1 10.0.0.1 netmask 255.0.0.0 (3) Edit rc.local , add these lines: DEVICE=eth1 iptables -A FORWARD -o $DEVICE -i ! $DEVICE -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -f -j ACCEPT iptables -t nat -A POSTROUTING -o $DEVICE -j MASQUERADE echo "1" > /proc/sys/net/ipv4/ip_forward (4) Set gateway on eth1 = 10.0.0.2 (ADSL Modem IP) (5) Restart (6) Set Gateway IP on LAN Clients to 10.0.0.1 (7) Browse internet!! May be this is a simple configuration, but i hope this would be usefull. Now, ready to install Squid and friends.. :) Thanks Rick and Nigel for the advices! Best Regards, Jhon Ramawi Putra From erdinc at prosoft.com.tr Mon Aug 1 06:56:26 2005 From: erdinc at prosoft.com.tr (Ali =?ISO-8859-9?Q?Erdin=E7_K=F6ro=F0lu?=) Date: Mon, 1 Aug 2005 09:56:26 +0300 Subject: Booting Error In-Reply-To: <42E920BB.356EC93E@efxmagic.com> References: <42E920BB.356EC93E@efxmagic.com> Message-ID: <20050801095626.50a8ea6c.erdinc@prosoft.com.tr> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, as you described the problem its seems like media problem. I advice you to re-download iso images and check md5sum's for each. On Thu, 28 Jul 2005 23:45:23 +0530 murugan p wrote: > Hi All, > I am trying install RedHat Linux 8.0 with server . > The First CD was successfully installed after inserting II Cd, some > packages are installed after that The Cd Rom Drive was automatically > unmounted and generate the message as following. > > "Saftely reboot the system." > > I am press Ctrl+ Del + Alt and rebooted the system. But "error loading > operatin system " message was showing. > > Please any one help to me. Regards Ali Erdinc Koroglu http://www.prosoft.com.tr -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFC7ceaUZ8xvL9ToPoRAqFGAKC6hOJgziVvEOAEB2dsFWyr1G0/wQCfcpaS N3TaI8ukWG8da8H1OSBckrE= =ORqo -----END PGP SIGNATURE----- From rodrigofariatavares at bol.com.br Mon Aug 1 22:34:44 2005 From: rodrigofariatavares at bol.com.br (Rodrigo Faria Tavares) Date: Mon, 1 Aug 2005 19:34:44 -0300 Subject: Active Support ACL in FC3 Message-ID: <000901c596e9$38cef200$0101a8c0@faria> Hello, I have a big problem. I installed th kernel 2.6.12 in FC3. Before install it, i make the o download of source kernel 2.6.12. And i see the options acl checked, with the comando make menuconfig. After installed kernel 2.6.12 i tried this command. [root at faria ~]# setfacl -m u:faria:rwx install.log setfacl: install.log: Opera????o n??o suportada I found this files in build : ./BUILD/kernel-2.6.12/linux-2.6.12/include/config/ext3/fs/posix/acl.h ./BUILD/kernel-2.6.12/linux-2.6.12/fs/ext3/acl.c ./BUILD/kernel-2.6.12/vanilla/fs/ext3/acl.h ./BUILD/kernel-2.6.12/vanilla/fs/ext3/acl.c The files are in the system, but i believe than files must stay another directory. How I can to resolve this problem ? Best regards, Rodrigo Faria Tavares e-mail : rodrigofariat at yahoo.com.br _______________________________________________________ Yahoo! Acesso Gr?tis - Internet r?pida e gr?tis. Instale o discador agora! http://br.acesso.yahoo.com/ From rstevens at vitalstream.com Mon Aug 1 22:56:48 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Mon, 01 Aug 2005 15:56:48 -0700 Subject: Active Support ACL in FC3 In-Reply-To: <000901c596e9$38cef200$0101a8c0@faria> References: <000901c596e9$38cef200$0101a8c0@faria> Message-ID: <42EEA8B0.7050409@vitalstream.com> Rodrigo Faria Tavares wrote: > Hello, > > I have a big problem. > I installed th kernel 2.6.12 in FC3. > Before install it, i make the o download of source kernel 2.6.12. And i > see the options acl checked, with the comando make menuconfig. > After installed kernel 2.6.12 i tried this command. > > [root at faria ~]# setfacl -m u:faria:rwx install.log > setfacl: install.log: Opera????o n??o suportada > > I found this files in build : > > ./BUILD/kernel-2.6.12/linux-2.6.12/include/config/ext3/fs/posix/acl.h > ./BUILD/kernel-2.6.12/linux-2.6.12/fs/ext3/acl.c > ./BUILD/kernel-2.6.12/vanilla/fs/ext3/acl.h > ./BUILD/kernel-2.6.12/vanilla/fs/ext3/acl.c > > The files are in the system, but i believe than files must stay another > directory. > > How I can to resolve this problem ? You must make sure that the filesystem was mounted with ACL support. You can do this on-the-fly by remounting the filesystems in question. For example, to use ACLs on the /var filesystem: # mount -o remount,acl /var To make this survive reboots, you should add ",acl" to the options field on the /etc/fstab entries for each filesystem you want to use ACLs on as shown below: LABEL=/var /var ext3 defaults,acl 1 2 ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Denial. It ain't just a river in Egypt anymore! - ---------------------------------------------------------------------- From redhat at buglecreek.com Tue Aug 2 00:14:32 2005 From: redhat at buglecreek.com (redhat at buglecreek.com) Date: Mon, 01 Aug 2005 18:14:32 -0600 Subject: Lock users account after X attempts Message-ID: <1122941672.25665.239761338@webmail.messagingengine.com> I need a way to lock a user account after 5 attempts. I know the pam_tally module will do this, but it also applies to system accounts and would require the use of the faillog command to get around this ( I think). I would like to find another option to do this. Also, it would be desirable to be able to lock it for a certain amount of time (say 15 minutes. Then allow users to try again. Redhat ES 4 Thank You From robertmcclure at earthlink.net Tue Aug 2 02:38:00 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Mon, 1 Aug 2005 21:38:00 -0500 Subject: Lock users account after X attempts In-Reply-To: <1122941672.25665.239761338@webmail.messagingengine.com> References: <1122941672.25665.239761338@webmail.messagingengine.com> Message-ID: <20050802023800.GA16955@bobcat.bobcatos.com> On Mon, Aug 01, 2005 at 06:14:32PM -0600, redhat at buglecreek.com wrote: > I need a way to lock a user account after 5 attempts. I know the > pam_tally module will do this, but it also applies to system accounts > and would require the use of the faillog command to get around this ( I > think). I would like to find another option to do this. Also, it would > be desirable to be able to lock it for a certain amount of time (say 15 > minutes. Then allow users to try again. > > Redhat ES 4 > > Thank You You don't mention where the attempts are being made, but I will assume you are trying to fend off the brute-force bad-password guessing attack on sshd. I found a solution that is working fine on five Fedora Core machines (some 1, 2, 3). I started with http://www.pettingers.org/code/SSHBlack.html It works by watching the log of your choice, usually secure or messages, and adding an IPtables rule to block the perp after N tries. I hacked the script to instead stick an entry in /etc/hosts.deny to block the perp, since some of the machines aren't running iptables. Actually, I put the entry in an auxilliary file that the hosts.deny file "includes". The script does have an adjustable expiry mechanism to release the block. Let me know if that's what you need and I'll send you my hacked script and a set of instructions for implementing it. I might also mention that I block all non-North-American IP address ranges in hosts.deny. And I know it's probably like peeing in the ocean, but I trace every transgressor through ARIN's whois http://www.arin.net/whois/index.html and send a nastygram to the abuse contact for that network to advise him he has a compromised machine on his network. Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com God doesn't have (or need) a Plan B. From softnettechno at yahoo.ca Tue Aug 2 04:30:17 2005 From: softnettechno at yahoo.ca (SoftNet Technologies) Date: Tue, 2 Aug 2005 00:30:17 -0400 (EDT) Subject: Oracle 9i on Linux Enterprise WS 3 Message-ID: <20050802043017.53876.qmail@web54507.mail.yahoo.com> Hi All, I am facing some problems while trying to install oracle 9i on linux enterprise WS 3. I need your kind cooperation for it. Please send me the list of Pre-installation requirments and patches required before starting installation and from where these packages can be downloaded. I will be very thankful to you. Thanks SoftNet. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From softnettechno at yahoo.ca Tue Aug 2 04:32:19 2005 From: softnettechno at yahoo.ca (SoftNet Technologies) Date: Tue, 2 Aug 2005 00:32:19 -0400 (EDT) Subject: Oracle 9i on Linux Enterprise WS 3 Message-ID: <20050802043219.54146.qmail@web54507.mail.yahoo.com> Hi All, I am facing some problems while trying to install oracle 9i on linux enterprise WS 3. I need your kind cooperation for it. Please send me the list of Pre-installation requirments and patches required before starting installation and from where these packages can be downloaded. I will be very thankful to you. One more thing I want to know that can I install Oracle 11i on Linux Enterprise AS 4. Thanks SoftNet. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From mikev777 at hotmail.com Tue Aug 2 08:36:54 2005 From: mikev777 at hotmail.com (Michael Velez) Date: Tue, 2 Aug 2005 04:36:54 -0400 Subject: Oracle 9i on Linux Enterprise WS 3 References: <20050802043219.54146.qmail@web54507.mail.yahoo.com> Message-ID: ----- Original Message ----- From: SoftNet Technologies To: redhat-install-list at redhat.com Sent: Tuesday, August 02, 2005 12:32 AM Subject: Oracle 9i on Linux Enterprise WS 3 Hi All, I am facing some problems while trying to install oracle 9i on linux enterprise WS 3. I need your kind cooperation for it. Please send me the list of Pre-installation requirments and patches required before starting installation and from where these packages can be downloaded. I will be very thankful to you. One more thing I want to know that can I install Oracle 11i on Linux Enterprise AS 4. Thanks SoftNet. What you need is the Quick Installation Guide. It has all that information. You can find it on the Oracle site and can download it for free. I installed Oracle 10g on WS3 (and then WS 4) without a problem. Is there a reason you want to install 9i as opposed to 10g? Here is their link to the documentation: http://www.oracle.com/technology/documentation/database10g.html On that page, they do have links to Oracle Release 9i Release 9.0.1 documentation and Oracle 9i Release 2 (9.2) documentation. The Quick Installation Guide for 10G actually has a list of each rpm package (with version number) which is required for the Oracle installation. I don't think the 9i documentation is set up that way but it does have software required and pre-installation steps. All patches for WS3 should be found on RedHat network. Actually, since Oracle 10g is supported for Redhat AS3, I didn't have any problems whatsoever installing it on WS3 and did not have to add any rpm packages (they were all there). Good luck, Michael -------------- next part -------------- An HTML attachment was scrubbed... URL: From markknecht at gmail.com Tue Aug 2 17:34:29 2005 From: markknecht at gmail.com (Mark Knecht) Date: Tue, 2 Aug 2005 10:34:29 -0700 Subject: Busy NFS device - what's causing it? Message-ID: <5bdc1c8b050802103424186ad4@mail.gmail.com> Hi, This is jsut a generic question since the list has been pretty quiet. At time I'll want to unmount a volume. For instance, this morning I'm messing around a bit with mount options and I want to see what happens when I try a new option from the command line. However I cannot unmount the volume to try mounting it: dragonfly ~ # umount /video umount: /video: device is busy umount: /video: device is busy dragonfly ~ # Generically, how do I determine why a device is 'busy'? If the system thinks it's busy I assume it keeps that state somewhere. Is it available to me to read? When I grep mtab I see this: dragonfly ~ # cat /etc/mtab | grep video myth14:/video /video nfs rw,noexec,nosuid,nodev,_netdev,addr=192.168.1.14,addr=192.168.1.14 0 0 dragonfly ~ # ...telling me where it's located but it doesn't tell me who's using it. I happen to know that the only valid user of this partition is mythbackend which I've shut down, but I still cannot unmount it. So, how do I find what's keeping the partition busy? Cheers, Mark From robertmcclure at earthlink.net Tue Aug 2 17:54:00 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Tue, 2 Aug 2005 12:54:00 -0500 Subject: Busy NFS device - what's causing it? In-Reply-To: <5bdc1c8b050802103424186ad4@mail.gmail.com> References: <5bdc1c8b050802103424186ad4@mail.gmail.com> Message-ID: <20050802175400.GA11896@bobcat.bobcatos.com> On Tue, Aug 02, 2005 at 10:34:29AM -0700, Mark Knecht wrote: > Hi, > This is jsut a generic question since the list has been pretty > quiet. At time I'll want to unmount a volume. For instance, this > morning I'm messing around a bit with mount options and I want to see > what happens when I try a new option from the command line. However I > cannot unmount the volume to try mounting it: > > dragonfly ~ # umount /video > umount: /video: device is busy > umount: /video: device is busy > dragonfly ~ # > > Generically, how do I determine why a device is 'busy'? If the > system thinks it's busy I assume it keeps that state somewhere. Is it > available to me to read? When I grep mtab I see this: > > dragonfly ~ # cat /etc/mtab | grep video > myth14:/video /video nfs > rw,noexec,nosuid,nodev,_netdev,addr=192.168.1.14,addr=192.168.1.14 0 0 > dragonfly ~ # > > ...telling me where it's located but it doesn't tell me who's using > it. I happen to know that the only valid user of this partition is > mythbackend which I've shut down, but I still cannot unmount it. > > So, how do I find what's keeping the partition busy? > > Cheers, > Mark The tool you want is fuser (as in file user). I've not used it much, so "man fuser" for details. Because I have multiple xterms up, I frequently find that I've left a session sitting somewhere in that filesystem. But there have been times that fuser didn't report anything and I never did figure out what the problem was. Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com God doesn't have (or need) a Plan B. From markknecht at gmail.com Tue Aug 2 18:05:09 2005 From: markknecht at gmail.com (Mark Knecht) Date: Tue, 2 Aug 2005 11:05:09 -0700 Subject: Busy NFS device - what's causing it? In-Reply-To: <20050802175400.GA11896@bobcat.bobcatos.com> References: <5bdc1c8b050802103424186ad4@mail.gmail.com> <20050802175400.GA11896@bobcat.bobcatos.com> Message-ID: <5bdc1c8b05080211053ed58905@mail.gmail.com> On 8/2/05, Bob McClure Jr wrote: > On Tue, Aug 02, 2005 at 10:34:29AM -0700, Mark Knecht wrote: > > Hi, > > This is jsut a generic question since the list has been pretty > > quiet. At time I'll want to unmount a volume. For instance, this > > morning I'm messing around a bit with mount options and I want to see > > what happens when I try a new option from the command line. However I > > cannot unmount the volume to try mounting it: > > > > dragonfly ~ # umount /video > > umount: /video: device is busy > > umount: /video: device is busy > > dragonfly ~ # > > > > Generically, how do I determine why a device is 'busy'? If the > > system thinks it's busy I assume it keeps that state somewhere. Is it > > available to me to read? When I grep mtab I see this: > > > > dragonfly ~ # cat /etc/mtab | grep video > > myth14:/video /video nfs > > rw,noexec,nosuid,nodev,_netdev,addr=192.168.1.14,addr=192.168.1.14 0 0 > > dragonfly ~ # > > > > ...telling me where it's located but it doesn't tell me who's using > > it. I happen to know that the only valid user of this partition is > > mythbackend which I've shut down, but I still cannot unmount it. > > > > So, how do I find what's keeping the partition busy? > > > > Cheers, > > Mark > > The tool you want is fuser (as in file user). I've not used it much, > so "man fuser" for details. > > Because I have multiple xterms up, I frequently find that I've left a > session sitting somewhere in that filesystem. But there have been > times that fuser didn't report anything and I never did figure out > what the problem was. > > Cheers, Jason & Bob, Thanks for the answers. fuser didn't show it this time but lsof did. The directory is being held by mysql which manages the database for MythTV. While I did shut down mythbackend I did not shut down mysql: dragonfly ~ # lsof | grep video mysqld 7407 mysql 17u REG 3,10 3072 320906 /var/lib/mysql/mythconverg/videosource.MYI mysqld 7407 mysql 18u REG 3,10 76 320907 /var/lib/mysql/mythconverg/videosource.MYD mythbacke 8109 root 9w REG 0,15 0 16 /video/nfslockfile.lock (myth14:/video) dragonfly ~ # fuser -a /video /video: dragonfly ~ # Thanks, Mark From redhat at buglecreek.com Wed Aug 3 00:30:16 2005 From: redhat at buglecreek.com (redhat at buglecreek.com) Date: Tue, 02 Aug 2005 18:30:16 -0600 Subject: Lock users account after X attempts In-Reply-To: <20050802023800.GA16955@bobcat.bobcatos.com> References: <1122941672.25665.239761338@webmail.messagingengine.com> <20050802023800.GA16955@bobcat.bobcatos.com> Message-ID: <1123029016.12991.239847939@webmail.messagingengine.com> On Mon, 1 Aug 2005 21:38:00 -0500, "Bob McClure Jr" said: > On Mon, Aug 01, 2005 at 06:14:32PM -0600, redhat at buglecreek.com wrote: > > I need a way to lock a user account after 5 attempts. I know the > > pam_tally module will do this, but it also applies to system accounts > > and would require the use of the faillog command to get around this ( I > > think). I would like to find another option to do this. Also, it would > > be desirable to be able to lock it for a certain amount of time (say 15 > > minutes. Then allow users to try again. > > > > Redhat ES 4 > > > > Thank You > > You don't mention where the attempts are being made, but I will assume > you are trying to fend off the brute-force bad-password guessing > attack on sshd. I found a solution that is working fine on five > Fedora Core machines (some 1, 2, 3). I started with > > http://www.pettingers.org/code/SSHBlack.html > > It works by watching the log of your choice, usually secure or > messages, and adding an IPtables rule to block the perp after N tries. > I hacked the script to instead stick an entry in /etc/hosts.deny to > block the perp, since some of the machines aren't running iptables. > Actually, I put the entry in an auxilliary file that the hosts.deny > file "includes". The script does have an adjustable expiry mechanism > to release the block. > > Let me know if that's what you need and I'll send you my hacked script > and a set of instructions for implementing it. > > I might also mention that I block all non-North-American IP address > ranges in hosts.deny. And I know it's probably like peeing in the > ocean, but I trace every transgressor through ARIN's whois > > http://www.arin.net/whois/index.html > > and send a nastygram to the abuse contact for that network to advise > him he has a compromised machine on his network. > > Cheers, > -- > Bob McClure, Jr. Bobcat Open Systems, Inc. > robertmcclure at earthlink.net http://www.bobcatos.com > God doesn't have (or need) a Plan B. > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe Thanks Yes, that seems like it may be a good solution. If you could send me the details I would appreciate it. I will most likely need to run it on multiple machines. I have also implemented password strengthening using pam modules (cracklib, tally, unix) that should also help. Time to be extra paranoid. While we are on the subject, any suggestions on log monitoring tools that will catch excessive login attempts. I know a few, but was curious what others are using. From robertmcclure at earthlink.net Wed Aug 3 00:47:20 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Tue, 2 Aug 2005 19:47:20 -0500 Subject: Lock users account after X attempts In-Reply-To: <1123029016.12991.239847939@webmail.messagingengine.com> References: <1122941672.25665.239761338@webmail.messagingengine.com> <20050802023800.GA16955@bobcat.bobcatos.com> <1123029016.12991.239847939@webmail.messagingengine.com> Message-ID: <20050803004720.GB23873@bobcat.bobcatos.com> On Tue, Aug 02, 2005 at 06:30:16PM -0600, redhat at buglecreek.com wrote: > On Mon, 1 Aug 2005 21:38:00 -0500, "Bob McClure Jr" > said: > > On Mon, Aug 01, 2005 at 06:14:32PM -0600, redhat at buglecreek.com wrote: > > > I need a way to lock a user account after 5 attempts. I know the > > > pam_tally module will do this, but it also applies to system accounts > > > and would require the use of the faillog command to get around this ( I > > > think). I would like to find another option to do this. Also, it would > > > be desirable to be able to lock it for a certain amount of time (say 15 > > > minutes. Then allow users to try again. > > > > > > Redhat ES 4 > > > > > > Thank You > > > > You don't mention where the attempts are being made, but I will assume > > you are trying to fend off the brute-force bad-password guessing > > attack on sshd. I found a solution that is working fine on five > > Fedora Core machines (some 1, 2, 3). I started with > > > > http://www.pettingers.org/code/SSHBlack.html > > > > It works by watching the log of your choice, usually secure or > > messages, and adding an IPtables rule to block the perp after N tries. > > I hacked the script to instead stick an entry in /etc/hosts.deny to > > block the perp, since some of the machines aren't running iptables. > > Actually, I put the entry in an auxilliary file that the hosts.deny > > file "includes". The script does have an adjustable expiry mechanism > > to release the block. > > > > Let me know if that's what you need and I'll send you my hacked script > > and a set of instructions for implementing it. > > > > I might also mention that I block all non-North-American IP address > > ranges in hosts.deny. And I know it's probably like peeing in the > > ocean, but I trace every transgressor through ARIN's whois > > > > http://www.arin.net/whois/index.html > > > > and send a nastygram to the abuse contact for that network to advise > > him he has a compromised machine on his network. > > > > Cheers, > > -- > > Bob McClure, Jr. > > Thanks > > Yes, that seems like it may be a good solution. If you could send me > the details I would appreciate it. [I have sent that directly to him.] > I will most likely need to run it on > multiple machines. I have also implemented password strengthening using > pam modules (cracklib, tally, unix) that should also help. Time to be > extra paranoid. While we are on the subject, any suggestions on log > monitoring tools that will catch excessive login attempts. I know a few, > but was curious what others are using. I use logwatch. It may be in your distribution, but if not, go to the source, Luke: http://www2.logwatch.org:81/ The latest version is better than what is in the current RPM. Set it up to run from /etc/cron.daily/, so that you get a report every morning. Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com God doesn't have (or need) a Plan B. From mohanv at aftek.com Wed Aug 3 05:24:02 2005 From: mohanv at aftek.com (Mohan V) Date: Wed, 03 Aug 2005 10:54:02 +0530 Subject: USB485 Converter Message-ID: <42F054F2.50204@aftek.com> Hello All, I have a PROMAG USB485 converter. When I connected it to my PC having Redhat 9, the device gets recognised and a device node (ttyUSB0) is created. I want to check the data communication between 2 such USB485 converters. So, I connected the USB485 devices to 2 PCs, running Redhat 9. I am able to open minicom on the created device nodes on both PCs. But when I send some data from one PC, it is not received at the other PC. I have tried with linux-2.6.11 and linux-2.4.31 also on Redhat 9. I also tried using PCs with Fedora Core 3. But I am not able to exchange data. I tried the same thing with 2 PCs having Mandrake 10 and it works perfectly fine. So, I wanted to know what might be the problem. Thanks for your time. Regards, Mohan V. From james.lytle at charter.net Wed Aug 3 17:18:43 2005 From: james.lytle at charter.net (James Lytle) Date: Wed, 3 Aug 2005 12:18:43 -0500 Subject: kernel panic when starting the install Message-ID: <49jvrm$efgcl@mxip30a.cluster1.charter.net> System specs: Intel 915GEVLK with a P4 3.0 GHz processor. 512 MB DDR2 memory, 3Ware 8506-4LP SATA RAID 0/1/5/10/JBOD controller, 2 WD800 80 GB drives, 1 GB (2x512) DDR2 533 MHz memory. OS version is Redhat Fedora Core 4. 3Ware card appears to not be the issue, as I have another machine with a 915GAV motherboard and single SATA WD drive, and similar errors occur. Kernel panic happens after the vmlinux and initrd load. Screen goes blank as if it is getting ready to start another process, then the kernel panics. On this machine, the error is "Kernel panic - not syncing: Attempted to kill init!". On a similar machine without the 3Ware card, there is a line that I caught site of but can't seem to catch it again. The message is something along the lines of it can't write to the RAM disk. If anyone can help, or at least suggest some things to try, it would be greatly appreciated! I am trying to get two machines up and running by week's end for a client. Prefer to deliver by Friday. This is for my side business as a consultant. My background is that I am predominately Windows as that is what I have to run on my network at work due to software we run. I do have 2 Linux machines running, and as I learn more, am searching for new ways of replacing Windows machines with Linux. We are investigating the possibility of using a Linux based accounting package for our Bookstore (I work at a Vo-Tech school). Thanks!!!! James Lytle IS Director Thanks! Jay K5NIC From rstevens at vitalstream.com Wed Aug 3 18:25:46 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Wed, 03 Aug 2005 11:25:46 -0700 Subject: kernel panic when starting the install In-Reply-To: <49jvrm$efgcl@mxip30a.cluster1.charter.net> References: <49jvrm$efgcl@mxip30a.cluster1.charter.net> Message-ID: <42F10C2A.4050100@vitalstream.com> James Lytle wrote: > System specs: > Intel 915GEVLK with a P4 3.0 GHz processor. 512 MB DDR2 memory, 3Ware 8506-4LP SATA RAID 0/1/5/10/JBOD controller, 2 WD800 80 GB drives, 1 GB (2x512) DDR2 533 MHz memory. OS version is Redhat Fedora Core 4. 3Ware card appears to not be the issue, as I have another machine with a 915GAV motherboard and single SATA WD drive, and similar errors occur. > > Kernel panic happens after the vmlinux and initrd load. Screen goes blank as if it is getting ready to start another process, then the kernel panics. On this machine, the error is "Kernel panic - not syncing: Attempted to kill init!". On a similar machine without the 3Ware card, there is a line that I caught site of but can't seem to catch it again. The message is something along the lines of it can't write to the RAM disk. > > If anyone can help, or at least suggest some things to try, it would be greatly appreciated! I am trying to get two machines up and running by week's end for a client. Prefer to deliver by Friday. This is for my side business as a consultant. > > My background is that I am predominately Windows as that is what I have to run on my network at work due to software we run. I do have 2 Linux machines running, and as I learn more, am searching for new ways of replacing Windows machines with Linux. We are investigating the possibility of using a Linux based accounting package for our Bookstore (I work at a Vo-Tech school). Your problem is indicative of flakey memory or a bus problem. The first thing is to boot the first CD again. At the "boot:" prompt, enter "memtest86" and test the memory. If it passes, then open the machine up and reseat all of the PCI cards. You'd be surprised at how often that cleans things up. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - IGNORE that man behind the keyboard! - - - The Wizard of OS - ---------------------------------------------------------------------- From brad.mugleston at comcast.net Thu Aug 4 00:37:23 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Wed, 3 Aug 2005 18:37:23 -0600 (MDT) Subject: Copy & Paste Message-ID: I'm running RH9 and Gnone and am having a terriable time trying to copy things from one application to another. Lets say I'm in Mozilla at a web site and want to copy a paragraph to an openoffice document. Sometimes I can highlight the paragraph, click on the two outer mouse buttons then move to the openoffice document and click the center button and it copies - other times it doesn't work. The Cut/Paste commands under EDIT don't ever seem to work. Can anyone help out there or is this one of those to be built features..... Thanks, Brad Mugleston, KI0OT There are 10 types of people in this world. Those that understand binary and those that don't. From robertmcclure at earthlink.net Thu Aug 4 02:46:46 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Wed, 3 Aug 2005 21:46:46 -0500 Subject: Copy & Paste In-Reply-To: References: Message-ID: <20050804024646.GB5611@bobcat.bobcatos.com> On Wed, Aug 03, 2005 at 06:37:23PM -0600, brad.mugleston at comcast.net wrote: > I'm running RH9 and Gnone and am having a terriable time trying > to copy things from one application to another. > > Lets say I'm in Mozilla at a web site and want to copy a > paragraph to an openoffice document. Sometimes I can highlight > the paragraph, click on the two outer mouse buttons then move to > the openoffice document and click the center button and it copies > - other times it doesn't work. The Cut/Paste commands under EDIT > don't ever seem to work. Umm, you copy stuff to the X cut buffer using only the left mouse button. You start with the left mouse button at the beginning (or end if you want to do it in reverse) of the material, drag the cursor to the other end of the material you want to copy, then let up on the left mouse button. Then go to the other app, say, ooffice, and with the cursor where you want to plant it, hit the middle mouse button. I guess I could have just quoted this: http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/getting-started-guide/s1-intro-copypaste.html Which is why, by the way, I will not do without a three-button mouse. Also, double click will normally copy a word to the cut buffer, and a triple click will copy the whole line to the cut buffer. > Can anyone help out there or is this one of those to be built > features..... > > Thanks, > > > Brad Mugleston, KI0OT > > There are 10 types of people in this world. Those that > understand binary and those that don't. Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com God doesn't have (or need) a Plan B. From micros50 at computer.net Thu Aug 4 04:57:25 2005 From: micros50 at computer.net (mylar) Date: Thu, 04 Aug 2005 00:57:25 -0400 Subject: Copy & Paste In-Reply-To: References: Message-ID: <1123131445.6694.1.camel@manhattan.ruffe.edu> Running KDE or GNOME under Fedora Core 1 and 3 and I have virtually no problem cutting and pasting from almost anything into anything. With earlier Redhat distro versions I couldn't do it. Perhaps is not fully implemented in RH9. On Wed, 2005-08-03 at 20:37, brad.mugleston at comcast.net wrote: > I'm running RH9 and Gnone and am having a terriable time trying > to copy things from one application to another. > > Lets say I'm in Mozilla at a web site and want to copy a > paragraph to an openoffice document. Sometimes I can highlight > the paragraph, click on the two outer mouse buttons then move to > the openoffice document and click the center button and it copies > - other times it doesn't work. The Cut/Paste commands under EDIT > don't ever seem to work. > > Can anyone help out there or is this one of those to be built > features..... > > Thanks, > > > Brad Mugleston, KI0OT > > There are 10 types of people in this world. Those that > understand binary and those that don't. > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe From gerrynix at yahoo.com Thu Aug 4 19:42:31 2005 From: gerrynix at yahoo.com (gerrynix) Date: Thu, 4 Aug 2005 12:42:31 -0700 (PDT) Subject: Info on FC please Message-ID: <20050804194232.94558.qmail@web51909.mail.yahoo.com> Hello all, Which is the latest, and "stable" version of FC, suitable for a small business server? How viable is this in regards to longevity, without need for (very) frequent updates and/or version upgrades? Is it better to considering purchase of a supported version? I believe there is a specific "FC" list, but I am unsure how to join. I've checked the RH site. Which are favored download sites for FC? -- Many TIA, Nix From Albert.Smith at genexservices.com Thu Aug 4 19:57:04 2005 From: Albert.Smith at genexservices.com (Smith, Albert) Date: Thu, 4 Aug 2005 15:57:04 -0400 Subject: Info on FC please Message-ID: <462170B0EBFCFE4AB1E54ED8C269A5BC02320581@PHLVEXCH01.genexservices.com> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com > [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of gerrynix > Sent: Thursday, August 04, 2005 3:43 PM > To: redhat-install-list at redhat.com > Subject: Info on FC please > > Hello all, > > Which is the latest, and "stable" version of FC, suitable for > a small business server? How viable is this in regards to > longevity, without need for (very) frequent updates and/or > version upgrades? Is it better to considering purchase of a > supported version? > > I believe there is a specific "FC" list, but I am unsure how > to join. I've checked the RH site. > > Which are favored download sites for FC? > -- > Many TIA, > Nix > > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > > FC I would assume you mean fedora, can be accessed here: http://fedora.redhat.com/ Albert Smith Sr. Unix Systems Administrator HPCSA, RHCT Genex Services 440 E. Swedesford Rd. Wayne, PA 19087 albert.smith at genexservices.com (610) 964-5154 From nandrews at med.umich.edu Thu Aug 4 19:57:25 2005 From: nandrews at med.umich.edu (Nathan Andrews) Date: Thu, 04 Aug 2005 15:57:25 -0400 Subject: Info on FC please Message-ID: >>> gerrynix at yahoo.com 8/4/05 3:42:31 PM >>> Hello all, Which is the latest, and "stable" version of FC, suitable for a small business server? How viable is this in regards to longevity, without need for (very) frequent updates and/or version upgrades? Is it better to considering purchase of a supported version? I believe there is a specific "FC" list, but I am unsure how to join. I've checked the RH site. Which are favored download sites for FC? ___________________- Currently, Fedora Core 4 is in release. It's very stable, and works quite well. There are still a lot of updates coming out for FC3 and FC4, and they're pretty regular. If you want a longer release cycle, with a slower frequency of updates (and updates less likely to break the machine), you would probably be better off with a supported RedHat product ********************************************************** Electronic Mail is not secure, may not be read every day, and should not be used for urgent or sensitive issues. From robertmcclure at earthlink.net Thu Aug 4 20:08:29 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Thu, 4 Aug 2005 15:08:29 -0500 Subject: Info on FC please In-Reply-To: <20050804194232.94558.qmail@web51909.mail.yahoo.com> References: <20050804194232.94558.qmail@web51909.mail.yahoo.com> Message-ID: <20050804200829.GA4582@bobcat.bobcatos.com> On Thu, Aug 04, 2005 at 12:42:31PM -0700, gerrynix wrote: > Hello all, > > Which is the latest, and "stable" version of FC, suitable for a small business > server? Bearing in mind that Fedora Core is "bleeding edge", and is the proving ground (gamma testing?) for what eventually goes into the commercial Red Hat line, Fedora Core 4 is the latest stable release. That said, many of us are using at least FC3 in production environments. > How viable is this in regards to longevity, without need for (very) > frequent updates and/or version upgrades? I believe both FC and the commercial RH should be upgraded at least monthly to stay ahead of the crackers and bugs. I subscribe to a monthly distribution of the latest of Fedora Core from KRUD: http://www.tummy.com/Products/krud/ and keep all my machines updated with that. Two of my clients do, too. You can also use yum to keep your installation current. > Is it better to considering purchase of a supported version? Yes, if you want rock-solid stability and hand-holding. But if you're reasonably knowledgeable on Linux, you can get all the support you need from the lists. > I believe there is a specific "FC" list, but I am unsure how to join. I've > checked the RH site. HQ for Fedora Core is http://fedora.redhat.com/ The FC list is at http://www.redhat.com/mailman/listinfo/fedora-list > Which are favored download sites for FC? http://fedora.redhat.com/download/ There is a link to the list of mirrors there. > -- > Many TIA, > Nix Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com God doesn't have (or need) a Plan B. From gerrynix at yahoo.com Thu Aug 4 20:33:29 2005 From: gerrynix at yahoo.com (gerrynix) Date: Thu, 4 Aug 2005 13:33:29 -0700 (PDT) Subject: Info on FC please - and Thanx! In-Reply-To: <20050804200829.GA4582@bobcat.bobcatos.com> Message-ID: <20050804203329.87781.qmail@web51908.mail.yahoo.com> --- Bob McClure Jr wrote: > On Thu, Aug 04, 2005 at 12:42:31PM -0700, gerrynix wrote: > > Hello all, > > > > Which is the latest, and "stable" version of FC, suitable for a small > business > > server? > > Bearing in mind that Fedora Core is "bleeding edge", and is the > proving ground (gamma testing?) for what eventually goes into the > commercial Red Hat line, Fedora Core 4 is the latest stable release. > > That said, many of us are using at least FC3 in production environments. > > > How viable is this in regards to longevity, without need for (very) > > frequent updates and/or version upgrades? > > I believe both FC and the commercial RH should be upgraded at least > monthly to stay ahead of the crackers and bugs. I subscribe to a > monthly distribution of the latest of Fedora Core from KRUD: > > http://www.tummy.com/Products/krud/ > > and keep all my machines updated with that. Two of my clients do, > too. > > You can also use yum to keep your installation current. > > > Is it better to considering purchase of a supported version? > > Yes, if you want rock-solid stability and hand-holding. But if you're > reasonably knowledgeable on Linux, you can get all the support you > need from the lists. > > > I believe there is a specific "FC" list, but I am unsure how to join. I've > > checked the RH site. > > HQ for Fedora Core is > > http://fedora.redhat.com/ > > The FC list is at > > http://www.redhat.com/mailman/listinfo/fedora-list > > > Which are favored download sites for FC? > > http://fedora.redhat.com/download/ > > There is a link to the list of mirrors there. Thanks all . . . Especially Bob for explicitly addressing all points. Exactly the info I was looking for. Yes, I am a 16 year UNIX and Linux literate admin. Just lost sight of viability and "support options" of distributions such as Fedora. I believe I'll head in this direction with a client who can't spend the big $$$. Thanks for the tip on KRUD. -- Nix > > > -- > > Many TIA, > > Nix > > Cheers, > -- > Bob McClure, Jr. Bobcat Open Systems, Inc. > robertmcclure at earthlink.net http://www.bobcatos.com > God doesn't have (or need) a Plan B. > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > From redhat at buglecreek.com Fri Aug 5 15:06:20 2005 From: redhat at buglecreek.com (redhat at buglecreek.com) Date: Fri, 05 Aug 2005 09:06:20 -0600 Subject: logwatch -save option Message-ID: <1123254380.19731.240059710@webmail.messagingengine.com> I'm trying to setup logwatch to save it's output to /tmp/logwatch.`date +%F`. I have modified the save option in logwatch.conf with /tmp/logwatch.`date +%F`, but it does not seem to recognize bash command substitution. Maybe because it is written in perl? Does anyone know of a way to accomplish this? Am I missing something obvious? Since sendmail is turned off on our systems, this would at least let us view the logwatch output until a better solution can be made. Thanks From robertmcclure at earthlink.net Fri Aug 5 17:19:28 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Fri, 5 Aug 2005 12:19:28 -0500 Subject: logwatch -save option In-Reply-To: <1123254380.19731.240059710@webmail.messagingengine.com> References: <1123254380.19731.240059710@webmail.messagingengine.com> Message-ID: <20050805171928.GA7943@bobcat.bobcatos.com> On Fri, Aug 05, 2005 at 09:06:20AM -0600, redhat at buglecreek.com wrote: > I'm trying to setup logwatch to save it's output to /tmp/logwatch.`date > +%F`. I have modified the save option in logwatch.conf with > /tmp/logwatch.`date +%F`, but it does not seem to recognize bash > command substitution. Maybe because it is written in perl? Nope. It's just a config file - not executed as such. It's read by logwatch which uses simple parsing rules. > Does anyone know of a way to accomplish this? If logwatch is executed from /etc/cron.daily/0logwatch, as it is on my machine, I'd set the config to save to /tmp/logwatch. Then I'd create a script, say, /etc/cron.daily/1logwatch so it executes after 0logwatch, like this: -----------------8< snip here ---------------- #!/bin/sh lwfile=/tmp/logwatch if [ -f $lwfile ] then mv $lwfile $lwfile.`date +%F` fi -----------------8< snip here ---------------- Don't forget to chmod +x /etc/cron.daily/1logwatch > Am I missing something obvious? Nope. The only way you can be reasonably sure that a file is executed and not simply read and parsed, is to look for a "sh-bang" (#!) line at the top. If you do "ls -l " and it shows up without execute bits set, then it is not executed (there are exceptions such as "sourced" or "require"d files). In this case you get lrwxrwxrwx 1 root root 18 Jun 25 21:38 /etc/log.d/logwatch.conf -> conf/logwatch.conf Now that's not executable (the "x" flags) - it's just a symbolic link (symlink or soft link) to the real file at /etc/log.d/conf/logwatch.conf: -rw-r--r-- 1 root root 3758 May 17 08:36 /etc/log.d/conf/logwatch.conf and there you see it's not executable. > Since sendmail is turned off on our systems, this would at least let us > view the logwatch output until a better solution can be made. > > Thanks Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com God doesn't have (or need) a Plan B. From jtaggert at tpg.com.au Sat Aug 6 03:44:01 2005 From: jtaggert at tpg.com.au (James Taggert) Date: Sat, 06 Aug 2005 13:44:01 +1000 Subject: Password wallet for FC3/4 Message-ID: <42F43201.2070007@tpg.com.au> Hello, Can anybody recommend a good password wallet for FC3 that will also work on FC4 (I intend to upgrade shortly) -- Kind regards, Jimmy Taggert. From drumilnarayan at yahoo.com Sat Aug 6 11:53:59 2005 From: drumilnarayan at yahoo.com (drumil narayan) Date: Sat, 6 Aug 2005 12:53:59 +0100 (BST) Subject: Remote Copying In-Reply-To: <1123131445.6694.1.camel@manhattan.ruffe.edu> Message-ID: <20050806115359.54546.qmail@web8308.mail.in.yahoo.com> Dear All, am trying to copy some files from other machins with no luck when used rcp..with scp am able to do it. I do not want to use scp as it requires password. following is the command am using rcp rcp test at tengas:/tmp/backup/ . where test is text file locate in /tmp/backup of tengas remote host. am i supposed to do something more or different than this.. kindly help..Drumil __________________________________________________________ How much free photo storage do you get? Store your friends 'n family snaps for FREE with Yahoo! Photos http://in.photos.yahoo.com From Albert.Smith at genexservices.com Sat Aug 6 12:20:05 2005 From: Albert.Smith at genexservices.com (Smith, Albert) Date: Sat, 6 Aug 2005 08:20:05 -0400 Subject: Remote Copying Message-ID: <462170B0EBFCFE4AB1E54ED8C269A5BC02674B40@PHLVEXCH01.genexservices.com> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com > [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of > drumil narayan > Sent: Saturday, August 06, 2005 7:54 AM > To: Getting started with Red Hat Linux > Subject: Remote Copying > > Dear All, > > am trying to copy some files from other machins with no luck > when used rcp..with scp am able to do it. I do not want to > use scp as it requires password. > > following is the command am using rcp > > rcp test at tengas:/tmp/backup/ . > > where test is text file locate in /tmp/backup of tengas remote host. > > am i supposed to do something more or different than this.. > > kindly help..Drumil > > > > __________________________________________________________ > How much free photo storage do you get? Store your friends 'n > family snaps for FREE with Yahoo! Photos http://in.photos.yahoo.com > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > > Check to make sure you have the rsh-server package installed and the applicable service enabled in your checkconfig. I would also double check with the scp because of you do if I recall correctly keybased authentication then you do not need to put a password in. It will read the key and if it authenticates your in. Albert Smith Sr. Unix Systems Administrator HPCSA, RHCT Genex Services 440 E. Swedesford Rd. Wayne, PA 19087 albert.smith at genexservices.com (610) 964-5154 From stuart at sjsears.com Sat Aug 6 21:13:30 2005 From: stuart at sjsears.com (Stuart Sears) Date: Sat, 06 Aug 2005 22:13:30 +0100 Subject: Remote Copying In-Reply-To: <20050806115359.54546.qmail@web8308.mail.in.yahoo.com> References: <20050806115359.54546.qmail@web8308.mail.in.yahoo.com> Message-ID: <42F527FA.3040006@sjsears.com> drumil narayan enlightened us with the following gems on 08/06/2005 12:53 PM: > Dear All, > > am trying to copy some files from other machins with > no luck when used rcp..with scp am able to do it. I do > not want to use scp as it requires password. You can prevent scp needing a password if you use an public/private key pair to authenticate to the 'test' account on tengas. ssh-keygen -t dsa (or rsa if you wish) follow the prompts and then hit return when it asks you for a password. this will create keys in /root/.ssh (assuming you run the command as root). scp /root/id_dsa.pub test at tengas:.ssh/authorized_keys (the remote /home/test/.ssh dir must exist. perms 700.) this will need a password. the next time you run scp it will not ask, as it will compare the password on the keys, not the login password (if there even is one) for the user 'test'. you can use the same key for many different accounts in the same way. just copy the public key into place. password-less keys *are* a security risk, but no more than using rcp without a password... in fact, arguably less as the keys much match the originating host/user that created them. alternatively you can put a (strong) password on the key you create and use ssh-agent to manage the password for each session. depends on whether you want to script the scp commands or not. > > following is the command am using rcp > > rcp test at tengas:/tmp/backup/ . the scp version would be almost identical. HTH Stuart -- Stuart Sears RHCE RHCX From zheny.j at gmail.com Sun Aug 7 10:27:05 2005 From: zheny.j at gmail.com (=?gb2312?B?varV8dPC?=) Date: Sun, 7 Aug 2005 18:27:05 +0800 Subject: Adaptec2200s could not works properly on AS3.3 Message-ID: <002f01c59b3a$9176fd30$9b00a8c0@home.langchao.com> My server always stop running of kernel panic, and string of "aacraid" could be found in the panic message. So I wonder if the adaptec 2200s could work properly on AS3 Update 3. And any recommendation? -------------- next part -------------- An HTML attachment was scrubbed... URL: From yazan at ccs.com.jo Mon Aug 8 09:15:29 2005 From: yazan at ccs.com.jo (Yazan Al-Sheyyab) Date: Mon, 8 Aug 2005 11:15:29 +0200 Subject: image back up Message-ID: <000c01c59bf9$b8e4c6d0$69050364@yazanz> Hello, i have a problem about how to make an image backup for my system, and is there any utility or method to have an image backup ???????? i have a problem getting image backup for my system. Regards ------------------------------------------------- Yazan Al-Sheyyab -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: tech.gif Type: image/gif Size: 862 bytes Desc: not available URL: From erdinc at prosoft.com.tr Mon Aug 8 09:00:40 2005 From: erdinc at prosoft.com.tr (Ali =?ISO-8859-9?Q?Erdin=E7_K=F6ro=F0lu?=) Date: Mon, 8 Aug 2005 12:00:40 +0300 Subject: image back up In-Reply-To: <000c01c59bf9$b8e4c6d0$69050364@yazanz> References: <000c01c59bf9$b8e4c6d0$69050364@yazanz> Message-ID: <20050808120040.4de4e6dd.erdinc@prosoft.com.tr> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, On Mon, 8 Aug 2005 11:15:29 +0200 "Yazan Al-Sheyyab" wrote: > Hello, > > i have a problem about how to make an image backup for my system, and is there any utility or > method to have an image backup ???????? > i have a problem getting image backup for my system. You can use them :) www.partimage.org www.mondorescue.org www.bacula.org Regards Ali Erdin? K?roglu http://www.prosoft.com.tr -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFC9x84UZ8xvL9ToPoRAnAVAJwLyvDot15Ix1n2Gb//BGm9W4YbnQCgyfp6 RmICBAyBTxnb/ZOSYukpYqM= =wWtn -----END PGP SIGNATURE----- From narengone at rediffmail.com Mon Aug 8 12:25:02 2005 From: narengone at rediffmail.com (Narendra.G) Date: 8 Aug 2005 12:25:02 -0000 Subject: Help to fix errors Message-ID: <20050808122502.3810.qmail@webmail29.rediffmail.com> ? Hello, I am getting errors while installing oracle9i on linuxes3.0 errors are as follows: ins_plsql.mk,ins_sqlplus.mk,ins_rdbms.mk....etc. Please anybody help me to fix the error messages. Thanks & regards, Narendra -------------- next part -------------- An HTML attachment was scrubbed... URL: From rstevens at vitalstream.com Mon Aug 8 15:56:41 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Mon, 08 Aug 2005 08:56:41 -0700 Subject: Adaptec2200s could not works properly on AS3.3 In-Reply-To: <002f01c59b3a$9176fd30$9b00a8c0@home.langchao.com> References: <002f01c59b3a$9176fd30$9b00a8c0@home.langchao.com> Message-ID: <42F780B9.8000808@vitalstream.com> ??? wrote: > My server always stop running of kernel panic, and string of "aacraid" > could be found in the panic message. So I wonder if the adaptec 2200s > could work properly on AS3 Update 3. There is no problem with 2200s on AS3U3. I'd check your RAM and how well your card is plugged into your bus. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - "I'd explain it to you, but your brain might explode." - ---------------------------------------------------------------------- From rstevens at vitalstream.com Mon Aug 8 15:58:23 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Mon, 08 Aug 2005 08:58:23 -0700 Subject: Help to fix errors In-Reply-To: <20050808122502.3810.qmail@webmail29.rediffmail.com> References: <20050808122502.3810.qmail@webmail29.rediffmail.com> Message-ID: <42F7811F.9030702@vitalstream.com> Narendra.G wrote: > > Hello, > I am getting errors while installing oracle9i on linuxes3.0 > errors are as follows: ins_plsql.mk,ins_sqlplus.mk,ins_rdbms.mk....etc. > Please anybody help me to fix the error messages. Those are not error messages, but rather the names of the scripts that do the installation. We need to see the actual error messages such as: ins_plsql.mk: error message is here. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - "I'd explain it to you, but your brain might explode." - ---------------------------------------------------------------------- From Albert.Smith at genexservices.com Mon Aug 8 16:00:55 2005 From: Albert.Smith at genexservices.com (Smith, Albert) Date: Mon, 8 Aug 2005 12:00:55 -0400 Subject: Help to fix errors Message-ID: <462170B0EBFCFE4AB1E54ED8C269A5BC02674BC1@PHLVEXCH01.genexservices.com> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com > [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of > Rick Stevens > Sent: Monday, August 08, 2005 11:58 AM > To: Narendra.G; Getting started with Red Hat Linux > Subject: Re: Help to fix errors > > Narendra.G wrote: > > > > Hello, > > I am getting errors while installing oracle9i on linuxes3.0 > > errors are as follows: > ins_plsql.mk,ins_sqlplus.mk,ins_rdbms.mk....etc. > > Please anybody help me to fix the error messages. > > Those are not error messages, but rather the names of the > scripts that do the installation. We need to see the actual > error messages such as: > > ins_plsql.mk: error message is here. > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > - VitalStream, Inc. http://www.vitalstream.com - > - - > - "I'd explain it to you, but your brain might explode." - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > > Did you make all your links for oracle before your tried to do the oracle 9i install and make your sysconf modifications? Albert Smith Sr. Unix Systems Administrator HPCSA, RHCT Genex Services 440 E. Swedesford Rd. Wayne, PA 19087 albert.smith at genexservices.com (610) 964-5154 From rstevens at vitalstream.com Mon Aug 8 16:09:40 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Mon, 08 Aug 2005 09:09:40 -0700 Subject: Password wallet for FC3/4 In-Reply-To: <42F43201.2070007@tpg.com.au> References: <42F43201.2070007@tpg.com.au> Message-ID: <42F783C4.9040706@vitalstream.com> James Taggert wrote: > Hello, > > Can anybody recommend a good password wallet for FC3 that will also work > on FC4 (I intend to upgrade shortly) Well, there's the one in Firefox/Mozilla. There's Kopete (KDE desktop, but will work on Gnome as well), "passwordmanager" (from the DAG repository), and "pwmanager" (from sourceforge). There's probably others (google is your friend), but those are the ones I have experience with. So far, they've all worked on upgraded machines (FC2->3->4) for me (well, there was a glitch in Kopete, but fairly minor). ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - "Hello. My PID is Inigo Montoya. You `kill -9'-ed my parent - - process. Prepare to vi." - ---------------------------------------------------------------------- From Jack.Allen at McKesson.com Mon Aug 8 20:20:46 2005 From: Jack.Allen at McKesson.com (Allen, Jack) Date: Mon, 8 Aug 2005 16:20:46 -0400 Subject: Supported Raid Controller Message-ID: Can anyone tell me or tell me where I can find out if the following Raid Controller are directly supported by Red Hat AS version 4? That is I do not have to go to the vendor to get a driver. Serveraid 8I SAS Serveraid 6M Other questions depending on the answer to the first question. 1) Can I do an initial load with these controllers? That is I do not have to have some other drive to load on first and then put other file systems on the drives controlled by these controllers. 2) Any pros or cons about these controllers? Easy to configure, performance as advertised, etc. Thanks in advance. Jack Allen -------------- next part -------------- An HTML attachment was scrubbed... URL: From David.Mackintosh at xdroop.com Tue Aug 9 13:29:21 2005 From: David.Mackintosh at xdroop.com (David Mackintosh) Date: Tue, 9 Aug 2005 09:29:21 -0400 Subject: Password wallet for FC3/4 In-Reply-To: <42F43201.2070007@tpg.com.au> References: <42F43201.2070007@tpg.com.au> Message-ID: <20050809132921.GB17491@xdroop.com> On Sat, Aug 06, 2005 at 01:44:01PM +1000, James Taggert wrote: > Can anybody recommend a good password wallet for FC3 that will also work > on FC4 (I intend to upgrade shortly) I found the state of password managers to suck in general; one afternoon I spent too much time playing with a whole whack of them and didn't like any of them particularly. I wrote it up: http://xdroop.dhs.org/space/Linux/Password+Managers Currently, I encrypt mail to myself with gpg and use that to save passwords. -- /\oo/\ / /()\ \ David Mackintosh | Public Key: dave at xdroop.com | http://www.xdroop.com/dave/gpg.html $ gpg --recv-keys --keyserver subkeys.pgp.net 4C032504 Mystery attachment? http://xdroop.dhs.org/space/GPG -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From David.Mackintosh at xdroop.com Tue Aug 9 16:51:17 2005 From: David.Mackintosh at xdroop.com (David Mackintosh) Date: Tue, 9 Aug 2005 12:51:17 -0400 Subject: Lock users account after X attempts In-Reply-To: <20050802023800.GA16955@bobcat.bobcatos.com> References: <1122941672.25665.239761338@webmail.messagingengine.com> <20050802023800.GA16955@bobcat.bobcatos.com> Message-ID: <20050809165117.GA20940@xdroop.com> On Mon, Aug 01, 2005 at 09:38:00PM -0500, Bob McClure Jr wrote: > On Mon, Aug 01, 2005 at 06:14:32PM -0600, redhat at buglecreek.com wrote: > > I need a way to lock a user account after 5 attempts. I know the > > pam_tally module will do this, but it also applies to system accounts > > and would require the use of the faillog command to get around this ( I > > think). I would like to find another option to do this. Also, it would > > be desirable to be able to lock it for a certain amount of time (say 15 > > minutes. Then allow users to try again. > > > > Redhat ES 4 > > > > Thank You > > You don't mention where the attempts are being made, but I will assume > you are trying to fend off the brute-force bad-password guessing > attack on sshd. I found a solution that is working fine on five > Fedora Core machines (some 1, 2, 3). Personally, I go with the only-permit-known-connectors approach, with a backdoor to permit myself to become "known" system. See: http://xdroop.dhs.org/space/Linux/Limited+SSH+Access -- /\oo/\ / /()\ \ David Mackintosh | Public Key: dave at xdroop.com | http://www.xdroop.com/dave/gpg.html $ gpg --recv-keys --keyserver subkeys.pgp.net 4C032504 Mystery attachment? http://xdroop.dhs.org/space/GPG -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From kashili at yahoo.com Tue Aug 9 21:40:24 2005 From: kashili at yahoo.com (ashili) Date: Tue, 9 Aug 2005 14:40:24 -0700 (PDT) Subject: RH ES 4.0 CD1 is not detected for installation Message-ID: <20050809214024.19554.qmail@web30213.mail.mud.yahoo.com> I am running into issues while trying to build a laptop (IBM T30) (it has no OS on it) with RH Enterprise Linux Version 4. I can see the installation CDs getting detected on my second laptop (IBM T40 loaded with WinXP) and I can see clean T30 detecting WinXP installation CDs. But the T30 doesnt recognise RH CD1. is this a familiar build problem? Does RH4 installtion require having an OS or a specific (IDE/SCSI) CD ROM drive. Any clues. thanks in advance ashili ____________________________________________________ Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs From jtaggert at tpg.com.au Wed Aug 10 04:46:08 2005 From: jtaggert at tpg.com.au (James Taggert) Date: Wed, 10 Aug 2005 14:46:08 +1000 Subject: Password wallet for FC3/4 In-Reply-To: <42F783C4.9040706@vitalstream.com> References: <42F43201.2070007@tpg.com.au> <42F783C4.9040706@vitalstream.com> Message-ID: <42F98690.5090306@tpg.com.au> Rick Stevens wrote: > James Taggert wrote: > >> Hello, >> >> Can anybody recommend a good password wallet for FC3 that will also >> work on FC4 (I intend to upgrade shortly) > > > Well, there's the one in Firefox/Mozilla. There's Kopete (KDE desktop, > but will work on Gnome as well), "passwordmanager" (from the DAG > repository), and "pwmanager" (from sourceforge). There's probably > others (google is your friend), but those are the ones I have experience > with. So far, they've all worked on upgraded machines (FC2->3->4) for > me (well, there was a glitch in Kopete, but fairly minor). > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > - VitalStream, Inc. http://www.vitalstream.com - Thanks Rick, will check them out. I did google for 'password wallet' but came up with nothing. Should have refined my search better :-) -- Kind regards, Jimmy Taggert. From jtaggert at tpg.com.au Wed Aug 10 05:50:54 2005 From: jtaggert at tpg.com.au (James Taggert) Date: Wed, 10 Aug 2005 15:50:54 +1000 Subject: Password wallet for FC3/4 In-Reply-To: <20050809132921.GB17491@xdroop.com> References: <42F43201.2070007@tpg.com.au> <20050809132921.GB17491@xdroop.com> Message-ID: <42F995BE.10502@tpg.com.au> David Mackintosh wrote: >On Sat, Aug 06, 2005 at 01:44:01PM +1000, James Taggert wrote: > > > >>Can anybody recommend a good password wallet for FC3 that will also work >>on FC4 (I intend to upgrade shortly) >> >> > >I found the state of password managers to suck in general; one afternoon I >spent too much time playing with a whole whack of them and didn't like >any of them particularly. > >I wrote it up: > >http://xdroop.dhs.org/space/Linux/Password+Managers > >Currently, I encrypt mail to myself with gpg and use that to save passwords. > > > Hi David, thank you. Have read your comments and will check out those that you think are OK. -- Kind regards, Jimmy Taggert. From yazan at ccs.com.jo Wed Aug 10 13:17:01 2005 From: yazan at ccs.com.jo (Yazan Al-Sheyyab) Date: Wed, 10 Aug 2005 15:17:01 +0200 Subject: system imag backup Message-ID: <000a01c59dad$cb965fe0$69050364@yazanz> Hello, Can i use the first CD for RHEL AS V3 for itanium and boot from it in rescue mode then try to back the /mnt/sysimage into a tape drive (/dev/st0) ???? i mean ( does having the /mnt/sysimage in a tape can be regarded as system image for my system after a crash for my system ??? ) Can i do that and have redunduncy for my stsem ??????? i am having a trouble about how to haev an image back up and i am in a hurry.. Regards ------------------------------------------------- Yazan Al-Sheyyab -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: tech.gif Type: image/gif Size: 862 bytes Desc: not available URL: From rstevens at vitalstream.com Wed Aug 10 18:41:19 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Wed, 10 Aug 2005 11:41:19 -0700 Subject: system imag backup In-Reply-To: <000a01c59dad$cb965fe0$69050364@yazanz> References: <000a01c59dad$cb965fe0$69050364@yazanz> Message-ID: <42FA4A4F.8070904@vitalstream.com> Yazan Al-Sheyyab wrote: > > Hello, > > Can i use the first CD for RHEL AS V3 for itanium and boot from it > in rescue mode then try to back the /mnt/sysimage into a tape drive > (/dev/st0) ???? > > i mean ( does having the /mnt/sysimage in a tape can be regarded as > system image for my system after a crash for my system ??? ) > > Can i do that and have redunduncy for my stsem ??????? > > i am having a trouble about how to haev an image back up and i am in a > hurry.. No. Booting in rescue mode will cause the system to try to find existing Linux partitions on your hard drive and mount them as /mnt/sysimage ("/" will be mounted at "/mnt/sysimage", "/usr" will be mounted at "/mnt/sysimage/usr", etc.) Tape drives are sequential storage devices, NOT block-oriented random- access storage devices. Only block storage devices (such as disks) can be mounted. You can install a minimal system and recover from tape, but you can't mount it. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - "Yeah, but you're taking the universe out of context." - ---------------------------------------------------------------------- From Jack.Allen at McKesson.com Wed Aug 10 20:41:43 2005 From: Jack.Allen at McKesson.com (Allen, Jack) Date: Wed, 10 Aug 2005 16:41:43 -0400 Subject: Supported Raid Controller Message-ID: -----Original Message----- From: Allen, Jack [mailto:Jack.Allen at McKesson.com] Sent: Monday, August 08, 2005 4:21 PM To: 'Redhat-install-list at redhat.com' Subject: Supported Raid Controller Can anyone tell me or tell me where I can find out if the following Raid Controller are directly supported by Red Hat AS version 4? That is I do not have to go to the vendor to get a driver. Serveraid 8I SAS Serveraid 6M Other questions depending on the answer to the first question. 1) Can I do an initial load with these controllers? That is I do not have to have some other drive to load on first and then put other file systems on the drives controlled by these controllers. 2) Any pros or cons about these controllers? Easy to configure, performance as advertised, etc. Thanks in advance. Jack Allen [Jack Allen] Well no one said anything or ask for more information. After I unpacked the boxes, I found out both controller are made by Adaptec. The system is an IBM xServer 366. The ServeRaid 8I plugs into a special slot. The SAS disk drives are already cabled to a special I/O card. The controller then controls the drives through that card. At boot time you can access the setup for the 8i card. The system had 2 34G drive and I set them up in Raid 1, mirrored pair. The ServeRaid 6M allows you to look at the setup, but not create any disk arrays at boot time. The system came with an Initial Setup CD. It clears all the disk, sets the date and time, updates and sets up ServeRaid controllers and a few other things. And guess how this is done. It runs Linux very much like the Red Hat install does and leads you through each step. It even updated the microcode on the 6M controller and ran the array setup. The disk shelf had 12 36G drives with a split SCSI buss. So 6 of the disk are accessed by channel 1 of the controller and the other 6 disk are accessed by channel 2 of the controller. So I created 6 Raid 1, mirrored pairs, 1 disk from each channel for each pair. When all this was done I booted the Red Hat AS 4 CD and installed it. So the answer to my questions are, yes Red Hat AS 4 supports the controller and yes they are fairly easy to configure. Performance seems to be real good based on the limit amount of things I have done that use the disk. Now I have other questions about Red Hat AS 4 that will follow shortly. Jack Allen -------------- next part -------------- An HTML attachment was scrubbed... URL: From rstevens at vitalstream.com Wed Aug 10 20:54:38 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Wed, 10 Aug 2005 13:54:38 -0700 Subject: Supported Raid Controller In-Reply-To: References: Message-ID: <42FA698E.3010102@vitalstream.com> Allen, Jack wrote: > > -----Original Message----- > *From:* Allen, Jack [mailto:Jack.Allen at McKesson.com] > *Sent:* Monday, August 08, 2005 4:21 PM > *To:* 'Redhat-install-list at redhat.com' > *Subject:* Supported Raid Controller > > Can anyone tell me or tell me where I can find out if the following Raid > Controller are directly supported by Red Hat AS version 4? That is I do > not have to go to the vendor to get a driver. > > Serveraid 8I SAS > Serveraid 6M > > Other questions depending on the answer to the first question. > 1) Can I do an initial load with these controllers? That is I do not > have to have some other drive to load on first and then put other file > systems on the drives controlled by these controllers. > > 2) Any pros or cons about these controllers? Easy to configure, > performance as advertised, etc. > > Thanks in advance. > Jack Allen > [Jack Allen] Well no one said anything or ask for more information. > > After I unpacked the boxes, I found out both controller are made by > Adaptec. The system is an IBM xServer 366. The ServeRaid 8I plugs into a > special slot. The SAS disk drives are already cabled to a special I/O > card. The controller then controls the drives through that card. At boot > time you can access the setup for the 8i card. The system had 2 34G > drive and I set them up in Raid 1, mirrored pair. The ServeRaid 6M > allows you to look at the setup, but not create any disk arrays at boot > time. The system came with an Initial Setup CD. It clears all the disk, > sets the date and time, updates and sets up ServeRaid controllers and a > few other things. And guess how this is done. It runs Linux very much > like the Red Hat install does and leads you through each step. It even > updated the microcode on the 6M controller and ran the array setup. The > disk shelf had 12 36G drives with a split SCSI buss. So 6 of the disk > are accessed by channel 1 of the controller and the other 6 disk are > accessed by channel 2 of the controller. So I created 6 Raid 1, mirrored > pairs, 1 disk from each channel for each pair. When all this was done I > booted the Red Hat AS 4 CD and installed it. > > So the answer to my questions are, yes Red Hat AS 4 supports the > controller and yes they are fairly easy to configure. Performance seems > to be real good based on the limit amount of things I have done that use > the disk. This is the first I've seen of your question. I was going to answer, but you seem to have already. In the future, you may want to check the Red Hat Hardware Catalog page at http://bugzilla.redhat.com/hwcert/ and search for your hardware. It's not definitive (there's stuff that works fine that isn't in the database), but it's a start. > Now I have other questions about Red Hat AS 4 that will follow shortly. I can't wait! :-D ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Hard work has a future payoff. Laziness pays off now. - ---------------------------------------------------------------------- From Jack.Allen at McKesson.com Wed Aug 10 21:27:25 2005 From: Jack.Allen at McKesson.com (Allen, Jack) Date: Wed, 10 Aug 2005 17:27:25 -0400 Subject: Red Hat AS 4 questions Message-ID: I just loaded Red Hat AS 4 on and IBM xServer 366. Everything when fine. I have 2 disk in Raid 1, that everything was loaded on and appear as /dev/sdg1 - /dev/sdg9. Then there are 12 other disk, that are in Raid 1, so the OS sees 6 disk. These 6 disk were all setup with one partition and appear as /dev/sda1 through /dev/sdf1. I ran pvcreate /dev/sda1, pvcreate /dev/sdb1 ... Then I ran vgcreate vg01 /dev/sda1 /dev/sdb1. The vgdisplay command shows the correct information, no problem. Then I ran lvcreate -L 2G -n h0000n0.v00a vg01. This is for and application to directly access, so I needed to change the owner, group and mode. So I went to /dev/vg01 and did "ls -l" to see what it currently was. This is when I found out the name h0000n0.v00a was a symbolic link to /dev/mapper/vg01-h0000n0.v00a. So my first question is: does this mean I am running the dev file system or something by default? Or is this the way that lvm2 works now? Now to my second problem. When I loaded Red Hat AS 3, I don't remember doing anything special to create the /dev/st* and /dev/nst* nodes. It seems there was something like 7 of each. Well on the this system there are none. The man page for st gives an example of "mknod -m 0666 /dev/st0 c 9 0", which I did. No errors. But if I do "mt -f /dev/st0 status" the error indicates no such device or address. I would assume this is because the major device number may not be correct. So my question is: what should it be? Or is it related to the /dev/mapper question above? As far as the tape drive really being connected to the system, it shows up during boot when the controller is identified. This is before Linux boots. I don't remember if it showed up during the Linux boot. I will have to reboot again to see. I guess another question would be is all the boot messages from the kernel logged somewhere? I thought it was, but don't remember where. Thanks in advance for any help you can provide. Jack Allen -------------- next part -------------- An HTML attachment was scrubbed... URL: From rstevens at vitalstream.com Wed Aug 10 22:06:47 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Wed, 10 Aug 2005 15:06:47 -0700 Subject: Red Hat AS 4 questions In-Reply-To: References: Message-ID: <42FA7A77.8010102@vitalstream.com> Allen, Jack wrote: > I just loaded Red Hat AS 4 on and IBM xServer 366. Everything > when fine. I have 2 disk in Raid 1, that everything was loaded on and > appear as /dev/sdg1 - /dev/sdg9. Then there are 12 other disk, that are > in Raid 1, so the OS sees 6 disk. These 6 disk were all setup with one > partition and appear as /dev/sda1 through /dev/sdf1. I ran pvcreate > /dev/sda1, pvcreate /dev/sdb1 ... Then I ran vgcreate vg01 /dev/sda1 > /dev/sdb1. The vgdisplay command shows the correct information, no > problem. Then I ran > > lvcreate -L 2G -n h0000n0.v00a vg01. This is for and application to > directly access, so I needed to change the owner, group and mode. So I > went to /dev/vg01 and did "ls -l" to see what it currently was. This is > when I found out the name h0000n0.v00a was a symbolic link to > /dev/mapper/vg01-h0000n0.v00a. So my first question is: does this mean I > am running the dev file system or something by default? Or is this the > way that lvm2 works now? RH AS4 is a 2.6 kernel, unlike AS3 and 2.1, which were 2.4 kernels. The 2.6 kernel uses "udev" to manage device names and such. What you're seeing is how udev does things. Check the man pages for udev. > Now to my second problem. When I loaded Red Hat AS 3, I don't > remember doing anything special to create the /dev/st* and /dev/nst* > nodes. It seems there was something like 7 of each. Well on the this > system there are none. The man page for st gives an example of "mknod -m > 0666 /dev/st0 c 9 0", which I did. No errors. But if I do "mt -f > /dev/st0 status" the error indicates no such device or address. I would > assume this is because the major device number may not be correct. So my > question is: what should it be? Or is it related to the /dev/mapper > question above? As far as the tape drive really being connected to the > system, it shows up during boot when the controller is identified. This > is before Linux boots. I don't remember if it showed up during the Linux > boot. I will have to reboot again to see. I guess another question would > be is all the boot messages from the kernel logged somewhere? I thought > it was, but don't remember where. If you check /var/log/boot.log, you should see where the device was identified and assigned a name. You'll probably find it listed as "/dev/tape*" rather than "/dev/st*". Again, this is udev doing its thing and you should familiarize yourself with it. The 2.6 kernel is a radical departure from what you're used to. It's a better kernel, it's faster, it's cleaner and it handles memory much better. You'll like it, but there is a bit of a learning curve. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - You know the old saying--any technology sufficiently advanced is - - indistinguishable from a Perl script - - --Programming Perl, 2nd Edition - ---------------------------------------------------------------------- From Jack.Allen at McKesson.com Wed Aug 10 22:35:09 2005 From: Jack.Allen at McKesson.com (Allen, Jack) Date: Wed, 10 Aug 2005 18:35:09 -0400 Subject: Red Hat AS 4 questions Message-ID: -----Original Message----- From: Rick Stevens [mailto:rstevens at vitalstream.com] Sent: Wednesday, August 10, 2005 6:07 PM To: Getting started with Red Hat Linux Subject: Re: Red Hat AS 4 questions Allen, Jack wrote: > I just loaded Red Hat AS 4 on and IBM xServer 366. Everything > when fine. I have 2 disk in Raid 1, that everything was loaded on and > appear as /dev/sdg1 - /dev/sdg9. Then there are 12 other disk, that are > in Raid 1, so the OS sees 6 disk. These 6 disk were all setup with one > partition and appear as /dev/sda1 through /dev/sdf1. I ran pvcreate > /dev/sda1, pvcreate /dev/sdb1 ... Then I ran vgcreate vg01 /dev/sda1 > /dev/sdb1. The vgdisplay command shows the correct information, no > problem. Then I ran > > lvcreate -L 2G -n h0000n0.v00a vg01. This is for and application to > directly access, so I needed to change the owner, group and mode. So I > went to /dev/vg01 and did "ls -l" to see what it currently was. This is > when I found out the name h0000n0.v00a was a symbolic link to > /dev/mapper/vg01-h0000n0.v00a. So my first question is: does this mean I > am running the dev file system or something by default? Or is this the > way that lvm2 works now? RH AS4 is a 2.6 kernel, unlike AS3 and 2.1, which were 2.4 kernels. The 2.6 kernel uses "udev" to manage device names and such. What you're seeing is how udev does things. Check the man pages for udev. > Now to my second problem. When I loaded Red Hat AS 3, I don't > remember doing anything special to create the /dev/st* and /dev/nst* > nodes. It seems there was something like 7 of each. Well on the this > system there are none. The man page for st gives an example of "mknod -m > 0666 /dev/st0 c 9 0", which I did. No errors. But if I do "mt -f > /dev/st0 status" the error indicates no such device or address. I would > assume this is because the major device number may not be correct. So my > question is: what should it be? Or is it related to the /dev/mapper > question above? As far as the tape drive really being connected to the > system, it shows up during boot when the controller is identified. This > is before Linux boots. I don't remember if it showed up during the Linux > boot. I will have to reboot again to see. I guess another question would > be is all the boot messages from the kernel logged somewhere? I thought > it was, but don't remember where. If you check /var/log/boot.log, you should see where the device was identified and assigned a name. You'll probably find it listed as "/dev/tape*" rather than "/dev/st*". Again, this is udev doing its thing and you should familiarize yourself with it. The 2.6 kernel is a radical departure from what you're used to. It's a better kernel, it's faster, it's cleaner and it handles memory much better. You'll like it, but there is a bit of a learning curve. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - You know the old saying--any technology sufficiently advanced is - - indistinguishable from a Perl script - - --Programming Perl, 2nd Edition - ---------------------------------------------------------------------- Thanks for the information Rick. I will have to read up on udev. I just rebooted the system before I read this and noticed the first thing that gets started is udev. I had found the boot.log file and looked through it. I did not see anything about the 2 SCSI controllers the tape drives are connected to. There is a tape drive on each controller, one is a DLT1 and the other is a 4mm. As I said they show up in the preboot messages, but it looks like the kernel does not see them. The controllers are IBM Ultra320 SCSI Controller 2 by Adaptec. Any Ideas? _______________________________________________ Redhat-install-list mailing list Redhat-install-list at redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request at redhat.com Subject: unsubscribe From ajay197947 at rediffmail.com Thu Aug 11 06:40:10 2005 From: ajay197947 at rediffmail.com (ajay) Date: 11 Aug 2005 06:40:10 -0000 Subject: squid Message-ID: <20050811064010.12581.qmail@webmail28.rediffmail.com> hi team can anyone assist me how can i enable ftp in squid.conf (redhat 9.0) to connect my proxy ftp clients like http. thanks rgds ajay -------------- next part -------------- An HTML attachment was scrubbed... URL: From harold at hallikainen.com Thu Aug 11 18:53:13 2005 From: harold at hallikainen.com (Harold Hallikainen) Date: Thu, 11 Aug 2005 11:53:13 -0700 (PDT) Subject: location of mysql database files? In-Reply-To: <42E5230E.2050708@vitalstream.com> References: <3795.192.168.1.1.1122139270.squirrel@kauko.hallikainen.org> <42E2828B.6060106@hyperbole-software.com><3949.192.168.1.1.1122142847.squirrel@kauko.hallikainen.org> <42E5230E.2050708@vitalstream.com> Message-ID: <47450.207.177.227.29.1123786393.squirrel@kauko.hallikainen.org> > > The only _reliable_ method for moving mysql data from machine to machine > is via mysqldump/mysqlrestore or by using the replication tools in the > later versions of mysql. Moving the data files around is not > recommended--especially with a live database. If you can stop it while > you move the binary files, then you're OK, but don't do it while mysql > is running. > > BTW, the default location for the data files is > > /var/lib/mysql/name-of-database > > Inside each directory, the files are named *.frm, *.MYD, and *.MYI, > where the asterisks are replaced by the table names. 10 tables yields > 30 files (a .frm, a .MYD and a .MYI for each) > I tried copying the mysql files over from the RH8 machine to the FC4, and it LOOKS like it worked, but the owners have changed from harold to root (I have to use -uroot in mysql to see the databases). Is user info and database ownership info in the same location as the databases? I may still go the export/import route, but I'm trying to use rsync to keep a backup server in sync with another. THANKS! Harold -- FCC Rules Updated Daily at http://www.hallikainen.com From rstevens at vitalstream.com Thu Aug 11 20:18:04 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Thu, 11 Aug 2005 13:18:04 -0700 Subject: location of mysql database files? In-Reply-To: <47450.207.177.227.29.1123786393.squirrel@kauko.hallikainen.org> References: <3795.192.168.1.1.1122139270.squirrel@kauko.hallikainen.org> <42E2828B.6060106@hyperbole-software.com><3949.192.168.1.1.1122142847.squirrel@kauko.hallikainen.org> <42E5230E.2050708@vitalstream.com> <47450.207.177.227.29.1123786393.squirrel@kauko.hallikainen.org> Message-ID: <42FBB27C.3070001@vitalstream.com> Harold Hallikainen wrote: > >>The only _reliable_ method for moving mysql data from machine to machine >>is via mysqldump/mysqlrestore or by using the replication tools in the >>later versions of mysql. Moving the data files around is not >>recommended--especially with a live database. If you can stop it while >>you move the binary files, then you're OK, but don't do it while mysql >>is running. >> >>BTW, the default location for the data files is >> >> /var/lib/mysql/name-of-database >> >>Inside each directory, the files are named *.frm, *.MYD, and *.MYI, >>where the asterisks are replaced by the table names. 10 tables yields >>30 files (a .frm, a .MYD and a .MYI for each) >> > > > > I tried copying the mysql files over from the RH8 machine to the FC4, and > it LOOKS like it worked, but the owners have changed from harold to root > (I have to use -uroot in mysql to see the databases). Is user info and > database ownership info in the same location as the databases? I may still > go the export/import route, but I'm trying to use rsync to keep a backup > server in sync with another. If you don't specify "-p" on the cp command, _new_ files will be created with the UID/GID of the process doing the cp command. Since these files didn't exist on the FC4 machine and you did the "cp" as root, the files got "root:root" ownership. As root, you can "chown -R harold:haroldsgroup /var/lib/mysql/dbname/*" to set the ownerships back to harold (assuming the user harold is set up on the machine). The permissions regarding who's allowed to do what to each database is stored in the "mysql" database: # mysql > connect mysql > show tables\g I'd recommend getting the O'Reilly book, "MySQL & mSQL" by Yarger, Reese and King (a.k.a. the "woodpecker" book). It's pretty good. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Brain: The organ with which we think that we think. - ---------------------------------------------------------------------- From harold at hallikainen.com Thu Aug 11 20:29:26 2005 From: harold at hallikainen.com (Harold Hallikainen) Date: Thu, 11 Aug 2005 13:29:26 -0700 (PDT) Subject: location of mysql database files? In-Reply-To: <42FBB27C.3070001@vitalstream.com> References: <3795.192.168.1.1.1122139270.squirrel@kauko.hallikainen.org> <42E2828B.6060106@hyperbole-software.com><3949.192.168.1.1.1122142847.squirrel@kauko.hallikainen.org> <42E5230E.2050708@vitalstream.com><47450.207.177.227.29.1123786393.squirrel@kauko.hallikainen.org> <42FBB27C.3070001@vitalstream.com> Message-ID: <48544.207.177.227.29.1123792166.squirrel@kauko.hallikainen.org> > Harold Hallikainen wrote: >> >>>The only _reliable_ method for moving mysql data from machine to machine >>>is via mysqldump/mysqlrestore or by using the replication tools in the >>>later versions of mysql. Moving the data files around is not >>>recommended--especially with a live database. If you can stop it while >>>you move the binary files, then you're OK, but don't do it while mysql >>>is running. >>> >>>BTW, the default location for the data files is >>> >>> /var/lib/mysql/name-of-database >>> >>>Inside each directory, the files are named *.frm, *.MYD, and *.MYI, >>>where the asterisks are replaced by the table names. 10 tables yields >>>30 files (a .frm, a .MYD and a .MYI for each) >>> >> >> >> >> I tried copying the mysql files over from the RH8 machine to the FC4, >> and >> it LOOKS like it worked, but the owners have changed from harold to root >> (I have to use -uroot in mysql to see the databases). Is user info and >> database ownership info in the same location as the databases? I may >> still >> go the export/import route, but I'm trying to use rsync to keep a backup >> server in sync with another. > > If you don't specify "-p" on the cp command, _new_ files will be created > with the UID/GID of the process doing the cp command. Since these > files didn't exist on the FC4 machine and you did the "cp" as root, > the files got "root:root" ownership. > > As root, you can "chown -R harold:haroldsgroup /var/lib/mysql/dbname/*" > to set the ownerships back to harold (assuming the user harold is set up > on the machine). The permissions regarding who's allowed to do what to > each database is stored in the "mysql" database: > > # mysql > > connect mysql > > show tables\g > > I'd recommend getting the O'Reilly book, "MySQL & mSQL" by Yarger, Reese > and King (a.k.a. the "woodpecker" book). It's pretty good. THANKS for the help! I'll add the book to my wish list. I used rsync and told it to maintain ownership and permissions, so the files are owned by mysql on the FC4 machine, same as on the RH8 machine. The problem is that on the RH8 machine, I can do >mysql -uharold >show databases; and see all the databases. On the FC4 machine, thus far I have to do >mysql -uroot >show databases; to see them. Using the root user, I CAN see the tables, etc. in the databases, so it looks like they moved over ok, but mysql doesn't seem to know what user is supposed to have access to the databases. Time to buy the book? THANKS! Harold -- FCC Rules Updated Daily at http://www.hallikainen.com From rstevens at vitalstream.com Thu Aug 11 20:38:40 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Thu, 11 Aug 2005 13:38:40 -0700 Subject: Red Hat AS 4 questions In-Reply-To: References: Message-ID: <42FBB750.6070500@vitalstream.com> Allen, Jack wrote: > > -----Original Message----- > From: Rick Stevens [mailto:rstevens at vitalstream.com] > Sent: Wednesday, August 10, 2005 6:07 PM > To: Getting started with Red Hat Linux > Subject: Re: Red Hat AS 4 questions > > > Allen, Jack wrote: > >> I just loaded Red Hat AS 4 on and IBM xServer 366. Everything >>when fine. I have 2 disk in Raid 1, that everything was loaded on and >>appear as /dev/sdg1 - /dev/sdg9. Then there are 12 other disk, that are >>in Raid 1, so the OS sees 6 disk. These 6 disk were all setup with one >>partition and appear as /dev/sda1 through /dev/sdf1. I ran pvcreate >>/dev/sda1, pvcreate /dev/sdb1 ... Then I ran vgcreate vg01 /dev/sda1 >>/dev/sdb1. The vgdisplay command shows the correct information, no >>problem. Then I ran >> >>lvcreate -L 2G -n h0000n0.v00a vg01. This is for and application to >>directly access, so I needed to change the owner, group and mode. So I >>went to /dev/vg01 and did "ls -l" to see what it currently was. This is >>when I found out the name h0000n0.v00a was a symbolic link to >>/dev/mapper/vg01-h0000n0.v00a. So my first question is: does this mean I >>am running the dev file system or something by default? Or is this the >>way that lvm2 works now? > > > RH AS4 is a 2.6 kernel, unlike AS3 and 2.1, which were 2.4 kernels. > The 2.6 kernel uses "udev" to manage device names and such. What you're > seeing is how udev does things. Check the man pages for udev. > > >> Now to my second problem. When I loaded Red Hat AS 3, I don't >>remember doing anything special to create the /dev/st* and /dev/nst* >>nodes. It seems there was something like 7 of each. Well on the this >>system there are none. The man page for st gives an example of "mknod -m >>0666 /dev/st0 c 9 0", which I did. No errors. But if I do "mt -f >>/dev/st0 status" the error indicates no such device or address. I would >>assume this is because the major device number may not be correct. So my >>question is: what should it be? Or is it related to the /dev/mapper >>question above? As far as the tape drive really being connected to the >>system, it shows up during boot when the controller is identified. This >>is before Linux boots. I don't remember if it showed up during the Linux >>boot. I will have to reboot again to see. I guess another question would >>be is all the boot messages from the kernel logged somewhere? I thought >>it was, but don't remember where. > > > If you check /var/log/boot.log, you should see where the device was > identified and assigned a name. You'll probably find it listed as > "/dev/tape*" rather than "/dev/st*". Again, this is udev doing its > thing and you should familiarize yourself with it. > > The 2.6 kernel is a radical departure from what you're used to. It's > a better kernel, it's faster, it's cleaner and it handles memory much > better. You'll like it, but there is a bit of a learning curve. > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > - VitalStream, Inc. http://www.vitalstream.com - > - - > - You know the old saying--any technology sufficiently advanced is - > - indistinguishable from a Perl script - > - --Programming Perl, 2nd Edition - > ---------------------------------------------------------------------- > > Thanks for the information Rick. I will have to read up on udev. I just > rebooted the system before I read this and noticed the first thing that gets > started is udev. I had found the boot.log file and looked through it. I did > not see anything about the 2 SCSI controllers the tape drives are connected > to. There is a tape drive on each controller, one is a DLT1 and the other is > a 4mm. As I said they show up in the preboot messages, but it looks like the > kernel does not see them. The controllers are IBM Ultra320 SCSI Controller 2 > by Adaptec. Any Ideas? Ah. Sounds like the drivers for the controllers weren't loaded. Try doing an "lsmod" and see if any "aic7*" drivers were loaded (there are two primary Adaptec drivers, "aic7xxx" and "aic79xx"). If not, try "modprobe aic7xxx" and see if it loads. If it doesn't, try "modprobe aic79xx". One or the other should load. When they do, check the "dmesg" command's output and see if the drives show up. If they do, then add lines to /etc/modprobe.conf: alias scsi_hostadapterX aic7xxx Replace "X" with the next sequential number from the other "alias scsi_hostadapter" lines in the file, replace "aic7xxx" with "aic79xx" if you're using the aic79xx driver, and repeat for each Adaptec you have. For example, if you have two RAID controllers in your machine and two Adaptecs which use aic79xx, you'll have the following lines in /etc/modprobe.conf: alias scsi_hostadapter0 raid-controller-driver-name alias scsi_hostadapter1 raid-controller-driver-name ... alias scsi_hostadapter2 aic79xx alias scsi_hostadapter3 aic79xx When you reboot, the drivers _should_ load and "lsmod" should show them. If they don't load (because you don't immediately start whacking the tape drives at boot), you may also need to add "modprobe aic79xx" or "modprobe aic7xxx" to your /etc/rc.d/rc.local file, just to make sure the drivers get loaded. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - When all else fails, try reading the instructions. - ---------------------------------------------------------------------- From rstevens at vitalstream.com Thu Aug 11 21:01:37 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Thu, 11 Aug 2005 14:01:37 -0700 Subject: location of mysql database files? In-Reply-To: <48544.207.177.227.29.1123792166.squirrel@kauko.hallikainen.org> References: <3795.192.168.1.1.1122139270.squirrel@kauko.hallikainen.org> <42E2828B.6060106@hyperbole-software.com><3949.192.168.1.1.1122142847.squirrel@kauko.hallikainen.org> <42E5230E.2050708@vitalstream.com><47450.207.177.227.29.1123786393.squirrel@kauko.hallikainen.org> <42FBB27C.3070001@vitalstream.com> <48544.207.177.227.29.1123792166.squirrel@kauko.hallikainen.org> Message-ID: <42FBBCB1.8080106@vitalstream.com> Harold Hallikainen wrote: >>Harold Hallikainen wrote: >> >>>>The only _reliable_ method for moving mysql data from machine to machine >>>>is via mysqldump/mysqlrestore or by using the replication tools in the >>>>later versions of mysql. Moving the data files around is not >>>>recommended--especially with a live database. If you can stop it while >>>>you move the binary files, then you're OK, but don't do it while mysql >>>>is running. >>>> >>>>BTW, the default location for the data files is >>>> >>>> /var/lib/mysql/name-of-database >>>> >>>>Inside each directory, the files are named *.frm, *.MYD, and *.MYI, >>>>where the asterisks are replaced by the table names. 10 tables yields >>>>30 files (a .frm, a .MYD and a .MYI for each) >>>> >>> >>> >>> >>>I tried copying the mysql files over from the RH8 machine to the FC4, >>>and >>>it LOOKS like it worked, but the owners have changed from harold to root >>>(I have to use -uroot in mysql to see the databases). Is user info and >>>database ownership info in the same location as the databases? I may >>>still >>>go the export/import route, but I'm trying to use rsync to keep a backup >>>server in sync with another. >> >>If you don't specify "-p" on the cp command, _new_ files will be created >>with the UID/GID of the process doing the cp command. Since these >>files didn't exist on the FC4 machine and you did the "cp" as root, >>the files got "root:root" ownership. >> >>As root, you can "chown -R harold:haroldsgroup /var/lib/mysql/dbname/*" >>to set the ownerships back to harold (assuming the user harold is set up >>on the machine). The permissions regarding who's allowed to do what to >>each database is stored in the "mysql" database: >> >> # mysql >> > connect mysql >> > show tables\g >> >>I'd recommend getting the O'Reilly book, "MySQL & mSQL" by Yarger, Reese >>and King (a.k.a. the "woodpecker" book). It's pretty good. > > > > THANKS for the help! I'll add the book to my wish list. I used rsync and > told it to maintain ownership and permissions, so the files are owned by > mysql on the FC4 machine, same as on the RH8 machine. > > The problem is that on the RH8 machine, I can do > >>mysql -uharold >>show databases; > > > and see all the databases. > > On the FC4 machine, thus far I have to do > >>mysql -uroot >>show databases; > > > to see them. Using the root user, I CAN see the tables, etc. in the > databases, so it looks like they moved over ok, but mysql doesn't seem to > know what user is supposed to have access to the databases. Ah! You need to add harold to the MySQL database: # mysql > connect mysql > INSERT INTO user VALUES > ('%', 'harold', password('pwd'), 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y')\g Replace "pwd" with harold's password. If user harold doesn't have a MySQL password, then replace the "password('pwd')" bit with just "''" (two single quotes): > INSERT INTO user VALUES > ('%', 'harold', '', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y')\g > Time to buy the book? A lot of this would be explained in there. For example, this bit is on, let's see (pulling book off shelf), pages 51-54 in the first edition ("Security" in chapter 4). ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Do not taunt the sysadmins, for they are subtle and quick to anger - ---------------------------------------------------------------------- From Jack.Allen at McKesson.com Thu Aug 11 21:29:15 2005 From: Jack.Allen at McKesson.com (Allen, Jack) Date: Thu, 11 Aug 2005 17:29:15 -0400 Subject: Red Hat AS 4 questions Message-ID: -----Original Message----- From: Rick Stevens [mailto:rstevens at vitalstream.com] Sent: Thursday, August 11, 2005 4:39 PM To: Getting started with Red Hat Linux Subject: Re: Red Hat AS 4 questions Allen, Jack wrote: > > -----Original Message----- > From: Rick Stevens [mailto:rstevens at vitalstream.com] > Sent: Wednesday, August 10, 2005 6:07 PM > To: Getting started with Red Hat Linux > Subject: Re: Red Hat AS 4 questions > > > Allen, Jack wrote: > >> I just loaded Red Hat AS 4 on and IBM xServer 366. Everything >>when fine. I have 2 disk in Raid 1, that everything was loaded on and >>appear as /dev/sdg1 - /dev/sdg9. Then there are 12 other disk, that are >>in Raid 1, so the OS sees 6 disk. These 6 disk were all setup with one >>partition and appear as /dev/sda1 through /dev/sdf1. I ran pvcreate >>/dev/sda1, pvcreate /dev/sdb1 ... Then I ran vgcreate vg01 /dev/sda1 >>/dev/sdb1. The vgdisplay command shows the correct information, no >>problem. Then I ran >> >>lvcreate -L 2G -n h0000n0.v00a vg01. This is for and application to >>directly access, so I needed to change the owner, group and mode. So I >>went to /dev/vg01 and did "ls -l" to see what it currently was. This is >>when I found out the name h0000n0.v00a was a symbolic link to >>/dev/mapper/vg01-h0000n0.v00a. So my first question is: does this mean I >>am running the dev file system or something by default? Or is this the >>way that lvm2 works now? > > > RH AS4 is a 2.6 kernel, unlike AS3 and 2.1, which were 2.4 kernels. > The 2.6 kernel uses "udev" to manage device names and such. What you're > seeing is how udev does things. Check the man pages for udev. > > >> Now to my second problem. When I loaded Red Hat AS 3, I don't >>remember doing anything special to create the /dev/st* and /dev/nst* >>nodes. It seems there was something like 7 of each. Well on the this >>system there are none. The man page for st gives an example of "mknod -m >>0666 /dev/st0 c 9 0", which I did. No errors. But if I do "mt -f >>/dev/st0 status" the error indicates no such device or address. I would >>assume this is because the major device number may not be correct. So my >>question is: what should it be? Or is it related to the /dev/mapper >>question above? As far as the tape drive really being connected to the >>system, it shows up during boot when the controller is identified. This >>is before Linux boots. I don't remember if it showed up during the Linux >>boot. I will have to reboot again to see. I guess another question would >>be is all the boot messages from the kernel logged somewhere? I thought >>it was, but don't remember where. > > > If you check /var/log/boot.log, you should see where the device was > identified and assigned a name. You'll probably find it listed as > "/dev/tape*" rather than "/dev/st*". Again, this is udev doing its > thing and you should familiarize yourself with it. > > The 2.6 kernel is a radical departure from what you're used to. It's > a better kernel, it's faster, it's cleaner and it handles memory much > better. You'll like it, but there is a bit of a learning curve. > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > - VitalStream, Inc. http://www.vitalstream.com - > - - > - You know the old saying--any technology sufficiently advanced is - > - indistinguishable from a Perl script - > - --Programming Perl, 2nd Edition - > ---------------------------------------------------------------------- > > Thanks for the information Rick. I will have to read up on udev. I just > rebooted the system before I read this and noticed the first thing that gets > started is udev. I had found the boot.log file and looked through it. I did > not see anything about the 2 SCSI controllers the tape drives are connected > to. There is a tape drive on each controller, one is a DLT1 and the other is > a 4mm. As I said they show up in the preboot messages, but it looks like the > kernel does not see them. The controllers are IBM Ultra320 SCSI Controller 2 > by Adaptec. Any Ideas? Ah. Sounds like the drivers for the controllers weren't loaded. Try doing an "lsmod" and see if any "aic7*" drivers were loaded (there are two primary Adaptec drivers, "aic7xxx" and "aic79xx"). If not, try "modprobe aic7xxx" and see if it loads. If it doesn't, try "modprobe aic79xx". One or the other should load. When they do, check the "dmesg" command's output and see if the drives show up. If they do, then add lines to /etc/modprobe.conf: alias scsi_hostadapterX aic7xxx Replace "X" with the next sequential number from the other "alias scsi_hostadapter" lines in the file, replace "aic7xxx" with "aic79xx" if you're using the aic79xx driver, and repeat for each Adaptec you have. For example, if you have two RAID controllers in your machine and two Adaptecs which use aic79xx, you'll have the following lines in /etc/modprobe.conf: alias scsi_hostadapter0 raid-controller-driver-name alias scsi_hostadapter1 raid-controller-driver-name ... alias scsi_hostadapter2 aic79xx alias scsi_hostadapter3 aic79xx When you reboot, the drivers _should_ load and "lsmod" should show them. If they don't load (because you don't immediately start whacking the tape drives at boot), you may also need to add "modprobe aic79xx" or "modprobe aic7xxx" to your /etc/rc.d/rc.local file, just to make sure the drivers get loaded. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - When all else fails, try reading the instructions. - ---------------------------------------------------------------------- I had not had a chance today to answer some of my own questions again. Last night using the strings and grep command I looked at all the loadable modules for 29320 and found it in the aic79xx file. So I did modprobe aic79xx and it took several seconds to run. At first I thought it had gotten stuck. When it finished I did lsmod and scsi_mod had aic79xx and the use count increased by 1. So I did "ls -l /dev/st*", and there were the 2 tape drive nodes, actually several for each tape drive. Then I was able to do "mt -f /dev/st0 status" and it showed online. My next question for today was going to be what do I need to put in the module.conf file to get the driver to load at boot time? But now I do not have to ask it, because you have already provided the answer. I has some what figured that would be what was needed. I do have another question. I know I need to add stinit to rc.local to set some parameters and I know I could do some testing by rebooting the system. The question is, does the loading of aic79xx and it sees tape drives, will it load the st driver? Or when the tape drive is first accessed will the st driver be loaded? Or do I need to add another line in module.conf? Thanks for the help again. Jack Allen From rstevens at vitalstream.com Thu Aug 11 22:29:55 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Thu, 11 Aug 2005 15:29:55 -0700 Subject: Red Hat AS 4 questions In-Reply-To: References: Message-ID: <42FBD163.1050701@vitalstream.com> Allen, Jack wrote: > Rick Stevens wrote: >> > Thanks for the information Rick. I will have to read up on udev. I just >>> rebooted the system before I read this and noticed the first thing that >>> gets started is udev. I had found the boot.log file and looked through it. I >>> did not see anything about the 2 SCSI controllers the tape drives are >>> connected to. There is a tape drive on each controller, one is a DLT1 and the other >>> is a 4mm. As I said they show up in the preboot messages, but it looks like >>> the kernel does not see them. The controllers are IBM Ultra320 SCSI Controller >>> 2 by Adaptec. Any Ideas? >> >> Ah. Sounds like the drivers for the controllers weren't loaded. Try >> doing an "lsmod" and see if any "aic7*" drivers were loaded (there >> are two primary Adaptec drivers, "aic7xxx" and "aic79xx"). If not, >> try "modprobe aic7xxx" and see if it loads. If it doesn't, try >> "modprobe aic79xx". One or the other should load. When they do, check >> the "dmesg" command's output and see if the drives show up. If they do, >> then add lines to /etc/modprobe.conf: >> >> alias scsi_hostadapterX aic7xxx >> >> Replace "X" with the next sequential number from the other >> "alias scsi_hostadapter" lines in the file, replace "aic7xxx" with >> "aic79xx" if you're using the aic79xx driver, and repeat for each >> Adaptec you have. For example, if you have two RAID controllers in your >> machine and two Adaptecs which use aic79xx, you'll have the following >> lines in /etc/modprobe.conf: >> >> alias scsi_hostadapter0 raid-controller-driver-name >> alias scsi_hostadapter1 raid-controller-driver-name >> ... >> alias scsi_hostadapter2 aic79xx >> alias scsi_hostadapter3 aic79xx >> >> When you reboot, the drivers _should_ load and "lsmod" should show them. >> If they don't load (because you don't immediately start whacking the >> tape drives at boot), you may also need to add "modprobe aic79xx" or >> "modprobe aic7xxx" to your /etc/rc.d/rc.local file, just to make sure >> the drivers get loaded. > > I had not had a chance today to answer some of my own questions again. > > Last night using the strings and grep command I looked at all the loadable > modules for 29320 and found it in the aic79xx file. So I did modprobe > aic79xx and it took several seconds to run. At first I thought it had gotten > stuck. When it finished I did lsmod and scsi_mod had aic79xx and the use > count increased by 1. So I did "ls -l /dev/st*", and there were the 2 tape > drive nodes, actually several for each tape drive. Then I was able to do "mt > -f /dev/st0 status" and it showed online. > > My next question for today was going to be what do I need to put in the > module.conf file to get the driver to load at boot time? But now I do not > have to ask it, because you have already provided the answer. I has some > what figured that would be what was needed. > > I do have another question. I know I need to add stinit to rc.local to set > some parameters and I know I could do some testing by rebooting the system. > The question is, does the loading of aic79xx and it sees tape drives, will > it load the st driver? Or when the tape drive is first accessed will the st > driver be loaded? Or do I need to add another line in module.conf? st should load on demand (e.g. the first time you touch the drives), so no additional line is needed in rc.local. If you don't want to do the rc.local "modprobe" operation, another way to do it is to force the aic79xx driver into your boot ramdisk image. That can be done in two ways: add "alias scsi_hostadapterN aic79xx" lines to /etc/modprobe.conf and rebuild the initrd image or to add "--with=aic79xx" or "--preload=aic79xx" to the mkinitrd command line when you do rebuild the initrd image. The ramdisk is only there to make sure any modules that need to be loaded to get at your "/" partition are available. Any "alias scsi_hostadapter" lines in /etc/modprobe.conf are assumed to indicate that "/" may be on a drive that's controlled by that driver, so mkinitrd puts those drivers in the ramdisk image. The "--with=aic79xx" does the same thing, but forces in modules that you want in the ramdisk image that AREN'T in /etc/modprobe.conf and places them AFTER any modules that DID have "alias" lines. "--preload" is identical to "--with", but the named modules are put into the ramdisk image BEFORE any modules with "alias", e.g. Ramdisk image using "--preload=aic79xx": 1. aic79xx 2. raid-controller-driver Ramdisk image using "--with=aic79xx": 1. raid-controller-driver 2. aic79xx If you put the "alias" lines in /etc/modprobe.conf, the commands to rebuild the initrd image FOR THE RUNNING KERNEL are: # cd /boot # mkinitrd -v -f initrd-`uname -r`.img `uname -r` (yes, those are backticks or "graves"...the character under the "~' on your keyboard) If you DON'T want to bugger /etc/modprobe.conf, the commands are: # cd /boot # mkinitrd -v -f --with=aic79xx initrd-`uname -r`.img `uname -r` OR # mkinitrd -v -f --preload=aic79xx initrd-`uname -r`.img `uname -r` Be careful with these mkinitrd commands...if you screw them up you may make your system unbootable. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - To iterate is human, to recurse, divine. - ---------------------------------------------------------------------- From fdgrant at powercom.net Sun Aug 14 22:50:51 2005 From: fdgrant at powercom.net (Fred Grant) Date: Sun, 14 Aug 2005 17:50:51 -0500 Subject: shockwave flash Message-ID: <1124059851.2774.2.camel@localhost> It seems that shockwave flash is becoming more popular on web sites. Has anyone been able to acquire a viewer add-on? Thanks Fred From jtaggert at tpg.com.au Mon Aug 15 04:58:51 2005 From: jtaggert at tpg.com.au (James Taggert) Date: Mon, 15 Aug 2005 14:58:51 +1000 Subject: Screensaver broken after upgrade to FC4 from FC3 Message-ID: <4300210B.4060508@tpg.com.au> Hello, I have just upgraded from FC3 to FC4. The upgrade went without obvious problems. Only two things have caused a problem. First, the screensaver is broken. I noticed a message flash by during the upgrade stating that something was wrong but it was too quick for me. The other is a posgresql data base upgrade problem I have to sort out. When I try to set up the screensaver I have only two options presented, lisa and Xsnow. The mode is 'random screen saver' Selecting either lisa or Xsnow gives no preview and both present an error. 'lisa: invalid option --r 'and Xsnow just presents a blank screen. The screensaver under FC3 was excellent. How can I get it to work the same under FC4? -- Kind regards, Jimmy Taggert. From jtaggert at tpg.com.au Mon Aug 15 05:22:34 2005 From: jtaggert at tpg.com.au (James Taggert) Date: Mon, 15 Aug 2005 15:22:34 +1000 Subject: Screensaver broken after upgrade to FC4 from FC3 - Fixed. Message-ID: <4300269A.8010802@tpg.com.au> Hello, Forget my previous message, xscreensaver was not upgraded correctly. Installing it manually fixed the problem. Sorry for any inconvenience. Regards, Jimmy. I have just upgraded from FC3 to FC4. The upgrade went without obvious problems. Only two things have caused a problem. First, the screensaver is broken. I noticed a message flash by during the upgrade stating that something was wrong but it was too quick for me. The other is a posgresql data base upgrade problem I have to sort out. When I try to set up the screensaver I have only two options presented, lisa and Xsnow. The mode is 'random screen saver' Selecting either lisa or Xsnow gives no preview and both present an error. 'lisa: invalid option --r 'and Xsnow just presents a blank screen. The screensaver under FC3 was excellent. How can I get it to work the same under FC4? -- Kind regards, Jimmy Taggert. From fruiz at tsitrucks.com Mon Aug 15 15:25:59 2005 From: fruiz at tsitrucks.com (Francisco) Date: Mon, 15 Aug 2005 10:25:59 -0500 Subject: Mount folder. Message-ID: I can mount a folder just fine on a rh8.0 system from a shared visionfs folder on a sco box. My problem is having the folder mounted automatically when the rh 8.0 boots. Will some one please walk a newbe through this? -------------- next part -------------- An HTML attachment was scrubbed... URL: From mmcculli at visualtech.ca Mon Aug 15 14:36:09 2005 From: mmcculli at visualtech.ca (Mark McCulligh) Date: Mon, 15 Aug 2005 10:36:09 -0400 Subject: Shutdown Script? Message-ID: <4300A859.4090705@visualtech.ca> Hi Group, I have just setup nut on my computer to manage my UPS. I have to add a couple lines of code to my shutdown script to power off my UPS. Is there a master shutdown script I should add these lines too or create a new script and add it to init.d? I don't want to get this wrong and turn of the UPS at the wrong time. Thanks, Mark. From rstevens at vitalstream.com Mon Aug 15 15:35:59 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Mon, 15 Aug 2005 08:35:59 -0700 Subject: Mount folder. In-Reply-To: References: Message-ID: <4300B65F.8060601@vitalstream.com> Francisco wrote: > I can mount a folder just fine on a rh8.0 system from a shared visionfs > folder on a sco box. My problem is having the folder mounted > automatically when the rh 8.0 boots. Will some one please walk a newbe > through this? Add an entry to your /etc/fstab file. By the way, RH8.0 is over three years old and is no longer supported by anyone--including Fedora Legacy. Why haven't you upgraded to RH9, Fedora Core or Red Hat Enterprise? ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - When all else fails, try reading the instructions. - ---------------------------------------------------------------------- From rstevens at vitalstream.com Mon Aug 15 16:23:56 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Mon, 15 Aug 2005 09:23:56 -0700 Subject: Shutdown Script? In-Reply-To: <4300A859.4090705@visualtech.ca> References: <4300A859.4090705@visualtech.ca> Message-ID: <4300C19C.6030704@vitalstream.com> Mark McCulligh wrote: > Hi Group, > > I have just setup nut on my computer to manage my UPS. I have to add a > couple lines of code to my shutdown script to power off my UPS. Is > there a master shutdown script I should add these lines too or create a > new script and add it to init.d? > > I don't want to get this wrong and turn of the UPS at the wrong time. The system runs /etc/rc.d/init.d/halt as the last thing, so any commands really belong there. If you examine that script, you'll see that it tries to do some UPS management itself, based on the presence of several files (/etc/ups/upsmon.conf, /etc/killpower and /etc/sysconfig/ups) and uses variables set in /etc/sysconfig/ups. If $SERVER is "yes" AND "$MODEL" is "upsdrvctl", then it runs upsdrvctl and passes it the "shutdown" option: /sbin/upsdrvctl shutdown If "$SERVER" is "yes", "$MODEL" is not null AND not equal to "NONE" AND "$DEVICE" is not null, then it runs the program given in "$MODEL" against "$DEVICE" and hands it the options specified in "$OPTIONS_HALT" thusly: $MODEL $OPTIONS_HALT -k $DEVICE Examine the script starting at around line 221 or so (in the FC4 version) to see what I'm talking about. If none of this suits your needs, add what you need somewhere in that section of the script or call one of your own: if [ "$SERVER" = "yes" -a "$MODEL" = "yourdevicename" ]; then /usr/local/your-shutdown-script fi Hope that helps. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - When in doubt, mumble. - ---------------------------------------------------------------------- From mmcculli at visualtech.ca Mon Aug 15 16:58:29 2005 From: mmcculli at visualtech.ca (Mark McCulligh) Date: Mon, 15 Aug 2005 12:58:29 -0400 Subject: Shutdown Script? In-Reply-To: <4300C19C.6030704@vitalstream.com> References: <4300A859.4090705@visualtech.ca> <4300C19C.6030704@vitalstream.com> Message-ID: <4300C9B5.5010008@visualtech.ca> Thanks Rick for your help. It is exactly what I was looking for. For all I have to do is create the file /etc/sysconfig/ups to declare the variables server=yes and model=upsdrvctl. Than change where the halt script looks for the nut files. It is installed in /usr/local/ups, not /etc/ups. I assume if I installed nut using the rpm version it would have been install at /etc/ups. Thanks again, now to see if it works. Mark. Rick Stevens wrote: > Mark McCulligh wrote: > >> Hi Group, >> >> I have just setup nut on my computer to manage my UPS. I have to add >> a couple lines of code to my shutdown script to power off my UPS. Is >> there a master shutdown script I should add these lines too or create >> a new script and add it to init.d? >> >> I don't want to get this wrong and turn of the UPS at the wrong time. > > > The system runs /etc/rc.d/init.d/halt as the last thing, so any commands > really belong there. If you examine that script, you'll see that it > tries to do some UPS management itself, based on the presence of several > files (/etc/ups/upsmon.conf, /etc/killpower and /etc/sysconfig/ups) and > uses variables set in /etc/sysconfig/ups. > > If $SERVER is "yes" AND "$MODEL" is "upsdrvctl", then it runs upsdrvctl > and passes it the "shutdown" option: > > /sbin/upsdrvctl shutdown > > If "$SERVER" is "yes", "$MODEL" is not null AND not equal to "NONE" AND > "$DEVICE" is not null, then it runs the program given in "$MODEL" > against "$DEVICE" and hands it the options specified in "$OPTIONS_HALT" > thusly: > > $MODEL $OPTIONS_HALT -k $DEVICE > > Examine the script starting at around line 221 or so (in the FC4 > version) to see what I'm talking about. If none of this suits your > needs, add what you need somewhere in that section of the script or call > one of your own: > > if [ "$SERVER" = "yes" -a "$MODEL" = "yourdevicename" ]; then > /usr/local/your-shutdown-script > fi > > Hope that helps. > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > - VitalStream, Inc. http://www.vitalstream.com - > - - > - When in doubt, mumble. - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe -- ___________________________________________ Mark McCulligh, Web Consultant VisualTech Components www.VisualTech.ca mmcculli at visualtech.ca (519)318-7905 From rstevens at vitalstream.com Mon Aug 15 17:24:30 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Mon, 15 Aug 2005 10:24:30 -0700 Subject: Shutdown Script? In-Reply-To: <4300C9B5.5010008@visualtech.ca> References: <4300A859.4090705@visualtech.ca> <4300C19C.6030704@vitalstream.com> <4300C9B5.5010008@visualtech.ca> Message-ID: <4300CFCE.2060305@vitalstream.com> Mark McCulligh wrote: > Thanks Rick for your help. It is exactly what I was looking for. > > For all I have to do is create the file /etc/sysconfig/ups to declare > the variables server=yes and model=upsdrvctl. I'm not that familiar with nut, but if the program to control the UPS under nut is upsdrvctl, then yes, that's what you do. > Than change where the halt script looks for the nut files. It is > installed in /usr/local/ups, not /etc/ups. I assume if I installed nut > using the rpm version it would have been install at /etc/ups. Rather than bugger the script, why not set up a symbolic link in /etc to point at your nut data: [root at hostname root]# ln -s /usr/local/ups /etc/ups That way you leave the script alone but still get the data you need. > Thanks again, now to see if it works. No problem. By the way, we prefer bottom posting on this list. > Rick Stevens wrote: > >> Mark McCulligh wrote: >> >>> Hi Group, >>> >>> I have just setup nut on my computer to manage my UPS. I have to add >>> a couple lines of code to my shutdown script to power off my UPS. Is >>> there a master shutdown script I should add these lines too or create >>> a new script and add it to init.d? >>> >>> I don't want to get this wrong and turn of the UPS at the wrong time. >> >> >> >> The system runs /etc/rc.d/init.d/halt as the last thing, so any commands >> really belong there. If you examine that script, you'll see that it >> tries to do some UPS management itself, based on the presence of several >> files (/etc/ups/upsmon.conf, /etc/killpower and /etc/sysconfig/ups) and >> uses variables set in /etc/sysconfig/ups. >> >> If $SERVER is "yes" AND "$MODEL" is "upsdrvctl", then it runs upsdrvctl >> and passes it the "shutdown" option: >> >> /sbin/upsdrvctl shutdown >> >> If "$SERVER" is "yes", "$MODEL" is not null AND not equal to "NONE" AND >> "$DEVICE" is not null, then it runs the program given in "$MODEL" >> against "$DEVICE" and hands it the options specified in "$OPTIONS_HALT" >> thusly: >> >> $MODEL $OPTIONS_HALT -k $DEVICE >> >> Examine the script starting at around line 221 or so (in the FC4 >> version) to see what I'm talking about. If none of this suits your >> needs, add what you need somewhere in that section of the script or call >> one of your own: >> >> if [ "$SERVER" = "yes" -a "$MODEL" = "yourdevicename" ]; then >> /usr/local/your-shutdown-script >> fi >> >> Hope that helps. >> ---------------------------------------------------------------------- >> - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - >> - VitalStream, Inc. http://www.vitalstream.com - >> - - >> - When in doubt, mumble. - >> ---------------------------------------------------------------------- >> >> _______________________________________________ >> Redhat-install-list mailing list >> Redhat-install-list at redhat.com >> https://www.redhat.com/mailman/listinfo/redhat-install-list >> To Unsubscribe Go To ABOVE URL or send a message to: >> redhat-install-list-request at redhat.com >> Subject: unsubscribe > > > > -- ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - BASIC is the Computer Science version of `Scientific Creationism' - ---------------------------------------------------------------------- From mmcculli at visualtech.ca Mon Aug 15 17:34:36 2005 From: mmcculli at visualtech.ca (Mark McCulligh) Date: Mon, 15 Aug 2005 13:34:36 -0400 Subject: Shutdown Script? In-Reply-To: <4300CFCE.2060305@vitalstream.com> References: <4300A859.4090705@visualtech.ca> <4300C19C.6030704@vitalstream.com> <4300C9B5.5010008@visualtech.ca> <4300CFCE.2060305@vitalstream.com> Message-ID: <4300D22C.2060002@visualtech.ca> Rick Stevens wrote: > Mark McCulligh wrote: > >> Thanks Rick for your help. It is exactly what I was looking for. >> >> For all I have to do is create the file /etc/sysconfig/ups to declare >> the variables server=yes and model=upsdrvctl. > > > I'm not that familiar with nut, but if the program to control the UPS > under nut is upsdrvctl, then yes, that's what you do. > >> Than change where the halt script looks for the nut files. It is >> installed in /usr/local/ups, not /etc/ups. I assume if I installed >> nut using the rpm version it would have been install at /etc/ups. > > > Rather than bugger the script, why not set up a symbolic link in /etc to > point at your nut data: > > [root at hostname root]# ln -s /usr/local/ups /etc/ups > > That way you leave the script alone but still get the data you need. Thanks for the idea, much better way of doing it. I don't like changing a script if I don't have to. > >> Thanks again, now to see if it works. > > > No problem. By the way, we prefer bottom posting on this list. > >> Rick Stevens wrote: >> >>> Mark McCulligh wrote: >>> >>>> Hi Group, >>>> >>>> I have just setup nut on my computer to manage my UPS. I have to >>>> add a couple lines of code to my shutdown script to power off my >>>> UPS. Is there a master shutdown script I should add these lines >>>> too or create a new script and add it to init.d? >>>> >>>> I don't want to get this wrong and turn of the UPS at the wrong time. >>> >>> >>> >>> >>> The system runs /etc/rc.d/init.d/halt as the last thing, so any >>> commands >>> really belong there. If you examine that script, you'll see that it >>> tries to do some UPS management itself, based on the presence of >>> several >>> files (/etc/ups/upsmon.conf, /etc/killpower and /etc/sysconfig/ups) and >>> uses variables set in /etc/sysconfig/ups. >>> >>> If $SERVER is "yes" AND "$MODEL" is "upsdrvctl", then it runs upsdrvctl >>> and passes it the "shutdown" option: >>> >>> /sbin/upsdrvctl shutdown >>> >>> If "$SERVER" is "yes", "$MODEL" is not null AND not equal to "NONE" AND >>> "$DEVICE" is not null, then it runs the program given in "$MODEL" >>> against "$DEVICE" and hands it the options specified in "$OPTIONS_HALT" >>> thusly: >>> >>> $MODEL $OPTIONS_HALT -k $DEVICE >>> >>> Examine the script starting at around line 221 or so (in the FC4 >>> version) to see what I'm talking about. If none of this suits your >>> needs, add what you need somewhere in that section of the script or >>> call >>> one of your own: >>> >>> if [ "$SERVER" = "yes" -a "$MODEL" = "yourdevicename" ]; then >>> /usr/local/your-shutdown-script >>> fi >>> >>> Hope that helps. >>> ---------------------------------------------------------------------- >>> - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - >>> - VitalStream, Inc. http://www.vitalstream.com - >>> - - >>> - When in doubt, mumble. - >>> ---------------------------------------------------------------------- >>> >>> _______________________________________________ >>> Redhat-install-list mailing list >>> Redhat-install-list at redhat.com >>> https://www.redhat.com/mailman/listinfo/redhat-install-list >>> To Unsubscribe Go To ABOVE URL or send a message to: >>> redhat-install-list-request at redhat.com >>> Subject: unsubscribe >> >> >> >> >> > Thanks, Mark. From tpotter at techmarin.com Mon Aug 15 19:39:40 2005 From: tpotter at techmarin.com (Ted Potter) Date: Mon, 15 Aug 2005 12:39:40 -0700 Subject: missing yum Message-ID: <1124134781.23649.19.camel@interjet.techmarin.com> Greetings, I took the plunge and upgrade from RH9 to FC4. All seems well but I was concerned that there were no updates indicated by up2date. I tried this # up2date An error has occurred: exceptions.ImportError See /var/log/up2date for more information /var/log/up2date says this: [Mon Aug 15 12:36:19 2005] up2date File "/usr/sbin/up2date", line 1265, in ? sys.exit(main() or 0) File "/usr/sbin/up2date", line 328, in main sources = sourcesConfig.getSources() File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 263, in getSource s scfg = SourcesConfigFile(filename="/etc/sysconfig/rhn/sources") File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 42, in __init__ self.load() File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 85, in load self.parseRepomd(line) File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 219, in parseRepo md from repoBackends import yumBaseRepo File "/usr/share/rhn/up2date_client/repoBackends/yumBaseRepo.py", line 14, in ? import yum from poking around I can find no program called yum. from the fedora website should I not at least have a /etc/yum.conf file ? anyway any pointers or whatever to get me the ability to do updates would be greatly appreciated. PS FC4 seems to rock ! Thank you. -- Ted Potter TechMarin From micros50 at computer.net Mon Aug 15 22:18:17 2005 From: micros50 at computer.net (mylar) Date: Mon, 15 Aug 2005 18:18:17 -0400 Subject: shockwave flash In-Reply-To: <1124059851.2774.2.camel@localhost> References: <1124059851.2774.2.camel@localhost> Message-ID: <1124144297.7135.40.camel@manhattan.ruffe.edu> There is a shockwaye flashplayer plugin that works with most Linux browsers, i.e. mozilla, opera, konqueror, netscape, etc. It can be downloaded somewhere on macromedia's website. Othewrwise check http://codeweavers.org for "crossover office" which enables you to run a plethora of windows apps/plugins on Linux using the "wine' native libraries. mylar \ On Sun, 2005-08-14 at 18:50, Fred Grant wrote: > It seems that shockwave flash is becoming more popular on web sites. > Has anyone been able to acquire a viewer add-on? > > Thanks > > Fred > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe From gnichols at tpg.com.au Tue Aug 16 04:30:28 2005 From: gnichols at tpg.com.au (Graeme Nichols) Date: Tue, 16 Aug 2005 14:30:28 +1000 Subject: shockwave flash In-Reply-To: <1124059851.2774.2.camel@localhost> References: <1124059851.2774.2.camel@localhost> Message-ID: <43016BE4.40501@tpg.com.au> Fred Grant wrote: >It seems that shockwave flash is becoming more popular on web sites. >Has anyone been able to acquire a viewer add-on? > >Thanks > >Fred > > Macromedia Flash Player 7 for Linux -- ---------------------------------------------------------------------- Kind regards, Graeme. ---------------------------------------------------------------------- Nasrudin was carrying home a piece of liver and the recipe for liver pie. Suddenly a bird of prey swooped down and snatched the piece of meat from his hand. As the bird flew off, Nasrudin called after it, "Foolish bird! You have the liver, but what can you do with it without the recipe?" From tpotter at techmarin.com Tue Aug 16 06:20:03 2005 From: tpotter at techmarin.com (Ted Potter) Date: Mon, 15 Aug 2005 23:20:03 -0700 Subject: missing yum In-Reply-To: <43016FB7.4070307@tpg.com.au> References: <1124134781.23649.19.camel@interjet.techmarin.com> <43016FB7.4070307@tpg.com.au> Message-ID: <1124173203.4721.9.camel@interjet.techmarin.com> On Tue, 2005-08-16 at 14:46 +1000, Graeme Nichols wrote: > Ted Potter wrote: > > >Greetings, > > > >I took the plunge and upgrade from RH9 to FC4. All seems well but I was > >concerned that there were no updates indicated by up2date. > > > >I tried this > > > ># up2date > >An error has occurred: > >exceptions.ImportError > >See /var/log/up2date for more information > > > >/var/log/up2date says this: > > > >[Mon Aug 15 12:36:19 2005] up2date File "/usr/sbin/up2date", line > >1265, in ? > > sys.exit(main() or 0) > > File "/usr/sbin/up2date", line 328, in main > > sources = sourcesConfig.getSources() > > File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 263, in > >getSource s > > scfg = SourcesConfigFile(filename="/etc/sysconfig/rhn/sources") > > File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 42, in > >__init__ > > self.load() > > File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 85, in > >load > > self.parseRepomd(line) > > File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 219, in > >parseRepo md > > from repoBackends import yumBaseRepo > > File "/usr/share/rhn/up2date_client/repoBackends/yumBaseRepo.py", > >line 14, in ? > > import yum > > > > > >from poking around I can find no program called yum. from the fedora > >website should I not > >at least have a /etc/yum.conf file ? > > > >anyway any pointers or whatever to get me the ability to do updates > >would be greatly > >appreciated. > > > > > >PS FC4 seems to rock ! > > > >Thank you. > > > > > > > Hello Ted, look in the attached pdf file towards the end. Search for > 'yum' (without the quotes). All the info you need to get up2date and > yum working, Remember!!! you need to configure TWO files to get it > working correctly. > > HTH Thank you Graeme this does help, however I have no yum.conf file or any file by the name of yum. I do have an /etc/yum.repos.d directory with: -rw-r--r-- 1 root root 1123 Jun 3 11:12 fedora-devel.repo -rw-r--r-- 1 root root 312 Jun 3 11:12 fedora-extras-devel.repo -rw-r--r-- 1 root root 299 Jun 3 11:12 fedora-extras.repo -rw-r--r-- 1 root root 294 Jun 3 11:12 fedora.repo -rw-r--r-- 1 root root 330 Jun 3 11:12 fedora-updates.repo -rw-r--r-- 1 root root 337 Jun 3 11:12 fedora-updates-testing.repo -rw-r--r-- 1 root root 354 Jun 28 11:40 freshrpms.repo in it. perhaps I should search my install cd's and search for a yum rpm.... ?? Thank you. Ted > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- Ted Potter TechMarin From alexander.samad at hp.com Tue Aug 16 08:19:42 2005 From: alexander.samad at hp.com (Samad, Alex) Date: Tue, 16 Aug 2005 18:19:42 +1000 Subject: Help with RHAS 4 and GFS 6.1 Message-ID: Hi I am trying to install GFS 6.1 onto a new RHAS 4 machine, I have been following the admin & config guides on the redhat web site. My first problem seems to be I can't find clvmd or clvm - the cluster volume manager and its associated deamon Do I just use the normal lvm tools to do this ? -------------- next part -------------- An HTML attachment was scrubbed... URL: From rodrigofariatavares at bol.com.br Tue Aug 16 12:05:24 2005 From: rodrigofariatavares at bol.com.br (Rodrigo Faria Tavares) Date: Tue, 16 Aug 2005 09:05:24 -0300 Subject: Kernel 2.6.12 and Module Capability Message-ID: <000a01c5a25a$cadaa410$0101a8c0@faria> Hello, I created rpm for kernel 2.6.12 for FC3, match module capability. When I try to up this module, the result is unsucess. But I localized this module in /usr/src/redhat/BUILD /usr/src/redhat/BUILD/kernel-2.6.12/vanilla/include/linux/capability.h /usr/src/redhat/BUILD/kernel-2.6.12/vanilla/security/capability.c /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/kernel/capability.c /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/kernel/capability.o /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/include/linux/capability.h /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/include/config/security/capabilities.h /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/security/capability.c /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/security/capability.o /usr/src/redhat/SOURCES/linux-2.6.12/kernel/capability.c /usr/src/redhat/SOURCES/linux-2.6.12/include/linux/capability.h /usr/src/redhat/SOURCES/linux-2.6.12/security/capability.c How I can to resolve this problem ? It?s necessary copy this files a directory specfic ? Best regards Rodrigo Faria Tavares e-mail : rodrigofariat at yahoo.com.br Analista de Suporte Linux _______________________________________________________ Yahoo! Acesso Gr?tis - Internet r?pida e gr?tis. Instale o discador agora! http://br.acesso.yahoo.com/ From rstevens at vitalstream.com Tue Aug 16 15:52:21 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 16 Aug 2005 08:52:21 -0700 Subject: missing yum In-Reply-To: <1124173203.4721.9.camel@interjet.techmarin.com> References: <1124134781.23649.19.camel@interjet.techmarin.com> <43016FB7.4070307@tpg.com.au> <1124173203.4721.9.camel@interjet.techmarin.com> Message-ID: <43020BB5.1000407@vitalstream.com> Ted Potter wrote: > On Tue, 2005-08-16 at 14:46 +1000, Graeme Nichols wrote: > >>Ted Potter wrote: >> >> >>>Greetings, >>> >>>I took the plunge and upgrade from RH9 to FC4. All seems well but I was >>>concerned that there were no updates indicated by up2date. >>> >>>I tried this >>> >>># up2date >>>An error has occurred: >>>exceptions.ImportError >>>See /var/log/up2date for more information >>> >>>/var/log/up2date says this: >>> >>>[Mon Aug 15 12:36:19 2005] up2date File "/usr/sbin/up2date", line >>>1265, in ? >>> sys.exit(main() or 0) >>> File "/usr/sbin/up2date", line 328, in main >>> sources = sourcesConfig.getSources() >>> File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 263, in >>>getSource s >>> scfg = SourcesConfigFile(filename="/etc/sysconfig/rhn/sources") >>> File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 42, in >>>__init__ >>> self.load() >>> File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 85, in >>>load >>> self.parseRepomd(line) >>> File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 219, in >>>parseRepo md >>> from repoBackends import yumBaseRepo >>> File "/usr/share/rhn/up2date_client/repoBackends/yumBaseRepo.py", >>>line 14, in ? >>> import yum >>> >>> >> >>>from poking around I can find no program called yum. from the fedora >> >>>website should I not >>>at least have a /etc/yum.conf file ? >>> >>>anyway any pointers or whatever to get me the ability to do updates >>>would be greatly >>>appreciated. >>> >>> >>>PS FC4 seems to rock ! >>> >>>Thank you. >>> >>> >>> >> >>Hello Ted, look in the attached pdf file towards the end. Search for >>'yum' (without the quotes). All the info you need to get up2date and >>yum working, Remember!!! you need to configure TWO files to get it >>working correctly. >> >>HTH > > > > Thank you Graeme this does help, however I have no yum.conf file or any > file by the name of yum. I do have an > > /etc/yum.repos.d directory with: > > -rw-r--r-- 1 root root 1123 Jun 3 11:12 fedora-devel.repo > -rw-r--r-- 1 root root 312 Jun 3 11:12 fedora-extras-devel.repo > -rw-r--r-- 1 root root 299 Jun 3 11:12 fedora-extras.repo > -rw-r--r-- 1 root root 294 Jun 3 11:12 fedora.repo > -rw-r--r-- 1 root root 330 Jun 3 11:12 fedora-updates.repo > -rw-r--r-- 1 root root 337 Jun 3 11:12 fedora-updates-testing.repo > -rw-r--r-- 1 root root 354 Jun 28 11:40 freshrpms.repo > > in it. > > perhaps I should search my install cd's and search for a yum rpm.... ?? Yes, you should. It should have been installed by default. The yum executable should be located in /usr/bin. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Grabel's Law: 2 is not equal to 3--not even for large values of 2. - ---------------------------------------------------------------------- From tpotter at techmarin.com Tue Aug 16 16:31:04 2005 From: tpotter at techmarin.com (Ted Potter) Date: Tue, 16 Aug 2005 09:31:04 -0700 Subject: missing yum In-Reply-To: <43020BB5.1000407@vitalstream.com> References: <1124134781.23649.19.camel@interjet.techmarin.com> <43016FB7.4070307@tpg.com.au> <1124173203.4721.9.camel@interjet.techmarin.com> <43020BB5.1000407@vitalstream.com> Message-ID: <1124209864.10977.30.camel@interjet.techmarin.com> On Tue, 2005-08-16 at 08:52 -0700, Rick Stevens wrote: > Ted Potter wrote: > > On Tue, 2005-08-16 at 14:46 +1000, Graeme Nichols wrote: > > > >>Ted Potter wrote: > >> > >> > >>>Greetings, > >>> > >>>I took the plunge and upgrade from RH9 to FC4. All seems well but I was > >>>concerned that there were no updates indicated by up2date. > >>> > >>>I tried this > >>> > >>># up2date > >>>An error has occurred: > >>>exceptions.ImportError > >>>See /var/log/up2date for more information > >>> > >>>/var/log/up2date says this: > >>> > >>>[Mon Aug 15 12:36:19 2005] up2date File "/usr/sbin/up2date", line > >>>1265, in ? > >>> sys.exit(main() or 0) > >>> File "/usr/sbin/up2date", line 328, in main > >>> sources = sourcesConfig.getSources() > >>> File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 263, in > >>>getSource s > >>> scfg = SourcesConfigFile(filename="/etc/sysconfig/rhn/sources") > >>> File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 42, in > >>>__init__ > >>> self.load() > >>> File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 85, in > >>>load > >>> self.parseRepomd(line) > >>> File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 219, in > >>>parseRepo md > >>> from repoBackends import yumBaseRepo > >>> File "/usr/share/rhn/up2date_client/repoBackends/yumBaseRepo.py", > >>>line 14, in ? > >>> import yum > >>> > >>> > >> > >>>from poking around I can find no program called yum. from the fedora > >> > >>>website should I not > >>>at least have a /etc/yum.conf file ? > >>> > >>>anyway any pointers or whatever to get me the ability to do updates > >>>would be greatly > >>>appreciated. > >>> > >>> > >>>PS FC4 seems to rock ! > >>> > >>>Thank you. > >>> > >>> > >>> > >> > >>Hello Ted, look in the attached pdf file towards the end. Search for > >>'yum' (without the quotes). All the info you need to get up2date and > >>yum working, Remember!!! you need to configure TWO files to get it > >>working correctly. > >> > >>HTH > > > > > > > > Thank you Graeme this does help, however I have no yum.conf file or any > > file by the name of yum. I do have an > > > > /etc/yum.repos.d directory with: > > > > -rw-r--r-- 1 root root 1123 Jun 3 11:12 fedora-devel.repo > > -rw-r--r-- 1 root root 312 Jun 3 11:12 fedora-extras-devel.repo > > -rw-r--r-- 1 root root 299 Jun 3 11:12 fedora-extras.repo > > -rw-r--r-- 1 root root 294 Jun 3 11:12 fedora.repo > > -rw-r--r-- 1 root root 330 Jun 3 11:12 fedora-updates.repo > > -rw-r--r-- 1 root root 337 Jun 3 11:12 fedora-updates-testing.repo > > -rw-r--r-- 1 root root 354 Jun 28 11:40 freshrpms.repo > > > > in it. > > > > perhaps I should search my install cd's and search for a yum rpm.... ?? > > Yes, you should. It should have been installed by default. The yum > executable should be located in /usr/bin. "roger that Houston. Will advise upon return from the dark side. Thanks for the help and all the good wishes. Keep 'em coming." :-) Thanks to all ! From rstevens at vitalstream.com Tue Aug 16 16:38:31 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 16 Aug 2005 09:38:31 -0700 Subject: Kernel 2.6.12 and Module Capability In-Reply-To: <000a01c5a25a$cadaa410$0101a8c0@faria> References: <000a01c5a25a$cadaa410$0101a8c0@faria> Message-ID: <43021687.2070003@vitalstream.com> Rodrigo Faria Tavares wrote: > > Hello, > > I created rpm for kernel 2.6.12 for FC3, match module capability. > > When I try to up this module, the result is unsucess. But I localized > this module in /usr/src/redhat/BUILD > > /usr/src/redhat/BUILD/kernel-2.6.12/vanilla/include/linux/capability.h > /usr/src/redhat/BUILD/kernel-2.6.12/vanilla/security/capability.c > /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/kernel/capability.c > /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/kernel/capability.o > /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/include/linux/capability.h > /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/include/config/security/capabilities.h > > /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/security/capability.c > /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/security/capability.o > /usr/src/redhat/SOURCES/linux-2.6.12/kernel/capability.c > /usr/src/redhat/SOURCES/linux-2.6.12/include/linux/capability.h > /usr/src/redhat/SOURCES/linux-2.6.12/security/capability.c > > How I can to resolve this problem ? > It?s necessary copy this files a directory specfic ? I'm not clear on what you're trying to do. What does "up this module" mean? ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - NEWS FLASH! Intelligence of mankind decreasing! Details at... - - uh, when, uh, the little hand is, uh, on the... Aw, NUTS! - ---------------------------------------------------------------------- From rstevens at vitalstream.com Tue Aug 16 16:46:57 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 16 Aug 2005 09:46:57 -0700 Subject: Help with RHAS 4 and GFS 6.1 In-Reply-To: References: Message-ID: <43021881.1040804@vitalstream.com> Samad, Alex wrote: > Hi > > I am trying to install GFS 6.1 onto a new RHAS 4 machine, I have been > following the admin & config guides on the redhat web site. My first > problem seems to be I can?t find clvmd or clvm ? the cluster volume > manager and its associated deamon > > Do I just use the normal lvm tools to do this ? You use the normal lvm2 tools to create the physical volumes, volume groups and logical volumes (pvcreate, etc.). You must use clvmd to make the volumes cluster-aware and you must set up an appropriate lock manager (gulm, etc.). I've not used the commercial version of GFS. My experience is with the CVS tarballs, so I don't know what comes in the various RPMs nor where the stuff gets installed by the RPMs. You can query the RPMs via "rpm -qil -p name-of-package.rpm" to see what in each RPM and were it will be installed. Wish I could be of more help. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - NEWS FLASH! Intelligence of mankind decreasing! Details at... - - uh, when, uh, the little hand is, uh, on the... Aw, NUTS! - ---------------------------------------------------------------------- From rodrigofariatavares at bol.com.br Tue Aug 16 17:42:08 2005 From: rodrigofariatavares at bol.com.br (rodrigofariatavares) Date: Tue, 16 Aug 2005 14:42:08 -0300 Subject: Kernel 2.6.12 and Module Capability Message-ID: Hello, Sorry, but my english isn't good. I want to load the capability module, for install dazuko. Still I recompilled the kernel, with this tutorial http://www.dazuko.org/files/dazuko-HOWTO-fedoracore_3.txt Best Regards, Rodrigo Faria Belo Horizonte - MG - Brasil > Rodrigo Faria Tavares wrote: > > > > Hello, > > > > I created rpm for kernel 2.6.12 for FC3, match module capability. > > > > When I try to up this module, the result is unsucess. But I localized > > this module in /usr/src/redhat/BUILD > > > > /usr/src/redhat/BUILD/kernel-2.6.12/vanilla/include/linux/capability.h > > /usr/src/redhat/BUILD/kernel-2.6.12/vanilla/security/capability.c > > /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/kernel/capability.c > > /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/kernel/capability.o > > /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/include/linux/capability.h > > /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/include/config/security/capabilities.h > > > > /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/security/capability.c > > /usr/src/redhat/BUILD/kernel-2.6.12/linux-2.6.12/security/capability.o > > /usr/src/redhat/SOURCES/linux-2.6.12/kernel/capability.c > > /usr/src/redhat/SOURCES/linux-2.6.12/include/linux/capability.h > > /usr/src/redhat/SOURCES/linux-2.6.12/security/capability.c > > > > How I can to resolve this problem ? > > It?s necessary copy this files a directory specfic ? > > I'm not clear on what you're trying to do. What does "up this module" > mean? > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > - VitalStream, Inc. http://www.vitalstream.com - > - - > - NEWS FLASH! Intelligence of mankind decreasing! Details at... - > - uh, when, uh, the little hand is, uh, on the... Aw, NUTS! - > ---------------------------------------------------------------------- -------------- next part -------------- An HTML attachment was scrubbed... URL: From rbj2 at oak.njit.edu Tue Aug 16 21:10:17 2005 From: rbj2 at oak.njit.edu (Rahul Jain) Date: Tue, 16 Aug 2005 17:10:17 -0400 (EDT) Subject: Host Network Problem In-Reply-To: <43021687.2070003@vitalstream.com> References: <000a01c5a25a$cadaa410$0101a8c0@faria> <43021687.2070003@vitalstream.com> Message-ID: Hi, I am having a strange network problem with a linux box. I have configured a private network and the linux box has an IP address of 10.1.0.1. It is able to ping to its default gateway (10.1.0.2) and to the rest of the network. However none of the other services work. I have tried ftp, traceroute using both hostname and IP address. None of them work. Traceroute gives a strange result of ending at the gateway and ftp throws the error "no route to host". I even tried doing ftp to the gateway but got the same error. I am not sure what is the problem since the host is able to ping all other hosts in the network. Any ideas what might be going wrong ? Thanks, Rahul. From rstevens at vitalstream.com Tue Aug 16 22:07:23 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 16 Aug 2005 15:07:23 -0700 Subject: Host Network Problem In-Reply-To: References: <000a01c5a25a$cadaa410$0101a8c0@faria> <43021687.2070003@vitalstream.com> Message-ID: <4302639B.1090807@vitalstream.com> Rahul Jain wrote: > Hi, > > I am having a strange network problem with a linux box. I have > configured a private network and the linux box has an IP address of > 10.1.0.1. It is able to ping to its default gateway (10.1.0.2) and to the > rest of the network. However none of the other services work. I have tried > ftp, traceroute using both hostname and IP address. None of them work. > Traceroute gives a strange result of ending at the gateway and ftp throws > the error "no route to host". I even tried doing ftp to the gateway but > got the same error. > > I am not sure what is the problem since the host is able to ping all other > hosts in the network. Any ideas what might be going wrong ? There's a whole bunch of things. First off, did you configure the firewall when you installed (e.g. did you choose "high" or "medium" security)? If so, EVERYTHING except DNS (TCP/UDP port 53)is blocked. To see if this is the issue, try "service iptables stop" and see if things work. If they do, then you need to modify your firewall settings. While it's not ideal, you can allow all outgoing traffic. Only accept incoming traffic to TCP port 22 (ssh), TCP/UDP port 53 (DNS), TCP/UDP port 80 (web) and perhaps TCP/UDP port 123 (NTP). If you're running an FTP server, you can open up TCP/UDP port 21, but make SURE you configure your firewall to do connection tracking and set up appropriate security. Configure all other incoming traffic to "-j DROP" in the iptables rules (don't use "-j DENY", as all that does is advertise the fact that there is a machine out there that's denying access...DROP simply drops the packets on the floor--an attacker sees nothing at all). I'd suggest getting something like Firestarter (http://firestarter.sourceforge.net) to give you a GUI to help you configure the firewall if you're not comfortable doing it manually. Also note that many "iffy" protocols (and I mean iffy in regards to security such as telnet, ftp, finger, whois, etc.) are also disabled by default on Linux installs (unlike that virusware from Washington). You specifically have to enable them, and only enable the ones you KNOW you need. Unless you're running a server of some type, generally the only daemon you need to run will be sshd--and only that if you need to access your machine remotely. NEVER enable telnet. Use ssh instead. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - "Doctor! My brain hurts!" "It will have to come out!" - ---------------------------------------------------------------------- From juan at uwtcallback.com Tue Aug 16 21:27:47 2005 From: juan at uwtcallback.com (Juan) Date: Tue, 16 Aug 2005 17:27:47 -0400 Subject: Host Network Problem In-Reply-To: Message-ID: <200508162221.j7GMKxAl007486@mx3.redhat.com> Hi Rahul. I once had a similar problem and the solution was to review the security settings. I had all blocked!. Regards Juan -----Original Message----- From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of Rahul Jain Sent: Tuesday, August 16, 2005 5:10 PM To: redhat-install-list at redhat.com Subject: Host Network Problem Hi, I am having a strange network problem with a linux box. I have configured a private network and the linux box has an IP address of 10.1.0.1. It is able to ping to its default gateway (10.1.0.2) and to the rest of the network. However none of the other services work. I have tried ftp, traceroute using both hostname and IP address. None of them work. Traceroute gives a strange result of ending at the gateway and ftp throws the error "no route to host". I even tried doing ftp to the gateway but got the same error. I am not sure what is the problem since the host is able to ping all other hosts in the network. Any ideas what might be going wrong ? Thanks, Rahul. _______________________________________________ Redhat-install-list mailing list Redhat-install-list at redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request at redhat.com Subject: unsubscribe From alexander.samad at hp.com Wed Aug 17 00:46:56 2005 From: alexander.samad at hp.com (Samad, Alex) Date: Wed, 17 Aug 2005 10:46:56 +1000 Subject: Help with RHAS 4 and GFS 6.1 Message-ID: Hi > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of Rick Stevens > Sent: Wednesday, 17 August 2005 2:47 AM > To: Getting started with Red Hat Linux > Subject: Re: Help with RHAS 4 and GFS 6.1 > > Samad, Alex wrote: > > Hi > > > > I am trying to install GFS 6.1 onto a new RHAS 4 machine, I have been > > following the admin & config guides on the redhat web site. My first > > problem seems to be I can't find clvmd or clvm - the cluster volume > > manager and its associated deamon > > > > Do I just use the normal lvm tools to do this ? > > You use the normal lvm2 tools to create the physical volumes, volume > groups and logical volumes (pvcreate, etc.). You must use clvmd to make > the volumes cluster-aware and you must set up an appropriate lock > manager (gulm, etc.). I am using DLM, and the cluster seems to be working well > > I've not used the commercial version of GFS. My experience is with the > CVS tarballs, so I don't know what comes in the various RPMs nor where > the stuff gets installed by the RPMs. You can query the RPMs via "rpm > -qil -p name-of-package.rpm" to see what in each RPM and were it will be > installed. I have the commercial version and a rpm -ql lvm2 shows that clvmd isn't part of it, nor does a search of rhn find it anywhere! > > Wish I could be of more help. > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > - VitalStream, Inc. http://www.vitalstream.com - > - - > - NEWS FLASH! Intelligence of mankind decreasing! Details at... - > - uh, when, uh, the little hand is, uh, on the... Aw, NUTS! - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe From alexander.samad at hp.com Wed Aug 17 00:50:00 2005 From: alexander.samad at hp.com (Samad, Alex) Date: Wed, 17 Aug 2005 10:50:00 +1000 Subject: Help with RHAS 4 and GFS 6.1 Message-ID: Found it You need lvm2-cluster-2.01.09-5.0.RHEL4.i386.rpm, part of the GFS 6.1 set; it contains the extensions to LVM2 for clusters, among them, /usr/sbin/clvmd. >From /Harry > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of Samad, Alex > Sent: Wednesday, 17 August 2005 10:47 AM > To: Getting started with Red Hat Linux > Subject: RE: Help with RHAS 4 and GFS 6.1 > > Hi > > > -----Original Message----- > > From: redhat-install-list-bounces at redhat.com > [mailto:redhat-install-list- > > bounces at redhat.com] On Behalf Of Rick Stevens > > Sent: Wednesday, 17 August 2005 2:47 AM > > To: Getting started with Red Hat Linux > > Subject: Re: Help with RHAS 4 and GFS 6.1 > > > > Samad, Alex wrote: > > > Hi > > > > > > I am trying to install GFS 6.1 onto a new RHAS 4 machine, I have > been > > > following the admin & config guides on the redhat web site. My > first > > > problem seems to be I can't find clvmd or clvm - the cluster volume > > > manager and its associated deamon > > > > > > Do I just use the normal lvm tools to do this ? > > > > You use the normal lvm2 tools to create the physical volumes, volume > > groups and logical volumes (pvcreate, etc.). You must use clvmd to > make > > the volumes cluster-aware and you must set up an appropriate lock > > manager (gulm, etc.). > > I am using DLM, and the cluster seems to be working well > > > > > I've not used the commercial version of GFS. My experience is with > the > > CVS tarballs, so I don't know what comes in the various RPMs nor where > > the stuff gets installed by the RPMs. You can query the RPMs via "rpm > > -qil -p name-of-package.rpm" to see what in each RPM and were it will > be > > installed. > > I have the commercial version and a rpm -ql lvm2 shows that clvmd isn't > part of it, nor does a search of rhn find it anywhere! > > > > > Wish I could be of more help. > > ---------------------------------------------------------------------- > > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > > - VitalStream, Inc. http://www.vitalstream.com - > > - - > > - NEWS FLASH! Intelligence of mankind decreasing! Details at... - > > - uh, when, uh, the little hand is, uh, on the... Aw, NUTS! - > > ---------------------------------------------------------------------- > > > > _______________________________________________ > > Redhat-install-list mailing list > > Redhat-install-list at redhat.com > > https://www.redhat.com/mailman/listinfo/redhat-install-list > > To Unsubscribe Go To ABOVE URL or send a message to: > > redhat-install-list-request at redhat.com > > Subject: unsubscribe > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe From rstevens at vitalstream.com Wed Aug 17 01:15:00 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 16 Aug 2005 18:15:00 -0700 Subject: Help with RHAS 4 and GFS 6.1 In-Reply-To: References: Message-ID: <43028F94.10409@vitalstream.com> Samad, Alex wrote: > Found it > > > You need lvm2-cluster-2.01.09-5.0.RHEL4.i386.rpm, part of the GFS 6.1 > set; it contains the extensions to LVM2 for clusters, among them, > /usr/sbin/clvmd. Ah, HAH! As I said, all I've been dealt with is the bleeding edge tarballs from the CVS system. I haven't seen the nicely packaged bits. I also saw from your other posting that you're using DLM. Either one will work (DLM or GULM). I've had good luck with GULM and stuck with it as DLM originally had issues. I guess I should switch back to DLM and see if it behaves better. You must understand that my application requires REALLY fast data--eventually a total of about 9Gb/second (yes, that's 9 gigabits per second or 1.125 gigabytes/second). Obviously, that requires a lot of servers and a very fast storage platform (Hitachi Thunder 9815 SAN array). ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Heisenberg _may_ have slept here - ---------------------------------------------------------------------- From gnichols at tpg.com.au Wed Aug 17 02:46:40 2005 From: gnichols at tpg.com.au (Graeme Nichols) Date: Wed, 17 Aug 2005 12:46:40 +1000 Subject: missing yum In-Reply-To: <1124173203.4721.9.camel@interjet.techmarin.com> References: <1124134781.23649.19.camel@interjet.techmarin.com> <43016FB7.4070307@tpg.com.au> <1124173203.4721.9.camel@interjet.techmarin.com> Message-ID: <4302A510.2040001@tpg.com.au> Ted Potter wrote: >On Tue, 2005-08-16 at 14:46 +1000, Graeme Nichols wrote: > > >>Ted Potter wrote: >> >> >> >>>Greetings, >>> >>>I took the plunge and upgrade from RH9 to FC4. All seems well but I was >>>concerned that there were no updates indicated by up2date. >>> >>>I tried this >>> >>># up2date >>>An error has occurred: >>>exceptions.ImportError >>>See /var/log/up2date for more information >>> >>>/var/log/up2date says this: >>> >>>[Mon Aug 15 12:36:19 2005] up2date File "/usr/sbin/up2date", line >>>1265, in ? >>> sys.exit(main() or 0) >>> File "/usr/sbin/up2date", line 328, in main >>> sources = sourcesConfig.getSources() >>> File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 263, in >>>getSource s >>> scfg = SourcesConfigFile(filename="/etc/sysconfig/rhn/sources") >>> File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 42, in >>>__init__ >>> self.load() >>> File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 85, in >>>load >>> self.parseRepomd(line) >>> File "/usr/share/rhn/up2date_client/sourcesConfig.py", line 219, in >>>parseRepo md >>> from repoBackends import yumBaseRepo >>> File "/usr/share/rhn/up2date_client/repoBackends/yumBaseRepo.py", >>>line 14, in ? >>> import yum >>> >>> >>> >>> >>>from poking around I can find no program called yum. from the fedora >> >> >>>website should I not >>>at least have a /etc/yum.conf file ? >>> >>>anyway any pointers or whatever to get me the ability to do updates >>>would be greatly >>>appreciated. >>> >>> >>>PS FC4 seems to rock ! >>> >>>Thank you. >>> >>> >>> >>> >>> >>Hello Ted, look in the attached pdf file towards the end. Search for >>'yum' (without the quotes). All the info you need to get up2date and >>yum working, Remember!!! you need to configure TWO files to get it >>working correctly. >> >>HTH >> >> > > >Thank you Graeme this does help, however I have no yum.conf file or any >file by the name of yum. I do have an > >/etc/yum.repos.d directory with: > >-rw-r--r-- 1 root root 1123 Jun 3 11:12 fedora-devel.repo >-rw-r--r-- 1 root root 312 Jun 3 11:12 fedora-extras-devel.repo >-rw-r--r-- 1 root root 299 Jun 3 11:12 fedora-extras.repo >-rw-r--r-- 1 root root 294 Jun 3 11:12 fedora.repo >-rw-r--r-- 1 root root 330 Jun 3 11:12 fedora-updates.repo >-rw-r--r-- 1 root root 337 Jun 3 11:12 fedora-updates-testing.repo >-rw-r--r-- 1 root root 354 Jun 28 11:40 freshrpms.repo > >in it. > >perhaps I should search my install cd's and search for a yum rpm.... ?? > >Thank you. > >Ted > > > Hello Ted, it is on CD 1. /Fedora/RPMS/yum-2.3.2-7.noarch.rpm HTH -- ---------------------------------------------------------------------- Kind regards, Graeme. ---------------------------------------------------------------------- Rule of Life #1 -- Never get separated from your luggage. From yazan at ccs.com.jo Wed Aug 17 06:22:20 2005 From: yazan at ccs.com.jo (Yazan Al-Sheyyab) Date: Wed, 17 Aug 2005 08:22:20 +0200 Subject: image backup image backup References: <20050816160055.C1A17732A2@hormel.redhat.com> Message-ID: <004601c5a2f4$05a1fff0$69050364@yazanz> Hello, i have no answer till now about having an image backup for my system. any body can help ???? Regards ------------------------------------------------- Yazan your From daryn at steelsword.org.uk Wed Aug 17 08:38:07 2005 From: daryn at steelsword.org.uk (Daryn) Date: Wed, 17 Aug 2005 09:38:07 +0100 Subject: Linux drivers for promise fasttrak100 onboard IDE raid please? In-Reply-To: <20050816160055.C1A17732A2@hormel.redhat.com> References: <20050816160055.C1A17732A2@hormel.redhat.com> Message-ID: <20050817082528.M98755@steelsword.org.uk> Hi there. Old question, I gather but a good'un. I'm trying to install some version of linux onto a generic 1u server with a Tyan Thunder LE-T motherboard with 1 hard drive on the "normal" IDE port, one on the IDE raid port. It's got a Promise Fasttrak100 soft-raid IDE controller onboard. When I've tried to install Redhat 9, (without using any drivers other then those that redhat itself contains) it see's the drive on the raid controller as hde. On using the drivers on a floppy disk from www.promise.com for redhat 7.2, following the instructions, it sees the drive correctly as sda. However, in both circumstances, the systems refuses to boot after installation has successfully been completed. After the bios checks have been completed, the system shows a flashing cursor on a blank screen and does nothing else. However, if a floppy boot disk is in the drive, it boots successfully. This implies to me that redhat cannot find the boot files. I am installing Grub to the MBR of hda. Can anyone shed any light on what I'm doing wrong please? (yes, I know redhat 9 is old and fedora is the way forward but I want to make sure that i've can install it at all without downloading the cd's for fedora yet) Thanks for any help available. I've read of a bloke called jason tang who enjoys creating promise drivers for redhat installs but his website is missing at members.rogers.com/sith.warrior. Steve From rbj2 at oak.njit.edu Wed Aug 17 14:16:05 2005 From: rbj2 at oak.njit.edu (Rahul Jain) Date: Wed, 17 Aug 2005 10:16:05 -0400 (EDT) Subject: Host Network Problem In-Reply-To: <4302639B.1090807@vitalstream.com> References: <000a01c5a25a$cadaa410$0101a8c0@faria> <43021687.2070003@vitalstream.com> <4302639B.1090807@vitalstream.com> Message-ID: On Tue, 16 Aug 2005, Rick Stevens wrote: > Rahul Jain wrote: > > Hi, > > > > I am having a strange network problem with a linux box. I have > > configured a private network and the linux box has an IP address of > > 10.1.0.1. It is able to ping to its default gateway (10.1.0.2) and to the > > rest of the network. However none of the other services work. I have tried > > ftp, traceroute using both hostname and IP address. None of them work. > > Traceroute gives a strange result of ending at the gateway and ftp throws > > the error "no route to host". I even tried doing ftp to the gateway but > > got the same error. > > > > I am not sure what is the problem since the host is able to ping all other > > hosts in the network. Any ideas what might be going wrong ? > > There's a whole bunch of things. First off, did you configure the > firewall when you installed (e.g. did you choose "high" or "medium" > security)? If so, EVERYTHING except DNS (TCP/UDP port 53)is blocked. > To see if this is the issue, try "service iptables stop" and see if > things work. If they do, then you need to modify your firewall > settings. > > While it's not ideal, you can allow all outgoing traffic. Only accept > incoming traffic to TCP port 22 (ssh), TCP/UDP port 53 (DNS), TCP/UDP > port 80 (web) and perhaps TCP/UDP port 123 (NTP). If you're running an > FTP server, you can open up TCP/UDP port 21, but make SURE you configure > your firewall to do connection tracking and set up appropriate security. > > Configure all other incoming traffic to "-j DROP" in the iptables rules > (don't use "-j DENY", as all that does is advertise the fact that there > is a machine out there that's denying access...DROP simply drops the > packets on the floor--an attacker sees nothing at all). > > I'd suggest getting something like Firestarter > (http://firestarter.sourceforge.net) to give you a GUI to help you > configure the firewall if you're not comfortable doing it manually. > > Also note that many "iffy" protocols (and I mean iffy in regards to > security such as telnet, ftp, finger, whois, etc.) are also disabled by > default on Linux installs (unlike that virusware from Washington). You > specifically have to enable them, and only enable the ones you KNOW you > need. Unless you're running a server of some type, generally the only > daemon you need to run will be sshd--and only that if you need to > access your machine remotely. NEVER enable telnet. Use ssh instead. > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > - VitalStream, Inc. http://www.vitalstream.com - > - - > - "Doctor! My brain hurts!" "It will have to come out!" - > ---------------------------------------------------------------------- Thanks Rick and Jaun for your replies. The firewall on my host is disabled since my network is behind a NAT with no external access. However the firewall at my gateway (setup by another guy) was running. Thanks for your tips, it now works :-> Rahul. From sudoyang at gmail.com Wed Aug 17 15:57:45 2005 From: sudoyang at gmail.com (Fong Vang) Date: Wed, 17 Aug 2005 08:57:45 -0700 Subject: image backup image backup In-Reply-To: <004601c5a2f4$05a1fff0$69050364@yazanz> References: <20050816160055.C1A17732A2@hormel.redhat.com> <004601c5a2f4$05a1fff0$69050364@yazanz> Message-ID: <4f52331f0508170857cf31acc@mail.gmail.com> On 8/16/05, Yazan Al-Sheyyab wrote: > Hello, > > i have no answer till now about having an image backup for my system. > > any body can help ???? What is your question? You're saying you "have no answer till now" so that means you already have the answer? What do you need help with? > > Regards > ------------------------------------------------- > > Yazan > your > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > From rstevens at vitalstream.com Wed Aug 17 19:08:15 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Wed, 17 Aug 2005 12:08:15 -0700 Subject: Linux drivers for promise fasttrak100 onboard IDE raid please? In-Reply-To: <20050817082528.M98755@steelsword.org.uk> References: <20050816160055.C1A17732A2@hormel.redhat.com> <20050817082528.M98755@steelsword.org.uk> Message-ID: <43038B1F.4020804@vitalstream.com> Daryn wrote: > Hi there. > > Old question, I gather but a good'un. > > I'm trying to install some version of linux onto a generic 1u server with a > Tyan Thunder LE-T motherboard with 1 hard drive on the "normal" IDE port, one > on the IDE raid port. It's got a Promise Fasttrak100 soft-raid IDE controller > onboard. When I've tried to install Redhat 9, (without using any drivers other > then those that redhat itself contains) it see's the drive on the raid > controller as hde. On using the drivers on a floppy disk from www.promise.com > for redhat 7.2, following the instructions, it sees the drive correctly as > sda. However, in both circumstances, the systems refuses to boot after > installation has successfully been completed. After the bios checks have been > completed, the system shows a flashing cursor on a blank screen and does > nothing else. > > However, if a floppy boot disk is in the drive, it boots successfully. This > implies to me that redhat cannot find the boot files. I am installing Grub to > the MBR of hda. Can anyone shed any light on what I'm doing wrong please? > > (yes, I know redhat 9 is old and fedora is the way forward but I want to make > sure that i've can install it at all without downloading the cd's for fedora yet) > > Thanks for any help available. I've read of a bloke called jason tang who > enjoys creating promise drivers for redhat installs but his website is missing > at members.rogers.com/sith.warrior. The problem lies with how the BIOS numbers the drives. The first hard drive is given the BIOS ID of 0x80, the second as 0x81 and so on. If the BIOS says that the "normal" IDE is the first drive (0x80) (which is what sounds like what's going on), then when you install grub, it'll install to the "normal" IDE drive, since that's 0x80 and grub asks the BIOS which drive is the "boot" drive. When you use the floppy, THAT version of Linux remaps the drives so the RAID is now 0x80 and the regular IDE is 0x81 or 0x82 or some other thing. The problem is, the BIOS still thinks 0x80 is the regular IDE and grub still gets loaded there. On top of that, when the initrd image is saved, it won't include the RAID driver, since the root filesystem isn't on a RAID disk (as far as the BIOS is concerned). If you go into the BIOS of the machine and tell it that the RAID is the first drive to look at, the BIOS should then number the RAID drive(s) as 0x80 and both the floppy boot and the CD boot should work as expected. Fedora Core 2, 3, and 4 all include Promise RAID drivers and should be able to sort this out without the help of the BIOS, but it wouldn't hurt to bugger the BIOS settings anyway. It's best to wear a condom and a full hazmat suit, right? :-) Be aware that FC2, 3 and 4 are based on the 2.6 kernel. FC1 is based on the 2.4 kernel as is RH9. In fact, FC1 was GOING to be RH10, before they decided to go the commercial "Enterprise Linux" route). RH Enterprise Linux 4 (ES4, AS4, WS4, etc.) is based on Fedora Core 2. Hope that helps out a bit. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Memory is the second thing to go, but I can't remember the first! - ---------------------------------------------------------------------- From rstevens at vitalstream.com Wed Aug 17 19:09:50 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Wed, 17 Aug 2005 12:09:50 -0700 Subject: Host Network Problem In-Reply-To: References: <000a01c5a25a$cadaa410$0101a8c0@faria> <43021687.2070003@vitalstream.com> <4302639B.1090807@vitalstream.com> Message-ID: <43038B7E.4070108@vitalstream.com> Rahul Jain wrote: > On Tue, 16 Aug 2005, Rick Stevens wrote: > > >>Rahul Jain wrote: >> >>>Hi, >>> >>>I am having a strange network problem with a linux box. I have >>>configured a private network and the linux box has an IP address of >>>10.1.0.1. It is able to ping to its default gateway (10.1.0.2) and to the >>>rest of the network. However none of the other services work. I have tried >>>ftp, traceroute using both hostname and IP address. None of them work. >>>Traceroute gives a strange result of ending at the gateway and ftp throws >>>the error "no route to host". I even tried doing ftp to the gateway but >>>got the same error. >>> >>>I am not sure what is the problem since the host is able to ping all other >>>hosts in the network. Any ideas what might be going wrong ? >> >>There's a whole bunch of things. First off, did you configure the >>firewall when you installed (e.g. did you choose "high" or "medium" >>security)? If so, EVERYTHING except DNS (TCP/UDP port 53)is blocked. >>To see if this is the issue, try "service iptables stop" and see if >>things work. If they do, then you need to modify your firewall >>settings. >> >>While it's not ideal, you can allow all outgoing traffic. Only accept >>incoming traffic to TCP port 22 (ssh), TCP/UDP port 53 (DNS), TCP/UDP >>port 80 (web) and perhaps TCP/UDP port 123 (NTP). If you're running an >>FTP server, you can open up TCP/UDP port 21, but make SURE you configure >>your firewall to do connection tracking and set up appropriate security. >> >>Configure all other incoming traffic to "-j DROP" in the iptables rules >>(don't use "-j DENY", as all that does is advertise the fact that there >>is a machine out there that's denying access...DROP simply drops the >>packets on the floor--an attacker sees nothing at all). >> >>I'd suggest getting something like Firestarter >>(http://firestarter.sourceforge.net) to give you a GUI to help you >>configure the firewall if you're not comfortable doing it manually. >> >>Also note that many "iffy" protocols (and I mean iffy in regards to >>security such as telnet, ftp, finger, whois, etc.) are also disabled by >>default on Linux installs (unlike that virusware from Washington). You >>specifically have to enable them, and only enable the ones you KNOW you >>need. Unless you're running a server of some type, generally the only >>daemon you need to run will be sshd--and only that if you need to >>access your machine remotely. NEVER enable telnet. Use ssh instead. > > Thanks Rick and Jaun for your replies. > > The firewall on my host is disabled since my network is behind a NAT with > no external access. However the firewall at my gateway (setup by > another guy) was running. Thanks for your tips, it now works :-> Ta DAH! No problem, Rahul. As the old saying goes, "if it pings but it won't serve, then your firewall is a perv!" Or something like that. ;-) ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - BASIC is the Computer Science version of `Scientific Creationism' - ---------------------------------------------------------------------- From Jack.Allen at McKesson.com Wed Aug 17 22:46:03 2005 From: Jack.Allen at McKesson.com (Allen, Jack) Date: Wed, 17 Aug 2005 18:46:03 -0400 Subject: Password aging Message-ID: I have AS 4 64 bit installed. I have tried to enable password aging, but can not get it to work. I have used the chage command to change the expiration day. I can show it should have expired by doing "chage -l login_name". When I login I do not get a warning, and I am not asked to change my password. Is there some other configuration file that needs to be changed to enable it? The system is configured with shadow and md5 encryption. -------------- next part -------------- An HTML attachment was scrubbed... URL: From wralphie at comcast.net Thu Aug 18 00:21:26 2005 From: wralphie at comcast.net (jludwig) Date: Wed, 17 Aug 2005 20:21:26 -0400 Subject: Password aging In-Reply-To: References: Message-ID: <200508172021.27167.wralphie@comcast.net> On Wednesday 17 August 2005 06:46 pm, Allen, Jack wrote: > I have AS 4 64 bit installed. I have tried to enable password aging, but > can not get it to work. I have used the chage command to change the > expiration day. I can show it should have expired by doing "chage -l > login_name". When I login I do not get a warning, and I am not asked to > change my password. Is there some other configuration file that needs to > be changed to enable it? The system is configured with shadow and md5 > encryption. From; man chage The -E option is used to set a date on which the user?s account will no longer be accessible. The expiredate option is the number of days since January 1, 1970 on which the accounted is locked. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area). A user whose account is locked must contact the system administrator before being able to use the system again. Did you set this? From Jack.Allen at McKesson.com Thu Aug 18 00:58:21 2005 From: Jack.Allen at McKesson.com (Allen, Jack) Date: Wed, 17 Aug 2005 20:58:21 -0400 Subject: Password aging Message-ID: -----Original Message----- From: jludwig [mailto:wralphie at comcast.net] Sent: Wednesday, August 17, 2005 8:21 PM To: Getting started with Red Hat Linux Subject: Re: Password aging On Wednesday 17 August 2005 06:46 pm, Allen, Jack wrote: > I have AS 4 64 bit installed. I have tried to enable password aging, but > can not get it to work. I have used the chage command to change the > expiration day. I can show it should have expired by doing "chage -l > login_name". When I login I do not get a warning, and I am not asked to > change my password. Is there some other configuration file that needs to > be changed to enable it? The system is configured with shadow and md5 > encryption. From; man chage The -E option is used to set a date on which the user's account will no longer be accessible. The expiredate option is the number of days since January 1, 1970 on which the accounted is locked. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area). A user whose account is locked must contact the system administrator before being able to use the system again. Did you set this? I am not trying to lock the account. I am trying to force the user to change their password after a certain number of days. You know company rules. What should be happening is the user connects to the system, provides their login name and then gets prompted for their password. After they enter the password they should get a message that their password has expired and please enter a new one. In other words it would be like they got logged in and received a message to change their password and they entered "passwd". I assume it is the login program that handles this by what it finds in the shadow file. I have also looked for configuration options for login, to try and determine if it should be paying any attention to the aging information in the shadow file. I could not find anything. I have even looked a PAM and found /etc/pam.d/login. But I determined by looking at the last accessed time on the file that it was not being accessed when I tested logging in. So I am still looking for what controls making the user change their password after some number of days. _______________________________________________ Redhat-install-list mailing list Redhat-install-list at redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request at redhat.com Subject: unsubscribe From alexander.samad at hp.com Thu Aug 18 02:25:53 2005 From: alexander.samad at hp.com (Samad, Alex) Date: Thu, 18 Aug 2005 12:25:53 +1000 Subject: Help with RHAS 4 and GFS 6.1 Message-ID: Hi I have just moved away from dlm - seems to be more of a problem, trying gulm, are you using Redhat cluster suite? Alex > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of Rick Stevens > Sent: Wednesday, 17 August 2005 11:15 AM > To: Getting started with Red Hat Linux > Subject: Re: Help with RHAS 4 and GFS 6.1 > > Samad, Alex wrote: > > Found it > > > > > > You need lvm2-cluster-2.01.09-5.0.RHEL4.i386.rpm, part of the GFS 6.1 > > set; it contains the extensions to LVM2 for clusters, among them, > > /usr/sbin/clvmd. > > Ah, HAH! As I said, all I've been dealt with is the bleeding edge > tarballs from the CVS system. I haven't seen the nicely packaged bits. > > I also saw from your other posting that you're using DLM. Either one > will work (DLM or GULM). I've had good luck with GULM and stuck with > it as DLM originally had issues. I guess I should switch back to DLM > and see if it behaves better. You must understand that my application > requires REALLY fast data--eventually a total of about 9Gb/second > (yes, that's 9 gigabits per second or 1.125 gigabytes/second). > Obviously, that requires a lot of servers and a very fast storage > platform (Hitachi Thunder 9815 SAN array). > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > - VitalStream, Inc. http://www.vitalstream.com - > - - > - Heisenberg _may_ have slept here - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe From ceenu99 at rediffmail.com Thu Aug 18 05:07:51 2005 From: ceenu99 at rediffmail.com (srinivas m) Date: 18 Aug 2005 05:07:51 -0000 Subject: Error in RHL 6.2 Message-ID: <20050818050751.1848.qmail@webmail29.rediffmail.com> Hi All, I am working with RHL6.2, Suddenly I came accross following error. root at localhost driver]#./configure loading cache ./config.cache checking for gcc... gcc checking whether the C compiler (gcc) works... yes checking whether the C compiler (gcc) is a cross-compiler... no checking whether we are using GNC C... yes checking whether gcc accepts -g... yes checking how to run the C preprocessor... gcc -E checking for /lib/modules/2.2.14-5.0/build/include/linux/init.h...no configure: error: cannot find kernel headers, please install then to /lib/modules/2/2/14-5.0/build or set KERNEL_RELEASE to their version and/or KERNEL_HEADERS to their location. When I tried to install kernel-headers, following msg is displayed. [root at localhost RPMS]#rpm -ivh kernel-headers-2-2.14-5.0.i386.rpm package kernel-headers-2.2.14-5.0 is already installed There is no build directory at /lib/modules/2/2/14-5.0/, which is supposed to be, I Guess... Plz get me out of this issue... Thanks, Ceenu -------------- next part -------------- An HTML attachment was scrubbed... URL: From yazan at ccs.com.jo Thu Aug 18 06:17:34 2005 From: yazan at ccs.com.jo (Yazan Al-Sheyyab) Date: Thu, 18 Aug 2005 08:17:34 +0200 Subject: Image backup Image backup Image backup Message-ID: <001401c5a3bc$85b507a0$69050364@yazanz> My question was about how to have an image backup of my system ? is there a way to have a backup of my RHEL_AS_V3_U5 ?? inorder if a crash happened so i will have a system backup to retrieve everything as it was originaly This is my question . Regards ------------------------------------------------- Yazan -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: tech.gif Type: image/gif Size: 862 bytes Desc: not available URL: From dcalhoun at blomand.net Thu Aug 18 06:04:49 2005 From: dcalhoun at blomand.net (Dennis Calhoun) Date: Thu, 18 Aug 2005 01:04:49 -0500 Subject: Image backup Image backup Image backup In-Reply-To: <001401c5a3bc$85b507a0$69050364@yazanz> References: <001401c5a3bc$85b507a0$69050364@yazanz> Message-ID: On Thu, 18 Aug 2005 08:17:34 +0200, you wrote: > >My question was about how to have an image backup of my system ? > > is there a way to have a backup of my RHEL_AS_V3_U5 ?? inorder if a crash happened so i will have a system backup to retrieve everything as it was originaly > > This is my question . Hello Yazan, An image, as you probably know, can be used for complete backup of an existing system and as a means of deploying new "full system packages" throughout an enterprise. Symantec's Norton Ghost is the program of choice for me. I might add that *nearly* the same level of backup can be achieved by utilizing a "mirrored drive" configuration within any given system. (assuming that an image would be maintained in an external location rather than locally, which would be a bit more secure) -- Dennis D. Calhoun CompTIA A+, Network+, MCP (70-290) From erdinc at prosoft.com.tr Thu Aug 18 08:31:11 2005 From: erdinc at prosoft.com.tr (Ali =?ISO-8859-9?Q?Erdin=E7_K=F6ro=F0lu?=) Date: Thu, 18 Aug 2005 11:31:11 +0300 Subject: Image backup Image backup Image backup In-Reply-To: <001401c5a3bc$85b507a0$69050364@yazanz> References: <001401c5a3bc$85b507a0$69050364@yazanz> Message-ID: <20050818113111.5164612d.erdinc@prosoft.com.tr> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I advice you to read your mails carefully..! From: Ali Erdin? K?ro?lu To: Getting started with Red Hat Linux Reply-To: Getting started with Red Hat Linux Subject: Re: image back up Date: Mon, 8 Aug 2005 12:00:40 +0300 Sender: redhat-install-list-bounces at redhat.com Organization: Prosoft Iletisim Sistemleri Ltd. Sti. X-Mailer: Sylpheed version 2.0.0rc (GTK+ 2.6.7; i686-pc-linux-gnu) Hi, On Mon, 8 Aug 2005 11:15:29 +0200 "Yazan Al-Sheyyab" wrote: > Hello, > > i have a problem about how to make an image backup for my system, and is there any utility or > method to have an image backup ???????? > i have a problem getting image backup for my system. You can use them :) www.partimage.org www.mondorescue.org www.bacula.org On Thu, 18 Aug 2005 08:17:34 +0200 "Yazan Al-Sheyyab" wrote: > > My question was about how to have an image backup of my system ? > is there a way to have a backup of my RHEL_AS_V3_U5 ?? inorder if a crash happened so i will have a > system backup to retrieve everything as it was originaly Regards Ali Erdin? K?roglu http://www.prosoft.com.tr -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDBEdPUZ8xvL9ToPoRAvQYAJ43LIRzG/2klpXcrMp1fb0/QZc9XACgtXTr gGR1jhmhfBTve2TYK6Kt5T0= =BMPt -----END PGP SIGNATURE----- From robertmcclure at earthlink.net Thu Aug 18 16:00:52 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Thu, 18 Aug 2005 11:00:52 -0500 Subject: Error in RHL 6.2 In-Reply-To: <20050818050751.1848.qmail@webmail29.rediffmail.com> References: <20050818050751.1848.qmail@webmail29.rediffmail.com> Message-ID: <20050818160052.GA2867@bobcat.bobcatos.com> On Thu, Aug 18, 2005 at 05:07:51AM -0000, srinivas m wrote: > Hi All, > I am working with RHL6.2, Suddenly I came accross following error. > root at localhost driver]#./configure > loading cache ./config.cache > checking for gcc... gcc > checking whether the C compiler (gcc) works... yes > checking whether the C compiler (gcc) is a > cross-compiler... no > checking whether we are using GNC C... yes > checking whether gcc accepts -g... yes > checking how to run the C preprocessor... gcc -E > checking for > /lib/modules/2.2.14-5.0/build/include/linux/init.h...no > configure: error: cannot find kernel headers, please install then to /lib/modules/2/2/14-5.0/build or set KERNEL_RELEASE to their version and/or KERNEL_HEADERS > to their location. > > When I tried to install kernel-headers, following msg is displayed. > [root at localhost RPMS]#rpm -ivh kernel-headers-2-2.14-5.0.i386.rpm > package kernel-headers-2.2.14-5.0 is already installed > > There is no build directory at /lib/modules/2/2/14-5.0/, which is supposed to be, I Guess... > > Plz get me out of this issue... > > Thanks, > Ceenu Do you have the kernel-source RPM installed? Must you use such an ancient distribution? It's rather insecure. Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com God doesn't have (or need) a Plan B. From rstevens at vitalstream.com Thu Aug 18 16:06:52 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Thu, 18 Aug 2005 09:06:52 -0700 Subject: Password aging In-Reply-To: References: Message-ID: <4304B21C.6060609@vitalstream.com> Allen, Jack wrote: > > -----Original Message----- > From: jludwig [mailto:wralphie at comcast.net] > Sent: Wednesday, August 17, 2005 8:21 PM > To: Getting started with Red Hat Linux > Subject: Re: Password aging > > > On Wednesday 17 August 2005 06:46 pm, Allen, Jack wrote: > >>I have AS 4 64 bit installed. I have tried to enable password aging, but >>can not get it to work. I have used the chage command to change the >>expiration day. I can show it should have expired by doing "chage -l >>login_name". When I login I do not get a warning, and I am not asked to >>change my password. Is there some other configuration file that needs to >>be changed to enable it? The system is configured with shadow and md5 >>encryption. > > > From; > man chage > > The -E option is used to set a date on which the user's account > will > no longer be accessible. The expiredate option is the number of days since > January 1, 1970 on which the accounted is locked. The date may also be > expressed in the format YYYY-MM-DD (or the format more commonly used in > your area). A user whose account is locked must contact the system > administrator before being able to use the system again. > > Did you set this? > > I am not trying to lock the account. I am trying to force the user > to change their password after a certain number of days. You know company > rules. What should be happening is the user connects to the system, provides > their login name and then gets prompted for their password. After they enter > the password they should get a message that their password has expired and > please enter a new one. In other words it would be like they got logged in > and received a message to change their password and they entered "passwd". You need to set the "-W n" (warn days) option to chage. In other words, to set a user's account to expire on September 1, 2005, and warn them for 7 days previous, the chage command would be: # chage -E 2005-09-01 -W 7 username > I assume it is the login program that handles this by what it finds > in the shadow file. I have also looked for configuration options for login, > to try and determine if it should be paying any attention to the aging > information in the shadow file. I could not find anything. I have even > looked a PAM and found /etc/pam.d/login. But I determined by looking at the > last accessed time on the file that it was not being accessed when I tested > logging in. So I am still looking for what controls making the user change > their password after some number of days. That's the "-M" option. Here's a form I use a lot and sets the following criteria: Disable an account after 60 days of inactivity Allow a user to change passwords whenever they want Force a password change every 30 days Warn the user for 7 days to change their password The corresponding chage command is: # chage -I 60 -m 0 -M 30 -W 7 username You do know that chage will run in interactive mode if you don't specify any options, e.g. # chage username ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Overweight: When you step on your dog's tail...and it dies. - ---------------------------------------------------------------------- From rstevens at vitalstream.com Thu Aug 18 16:09:00 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Thu, 18 Aug 2005 09:09:00 -0700 Subject: Help with RHAS 4 and GFS 6.1 In-Reply-To: References: Message-ID: <4304B29C.7000601@vitalstream.com> Samad, Alex wrote: > Hi > > I have just moved away from dlm - seems to be more of a problem, trying > gulm, are you using Redhat cluster suite? No, I've not. I've been using Fedora Core 3 and 4 and the CVS versions of GFS (they're a bit bleeding edge). ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - To err is human, to forgive, beyond the scope of the OS - ---------------------------------------------------------------------- From Jack.Allen at McKesson.com Thu Aug 18 16:31:12 2005 From: Jack.Allen at McKesson.com (Allen, Jack) Date: Thu, 18 Aug 2005 12:31:12 -0400 Subject: Password aging Message-ID: -----Original Message----- From: Rick Stevens [mailto:rstevens at vitalstream.com] Sent: Thursday, August 18, 2005 12:07 PM To: Getting started with Red Hat Linux Subject: Re: Password aging Allen, Jack wrote: > > -----Original Message----- > From: jludwig [mailto:wralphie at comcast.net] > Sent: Wednesday, August 17, 2005 8:21 PM > To: Getting started with Red Hat Linux > Subject: Re: Password aging > > > On Wednesday 17 August 2005 06:46 pm, Allen, Jack wrote: > >>I have AS 4 64 bit installed. I have tried to enable password aging, but >>can not get it to work. I have used the chage command to change the >>expiration day. I can show it should have expired by doing "chage -l >>login_name". When I login I do not get a warning, and I am not asked to >>change my password. Is there some other configuration file that needs to >>be changed to enable it? The system is configured with shadow and md5 >>encryption. > > > From; > man chage > > The -E option is used to set a date on which the user's account > will > no longer be accessible. The expiredate option is the number of days since > January 1, 1970 on which the accounted is locked. The date may also be > expressed in the format YYYY-MM-DD (or the format more commonly used in > your area). A user whose account is locked must contact the system > administrator before being able to use the system again. > > Did you set this? > > I am not trying to lock the account. I am trying to force the user > to change their password after a certain number of days. You know company > rules. What should be happening is the user connects to the system, provides > their login name and then gets prompted for their password. After they enter > the password they should get a message that their password has expired and > please enter a new one. In other words it would be like they got logged in > and received a message to change their password and they entered "passwd". You need to set the "-W n" (warn days) option to chage. In other words, to set a user's account to expire on September 1, 2005, and warn them for 7 days previous, the chage command would be: # chage -E 2005-09-01 -W 7 username > I assume it is the login program that handles this by what it finds > in the shadow file. I have also looked for configuration options for login, > to try and determine if it should be paying any attention to the aging > information in the shadow file. I could not find anything. I have even > looked a PAM and found /etc/pam.d/login. But I determined by looking at the > last accessed time on the file that it was not being accessed when I tested > logging in. So I am still looking for what controls making the user change > their password after some number of days. That's the "-M" option. Here's a form I use a lot and sets the following criteria: Disable an account after 60 days of inactivity Allow a user to change passwords whenever they want Force a password change every 30 days Warn the user for 7 days to change their password The corresponding chage command is: # chage -I 60 -m 0 -M 30 -W 7 username You do know that chage will run in interactive mode if you don't specify any options, e.g. # chage username ============= This is the settings for user white3. When I connect I enter the login name and then the password and get the shell prompt. It never warns me the password will or has expired. So what am I missing? As I asked earlier, exactly what program is suppose to be checking the values? I assume login, maybe using one of the PAM configuration files. Changing the aging information for white3 Enter the new value, or press ENTER for the default Minimum Password Age [0]: Maximum Password Age [1]: Last Password Change (YYYY-MM-DD) [2005-08-15]: Password Expiration Warning [1]: Password Inactive [14]: Account Expiration Date (YYYY-MM-DD) [2005-08-22]: Thanks: Jack Allen From rstevens at vitalstream.com Thu Aug 18 17:21:40 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Thu, 18 Aug 2005 10:21:40 -0700 Subject: Password aging In-Reply-To: References: Message-ID: <4304C3A4.1090809@vitalstream.com> Allen, Jack wrote: > > -----Original Message----- > From: Rick Stevens [mailto:rstevens at vitalstream.com] > Sent: Thursday, August 18, 2005 12:07 PM > To: Getting started with Red Hat Linux > Subject: Re: Password aging > > > Allen, Jack wrote: > >>-----Original Message----- >>From: jludwig [mailto:wralphie at comcast.net] >>Sent: Wednesday, August 17, 2005 8:21 PM >>To: Getting started with Red Hat Linux >>Subject: Re: Password aging >> >> >>On Wednesday 17 August 2005 06:46 pm, Allen, Jack wrote: >> >> >>>I have AS 4 64 bit installed. I have tried to enable password aging, but >>>can not get it to work. I have used the chage command to change the >>>expiration day. I can show it should have expired by doing "chage -l >>>login_name". When I login I do not get a warning, and I am not asked to >>>change my password. Is there some other configuration file that needs to >>>be changed to enable it? The system is configured with shadow and md5 >>>encryption. >> >> >>From; >>man chage >> >> The -E option is used to set a date on which the user's account >>will >>no longer be accessible. The expiredate option is the number of days > > since > >>January 1, 1970 on which the accounted is locked. The date may also be >>expressed in the format YYYY-MM-DD (or the format more commonly used in >> your area). A user whose account is locked must contact the system >>administrator before being able to use the system again. >> >>Did you set this? >> >> I am not trying to lock the account. I am trying to force the user >>to change their password after a certain number of days. You know company >>rules. What should be happening is the user connects to the system, > > provides > >>their login name and then gets prompted for their password. After they > > enter > >>the password they should get a message that their password has expired and >>please enter a new one. In other words it would be like they got logged in >>and received a message to change their password and they entered "passwd". > > > You need to set the "-W n" (warn days) option to chage. In other words, > to set a user's account to expire on September 1, 2005, and warn them > for 7 days previous, the chage command would be: > > # chage -E 2005-09-01 -W 7 username > > >> I assume it is the login program that handles this by what it finds >>in the shadow file. I have also looked for configuration options for > > login, > >>to try and determine if it should be paying any attention to the aging >>information in the shadow file. I could not find anything. I have even >>looked a PAM and found /etc/pam.d/login. But I determined by looking at > > the > >>last accessed time on the file that it was not being accessed when I > > tested > >>logging in. So I am still looking for what controls making the user change >>their password after some number of days. > > > That's the "-M" option. Here's a form I use a lot and sets the > following criteria: > > Disable an account after 60 days of inactivity > Allow a user to change passwords whenever they want > Force a password change every 30 days > Warn the user for 7 days to change their password > > The corresponding chage command is: > > # chage -I 60 -m 0 -M 30 -W 7 username > > You do know that chage will run in interactive mode if you don't specify > any options, e.g. > > # chage username > > ============= > This is the settings for user white3. When I connect I enter the login name > and then the password and get the shell prompt. It never warns me the > password will or has expired. So what am I missing? As I asked earlier, > exactly what program is suppose to be checking the values? I assume login, > maybe using one of the PAM configuration files. > > Changing the aging information for white3 > Enter the new value, or press ENTER for the default > > Minimum Password Age [0]: > Maximum Password Age [1]: > Last Password Change (YYYY-MM-DD) [2005-08-15]: > Password Expiration Warning [1]: > Password Inactive [14]: > Account Expiration Date (YYYY-MM-DD) [2005-08-22]: Ok, it absolutely should work. Have you run pwck? Also verify that /etc/shadow has all the fields filled in. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - NEWS FLASH! Intelligence of mankind decreasing! Details at... - - uh, when, uh, the little hand is, uh, on the... Aw, NUTS! - ---------------------------------------------------------------------- From Jack.Allen at McKesson.com Thu Aug 18 19:48:21 2005 From: Jack.Allen at McKesson.com (Allen, Jack) Date: Thu, 18 Aug 2005 15:48:21 -0400 Subject: Password aging Message-ID: -----Original Message----- From: Rick Stevens [mailto:rstevens at vitalstream.com] Sent: Thursday, August 18, 2005 1:22 PM To: Getting started with Red Hat Linux Subject: Re: Password aging Allen, Jack wrote: > > -----Original Message----- > From: Rick Stevens [mailto:rstevens at vitalstream.com] > Sent: Thursday, August 18, 2005 12:07 PM > To: Getting started with Red Hat Linux > Subject: Re: Password aging > > > Allen, Jack wrote: > >>-----Original Message----- >>From: jludwig [mailto:wralphie at comcast.net] >>Sent: Wednesday, August 17, 2005 8:21 PM >>To: Getting started with Red Hat Linux >>Subject: Re: Password aging >> >> >>On Wednesday 17 August 2005 06:46 pm, Allen, Jack wrote: >> >> >>>I have AS 4 64 bit installed. I have tried to enable password aging, but >>>can not get it to work. I have used the chage command to change the >>>expiration day. I can show it should have expired by doing "chage -l >>>login_name". When I login I do not get a warning, and I am not asked to >>>change my password. Is there some other configuration file that needs to >>>be changed to enable it? The system is configured with shadow and md5 >>>encryption. >> >> >>From; >>man chage >> >> The -E option is used to set a date on which the user's account >>will >>no longer be accessible. The expiredate option is the number of days > > since > >>January 1, 1970 on which the accounted is locked. The date may also be >>expressed in the format YYYY-MM-DD (or the format more commonly used in >> your area). A user whose account is locked must contact the system >>administrator before being able to use the system again. >> >>Did you set this? >> >> I am not trying to lock the account. I am trying to force the user >>to change their password after a certain number of days. You know company >>rules. What should be happening is the user connects to the system, > > provides > >>their login name and then gets prompted for their password. After they > > enter > >>the password they should get a message that their password has expired and >>please enter a new one. In other words it would be like they got logged in >>and received a message to change their password and they entered "passwd". > > > You need to set the "-W n" (warn days) option to chage. In other words, > to set a user's account to expire on September 1, 2005, and warn them > for 7 days previous, the chage command would be: > > # chage -E 2005-09-01 -W 7 username > > >> I assume it is the login program that handles this by what it finds >>in the shadow file. I have also looked for configuration options for > > login, > >>to try and determine if it should be paying any attention to the aging >>information in the shadow file. I could not find anything. I have even >>looked a PAM and found /etc/pam.d/login. But I determined by looking at > > the > >>last accessed time on the file that it was not being accessed when I > > tested > >>logging in. So I am still looking for what controls making the user change >>their password after some number of days. > > > That's the "-M" option. Here's a form I use a lot and sets the > following criteria: > > Disable an account after 60 days of inactivity > Allow a user to change passwords whenever they want > Force a password change every 30 days > Warn the user for 7 days to change their password > > The corresponding chage command is: > > # chage -I 60 -m 0 -M 30 -W 7 username > > You do know that chage will run in interactive mode if you don't specify > any options, e.g. > > # chage username > > ============= > This is the settings for user white3. When I connect I enter the login name > and then the password and get the shell prompt. It never warns me the > password will or has expired. So what am I missing? As I asked earlier, > exactly what program is suppose to be checking the values? I assume login, > maybe using one of the PAM configuration files. > > Changing the aging information for white3 > Enter the new value, or press ENTER for the default > > Minimum Password Age [0]: > Maximum Password Age [1]: > Last Password Change (YYYY-MM-DD) [2005-08-15]: > Password Expiration Warning [1]: > Password Inactive [14]: > Account Expiration Date (YYYY-MM-DD) [2005-08-22]: Ok, it absolutely should work. Have you run pwck? Also verify that /etc/shadow has all the fields filled in. ============= Yes I have run pwck and it only complains about missing home directories. Example: user adm: directory /var/adm does not exist user news: directory /etc/news does not exist user uucp: directory /var/spool/uucp does not exist user gopher: directory /var/gopher does not exist user pcap: directory /var/arpwatch does not exist pwck: no changes Here is the line from shadow: white3:$1$lI.dioGw$Y/tabLB8qA/sjexL.0JXZ.:13010:0:1:1:14:13017: Thanks Jack Allen From Jack.Allen at McKesson.com Thu Aug 18 20:20:41 2005 From: Jack.Allen at McKesson.com (Allen, Jack) Date: Thu, 18 Aug 2005 16:20:41 -0400 Subject: Password aging Message-ID: -----Original Message----- From: Allen, Jack [mailto:Jack.Allen at McKesson.com] Sent: Thursday, August 18, 2005 3:48 PM To: 'Getting started with Red Hat Linux' Subject: RE: Password aging -----Original Message----- From: Rick Stevens [mailto:rstevens at vitalstream.com] Sent: Thursday, August 18, 2005 1:22 PM To: Getting started with Red Hat Linux Subject: Re: Password aging Allen, Jack wrote: > > -----Original Message----- > From: Rick Stevens [mailto:rstevens at vitalstream.com] > Sent: Thursday, August 18, 2005 12:07 PM > To: Getting started with Red Hat Linux > Subject: Re: Password aging > > > Allen, Jack wrote: > >>-----Original Message----- >>From: jludwig [mailto:wralphie at comcast.net] >>Sent: Wednesday, August 17, 2005 8:21 PM >>To: Getting started with Red Hat Linux >>Subject: Re: Password aging >> >> >>On Wednesday 17 August 2005 06:46 pm, Allen, Jack wrote: >> >> >>>I have AS 4 64 bit installed. I have tried to enable password aging, but >>>can not get it to work. I have used the chage command to change the >>>expiration day. I can show it should have expired by doing "chage -l >>>login_name". When I login I do not get a warning, and I am not asked to >>>change my password. Is there some other configuration file that needs to >>>be changed to enable it? The system is configured with shadow and md5 >>>encryption. >> >> >>From; >>man chage >> >> The -E option is used to set a date on which the user's account >>will >>no longer be accessible. The expiredate option is the number of days > > since > >>January 1, 1970 on which the accounted is locked. The date may also be >>expressed in the format YYYY-MM-DD (or the format more commonly used in >> your area). A user whose account is locked must contact the system >>administrator before being able to use the system again. >> >>Did you set this? >> >> I am not trying to lock the account. I am trying to force the user >>to change their password after a certain number of days. You know company >>rules. What should be happening is the user connects to the system, > > provides > >>their login name and then gets prompted for their password. After they > > enter > >>the password they should get a message that their password has expired and >>please enter a new one. In other words it would be like they got logged in >>and received a message to change their password and they entered "passwd". > > > You need to set the "-W n" (warn days) option to chage. In other words, > to set a user's account to expire on September 1, 2005, and warn them > for 7 days previous, the chage command would be: > > # chage -E 2005-09-01 -W 7 username > > >> I assume it is the login program that handles this by what it finds >>in the shadow file. I have also looked for configuration options for > > login, > >>to try and determine if it should be paying any attention to the aging >>information in the shadow file. I could not find anything. I have even >>looked a PAM and found /etc/pam.d/login. But I determined by looking at > > the > >>last accessed time on the file that it was not being accessed when I > > tested > >>logging in. So I am still looking for what controls making the user change >>their password after some number of days. > > > That's the "-M" option. Here's a form I use a lot and sets the > following criteria: > > Disable an account after 60 days of inactivity > Allow a user to change passwords whenever they want > Force a password change every 30 days > Warn the user for 7 days to change their password > > The corresponding chage command is: > > # chage -I 60 -m 0 -M 30 -W 7 username > > You do know that chage will run in interactive mode if you don't specify > any options, e.g. > > # chage username > > ============= > This is the settings for user white3. When I connect I enter the login name > and then the password and get the shell prompt. It never warns me the > password will or has expired. So what am I missing? As I asked earlier, > exactly what program is suppose to be checking the values? I assume login, > maybe using one of the PAM configuration files. > > Changing the aging information for white3 > Enter the new value, or press ENTER for the default > > Minimum Password Age [0]: > Maximum Password Age [1]: > Last Password Change (YYYY-MM-DD) [2005-08-15]: > Password Expiration Warning [1]: > Password Inactive [14]: > Account Expiration Date (YYYY-MM-DD) [2005-08-22]: Ok, it absolutely should work. Have you run pwck? Also verify that /etc/shadow has all the fields filled in. ============= Yes I have run pwck and it only complains about missing home directories. Example: user adm: directory /var/adm does not exist user news: directory /etc/news does not exist user uucp: directory /var/spool/uucp does not exist user gopher: directory /var/gopher does not exist user pcap: directory /var/arpwatch does not exist pwck: no changes Here is the line from shadow: white3:$1$lI.dioGw$Y/tabLB8qA/sjexL.0JXZ.:13010:0:1:1:14:13017: Thanks Jack Allen ============ More information: If I "su - white3", then I am told the password has expired (aged). If I "sshd -l white3 0", then I am told the same thing. All my other testing has been done by "telnet 0" and entering the login name and the password. I have done "ps -ef | grep login" when doing the sshd and telnet and both are executing login. Therefore I have to assume login is what should be using the shadow/aging information. But I can not figure out why ssh works and telnet does not. Thanks Jack Allen From rstevens at vitalstream.com Thu Aug 18 21:36:55 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Thu, 18 Aug 2005 14:36:55 -0700 Subject: Password aging In-Reply-To: References: Message-ID: <4304FF77.3050906@vitalstream.com> Allen, Jack wrote: > > -----Original Message----- > From: Allen, Jack [mailto:Jack.Allen at McKesson.com] > Sent: Thursday, August 18, 2005 3:48 PM > To: 'Getting started with Red Hat Linux' > Subject: RE: Password aging > > > > > -----Original Message----- > From: Rick Stevens [mailto:rstevens at vitalstream.com] > Sent: Thursday, August 18, 2005 1:22 PM > To: Getting started with Red Hat Linux > Subject: Re: Password aging > > > Allen, Jack wrote: > >>-----Original Message----- >>From: Rick Stevens [mailto:rstevens at vitalstream.com] >>Sent: Thursday, August 18, 2005 12:07 PM >>To: Getting started with Red Hat Linux >>Subject: Re: Password aging >> >> >>Allen, Jack wrote: >> >> >>>-----Original Message----- >>>From: jludwig [mailto:wralphie at comcast.net] >>>Sent: Wednesday, August 17, 2005 8:21 PM >>>To: Getting started with Red Hat Linux >>>Subject: Re: Password aging >>> >>> >>>On Wednesday 17 August 2005 06:46 pm, Allen, Jack wrote: >>> >>> >>> >>>>I have AS 4 64 bit installed. I have tried to enable password aging, but >>>>can not get it to work. I have used the chage command to change the >>>>expiration day. I can show it should have expired by doing "chage -l >>>>login_name". When I login I do not get a warning, and I am not asked to >>>>change my password. Is there some other configuration file that needs to >>>>be changed to enable it? The system is configured with shadow and md5 >>>>encryption. >>> >>> >>>From; >>>man chage >>> >>> The -E option is used to set a date on which the user's account >>>will >>>no longer be accessible. The expiredate option is the number of days >> >>since >> >> >>>January 1, 1970 on which the accounted is locked. The date may also be >>>expressed in the format YYYY-MM-DD (or the format more commonly used in >>>your area). A user whose account is locked must contact the system >>>administrator before being able to use the system again. >>> >>>Did you set this? >>> >>> I am not trying to lock the account. I am trying to force the user >>>to change their password after a certain number of days. You know company >>>rules. What should be happening is the user connects to the system, >> >>provides >> >> >>>their login name and then gets prompted for their password. After they >> >>enter >> >> >>>the password they should get a message that their password has expired and >>>please enter a new one. In other words it would be like they got logged in >>>and received a message to change their password and they entered "passwd". >> >> >>You need to set the "-W n" (warn days) option to chage. In other words, >>to set a user's account to expire on September 1, 2005, and warn them >>for 7 days previous, the chage command would be: >> >> # chage -E 2005-09-01 -W 7 username >> >> >> >>> I assume it is the login program that handles this by what it finds >>>in the shadow file. I have also looked for configuration options for >> >>login, >> >> >>>to try and determine if it should be paying any attention to the aging >>>information in the shadow file. I could not find anything. I have even >>>looked a PAM and found /etc/pam.d/login. But I determined by looking at >> >>the >> >> >>>last accessed time on the file that it was not being accessed when I >> >>tested >> >> >>>logging in. So I am still looking for what controls making the user change >>>their password after some number of days. >> >> >>That's the "-M" option. Here's a form I use a lot and sets the >>following criteria: >> >> Disable an account after 60 days of inactivity >> Allow a user to change passwords whenever they want >> Force a password change every 30 days >> Warn the user for 7 days to change their password >> >>The corresponding chage command is: >> >> # chage -I 60 -m 0 -M 30 -W 7 username >> >>You do know that chage will run in interactive mode if you don't specify >>any options, e.g. >> >> # chage username >> >>============= >>This is the settings for user white3. When I connect I enter the login > > name > >>and then the password and get the shell prompt. It never warns me the >>password will or has expired. So what am I missing? As I asked earlier, >>exactly what program is suppose to be checking the values? I assume login, >>maybe using one of the PAM configuration files. >> >>Changing the aging information for white3 >>Enter the new value, or press ENTER for the default >> >> Minimum Password Age [0]: >> Maximum Password Age [1]: >> Last Password Change (YYYY-MM-DD) [2005-08-15]: >> Password Expiration Warning [1]: >> Password Inactive [14]: >> Account Expiration Date (YYYY-MM-DD) [2005-08-22]: > > > Ok, it absolutely should work. Have you run pwck? Also verify that > /etc/shadow has all the fields filled in. > ============= > Yes I have run pwck and it only complains about missing home directories. > Example: > user adm: directory /var/adm does not exist > user news: directory /etc/news does not exist > user uucp: directory /var/spool/uucp does not exist > user gopher: directory /var/gopher does not exist > user pcap: directory /var/arpwatch does not exist > pwck: no changes > > Here is the line from shadow: > white3:$1$lI.dioGw$Y/tabLB8qA/sjexL.0JXZ.:13010:0:1:1:14:13017: > > Thanks > Jack Allen > > ============ > More information: If I "su - white3", then I am told the password has > expired (aged). If I "sshd -l white3 0", then I am told the same thing. All > my other testing has been done by "telnet 0" and entering the login name and > the password. I have done "ps -ef | grep login" when doing the sshd and > telnet and both are executing login. Therefore I have to assume login is > what should be using the shadow/aging information. But I can not figure out > why ssh works and telnet does not. AH! The lightbulb turns on! I haven't used telnet in a long time and wasn't aware that's what you were doing. First, may I suggest that you disable telnetd immediately. Never use it unless you are behind a really strong firewall and can guarantee the security of your network. The telnet protocol is completely insecure and sends EVERYTHING (including passwords) through in cleartext--which is a bloody horrible idea as you can well imagine! Now, on top of the security issues I mentioned above, all telnetd cares about is whether login validates you or not. Since the account hasn't been disabled, login will approve you and telnet lets you log in. Note, however, that the warnings that login gives are (rather unceremoniously) thrown away by telnetd. If, however, password aging had expired the account (and therefore login would reject you), then telnetd wouldn't let you in either. telnetd is a "pass or fail" system, not a "pass, pass with warnings, or fail" system. Hope that explains it a bit, and sorry about the misunderstanding. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - grep me no patterns and I'll tell you no lines - ---------------------------------------------------------------------- From Jack.Allen at McKesson.com Thu Aug 18 22:04:07 2005 From: Jack.Allen at McKesson.com (Allen, Jack) Date: Thu, 18 Aug 2005 18:04:07 -0400 Subject: Password aging Message-ID: -----Original Message----- From: Rick Stevens [mailto:rstevens at vitalstream.com] Sent: Thursday, August 18, 2005 5:37 PM To: Getting started with Red Hat Linux Subject: Re: Password aging Allen, Jack wrote: > > -----Original Message----- > From: Allen, Jack [mailto:Jack.Allen at McKesson.com] > Sent: Thursday, August 18, 2005 3:48 PM > To: 'Getting started with Red Hat Linux' > Subject: RE: Password aging > > > > > -----Original Message----- > From: Rick Stevens [mailto:rstevens at vitalstream.com] > Sent: Thursday, August 18, 2005 1:22 PM > To: Getting started with Red Hat Linux > Subject: Re: Password aging > > > Allen, Jack wrote: > >>-----Original Message----- >>From: Rick Stevens [mailto:rstevens at vitalstream.com] >>Sent: Thursday, August 18, 2005 12:07 PM >>To: Getting started with Red Hat Linux >>Subject: Re: Password aging >> >> >>Allen, Jack wrote: >> >> >>>-----Original Message----- >>>From: jludwig [mailto:wralphie at comcast.net] >>>Sent: Wednesday, August 17, 2005 8:21 PM >>>To: Getting started with Red Hat Linux >>>Subject: Re: Password aging >>> >>> >>>On Wednesday 17 August 2005 06:46 pm, Allen, Jack wrote: >>> >>> >>> >>>>I have AS 4 64 bit installed. I have tried to enable password aging, but >>>>can not get it to work. I have used the chage command to change the >>>>expiration day. I can show it should have expired by doing "chage -l >>>>login_name". When I login I do not get a warning, and I am not asked to >>>>change my password. Is there some other configuration file that needs to >>>>be changed to enable it? The system is configured with shadow and md5 >>>>encryption. >>> >>> >>>From; >>>man chage >>> >>> The -E option is used to set a date on which the user's account >>>will >>>no longer be accessible. The expiredate option is the number of days >> >>since >> >> >>>January 1, 1970 on which the accounted is locked. The date may also be >>>expressed in the format YYYY-MM-DD (or the format more commonly used in >>>your area). A user whose account is locked must contact the system >>>administrator before being able to use the system again. >>> >>>Did you set this? >>> >>> I am not trying to lock the account. I am trying to force the user >>>to change their password after a certain number of days. You know company >>>rules. What should be happening is the user connects to the system, >> >>provides >> >> >>>their login name and then gets prompted for their password. After they >> >>enter >> >> >>>the password they should get a message that their password has expired and >>>please enter a new one. In other words it would be like they got logged in >>>and received a message to change their password and they entered "passwd". >> >> >>You need to set the "-W n" (warn days) option to chage. In other words, >>to set a user's account to expire on September 1, 2005, and warn them >>for 7 days previous, the chage command would be: >> >> # chage -E 2005-09-01 -W 7 username >> >> >> >>> I assume it is the login program that handles this by what it finds >>>in the shadow file. I have also looked for configuration options for >> >>login, >> >> >>>to try and determine if it should be paying any attention to the aging >>>information in the shadow file. I could not find anything. I have even >>>looked a PAM and found /etc/pam.d/login. But I determined by looking at >> >>the >> >> >>>last accessed time on the file that it was not being accessed when I >> >>tested >> >> >>>logging in. So I am still looking for what controls making the user change >>>their password after some number of days. >> >> >>That's the "-M" option. Here's a form I use a lot and sets the >>following criteria: >> >> Disable an account after 60 days of inactivity >> Allow a user to change passwords whenever they want >> Force a password change every 30 days >> Warn the user for 7 days to change their password >> >>The corresponding chage command is: >> >> # chage -I 60 -m 0 -M 30 -W 7 username >> >>You do know that chage will run in interactive mode if you don't specify >>any options, e.g. >> >> # chage username >> >>============= >>This is the settings for user white3. When I connect I enter the login > > name > >>and then the password and get the shell prompt. It never warns me the >>password will or has expired. So what am I missing? As I asked earlier, >>exactly what program is suppose to be checking the values? I assume login, >>maybe using one of the PAM configuration files. >> >>Changing the aging information for white3 >>Enter the new value, or press ENTER for the default >> >> Minimum Password Age [0]: >> Maximum Password Age [1]: >> Last Password Change (YYYY-MM-DD) [2005-08-15]: >> Password Expiration Warning [1]: >> Password Inactive [14]: >> Account Expiration Date (YYYY-MM-DD) [2005-08-22]: > > > Ok, it absolutely should work. Have you run pwck? Also verify that > /etc/shadow has all the fields filled in. > ============= > Yes I have run pwck and it only complains about missing home directories. > Example: > user adm: directory /var/adm does not exist > user news: directory /etc/news does not exist > user uucp: directory /var/spool/uucp does not exist > user gopher: directory /var/gopher does not exist > user pcap: directory /var/arpwatch does not exist > pwck: no changes > > Here is the line from shadow: > white3:$1$lI.dioGw$Y/tabLB8qA/sjexL.0JXZ.:13010:0:1:1:14:13017: > > Thanks > Jack Allen > > ============ > More information: If I "su - white3", then I am told the password has > expired (aged). If I "sshd -l white3 0", then I am told the same thing. All > my other testing has been done by "telnet 0" and entering the login name and > the password. I have done "ps -ef | grep login" when doing the sshd and > telnet and both are executing login. Therefore I have to assume login is > what should be using the shadow/aging information. But I can not figure out > why ssh works and telnet does not. AH! The lightbulb turns on! I haven't used telnet in a long time and wasn't aware that's what you were doing. First, may I suggest that you disable telnetd immediately. Never use it unless you are behind a really strong firewall and can guarantee the security of your network. The telnet protocol is completely insecure and sends EVERYTHING (including passwords) through in cleartext--which is a bloody horrible idea as you can well imagine! Now, on top of the security issues I mentioned above, all telnetd cares about is whether login validates you or not. Since the account hasn't been disabled, login will approve you and telnet lets you log in. Note, however, that the warnings that login gives are (rather unceremoniously) thrown away by telnetd. If, however, password aging had expired the account (and therefore login would reject you), then telnetd wouldn't let you in either. telnetd is a "pass or fail" system, not a "pass, pass with warnings, or fail" system. Hope that explains it a bit, and sorry about the misunderstanding. =========== I know all about the lack of security with telnet. Our development systems are all behind a very restricted firewall and our product is deployed at our customers behind firewalls. The product requires telnet because of some old terminal emulation with enhancements that has to be used by the users. I don't know exactly how Linux functions as far as telnet and login, but I do know how telnet and login work UNIX systems. The login prompt is presented to the user by the login program which communicates through the telnetd process back through the network. The telnetd process is actually the parent process for login. The login program does all the prompting the user for the login name and their password and does all the validation, password aging checks and so forth. Then it overlays itself with the shell specified in the passwd file. As I said earlier, when I connect via telnet it runs login, when I connect via ssh it also runs login. I checked this when I connected before I even entered a login name. Therefore it seems to me that login is being used by both ways of connecting to the system and it should be the one doing validation and aging checking. If this is true, I still can not figure out why one does aging and the other does not. Just as a side question, when is the PAM configuration files in /etc/pam.d used? There is one for password, login, and sshd. I checked the last accessed time on all of them and password and login are never accessed. So what are they there for? Does anyone have the source loaded and can look at login and see if it uses the PAM files or calls other things that may use them or deals with the shadow file and aging directly? Thanks: Jack Allen From rstevens at vitalstream.com Thu Aug 18 22:40:19 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Thu, 18 Aug 2005 15:40:19 -0700 Subject: Password aging In-Reply-To: References: Message-ID: <43050E53.8000909@vitalstream.com> Allen, Jack wrote: > Rick Stevens wrote: > AH! The lightbulb turns on! I haven't used telnet in a long time and > wasn't aware that's what you were doing. > > First, may I suggest that you disable telnetd immediately. Never use it > unless you are behind a really strong firewall and can guarantee the > security of your network. The telnet protocol is completely insecure > and sends EVERYTHING (including passwords) through in cleartext--which > is a bloody horrible idea as you can well imagine! > > Now, on top of the security issues I mentioned above, all telnetd cares > about is whether login validates you or not. Since the account hasn't > been disabled, login will approve you and telnet lets you log in. Note, > however, that the warnings that login gives are (rather unceremoniously) > thrown away by telnetd. > > If, however, password aging had expired the account (and therefore login > would reject you), then telnetd wouldn't let you in either. telnetd is > a "pass or fail" system, not a "pass, pass with warnings, or fail" > system. > > Hope that explains it a bit, and sorry about the misunderstanding. > > =========== > I know all about the lack of security with telnet. Our development > systems are all behind a very restricted firewall and our product is > deployed at our customers behind firewalls. The product requires telnet > because of some old terminal emulation with enhancements that has to be used > by the users. > > I don't know exactly how Linux functions as far as telnet and login, > but I do know how telnet and login work UNIX systems. The login prompt is > presented to the user by the login program which communicates through the > telnetd process back through the network. The telnetd process is actually > the parent process for login. The login program does all the prompting the > user for the login name and their password and does all the validation, > password aging checks and so forth. Then it overlays itself with the shell > specified in the passwd file. As I said earlier, when I connect via telnet > it runs login, when I connect via ssh it also runs login. I checked this > when I connected before I even entered a login name. Therefore it seems to > me that login is being used by both ways of connecting to the system and it > should be the one doing validation and aging checking. If this is true, I > still can not figure out why one does aging and the other does not. It's not aging, it's the _warnings_ that login gives about the state of the password that aren't propagated through the telnet pipe. I'm not 100% sure of this, but if telnetd wasn't built with AUTHENTICATION enabled, these messages are ignored, and I don't know how it was built. > Just as a side question, when is the PAM configuration files in > /etc/pam.d used? There is one for password, login, and sshd. I checked the > last accessed time on all of them and password and login are never accessed. > So what are they there for? Those control what PAM things are required for the named application. In other words, /etc/pam.d/passwd controls access regarding the use of the /usr/bin/passwd _program_, not access to the /etc/passwd _file_. File access is handled by the standard permissions and ACLs. Similarly, /etc/pam.d/login controls use of the /bin/login program, and then only if it's invoked by a user--not by another program (e.g. sshd or telnetd). It's assumed that, because another program is invoking it, that program has already authenticated in some manner--at least the session must be valid. If you look at the differences between the /etc/pam.d/sshd and /etc/pam.d/login files, you'll see that sshd's requirements for the session portion are less restrictive so it can run login. > Does anyone have the source loaded and can look at login and see if > it uses the PAM files or calls other things that may use them or deals with > the shadow file and aging directly? login does all that. Again, aging is taking place. You simply don't see the warnings that login issues when you use telnet, that's all. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Time: Nature's way of keeping everything from happening at once. - ---------------------------------------------------------------------- From rstevens at vitalstream.com Thu Aug 18 22:46:11 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Thu, 18 Aug 2005 15:46:11 -0700 Subject: Password aging In-Reply-To: <43050E53.8000909@vitalstream.com> References: <43050E53.8000909@vitalstream.com> Message-ID: <43050FB3.8030005@vitalstream.com> Rick Stevens wrote: > Allen, Jack wrote: > >> Rick Stevens wrote: AH! The lightbulb turns on! I haven't used >> telnet in a long time and >> wasn't aware that's what you were doing. >> >> First, may I suggest that you disable telnetd immediately. Never use it >> unless you are behind a really strong firewall and can guarantee the >> security of your network. The telnet protocol is completely insecure >> and sends EVERYTHING (including passwords) through in cleartext--which >> is a bloody horrible idea as you can well imagine! >> >> Now, on top of the security issues I mentioned above, all telnetd cares >> about is whether login validates you or not. Since the account hasn't >> been disabled, login will approve you and telnet lets you log in. Note, >> however, that the warnings that login gives are (rather unceremoniously) >> thrown away by telnetd. >> >> If, however, password aging had expired the account (and therefore login >> would reject you), then telnetd wouldn't let you in either. telnetd is >> a "pass or fail" system, not a "pass, pass with warnings, or fail" >> system. >> >> Hope that explains it a bit, and sorry about the misunderstanding. >> >> =========== >> I know all about the lack of security with telnet. Our development >> systems are all behind a very restricted firewall and our product is >> deployed at our customers behind firewalls. The product requires telnet >> because of some old terminal emulation with enhancements that has to >> be used >> by the users. >> >> I don't know exactly how Linux functions as far as telnet and login, >> but I do know how telnet and login work UNIX systems. The login prompt is >> presented to the user by the login program which communicates through the >> telnetd process back through the network. The telnetd process is actually >> the parent process for login. The login program does all the prompting >> the >> user for the login name and their password and does all the validation, >> password aging checks and so forth. Then it overlays itself with the >> shell >> specified in the passwd file. As I said earlier, when I connect via >> telnet >> it runs login, when I connect via ssh it also runs login. I checked this >> when I connected before I even entered a login name. Therefore it >> seems to >> me that login is being used by both ways of connecting to the system >> and it >> should be the one doing validation and aging checking. If this is true, I >> still can not figure out why one does aging and the other does not. > > > It's not aging, it's the _warnings_ that login gives about the state of > the password that aren't propagated through the telnet pipe. I'm not > 100% sure of this, but if telnetd wasn't built with AUTHENTICATION > enabled, these messages are ignored, and I don't know how it was built. > >> Just as a side question, when is the PAM configuration files in >> /etc/pam.d used? There is one for password, login, and sshd. I checked >> the >> last accessed time on all of them and password and login are never >> accessed. >> So what are they there for? > > > Those control what PAM things are required for the named application. > In other words, /etc/pam.d/passwd controls access regarding the use of > the /usr/bin/passwd _program_, not access to the /etc/passwd _file_. > File access is handled by the standard permissions and ACLs. > > Similarly, /etc/pam.d/login controls use of the /bin/login program, and > then only if it's invoked by a user--not by another program (e.g. sshd > or telnetd). It's assumed that, because another program is invoking it, > that program has already authenticated in some manner--at least the > session must be valid. If you look at the differences between the > /etc/pam.d/sshd and /etc/pam.d/login files, you'll see that sshd's > requirements for the session portion are less restrictive so it can run > login. > >> Does anyone have the source loaded and can look at login and see if >> it uses the PAM files or calls other things that may use them or deals >> with >> the shadow file and aging directly? > > > login does all that. Again, aging is taking place. You simply don't > see the warnings that login issues when you use telnet, that's all. Followup: telnetd isn't even PAM-aware, so it's entirely possible that it never checks aging (it doesn't invoke pam_stack.so). login will still fail if the account is expired, but you won't get any messages. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Brain: The organ with which we think that we think. - ---------------------------------------------------------------------- From Jack.Allen at McKesson.com Fri Aug 19 01:16:02 2005 From: Jack.Allen at McKesson.com (Allen, Jack) Date: Thu, 18 Aug 2005 21:16:02 -0400 Subject: Password aging Message-ID: -----Original Message----- From: Rick Stevens [mailto:rstevens at vitalstream.com] Sent: Thursday, August 18, 2005 6:46 PM To: Getting started with Red Hat Linux Subject: Re: Password aging Rick Stevens wrote: > Allen, Jack wrote: > >> Rick Stevens wrote: AH! The lightbulb turns on! I haven't used >> telnet in a long time and >> wasn't aware that's what you were doing. >> >> First, may I suggest that you disable telnetd immediately. Never use it >> unless you are behind a really strong firewall and can guarantee the >> security of your network. The telnet protocol is completely insecure >> and sends EVERYTHING (including passwords) through in cleartext--which >> is a bloody horrible idea as you can well imagine! >> >> Now, on top of the security issues I mentioned above, all telnetd cares >> about is whether login validates you or not. Since the account hasn't >> been disabled, login will approve you and telnet lets you log in. Note, >> however, that the warnings that login gives are (rather unceremoniously) >> thrown away by telnetd. >> >> If, however, password aging had expired the account (and therefore login >> would reject you), then telnetd wouldn't let you in either. telnetd is >> a "pass or fail" system, not a "pass, pass with warnings, or fail" >> system. >> >> Hope that explains it a bit, and sorry about the misunderstanding. >> >> =========== >> I know all about the lack of security with telnet. Our development >> systems are all behind a very restricted firewall and our product is >> deployed at our customers behind firewalls. The product requires telnet >> because of some old terminal emulation with enhancements that has to >> be used >> by the users. >> >> I don't know exactly how Linux functions as far as telnet and login, >> but I do know how telnet and login work UNIX systems. The login prompt is >> presented to the user by the login program which communicates through the >> telnetd process back through the network. The telnetd process is actually >> the parent process for login. The login program does all the prompting >> the >> user for the login name and their password and does all the validation, >> password aging checks and so forth. Then it overlays itself with the >> shell >> specified in the passwd file. As I said earlier, when I connect via >> telnet >> it runs login, when I connect via ssh it also runs login. I checked this >> when I connected before I even entered a login name. Therefore it >> seems to >> me that login is being used by both ways of connecting to the system >> and it >> should be the one doing validation and aging checking. If this is true, I >> still can not figure out why one does aging and the other does not. > > > It's not aging, it's the _warnings_ that login gives about the state of > the password that aren't propagated through the telnet pipe. I'm not > 100% sure of this, but if telnetd wasn't built with AUTHENTICATION > enabled, these messages are ignored, and I don't know how it was built. > >> Just as a side question, when is the PAM configuration files in >> /etc/pam.d used? There is one for password, login, and sshd. I checked >> the >> last accessed time on all of them and password and login are never >> accessed. >> So what are they there for? > > > Those control what PAM things are required for the named application. > In other words, /etc/pam.d/passwd controls access regarding the use of > the /usr/bin/passwd _program_, not access to the /etc/passwd _file_. > File access is handled by the standard permissions and ACLs. > > Similarly, /etc/pam.d/login controls use of the /bin/login program, and > then only if it's invoked by a user--not by another program (e.g. sshd > or telnetd). It's assumed that, because another program is invoking it, > that program has already authenticated in some manner--at least the > session must be valid. If you look at the differences between the > /etc/pam.d/sshd and /etc/pam.d/login files, you'll see that sshd's > requirements for the session portion are less restrictive so it can run > login. > >> Does anyone have the source loaded and can look at login and see if >> it uses the PAM files or calls other things that may use them or deals >> with >> the shadow file and aging directly? > > > login does all that. Again, aging is taking place. You simply don't > see the warnings that login issues when you use telnet, that's all. Followup: telnetd isn't even PAM-aware, so it's entirely possible that it never checks aging (it doesn't invoke pam_stack.so). login will still fail if the account is expired, but you won't get any messages. ============= I assumed telnetd was not PAM-aware, but login should be. You have been a big help replying to this and other questions I have asked, but I have to disagree with you about telnetd not passing the warning messages. It basically passes what ever it reads on the master side of a pseudo tty that another program such as login or the shell or vi writes to the slave side and sends it across the network. Therefore when a connection via telnet is done and login is run to prompt the user for their login name and password it can send the warning message and prompt to enter a new password. There is nothing special about this that would keep telnetd from passing the characters along. Doing strings on /bin/login shows libpam.so.0 and libpam_misc.so.0 and several pam_* names, I assume are PAM library calls. So it would seem login is PAM-aware. I still think there is a configuration file somewhere that has to be changed to make login really use PAM. Then it would work just like su and ssh about identifying the password has aged. I found /etc/login.def, but not much other than what is already in the file commented out, as far as what all can be put there to control something. Most of the parameters seem to deal with adduser, default shell and some other things. Thanks: Jack Allen From brad.mugleston at comcast.net Fri Aug 19 04:34:55 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Thu, 18 Aug 2005 22:34:55 -0600 (MDT) Subject: Strange Modem Message-ID: I just built a file server using an old Pentium II with FC2 but it's got a 180G hard drive on it (for home use). When I hook it into my home network everything works great - the switch assigns it an IP address and it seems to work fine. BUt after awhile the modem starts rebooting. If I unplug the network cable from the comuter the modem goes back to normal. I've tried two different NIC's in the computer and they both do the same thing. Any ideas? About the only other thing funky on this is it will not go into the graphical mode, doesn't like the card/monitor configuration (again, I've used two video cards and two monitors but same results. This is fine as I don't really plan on using the computer that way - it's just suppose to store all my music and pictures on it... Brad Mugleston, KI0OT There are 10 types of people in this world. Those that understand binary and those that don't. From chris.mueller at gmail.com Fri Aug 19 14:16:55 2005 From: chris.mueller at gmail.com (Chris Mueller) Date: Fri, 19 Aug 2005 10:16:55 -0400 Subject: PHP with MSSQL support Message-ID: <874c0d4405081907162bc874e6@mail.gmail.com> Hi, I was recently trying to install phpBB on a fresh installation of Red Hat Enterprise Linux, and was hoping to connect it to our central database server that is running MSSQL. When installing phpBB, I received an error stating "The PHP configuration on your server doesn't support the database type that you chose." So I'm wondering if the Red Hat PHP installation supports connections to MSSQL by default. (My guess is that it doesn't.) Any ideas what I would need to do to make the connection between PHP and MSSQL? I've looked briefly at FreeTDS, but it looks like I might need to reinstall PHP from source in order to make that work... Thanks, Chris From ginu.george at gmail.com Fri Aug 19 14:33:23 2005 From: ginu.george at gmail.com (Ginu George) Date: Fri, 19 Aug 2005 14:33:23 -0000 Subject: PHP with MSSQL support In-Reply-To: <874c0d4405081907162bc874e6@mail.gmail.com> Message-ID: <4305ec08.63e002f9.1e22.190f@mx.gmail.com> Chris, Check the SQL Server version and the PHP BB required DB version. Coz I have installed the same and its running well at http://ideas.solomonideas.com See if u need more clarifications then check http://www.phpbb.com/support/guide/#section2_1 Regards Ginu -----Original Message----- From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of Chris Mueller Sent: Friday, August 19, 2005 2:17 PM To: redhat-install-list at redhat.com Subject: PHP with MSSQL support Hi, I was recently trying to install phpBB on a fresh installation of Red Hat Enterprise Linux, and was hoping to connect it to our central database server that is running MSSQL. When installing phpBB, I received an error stating "The PHP configuration on your server doesn't support the database type that you chose." So I'm wondering if the Red Hat PHP installation supports connections to MSSQL by default. (My guess is that it doesn't.) Any ideas what I would need to do to make the connection between PHP and MSSQL? I've looked briefly at FreeTDS, but it looks like I might need to reinstall PHP from source in order to make that work... Thanks, Chris _______________________________________________ Redhat-install-list mailing list Redhat-install-list at redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request at redhat.com Subject: unsubscribe From Jack.Allen at McKesson.com Fri Aug 19 15:56:01 2005 From: Jack.Allen at McKesson.com (Allen, Jack) Date: Fri, 19 Aug 2005 11:56:01 -0400 Subject: Password aging - Problem solved Message-ID: Rick Stevens wrote: > Allen, Jack wrote: > >> Rick Stevens wrote: AH! The lightbulb turns on! I haven't used >> telnet in a long time and >> wasn't aware that's what you were doing. >> >> First, may I suggest that you disable telnetd immediately. Never use it >> unless you are behind a really strong firewall and can guarantee the >> security of your network. The telnet protocol is completely insecure >> and sends EVERYTHING (including passwords) through in cleartext--which >> is a bloody horrible idea as you can well imagine! >> >> Now, on top of the security issues I mentioned above, all telnetd cares >> about is whether login validates you or not. Since the account hasn't >> been disabled, login will approve you and telnet lets you log in. Note, >> however, that the warnings that login gives are (rather unceremoniously) >> thrown away by telnetd. >> >> If, however, password aging had expired the account (and therefore login >> would reject you), then telnetd wouldn't let you in either. telnetd is >> a "pass or fail" system, not a "pass, pass with warnings, or fail" >> system. >> >> Hope that explains it a bit, and sorry about the misunderstanding. >> >> =========== >> I know all about the lack of security with telnet. Our development >> systems are all behind a very restricted firewall and our product is >> deployed at our customers behind firewalls. The product requires telnet >> because of some old terminal emulation with enhancements that has to >> be used >> by the users. >> >> I don't know exactly how Linux functions as far as telnet and login, >> but I do know how telnet and login work UNIX systems. The login prompt is >> presented to the user by the login program which communicates through the >> telnetd process back through the network. The telnetd process is actually >> the parent process for login. The login program does all the prompting >> the >> user for the login name and their password and does all the validation, >> password aging checks and so forth. Then it overlays itself with the >> shell >> specified in the passwd file. As I said earlier, when I connect via >> telnet >> it runs login, when I connect via ssh it also runs login. I checked this >> when I connected before I even entered a login name. Therefore it >> seems to >> me that login is being used by both ways of connecting to the system >> and it >> should be the one doing validation and aging checking. If this is true, I >> still can not figure out why one does aging and the other does not. > > > It's not aging, it's the _warnings_ that login gives about the state of > the password that aren't propagated through the telnet pipe. I'm not > 100% sure of this, but if telnetd wasn't built with AUTHENTICATION > enabled, these messages are ignored, and I don't know how it was built. > >> Just as a side question, when is the PAM configuration files in >> /etc/pam.d used? There is one for password, login, and sshd. I checked >> the >> last accessed time on all of them and password and login are never >> accessed. >> So what are they there for? > > > Those control what PAM things are required for the named application. > In other words, /etc/pam.d/passwd controls access regarding the use of > the /usr/bin/passwd _program_, not access to the /etc/passwd _file_. > File access is handled by the standard permissions and ACLs. > > Similarly, /etc/pam.d/login controls use of the /bin/login program, and > then only if it's invoked by a user--not by another program (e.g. sshd > or telnetd). It's assumed that, because another program is invoking it, > that program has already authenticated in some manner--at least the > session must be valid. If you look at the differences between the > /etc/pam.d/sshd and /etc/pam.d/login files, you'll see that sshd's > requirements for the session portion are less restrictive so it can run > login. > >> Does anyone have the source loaded and can look at login and see if >> it uses the PAM files or calls other things that may use them or deals >> with >> the shadow file and aging directly? > > > login does all that. Again, aging is taking place. You simply don't > see the warnings that login issues when you use telnet, that's all. Followup: telnetd isn't even PAM-aware, so it's entirely possible that it never checks aging (it doesn't invoke pam_stack.so). login will still fail if the account is expired, but you won't get any messages. ============= I assumed telnetd was not PAM-aware, but login should be. You have been a big help replying to this and other questions I have asked, but I have to disagree with you about telnetd not passing the warning messages. It basically passes what ever it reads on the master side of a pseudo tty that another program such as login or the shell or vi writes to the slave side and sends it across the network. Therefore when a connection via telnet is done and login is run to prompt the user for their login name and password it can send the warning message and prompt to enter a new password. There is nothing special about this that would keep telnetd from passing the characters along. Doing strings on /bin/login shows libpam.so.0 and libpam_misc.so.0 and several pam_* names, I assume are PAM library calls. So it would seem login is PAM-aware. I still think there is a configuration file somewhere that has to be changed to make login really use PAM. Then it would work just like su and ssh about identifying the password has aged. I found /etc/login.def, but not much other than what is already in the file commented out, as far as what all can be put there to control something. Most of the parameters seem to deal with adduser, default shell and some other things. Thanks: Jack Allen =========== Follow up: First I have to correct something I said earlier. When you connect via ssh, it does NOT run the login program at the start like telnetd does. I have resolved the problem. I had enabled /etc/xinetd.d/kbr5-telnet for telnet service. It calls /usr/kerberos/sbin/telnetd, which is suppose to handle Kerberos 5 authentication and standard telnet connections. So it looks like when a standard telnet connection is made, it sets something or passes or does not pass an option to login which causes it not to do the password aging checking. There is also /etc/xinetd.d/telnet which calls /usr/sbin/in.telnetd, which I believe is the old standard telnet that sets something or passes and option to login. I will have to do some more testing to see if I can determine what argument is or is not passed to the login program when called from the differ telnetd programs. Thanks: Jack Allen From erdinc at prosoft.com.tr Fri Aug 19 17:05:54 2005 From: erdinc at prosoft.com.tr (Ali =?ISO-8859-9?Q?Erdin=E7_K=F6ro=F0lu?=) Date: Fri, 19 Aug 2005 20:05:54 +0300 Subject: PHP with MSSQL support In-Reply-To: <874c0d4405081907162bc874e6@mail.gmail.com> References: <874c0d4405081907162bc874e6@mail.gmail.com> Message-ID: <20050819200554.4ec55ac2.erdinc@prosoft.com.tr> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, On Fri, 19 Aug 2005 10:16:55 -0400 Chris Mueller wrote: > Hi, > > I was recently trying to install phpBB on a fresh installation of Red > Hat Enterprise Linux, and was hoping to connect it to our central > database server that is running MSSQL. When installing phpBB, I > received an error stating "The PHP configuration on your server > doesn't support the database type that you chose." > > So I'm wondering if the Red Hat PHP installation supports connections > to MSSQL by default. (My guess is that it doesn't.) Any ideas what I > would need to do to make the connection between PHP and MSSQL? > > I've looked briefly at FreeTDS, but it looks like I might need to > reinstall PHP from source in order to make that work... Do you have php-mysql installed? Regards Ali Erdin? K?roglu http://www.prosoft.com.tr -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDBhFyUZ8xvL9ToPoRAnfFAKDA1BTH6UK04RWG9mdbTVLIs0C4sACePZfn JwZmDStR3IZFXUd3TT5Nk60= =71p0 -----END PGP SIGNATURE----- From rstevens at vitalstream.com Fri Aug 19 17:19:50 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Fri, 19 Aug 2005 10:19:50 -0700 Subject: PHP with MSSQL support In-Reply-To: <874c0d4405081907162bc874e6@mail.gmail.com> References: <874c0d4405081907162bc874e6@mail.gmail.com> Message-ID: <430614B6.2030302@vitalstream.com> Chris Mueller wrote: > Hi, > > I was recently trying to install phpBB on a fresh installation of Red > Hat Enterprise Linux, and was hoping to connect it to our central > database server that is running MSSQL. When installing phpBB, I > received an error stating "The PHP configuration on your server > doesn't support the database type that you chose." MSSQL, as in Microsoft SQL? > So I'm wondering if the Red Hat PHP installation supports connections > to MSSQL by default. (My guess is that it doesn't.) Any ideas what I > would need to do to make the connection between PHP and MSSQL? > > I've looked briefly at FreeTDS, but it looks like I might need to > reinstall PHP from source in order to make that work... Yup, I believe you do. It's been a long time since I tried to do that. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Reality: A crutch for those who can't handle science fiction - ---------------------------------------------------------------------- From rstevens at vitalstream.com Fri Aug 19 18:33:30 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Fri, 19 Aug 2005 11:33:30 -0700 Subject: Strange Modem In-Reply-To: References: Message-ID: <430625FA.8070401@vitalstream.com> brad.mugleston at comcast.net wrote: > I just built a file server using an old Pentium II with FC2 but > it's got a 180G hard drive on it (for home use). When I hook it > into my home network everything works great - the switch assigns > it an IP address and it seems to work fine. BUt after awhile the > modem starts rebooting. If I unplug the network cable from the > comuter the modem goes back to normal. I've tried two different > NIC's in the computer and they both do the same thing. > > Any ideas? Uh, serial modem or PCI-based? If it's PCI, have you looked at the IRQ assignments between the modem and the NICs? (lspci -v) Even with a serial modem, it's possible (especially if you're using /dev/ttyS1, aka COM2) for the NIC to try to use the same IRQ (IRQ3). You can also "cat /proc/interrupts" along with "cat /var/log/dmesg" to see what's using what. > About the only other thing funky on this is it will not go into > the graphical mode, doesn't like the card/monitor configuration > (again, I've used two video cards and two monitors but same > results. This is fine as I don't really plan on using the > computer that way - it's just suppose to store all my music and > pictures on it... Have you checked the X startup log to see what it doesn't like? It may also be an IRQ conflict (not uncommon for video cards to use IRQ9 for video retrace interrupts...and that can conflict with the IRQ cascade to the second 8259 controller). In fact, a machine that old quite likely will have IRQ issues. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Memory is the second thing to go, but I can't remember the first! - ---------------------------------------------------------------------- From fromRHIL at outtacyte.com Fri Aug 19 22:32:33 2005 From: fromRHIL at outtacyte.com (Greg Julius) Date: Fri, 19 Aug 2005 17:32:33 -0500 Subject: Kerberos Help Needed Message-ID: <200508192232.j7JMWWNe026697@mx3.redhat.com> Hi Y'all. Greg from Texas calling. I desperately need some help with getting my systems talking together. I have googled, read, and read some more. I appologize in advance for a long email. I tried to include everything that may be pertinent. Abstract: I can't seem to get kerberos configured correctly so that a windows user can access the samba shares. My Setup: Windows Small Business Server 2003 ADS which is my domain PDC, and numerous Windows workstations. Linux Server, Fedora Core 4 (brand new install), which is to be a file server and an internal web development server (Apache, PHP, MySQL) I have recently needed to upgrade from a peer-peer network to a Windows SBS ADS/PDC. When I did, my linux server left the fray and I haven't been able to get it to talk to windows despite working on it for some time. I am now at the point where I MUST GET IT WORKING (unhappy clients including an unhappy me). It is my understanding that in order for the Linux server to talk with the Windows ADS that Kerberos must be working, but I am having mucho trouble with this. I think my biggest problem is a lack of the total picture and I could use somebody who is familiar with kerberos and Windows ADS (and winbind and samba) interactions. I called Bob McClure this morning looking for help and he reminded me that Rick Stevens monitors this list and was probably my best bet for something of this nature. So here I am.... Progress to date (or lack of): Windows SBS 2003 ADS/PDC installed. This is Filesvr2 by name, x.x.x.6 by IP. Samba shares no longer work. Dns and Dhcp are running on the PDC and names resolve correctly all over the network. ocinternal.local is the domain name. Addresses resolve with and without the domain name suffixed. Fedora Core 4 installed - no problems to speak of Linux host name is guardian and is at x.x.x.8. I can ping this address by name and IP, both from the machine itself and from elsewhere on the network. Basic connectivity is achieved Selinux is disabled unitl I get other things working correctly to remove those potential issues. Apache Started and talks to browsers on the network. Virtual name servers work and present data correctly. Kerberos 'configured' and starts (kadmin and krb5kdc). Krb524 not run as I don't have any v.4 stuff at all or ever. I created the kdc. Realm name is OCINTERNAL.LOCAL, kdc name is guardian.ocinternal.local Samba starts Winbind starts. As root I can do a kinit, can see the results with klist, and remove them with kdestroy. Now for raw data. I have tried to keep the config files pretty vanilla. I have put comments below each config file or log file and at the end of the file. Here is the kdc.conf contents: [kdcdefaults] acl_file = /var/kerberos/krb5kdc/kadm5.acl dict_file = /usr/share/dict/words admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab v4_mode = nopreauth [realms] OCINTERNAL.LOCAL = { master_key_type = des-cbc-crc supported_enctypes = des3-hmac-sha1:normal arcfour-hmac:normal des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4 des-cbc-crc:afs3 } I'm not too sure on the master_key_type as the information available is unclear and conflicting. What does Windows ADS use and is it supported on this side of the divide? If not, then what should I use and how do I tell windows to use it as well? Here is krb5.conf: [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = OCINTERNAL.LOCAL dns_lookup_realm = true dns_lookup_kdc = true ticket_lifetime = 24h forwardable = yes [realms] OCINTERNAL.LOCAL = { kdc = guardian.ocinternal.local:88 admin_server = guardian.ocinternal.local:749 } [domain_realm] .ocinternal.local = OCINTERNAL.LOCAL ocinternal.local = OCINTERNAL.LOCAL [kdc] profile = /var/kerberos/krb5kdc/kdc.conf [appdefaults] pam = { debug = true ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false } I have tried this file with the dns settings set both ways. And finally, the smb.conf file (some clipped for brevity): # Samba config file created using SWAT # from 127.0.0.1 (127.0.0.1) # Date: 2005/08/08 22:08:31 # Global parameters [global] workgroup = OCINTERNAL realm = OCINTERNAL.LOCAL server string = Samba Server security = ADS password server = Filesrv2.ocinternal.local log file = /var/log/samba/%m.log max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = /etc/printcap dns proxy = No ldap ssl = no idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/bash cups options = raw Note that the password server here is set to Filesrv2. This name is that of my PDC. Now for the logs When I start, I get this for kadmind.log: Aug 19 13:42:03 guardian.ocinternal.local kadmind[20252](info): Seeding random number generator Aug 19 13:42:03 guardian.ocinternal.local kadmind[20252](info): Seeding random number generator Aug 19 13:42:03 guardian.ocinternal.local kadmind[20252](info): No dictionary file specified, continuing without one. Aug 19 13:42:03 guardian.ocinternal.local kadmind[20252](info): No dictionary file specified, continuing without one. Aug 19 13:42:03 guardian.ocinternal.local kadmind[20253](info): starting Aug 19 13:42:03 guardian.ocinternal.local kadmind[20253](info): starting Looks ok to me but I note I get two of each line.... For krb5kdc.log I get this: Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20242](info): setting up network... Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20242](info): setting up network... Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20242](info): skipping unrecognized local address family 17 Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20242](info): skipping unrecognized local address family 17 Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20242](info): listening on fd 7: udp 10.255.20.8.750 Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20242](info): listening on fd 7: udp 10.255.20.8.750 Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20242](info): listening on fd 8: udp 10.255.20.8.88 Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20242](info): listening on fd 8: udp 10.255.20.8.88 Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20242](info): listening on fd 9: udp fe80::204:61ff:fe42:ae5e%eth0.750 Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20242](info): listening on fd 9: udp fe80::204:61ff:fe42:ae5e%eth0.750 Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20242](info): listening on fd 10: udp fe80::204:61ff:fe42:ae5e%eth0.88 Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20242](info): listening on fd 10: udp fe80::204:61ff:fe42:ae5e%eth0.88 Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20242](info): set up 4 sockets Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20242](info): set up 4 sockets Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20244](info): commencing operation Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20244](info): commencing operation Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20244](info): AS_REQ (7 etypes {18 17 16 23 1 3 2}) 10.255.20.8: CLIENT_NOT_FOUND: host/GUARDIAN at OCINTERNAL.LOCAL for krbtgt/OCINTERNAL.LOCAL at OCINTERNAL.LOCAL, Client not found in Kerberos database Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20244](info): AS_REQ (7 etypes {18 17 16 23 1 3 2}) 10.255.20.8: CLIENT_NOT_FOUND: host/GUARDIAN at OCINTERNAL.LOCAL for krbtgt/OCINTERNAL.LOCAL at OCINTERNAL.LOCAL, Client not found in Kerberos database Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20244](info): AS_REQ (7 etypes {18 17 16 23 1 3 2}) 10.255.20.8: ISSUE: authtime 1124476923, etypes {rep=16 tkt=16 ses=16}, GUARDIAN$@OCINTERNAL.LOCAL for krbtgt/OCINTERNAL.LOCAL at OCINTERNAL.LOCAL Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20244](info): AS_REQ (7 etypes {18 17 16 23 1 3 2}) 10.255.20.8: ISSUE: authtime 1124476923, etypes {rep=16 tkt=16 ses=16}, GUARDIAN$@OCINTERNAL.LOCAL for krbtgt/OCINTERNAL.LOCAL at OCINTERNAL.LOCAL Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20244](info): DISPATCH: repeated (retransmitted?) request from 10.255.20.8, resending previous response Aug 19 13:42:03 guardian.ocinternal.local krb5kdc[20244](info): DISPATCH: repeated (retransmitted?) request from 10.255.20.8, resending previous response Aug 19 13:47:03 guardian.ocinternal.local krb5kdc[20244](info): AS_REQ (7 etypes {18 17 16 23 1 3 2}) 10.255.20.8: ISSUE: authtime 1124477223, etypes {rep=16 tkt=16 ses=16}, GUARDIAN$@OCINTERNAL.LOCAL for krbtgt/OCINTERNAL.LOCAL at OCINTERNAL.LOCAL ** 108 identical except for the time deleted ** Aug 19 16:04:01 guardian.ocinternal.local krb5kdc[20244](info): AS_REQ (7 etypes {18 17 16 23 1 3 2}) 10.255.20.8: ISSUE: authtime 1124485441, etypes {rep=16 tkt=16 ses=16}, GUARDIAN$@OCINTERNAL.LOCAL for krbtgt/OCINTERNAL.LOCAL at OCINTERNAL.LOCAL With one exception, things looked fine above. An apparent problem is this line: CLIENT_NOT_FOUND: host/GUARDIAN at OCINTERNAL.LOCAL for krbtgt/OCINTERNAL.LOCAL at OCINTERNAL.LOCAL, Client not found in Kerberos database Here is my winbind.log [2005/08/19 13:42:03, 1] nsswitch/winbindd.c:main(864) winbindd version 3.0.14a-2 started. Copyright The Samba Team 2000-2004 [2005/08/19 13:42:03, 0] libsmb/cliconnect.c:cli_session_setup_spnego(759) Kinit failed: Cannot contact any KDC for requested realm [2005/08/19 13:42:03, 0] libads/kerberos.c:ads_kinit_password(146) kerberos_kinit_password host/GUARDIAN at OCINTERNAL.LOCAL failed: Client not found in Kerberos database [2005/08/19 13:42:03, 1] nsswitch/winbindd_ads.c:ads_cached_connection(81) ads_connect for domain OCINTERNAL failed: Client not found in Kerberos database [2005/08/19 13:42:03, 0] libsmb/cliconnect.c:cli_session_setup_spnego(759) Kinit failed: Decrypt integrity check failed ** many of the same line deleted ** [2005/08/19 15:43:01, 0] libsmb/cliconnect.c:cli_session_setup_spnego(759) Kinit failed: Decrypt integrity check failed [2005/08/19 15:45:22, 0] libads/kerberos.c:ads_kinit_password(146) kerberos_kinit_password host/GUARDIAN at OCINTERNAL.LOCAL failed: Client not found in Kerberos database [2005/08/19 15:45:22, 1] nsswitch/winbindd_ads.c:ads_cached_connection(81) ads_connect for domain OCINTERNAL failed: Client not found in Kerberos database [2005/08/19 15:48:28, 0] libsmb/cliconnect.c:cli_session_setup_spnego(759) Kinit failed: Decrypt integrity check failed OK, Some general questions: My linux server is supposed to be running Kerberos and maintaining the KDC, correct? My password server, as far as winbind and samba are concerned, is the ADC/PDC machine, correct? When I join the linux machine to the windows PDC, I issue "net join -U administrator". Was I supposed to do a kinit on something first? What principals are needed and why and what roles do they need to have? When I join the command, I get the following conflicting messages: ads_connect: Server not found in Kerberos database Joined domain OCINTERNAL. The server then shows up in the ADS. So I guess I sucessfully joined the domain. What is the ads_connect: message about? "wbinfo -D OCINTERNAL" shows that winbind seems to know about the domain, it knows that it is an ADS. Thanks in advance for your help -g # Texas gets bigger as the price of gas goes up From karlp at ourldsfamily.com Sat Aug 20 16:45:37 2005 From: karlp at ourldsfamily.com (karlp at ourldsfamily.com) Date: Sat, 20 Aug 2005 10:45:37 -0600 (MDT) Subject: Mouse/Keyboard Message-ID: <12033.198.60.114.90.1124556337.squirrel@webmail.ourldsfamily.com> Hey folks, have any of you heard of a mouse and/or keyboard causing a PC to hang? I got my wife a new keyboard and mouse and moved hers to my FC4 PC. Her PC is running WindowsXP Pro and every now and then it would just hang. Now my PC is doing that. With the problems of the power management stuff causing it to have problems before I removed them, I hadn't thought of this new problem... Any ideas? I'd like to just trash the pair rather than put them on another PC. Models: KB: Logitech Internet Navigator, M: M-BD69 (standard corded optical). Neither are wireless. Or, is FC4 prone to hang now and then if I have too many unnecessary services running? TIA. Karl From brad.mugleston at comcast.net Sat Aug 20 23:19:31 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Sat, 20 Aug 2005 17:19:31 -0600 (MDT) Subject: Strange Modem In-Reply-To: <430625FA.8070401@vitalstream.com> References: <430625FA.8070401@vitalstream.com> Message-ID: On Fri, 19 Aug 2005, Rick Stevens wrote: > brad.mugleston at comcast.net wrote: > > I just built a file server using an old Pentium II with FC2 but > > it's got a 180G hard drive on it (for home use). When I hook it > > into my home network everything works great - the switch assigns > > it an IP address and it seems to work fine. BUt after awhile the > > modem starts rebooting. If I unplug the network cable from the > > comuter the modem goes back to normal. I've tried two different > > NIC's in the computer and they both do the same thing. > > > > Any ideas? > > Uh, serial modem or PCI-based? If it's PCI, have you looked at the IRQ > assignments between the modem and the NICs? (lspci -v) > Sorry - it's a Cable Modem - RCA - goes to my Motorola WR850G Router. I'll have to check the dmesg and interrupts - get back ot you later on the rest of it. thanks Brad > Even with a serial modem, it's possible (especially if you're using > /dev/ttyS1, aka COM2) for the NIC to try to use the same IRQ (IRQ3). > > You can also "cat /proc/interrupts" along with "cat /var/log/dmesg" to > see what's using what. > > > About the only other thing funky on this is it will not go into > > the graphical mode, doesn't like the card/monitor configuration > > (again, I've used two video cards and two monitors but same > > results. This is fine as I don't really plan on using the > > computer that way - it's just suppose to store all my music and > > pictures on it... > > Have you checked the X startup log to see what it doesn't like? It may > also be an IRQ conflict (not uncommon for video cards to use IRQ9 for > video retrace interrupts...and that can conflict with the IRQ cascade > to the second 8259 controller). In fact, a machine that old quite > likely will have IRQ issues. > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > - VitalStream, Inc. http://www.vitalstream.com - > - - > - Memory is the second thing to go, but I can't remember the first! - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > From bc98kinney at yahoo.com Sat Aug 20 23:36:06 2005 From: bc98kinney at yahoo.com (Bob Kinney) Date: Sat, 20 Aug 2005 16:36:06 -0700 (PDT) Subject: volume label and fstab/mtab Message-ID: <20050820233606.48847.qmail@web30702.mail.mud.yahoo.com> Hello-- I'm trying to figure out (or remember) how this happened: I created a partition out of empty space to house the /home tree long after I installed this system originally (RH 9), when I realized I needed more room. fstab refers to the new partition by its label, instead of device notation. I understand why this works, but I cannot remember how it got in there. Is there a configuration program that does that? I might have followed some great detailed instructions from this list, but I cannot remember ever creating a label for the partition. fstab: LABEL=/ / ext3 defaults 1 1 LABEL=/boot /boot ext3 defaults 1 2 none /dev/pts devpts gid=5,mode=620 0 0 LABEL=/home /home ext3 defaults 1 2 none /proc proc defaults 0 0 none /dev/shm tmpfs defaults 0 0 /dev/hda1 /dos vfat defaults,umask=000 0 0 /dev/hdb5 /dos/ddrive vfat defaults,umask=000 0 0 /dev/hda5 swap swap defaults 0 0 /dev/cdrom /mnt/cdrom udf,iso9660 noauto,owner,kudzu,ro 0 0 /dev/fd0 /mnt/floppy auto noauto,owner,kudzu 0 0 /dev/cdrom1 /mnt/cdrom1 udf,iso9660 noauto,owner,kudzu,ro 0 0 mtab: /dev/hda3 / ext3 rw 0 0 none /proc proc rw 0 0 usbdevfs /proc/bus/usb usbdevfs rw 0 0 /dev/hda2 /boot ext3 rw 0 0 none /dev/pts devpts rw,gid=5,mode=620 0 0 /dev/hda6 /home ext3 rw 0 0 none /dev/shm tmpfs rw 0 0 /dev/hda1 /dos vfat rw,umask=000 0 0 /dev/hdb5 /dos/ddrive vfat rw,umask=000 0 0 --BobCat ____________________________________________________ Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs From robertmcclure at earthlink.net Sun Aug 21 03:12:44 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Sat, 20 Aug 2005 22:12:44 -0500 Subject: volume label and fstab/mtab In-Reply-To: <20050820233606.48847.qmail@web30702.mail.mud.yahoo.com> References: <20050820233606.48847.qmail@web30702.mail.mud.yahoo.com> Message-ID: <20050821031244.GB10459@bobcat.bobcatos.com> On Sat, Aug 20, 2005 at 04:36:06PM -0700, Bob Kinney wrote: > Hello-- > > I'm trying to figure out (or remember) how this happened: > > I created a partition out of empty space to house the /home > tree long after I installed this system originally (RH 9), > when I realized I needed more room. > > fstab refers to the new partition by its label, instead of > device notation. I understand why this works, but I cannot > remember how it got in there. Is there a configuration > program that does that? I might have followed some great > detailed instructions from this list, but I cannot > remember ever creating a label for the partition. > > fstab: > LABEL=/ / ext3 defaults 1 1 > LABEL=/boot /boot ext3 defaults 1 2 > none /dev/pts devpts gid=5,mode=620 0 0 > LABEL=/home /home ext3 defaults 1 2 > none /proc proc defaults 0 0 > none /dev/shm tmpfs defaults 0 0 > /dev/hda1 /dos vfat defaults,umask=000 > 0 0 > /dev/hdb5 /dos/ddrive vfat defaults,umask=000 > 0 0 > /dev/hda5 swap swap defaults 0 0 > /dev/cdrom /mnt/cdrom udf,iso9660 > noauto,owner,kudzu,ro 0 0 > /dev/fd0 /mnt/floppy auto noauto,owner,kudzu 0 0 > /dev/cdrom1 /mnt/cdrom1 udf,iso9660 > noauto,owner,kudzu,ro 0 0 > > > mtab: > /dev/hda3 / ext3 rw 0 0 > none /proc proc rw 0 0 > usbdevfs /proc/bus/usb usbdevfs rw 0 0 > /dev/hda2 /boot ext3 rw 0 0 > none /dev/pts devpts rw,gid=5,mode=620 0 0 > /dev/hda6 /home ext3 rw 0 0 > none /dev/shm tmpfs rw 0 0 > /dev/hda1 /dos vfat rw,umask=000 0 0 > /dev/hdb5 /dos/ddrive vfat rw,umask=000 0 0 So far as I know, only the installation process makes filesystem labels by default. You can change or delete filesystem labels using "e2label". Run "man e2label" for more information. I consider labels to be partition device names for dummies. I suppose they have their virtue, but they can get you into a world of confusion if you start mixing and moving disk drives. Unless I can think of some good reason to have them (I haven't yet), I change my fstab to use real partition names, e.g. /dev/hda6. > --BobCat Hey, wait a minute. I'm Bobcat. :-) Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com Peace at any price is inflationary. From drumilnarayan at yahoo.com Mon Aug 22 14:50:33 2005 From: drumilnarayan at yahoo.com (drumil narayan) Date: Mon, 22 Aug 2005 15:50:33 +0100 (BST) Subject: configuring a service In-Reply-To: <20050821031244.GB10459@bobcat.bobcatos.com> Message-ID: <20050822145033.70478.qmail@web8305.mail.in.yahoo.com> Dear All, I have a configured a service oraclewhich will start and stop the database. this service works finw while starting/rebooting the database and do not gets displayed while am shutting down the linux server. how do i achieve this. my oracle service is in /etc/rc.d/oracle symbolic links to this service are present /etc/rc.d/rc.0, /etc/rc.d/rc.2, rc.3, rc.6 am i supposed to somthing else.. kindly communicate..Drumil ____________________________________________________ Send a rakhi to your brother, buy gifts and win attractive prizes. Log on to http://in.promos.yahoo.com/rakhi/index.html From harold at hallikainen.com Mon Aug 22 15:18:38 2005 From: harold at hallikainen.com (Harold Hallikainen) Date: Mon, 22 Aug 2005 08:18:38 -0700 (PDT) Subject: sample lftp command lines? Message-ID: <37240.207.177.227.29.1124723918.squirrel@kauko.hallikainen.org> As I SLOWLY move stuff from an RH8 to an FC4 system, I've found that ncftp is not included in FC4, but lftp is included. I have a script that does a daily ftp of a tar file to a remote server. I'm having difficulty figuring out from the man page on lftp what a command line would look like that would log me in to the remote server and put the local file in the appropriate remote directory. Anyone know of some sample lftp command lines? THANKS! Harold ps - I'm CLOSE to getting everything working! I had to modify a buncy of php stuff to work on the new machine. I've got this ftp problem and some perl stuff to update, then it might be ready to put on line! -- FCC Rules Updated Daily at http://www.hallikainen.com From robertmcclure at earthlink.net Mon Aug 22 16:02:47 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Mon, 22 Aug 2005 11:02:47 -0500 Subject: sample lftp command lines? In-Reply-To: <37240.207.177.227.29.1124723918.squirrel@kauko.hallikainen.org> References: <37240.207.177.227.29.1124723918.squirrel@kauko.hallikainen.org> Message-ID: <20050822160247.GB28834@bobcat.bobcatos.com> On Mon, Aug 22, 2005 at 08:18:38AM -0700, Harold Hallikainen wrote: > As I SLOWLY move stuff from an RH8 to an FC4 system, I've found that ncftp > is not included in FC4, but lftp is included. I have a script that does a > daily ftp of a tar file to a remote server. I'm having difficulty figuring > out from the man page on lftp what a command line would look like that > would log me in to the remote server and put the local file in the > appropriate remote directory. Anyone know of some sample lftp command > lines? > > THANKS! > > Harold > ps - I'm CLOSE to getting everything working! I had to modify a buncy of > php stuff to work on the new machine. I've got this ftp problem and some > perl stuff to update, then it might be ready to put on line! Have you considered "scp" using SSH? It is much more easily scripted and it's secure, to boot. Cheers -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com Peace at any price is inflationary. From Peter.Cheng at northford.com Mon Aug 22 15:33:41 2005 From: Peter.Cheng at northford.com (Peter Cheng) Date: Mon, 22 Aug 2005 23:33:41 +0800 Subject: Help - Red Hat Message-ID: <2C9C26612B38104D8BC203AC23AF1C1C1CB1C2@csv5012.nf1.com> Dear Red Hat Friends I have a crashed Red Hat Server AS 3.0. The server shut down and restarted this morning. The Red Hat Startup process completed with many Failure messages. Ethernet 0 & 1 were both not accessible. CD-ROM, Floppy and USB are also not working at all. X Windows Starts OK and all partitions mounted properly. Some of the Failure messages in the System Log are: * ntpd: failed * network: bringing up interface eth0: failed * network: bringing up interface eth1: failed * xinetd(1494): warning, can't get client address. Transport endpoint is not connected I am currently using Kernel: Red Hat Enterprise AS 2.4.21-4.ELsmp and Red Hat recommends to upgrade but we have not upgraded yet. Your help is very much appreciated. Peter -------------- next part -------------- An HTML attachment was scrubbed... URL: From harold at hallikainen.com Mon Aug 22 16:32:02 2005 From: harold at hallikainen.com (Harold Hallikainen) Date: Mon, 22 Aug 2005 09:32:02 -0700 (PDT) Subject: sample lftp command lines? In-Reply-To: <20050822160247.GB28834@bobcat.bobcatos.com> References: <37240.207.177.227.29.1124723918.squirrel@kauko.hallikainen.org> <20050822160247.GB28834@bobcat.bobcatos.com> Message-ID: <37886.207.177.227.29.1124728322.squirrel@kauko.hallikainen.org> > On Mon, Aug 22, 2005 at 08:18:38AM -0700, Harold Hallikainen wrote: >> As I SLOWLY move stuff from an RH8 to an FC4 system, I've found that >> ncftp >> is not included in FC4, but lftp is included. I have a script that does >> a >> daily ftp of a tar file to a remote server. I'm having difficulty >> figuring >> out from the man page on lftp what a command line would look like that >> would log me in to the remote server and put the local file in the >> appropriate remote directory. Anyone know of some sample lftp command >> lines? >> >> THANKS! >> >> Harold >> ps - I'm CLOSE to getting everything working! I had to modify a buncy of >> php stuff to work on the new machine. I've got this ftp problem and some >> perl stuff to update, then it might be ready to put on line! > > Have you considered "scp" using SSH? It is much more easily scripted > and it's secure, to boot. > I'll give that some consideration. I'll have to see if the hosting provider supports it. Thus far I've just used ftp. I'll read up on scp and give it a try tonight! Harold -- FCC Rules Updated Daily at http://www.hallikainen.com From robertmcclure at earthlink.net Mon Aug 22 16:59:02 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Mon, 22 Aug 2005 11:59:02 -0500 Subject: Help - Red Hat In-Reply-To: <2C9C26612B38104D8BC203AC23AF1C1C1CB1C2@csv5012.nf1.com> References: <2C9C26612B38104D8BC203AC23AF1C1C1CB1C2@csv5012.nf1.com> Message-ID: <20050822165902.GC28834@bobcat.bobcatos.com> On Mon, Aug 22, 2005 at 11:33:41PM +0800, Peter Cheng wrote: > Dear Red Hat Friends > > > > I have a crashed Red Hat Server AS 3.0. The server shut down and > restarted this morning. The Red Hat Startup process completed with many > Failure messages. Ethernet 0 & 1 were both not accessible. CD-ROM, > Floppy and USB are also not working at all. X Windows Starts OK and all > partitions mounted properly. > > Some of the Failure messages in the System Log are: > > * ntpd: failed > > * network: bringing up interface eth0: failed > > * network: bringing up interface eth1: failed > > * xinetd(1494): warning, can't get client address. Transport > endpoint is not connected > > I am currently using Kernel: Red Hat Enterprise AS 2.4.21-4.ELsmp and > Red Hat recommends to upgrade but we have not upgraded yet. > > Your help is very much appreciated. > > > > Peter A problem that widespread smells like a hardware failure. I'd start by pulling and reseating all cards and memory sticks. Then run memtest86 from your CD (if it's there - if not go to http://www.memtest86.com/ and get it). If it's still flakey, you could have a bad power supply. Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com Peace at any price is inflationary. From rstevens at vitalstream.com Mon Aug 22 17:33:09 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Mon, 22 Aug 2005 10:33:09 -0700 Subject: Strange Modem In-Reply-To: References: <430625FA.8070401@vitalstream.com> Message-ID: <430A0C55.3060500@vitalstream.com> brad.mugleston at comcast.net wrote: > On Fri, 19 Aug 2005, Rick Stevens wrote: > > >>brad.mugleston at comcast.net wrote: >> >>>I just built a file server using an old Pentium II with FC2 but >>>it's got a 180G hard drive on it (for home use). When I hook it >>>into my home network everything works great - the switch assigns >>>it an IP address and it seems to work fine. BUt after awhile the >>>modem starts rebooting. If I unplug the network cable from the >>>comuter the modem goes back to normal. I've tried two different >>>NIC's in the computer and they both do the same thing. >>> >>>Any ideas? >> >>Uh, serial modem or PCI-based? If it's PCI, have you looked at the IRQ >>assignments between the modem and the NICs? (lspci -v) >> > > > Sorry - it's a Cable Modem - RCA - goes to my Motorola WR850G > Router. I'll have to check the dmesg and interrupts - get back > ot you later on the rest of it. Oh. Hmmmm. So, I take it that your layout is something like: ------------- ------------------ --cable-->| cable modem |--->|WAN router/switch | ------------- port 1 port 2 ------------------ ^ ^ | +--System 2 +---System 1 If so, then SOMEONE on your network is probably asking the modem to fetch a new DHCP connection from your ISP. You'd need to watch the TCP traffic to know for sure. You could use something like: tcpdump dest host local-ip-address-of-cable-modem and that ONLY if you can get the monitoring machine and the cable modem on the same cable segment (insert a hub--NOT a switch--into the WAN connection between your router and modem and plug your machine into that hub as well). If that's the case, you can fix that by setting the cable modem's WAN port to a different subnet. E.g. my cable modem is 192.168.100.1/16, while my switch uses 192.168.0.1/24 on all ports EXCEPT the WAN port. The DHCP server on my switch also uses 192.168.0.0/24 in its pool. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - To err is human, to forgive, beyond the scope of the OS - ---------------------------------------------------------------------- From rstevens at vitalstream.com Mon Aug 22 17:55:25 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Mon, 22 Aug 2005 10:55:25 -0700 Subject: sample lftp command lines? In-Reply-To: <37240.207.177.227.29.1124723918.squirrel@kauko.hallikainen.org> References: <37240.207.177.227.29.1124723918.squirrel@kauko.hallikainen.org> Message-ID: <430A118D.70108@vitalstream.com> Harold Hallikainen wrote: > As I SLOWLY move stuff from an RH8 to an FC4 system, I've found that ncftp > is not included in FC4, but lftp is included. I have a script that does a > daily ftp of a tar file to a remote server. I'm having difficulty figuring > out from the man page on lftp what a command line would look like that > would log me in to the remote server and put the local file in the > appropriate remote directory. Anyone know of some sample lftp command > lines? ncftp comes with FC4. It's not part of the "default" install configurations, but you can "yum install ncftp" and get it, either from one of the repos on the net or from your DVD or CD collection. lftp isn't that hard to grok. Just put the commands you want to run in some file somewhere, then launch lftp with the "-f" flag and specify the name of the script file. Sample script file, "/tmp/lftp.scp": user remoteusername remoteuserpassword cd /remote/directory lcd /local/directory put name-of-tar-file exit To run it: "lftp -f /tmp/lftp.scp". > THANKS! > > Harold > ps - I'm CLOSE to getting everything working! I had to modify a buncy of > php stuff to work on the new machine. I've got this ftp problem and some > perl stuff to update, then it might be ready to put on line! To be brutally honest, rsync is more suited to this sort of thing. Using rsync in an ssh tunnel is even better and far more secure to boot. Assuming the data you're copying around is in the same directory or directory tree, rsync would obviate the need to tar it up in the first place. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - The problem with being poor is that it takes up all of your time - ---------------------------------------------------------------------- From rstevens at vitalstream.com Mon Aug 22 18:15:13 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Mon, 22 Aug 2005 11:15:13 -0700 Subject: Kerberos Help Needed In-Reply-To: <200508192232.j7JMWWNe026697@mx3.redhat.com> References: <200508192232.j7JMWWNe026697@mx3.redhat.com> Message-ID: <430A1631.6080605@vitalstream.com> Greg Julius wrote: > Hi Y'all. Greg from Texas calling. > > I desperately need some help with getting my systems talking together. I > have googled, read, and read some more. > I appologize in advance for a long email. > I tried to include everything that may be pertinent. > > Abstract: > I can't seem to get kerberos configured correctly so that a windows user can > access the samba shares. > > My Setup: > Windows Small Business Server 2003 ADS which is my domain PDC, and numerous > Windows workstations. > Linux Server, Fedora Core 4 (brand new install), which is to be a file > server and an internal web development server (Apache, PHP, MySQL) > > I have recently needed to upgrade from a peer-peer network to a Windows SBS > ADS/PDC. When I did, my linux server left the fray and I haven't been able > to get it to talk to windows despite working on it for some time. I am now > at the point where I MUST GET IT WORKING (unhappy clients including an > unhappy me). > > It is my understanding that in order for the Linux server to talk with the > Windows ADS that Kerberos must be working, but I am having mucho trouble > with this. I think my biggest problem is a lack of the total picture and I > could use somebody who is familiar with kerberos and Windows ADS (and > winbind and samba) interactions. > > I called Bob McClure this morning looking for help and he reminded me that > Rick Stevens monitors this list and was probably my best bet for something > of this nature. So here I am.... > > Progress to date (or lack of): > Windows SBS 2003 ADS/PDC installed. This is Filesvr2 by name, x.x.x.6 by > IP. Samba shares no longer work. > Dns and Dhcp are running on the PDC and names resolve correctly all over the > network. ocinternal.local is the domain name. Addresses resolve with and > without the domain name suffixed. > Fedora Core 4 installed - no problems to speak of > Linux host name is guardian and is at x.x.x.8. I can ping this address by > name and IP, both from the machine itself and from elsewhere on the network. > Basic connectivity is achieved > Selinux is disabled unitl I get other things working correctly to remove > those potential issues. > Apache Started and talks to browsers on the network. Virtual name servers > work and present data correctly. > Kerberos 'configured' and starts (kadmin and krb5kdc). Krb524 not run as I > don't have any v.4 stuff at all or ever. > I created the kdc. Realm name is OCINTERNAL.LOCAL, kdc name is > guardian.ocinternal.local > Samba starts > Winbind starts. > As root I can do a kinit, can see the results with klist, and remove them > with kdestroy. > > Now for raw data. I have tried to keep the config files pretty vanilla. > I have put comments below each config file or log file and at the end of the > file. > Here is the kdc.conf contents: > > [kdcdefaults] > acl_file = /var/kerberos/krb5kdc/kadm5.acl > dict_file = /usr/share/dict/words > admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab > v4_mode = nopreauth > > [realms] > OCINTERNAL.LOCAL = { > master_key_type = des-cbc-crc > supported_enctypes = des3-hmac-sha1:normal arcfour-hmac:normal > des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4 > des-cbc-crc:afs3 > } > > > I'm not too sure on the master_key_type as the information available is > unclear and conflicting. What does Windows ADS use and is it supported on > this side of the divide? If not, then what should I use and how do I tell > windows to use it as well? > > > > Here is krb5.conf: > [logging] > default = FILE:/var/log/krb5libs.log > kdc = FILE:/var/log/krb5kdc.log > admin_server = FILE:/var/log/kadmind.log > > [libdefaults] > default_realm = OCINTERNAL.LOCAL > dns_lookup_realm = true > dns_lookup_kdc = true > ticket_lifetime = 24h > forwardable = yes > > [realms] > OCINTERNAL.LOCAL = { > kdc = guardian.ocinternal.local:88 > admin_server = guardian.ocinternal.local:749 > } > > [domain_realm] > .ocinternal.local = OCINTERNAL.LOCAL > ocinternal.local = OCINTERNAL.LOCAL > > [kdc] > profile = /var/kerberos/krb5kdc/kdc.conf > > [appdefaults] > pam = { > debug = true > ticket_lifetime = 36000 > renew_lifetime = 36000 > forwardable = true > krb4_convert = false > } Note that I'm no expert on this, but I have set up a rather nasty network like this (14 Linux servers in the domain). I can't give you all of our configs, but I'll help out with what I can. You should probably add something along the lines of: default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc to your [libdefaults] in /etc/krb5.conf Also, unless your domain is resolvable by normal DNS (and judging from your domain name, it probably isn't), then you need to set up your PDC to do name resolution, put entries in for the domain AND the PDC and set "dns_lookup_realm" and "dns_lookup_kdc" to "false". You should also modify your /etc/resolv.conf to look at the PDC for DNS queries (at least make it the first entry). > I have tried this file with the dns settings set both ways. > And finally, the smb.conf file (some clipped for brevity): > > # Samba config file created using SWAT > # from 127.0.0.1 (127.0.0.1) > # Date: 2005/08/08 22:08:31 > > # Global parameters > [global] > workgroup = OCINTERNAL > realm = OCINTERNAL.LOCAL > server string = Samba Server > security = ADS > password server = Filesrv2.ocinternal.local > log file = /var/log/samba/%m.log > max log size = 50 > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > printcap name = /etc/printcap > dns proxy = No > ldap ssl = no > idmap uid = 16777216-33554431 > idmap gid = 16777216-33554431 > template shell = /bin/bash > cups options = raw > > > Note that the password server here is set to Filesrv2. This name is that of > my PDC. You may need to add stuff like this to smb.conf: # Use the default Windows domain winbind use default domain = yes winbind separator = + winbind enum users = yes winbind enum groups = yes winbind uid = 400001-60000 winbind gid = 400001-60000 > OK, Some general questions: > My linux server is supposed to be running Kerberos and maintaining the KDC, > correct? No, your PDC is the KDC. The Linux machine is a kerberos client, not a kerberos server or controller. > My password server, as far as winbind and samba are concerned, is the > ADC/PDC machine, correct? Yes. > When I join the linux machine to the windows PDC, I issue "net join -U > administrator". Was I supposed to do a kinit on something first? First, you need to delete the Linux machine's machine account on the PDC, Next, do the kinit to get a new Kerberos ticket. THEN you do the "net join" to set up the login and passwords. > What principals are needed and why and what roles do they need to have? You need to set up the login that your services will be running as. > When I join the command, I get the following conflicting messages: > ads_connect: Server not found in Kerberos database > Joined domain OCINTERNAL. > The server then shows up in the ADS. So I guess I sucessfully joined the > domain. What is the ads_connect: message about? > "wbinfo -D OCINTERNAL" shows that winbind seems to know about the domain, it > knows that it is an ADS. Since OCINTERNAL.LOCAL isn't a DNS domain nor a DNS hostname, the resolution won't work. This is why you need to set up the PDC to do DNS resolution and must make it your primary DNS server in the /etc/resolv.conf file. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - ...Had this been an actual emergency, we would have fled in terror - - and you'd be on your own, pal! - ---------------------------------------------------------------------- From john.bergeski at alpsautomotive.com Mon Aug 22 18:16:45 2005 From: john.bergeski at alpsautomotive.com (john.bergeski at alpsautomotive.com) Date: Mon, 22 Aug 2005 14:16:45 -0400 Subject: Setting up Raid 1 disks Message-ID: Hello, I am new to the Linux world(Windows Admin) I am trying to install Redhat Enterprise Linux (V4). I need to setup RAID 1 on the disks(2-73GB & 2-146GB). Anyone have any step by step instructions? Any help would be greatly appreciated. Thanks - John From rstevens at vitalstream.com Mon Aug 22 18:27:08 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Mon, 22 Aug 2005 11:27:08 -0700 Subject: Setting up Raid 1 disks In-Reply-To: References: Message-ID: <430A18FC.8090207@vitalstream.com> john.bergeski at alpsautomotive.com wrote: > Hello, > > I am new to the Linux world(Windows Admin) I am trying to install Redhat > Enterprise Linux (V4). I need to setup RAID 1 on the disks(2-73GB & > 2-146GB). > > Anyone have any step by step instructions? Any help would be greatly > appreciated. I'm assuming you want software RAID1. The installer should allow you to set that up. When you get to the disk partitioning screen, select the "manual (disk druid)" mechanism. It'll ask you some fairly simple questions and allow you to set up the RAID on your two pairs of disks, then you'll partition them and use them. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Huked on foniks reely wurked for me! - ---------------------------------------------------------------------- From mikev777 at hotmail.com Mon Aug 22 18:28:11 2005 From: mikev777 at hotmail.com (Michael Velez) Date: Mon, 22 Aug 2005 14:28:11 -0400 Subject: configuring a service References: <20050822145033.70478.qmail@web8305.mail.in.yahoo.com> Message-ID: ----- Original Message ----- From: "drumil narayan" To: "Getting started with Red Hat Linux" Sent: Monday, August 22, 2005 10:50 AM Subject: configuring a service > Dear All, > > I have a configured a service oraclewhich will start > and stop the database. > this service works finw while starting/rebooting the > database and do not gets displayed while am shutting > down the linux server. > how do i achieve this. > > my oracle service is in /etc/rc.d/oracle > symbolic links to this service are present > /etc/rc.d/rc.0, /etc/rc.d/rc.2, rc.3, rc.6 > > am i supposed to somthing else.. > > kindly communicate..Drumil It sounds like you haven't created a lock file in your oraclewhich script. If you haven't, do the following: - add the following line at the end of the start) section of your oraclewhich script: touch /var/lock/subsys/oraclewhich - add the following line at the end of the stop) section: rm -f /var/lock/subsys/oraclewhich These two lines are important because if the rc script does not find the oraclewhich lockfile when it's preparing to kill the service, it will assume it's not running and will not execute oraclewhich, which is probably why you don't see it displayed when it's shutting down. Be careful though as I've seen some sample Oracle startup/shutdown scripts (in Oracle documentation) that intentionally recurse and call themselves, changing the user id to oracle, in order to execute dbstart and dbshut as the oracle user. In that case, the above touch command will most likely fail, since, I believe, you need to be root to add a lockfile. Instead, do not recurse (which I don't personally like for shell scripts anyway) and use the "su -c" command when calling dbstart and dbshut. Also, rather than creating the symbolic links manually, you can use the chkconfig tool to configure the service. To do that do the following: - put the oraclewhich script in /etc/init.d instead of its own directory, since that's where all other startup/shutdown scripts are found. - in the oraclewhich script, add the following lines to your script, after the initial shell line: # # chkconfig: 2345 99 01 # # Description: This file starts and stops all Oracle databases (and Listener) # - in /etc/init.d, execute the following command as root: chkconfig --add oraclewhich You can verify the command has been accepted by typing: chkconfig --list oraclewhich This will create the symbolic link S99oraclewhich in rc2.d-rc5.d and the symbolic link K01oraclewhich in rc0.d and rc6.d. If you haven't done so already, it would be a good idea to start/stop the Oracle Listener in oraclewhich as well. Michael From john.bergeski at alpsautomotive.com Mon Aug 22 19:39:18 2005 From: john.bergeski at alpsautomotive.com (john.bergeski at alpsautomotive.com) Date: Mon, 22 Aug 2005 15:39:18 -0400 Subject: Setting up Raid 1 disks In-Reply-To: <430A18FC.8090207@vitalstream.com> Message-ID: I setup the RAID disks, the install went ok, however when the server boots it stops at a screen with only GRUB in the upper left hand corner of the screen and just sits there. Nothing happens when I hit any keys. The install encountered zero problems. Peace - John Rick Stevens To Sent by: Getting started with Red Hat Linux redhat-install-li st-bounces at redhat cc .com Subject Re: Setting up Raid 1 disks 08/22/2005 02:27 PM Please respond to Getting started with Red Hat Linux john.bergeski at alpsautomotive.com wrote: > Hello, > > I am new to the Linux world(Windows Admin) I am trying to install Redhat > Enterprise Linux (V4). I need to setup RAID 1 on the disks(2-73GB & > 2-146GB). > > Anyone have any step by step instructions? Any help would be greatly > appreciated. I'm assuming you want software RAID1. The installer should allow you to set that up. When you get to the disk partitioning screen, select the "manual (disk druid)" mechanism. It'll ask you some fairly simple questions and allow you to set up the RAID on your two pairs of disks, then you'll partition them and use them. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Huked on foniks reely wurked for me! - ---------------------------------------------------------------------- _______________________________________________ Redhat-install-list mailing list Redhat-install-list at redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request at redhat.com Subject: unsubscribe -- This message has been scanned for viruses and dangerous content by ALAI MailScanner, and is believed to be clean. From fromRHIL at outtacyte.com Mon Aug 22 21:24:27 2005 From: fromRHIL at outtacyte.com (Greg Julius) Date: Mon, 22 Aug 2005 16:24:27 -0500 Subject: Kerberos Help Needed Message-ID: <200508222224.j7MMOOem002325@mx3.redhat.com> Hi Rick, Thank you. >> OK, Some general questions: >> My linux server is supposed to be running Kerberos and maintaining the KDC, >> correct? > >No, your PDC is the KDC. The Linux machine is a kerberos client, not >a kerberos server or controller. > OK. If my PDC (the Windows 2003 ADS system) is my KDC, then which services should be running on my Linux machine? Clearly I need winbind and samba running, do I need krb5kdc or kadmin as well?? If I should be running krb5kdc and kadmin, then do I point the kdc paramerters to filesrv2.ocinternal.local (which is the Win ADS/PDC machine) and simply delete the kdc on the Linux Machine? Thanks again for your responses. -g From Peter.Cheng at northford.com Mon Aug 22 22:29:07 2005 From: Peter.Cheng at northford.com (Peter Cheng) Date: Tue, 23 Aug 2005 06:29:07 +0800 Subject: Help - Red Hat Message-ID: <2C9C26612B38104D8BC203AC23AF1C1C1CB1C3@csv5012.nf1.com> Hi Bob, Thanks for the advice. Hardware diagnostic tests show everything is working fine before booting up Red Hat AS 3.0. Peter -----Original Message----- From: Bob McClure Jr [mailto:robertmcclure at earthlink.net] Sent: Tuesday, August 23, 2005 12:59 AM To: Getting started with Red Hat Linux Subject: Re: Help - Red Hat On Mon, Aug 22, 2005 at 11:33:41PM +0800, Peter Cheng wrote: > Dear Red Hat Friends > I have a crashed Red Hat Server AS 3.0. The server shut down and > restarted this morning. The Red Hat Startup process completed with many > Failure messages. Ethernet 0 & 1 were both not accessible. CD-ROM, > Floppy and USB are also not working at all. X Windows Starts OK and all > partitions mounted properly. > > Some of the Failure messages in the System Log are: > > * ntpd: failed > > * network: bringing up interface eth0: failed > > * network: bringing up interface eth1: failed > > * xinetd(1494): warning, can't get client address. Transport > endpoint is not connected > > I am currently using Kernel: Red Hat Enterprise AS 2.4.21-4.ELsmp and > Red Hat recommends to upgrade but we have not upgraded yet. > > Your help is very much appreciated. > Peter A problem that widespread smells like a hardware failure. I'd start by pulling and reseating all cards and memory sticks. Then run memtest86 from your CD (if it's there - if not go to http://www.memtest86.com/ and get it). If it's still flakey, you could have a bad power supply. Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com Peace at any price is inflationary. _______________________________________________ Redhat-install-list mailing list Redhat-install-list at redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request at redhat.com Subject: unsubscribe From Jack.Allen at McKesson.com Mon Aug 22 23:09:16 2005 From: Jack.Allen at McKesson.com (Allen, Jack) Date: Mon, 22 Aug 2005 19:09:16 -0400 Subject: Assemble code different in AS 3 and AS 4 Message-ID: My application is written in "C" except for 1 small routine, really 2. The code below complied (assembled) with no errors and run fine in AS 3, but I get compile errors on the pushl lines with AS 4. I know enough about assemble langue code to recognize it and that is about it. Does anyone have any ideas what needs to be changed. Or is there some library call that does the same thing. IBM's AIX provides one that we use. The spinlc (spinlock conditional) routine takes and address to a 4 byte location and does an exchange with a register and the memory location. If the memory location was 0, then it will contain a 1 and the return value will be 1. If the memory location already contained a 1 then 0 is returned. From what I read on the xchgl operator in the past, it locks the memory bus while doing the exchanging so no other process can be changing the memory location at the same time. The memory location is in SYS V type shared memory. / / int / spinlc(location) / long *location / .text .align 4 spinlc: pushl %ebp movl %esp, %ebp subl $0x4, %esp movl 0x8(%ebp), %eax movl $0x1, %edx xchgl %edx, (%eax) cmpl $0x0, %edx jne spinlc_fail movl $0x1, %eax leave ret spinlc_fail: xorl %eax, %eax leave ret The spinlr (spinlock release) routine just puts a 0 in the memory location. It really could be written in "C" because there is no locking done here. But because these routines have to be written in the native assemble for other hardware platform it is easier to have all of them that way. / / / void / spinlr(location) / long *location / .text .align 4 spinlr: pushl %ebp movl %esp, %ebp subl $0x4, %esp movl 0x8(%ebp), %eax movl $0x0, (%eax) xorl %eax, %eax leave ret Thank in advance: Jack Allen -------------- next part -------------- An HTML attachment was scrubbed... URL: From rstevens at vitalstream.com Tue Aug 23 00:55:03 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Mon, 22 Aug 2005 17:55:03 -0700 Subject: Kerberos Help Needed In-Reply-To: <200508222224.j7MMOOem002325@mx3.redhat.com> References: <200508222224.j7MMOOem002325@mx3.redhat.com> Message-ID: <430A73E7.7030906@vitalstream.com> Greg Julius wrote: > Hi Rick, Thank you. > > > >>>OK, Some general questions: >>>My linux server is supposed to be running Kerberos and maintaining the > > KDC, > >>>correct? >> >>No, your PDC is the KDC. The Linux machine is a kerberos client, not >>a kerberos server or controller. >> > > OK. If my PDC (the Windows 2003 ADS system) is my KDC, then which services > should be running on my Linux machine? > Clearly I need winbind and samba running, do I need krb5kdc or kadmin as > well?? No, you don't. You only need winbind, smbd and nmbd running. You probably should have ntpd running and aimed at a time server that your PDC watches, too. If the date/time on the machines varies as little as 5 minutes, your clients will be booted out of the Windows domain by the PDC. Annoying, but true. > If I should be running krb5kdc and kadmin, then do I point the kdc > paramerters to filesrv2.ocinternal.local (which is the Win ADS/PDC machine) > and simply delete the kdc on the Linux Machine? You shouldn't have to do anything. The krb5.conf file should aim all Kerberos requests at your PDC. You should also make sure the resolv.conf file also looks at your PDC for DNS info (and, of course, set up the PDC to do DNS). The only other tricky thing can be if you have multiple Linux servers talking to the PDC. It's possible for the winbind cache to get out of sync between all of them and the ACLs won't work since the machines don't have a consistent view of the user list. Oh, and since I'm on ACLs, are you using them? If so, you may have a rude awakening as RHEL doesn't have ACL support built into smbd by default. If you do "smbd -b", look at the output. Verify that you have "HAVE_SYS_ACL_H" in the "System Headers" section. If you don't see it, you don't have ACL support and you need to rebuild smbd from the source RPM or tarball and specify "--with-acl-suppport" in the "./configure" command. > Thanks again for your responses. I hope this helps sort it out. It ain't easy! ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Treat each day as if it's your last...a lot of crying and whining - - usually gets you what you want! -- Sam Sledge - ---------------------------------------------------------------------- From rstevens at vitalstream.com Tue Aug 23 01:02:29 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Mon, 22 Aug 2005 18:02:29 -0700 Subject: Assemble code different in AS 3 and AS 4 In-Reply-To: References: Message-ID: <430A75A5.4010400@vitalstream.com> Allen, Jack wrote: > My application is written in "C" except for 1 small routine, > really 2. The code below complied (assembled) with no errors and run > fine in AS 3, but I get compile errors on the pushl lines with AS 4. I > know enough about assemble langue code to recognize it and that is about > it. Does anyone have any ideas what needs to be changed. Or is there > some library call that does the same thing. IBM's AIX provides one that > we use. > > The spinlc (spinlock conditional) routine takes and address to a > 4 byte location and does an exchange with a register and the memory > location. If the memory location was 0, then it will contain a 1 and the > return value will be 1. If the memory location already contained a 1 > then 0 is returned. From what I read on the xchgl operator in the past, > it locks the memory bus while doing the exchanging so no other process > can be changing the memory location at the same time. The memory > location is in SYS V type shared memory. > > / > / int > / spinlc(location) > / long *location > / > .text > .align 4 > spinlc: > pushl %ebp > movl %esp, %ebp > subl $0x4, %esp > movl 0x8(%ebp), %eax > movl $0x1, %edx > xchgl %edx, (%eax) > cmpl $0x0, %edx > jne spinlc_fail > movl $0x1, %eax > leave > ret > spinlc_fail: > xorl %eax, %eax > leave > ret > > > The spinlr (spinlock release) routine just puts a 0 in the memory > location. It really could be written in "C" because there is no locking > done here. But because these routines have to be written in the native > assemble for other hardware platform it is easier to have all of them > that way. > > / > / > / void > / spinlr(location) > / long *location > / > .text > .align 4 > spinlr: > pushl %ebp > movl %esp, %ebp > subl $0x4, %esp > movl 0x8(%ebp), %eax > movl $0x0, (%eax) > xorl %eax, %eax > leave > ret Uh, Jack, you ARE aware of the fact that AS3 is a 2.4 kernel and AS4 is a 2.6 kernel, right? The interfaces to the kernel are radically different between the two as is the C compiler (gcc 3.2.3 in AS3, gcc 4.0.1 in AS4) and assembler (as 2.14.x in AS3, as 2.15.x in AS4). I don't know if that would have an effect, but it's very possible. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Never test for an error condition you don't know how to handle. - ---------------------------------------------------------------------- From Jack.Allen at McKesson.com Tue Aug 23 01:18:17 2005 From: Jack.Allen at McKesson.com (Allen, Jack) Date: Mon, 22 Aug 2005 21:18:17 -0400 Subject: Assemble code different in AS 3 and AS 4 Message-ID: -----Original Message----- From: Rick Stevens [mailto:rstevens at vitalstream.com] Sent: Monday, August 22, 2005 9:02 PM To: Getting started with Red Hat Linux Subject: Re: Assemble code different in AS 3 and AS 4 Allen, Jack wrote: > My application is written in "C" except for 1 small routine, > really 2. The code below complied (assembled) with no errors and run > fine in AS 3, but I get compile errors on the pushl lines with AS 4. I > know enough about assemble langue code to recognize it and that is about > it. Does anyone have any ideas what needs to be changed. Or is there > some library call that does the same thing. IBM's AIX provides one that > we use. > > The spinlc (spinlock conditional) routine takes and address to a > 4 byte location and does an exchange with a register and the memory > location. If the memory location was 0, then it will contain a 1 and the > return value will be 1. If the memory location already contained a 1 > then 0 is returned. From what I read on the xchgl operator in the past, > it locks the memory bus while doing the exchanging so no other process > can be changing the memory location at the same time. The memory > location is in SYS V type shared memory. > > / > / int > / spinlc(location) > / long *location > / > .text > .align 4 > spinlc: > pushl %ebp > movl %esp, %ebp > subl $0x4, %esp > movl 0x8(%ebp), %eax > movl $0x1, %edx > xchgl %edx, (%eax) > cmpl $0x0, %edx > jne spinlc_fail > movl $0x1, %eax > leave > ret > spinlc_fail: > xorl %eax, %eax > leave > ret > > > The spinlr (spinlock release) routine just puts a 0 in the memory > location. It really could be written in "C" because there is no locking > done here. But because these routines have to be written in the native > assemble for other hardware platform it is easier to have all of them > that way. > > / > / > / void > / spinlr(location) > / long *location > / > .text > .align 4 > spinlr: > pushl %ebp > movl %esp, %ebp > subl $0x4, %esp > movl 0x8(%ebp), %eax > movl $0x0, (%eax) > xorl %eax, %eax > leave > ret Uh, Jack, you ARE aware of the fact that AS3 is a 2.4 kernel and AS4 is a 2.6 kernel, right? The interfaces to the kernel are radically different between the two as is the C compiler (gcc 3.2.3 in AS3, gcc 4.0.1 in AS4) and assembler (as 2.14.x in AS3, as 2.15.x in AS4). I don't know if that would have an effect, but it's very possible. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Never test for an error condition you don't know how to handle. - ---------------------------------------------------------------------- Yes I know all that. That is the reason I am trying to find out exactly what the difference is. Also I have loaded the 64 bit version of AS 4. I did some more testing after I sent this. I wrote a simple C program: abc(int *arg_addr) { if(*arg_addr > 0) { return(1); } return(0); } Then if did cc -S t.c and noticed some things. The assemble code uses different names for the registers and uses pushq instead of pushl, and movq instead of movl. Then I searched the WED and found some document on gnu as. So now I am trying to make change to use the new register and opcodes. I was hoping someone else had already had to do something like this and save me some time and headaches. Thanks: Jack Allen From fromRHIL at outtacyte.com Tue Aug 23 06:53:37 2005 From: fromRHIL at outtacyte.com (Greg Julius) Date: Tue, 23 Aug 2005 01:53:37 -0500 Subject: Kerberos Help Needed In-Reply-To: <430A73E7.7030906@vitalstream.com> Message-ID: <200508230653.j7N6rYac021826@mx3.redhat.com> This is a reply to the last two emails from Rick. I've been poking around and trying various combinations of things that Rick suggested. I also have some questions from all of this. Because this note is a reply to two notes, I've just decided to cut and paste as necessary, hopefully keeping the context for each item intact. >>>>OK, Some general questions: >>>>My linux server is supposed to be running Kerberos and maintaining the >>>>KDC, correct? >>> >>>No, your PDC is the KDC. The Linux machine is a kerberos client, not >>>a kerberos server or controller. >>> >> >> OK. If my PDC (the Windows 2003 ADS system) is my KDC, then which services >> should be running on my Linux machine? >> Clearly I need winbind and samba running, do I need krb5kdc or kadmin as >> well?? > >No, you don't. You only need winbind, smbd and nmbd running. You >probably should have ntpd running and aimed at a time server that your >PDC watches, too. If the date/time on the machines varies as little as >5 minutes, your clients will be booted out of the Windows domain by the >PDC. Annoying, but true. The biggest thing was getting the location of the PDC straightened out. Basically I've been barking up the wrong tree. I changed up the services to only run the winbind and samba services. Both machines do ntp although they don't use the same clock (Linux is using the pool method). Anyway, they are within 1 minute of each other. >> If I should be running krb5kdc and kadmin, then do I point the kdc >> paramerters to filesrv2.ocinternal.local (which is the Win ADS/PDC machine) >> and simply delete the kdc on the Linux Machine? > >You shouldn't have to do anything. The krb5.conf file should aim all >Kerberos requests at your PDC. You should also make sure the >resolv.conf file also looks at your PDC for DNS info (and, of course, >set up the PDC to do DNS). I changed the krb5.conf file to point the kdc and admin stuff to the PDC. The PDC is running the DNS. Pings from the various machines resolve to the correct machines, with and without the domain name attached. resolv.conf references the DNS on the PDC. No other DNS is running. Seems to be working fine. > >The only other tricky thing can be if you have multiple Linux servers >talking to the PDC. It's possible for the winbind cache to get out of >sync between all of them and the ACLs won't work since the machines >don't have a consistent view of the user list. > >Oh, and since I'm on ACLs, are you using them? If so, you may have a >rude awakening as RHEL doesn't have ACL support built into smbd by >default. If you do "smbd -b", look at the output. Verify that you >have "HAVE_SYS_ACL_H" in the "System Headers" section. If you don't >see it, you don't have ACL support and you need to rebuild smbd from >the source RPM or tarball and specify "--with-acl-suppport" in the >"./configure" command. I'm only running one Linux server at this time, probably not ever going to run more than a couple for file services. For now, I'm going to be thrilled to get just one working well. I dodged the bullet on the ACLs. My samba has the correct entry in "System Headers". >> When I join the linux machine to the windows PDC, I issue "net join -U >> administrator". Was I supposed to do a kinit on something first? > >First, you need to delete the Linux machine's machine account on the >PDC, Next, do the kinit to get a new Kerberos ticket. THEN you do the >"net join" to set up the login and passwords. I deleted the prior join attempt and did a 'kinit administrator'. The kinit failed however because of "KDC has no support for encryption type while getting initial credentials". So I removed the enctypes that were suggested in the first reply and tried again. That seemed to work just fine. When I then did the 'net join' it seemed to work except that it died a horrible death in glibc free() with an invalid pointer. It looks like it added to the ads anyway. In fact, when I try to view the guardian machine from the windows server, I get further than I have ever gotten in this configuration. I can actually see the shares! This is progress. HOWEVER, when I trie to view a share, I get the following in the samba log area under the IP address of the windows ads server: *** glibc detected *** smbd: free(): invalid pointer: 0x001bedb0 *** ======= Backtrace: ========= /lib/libc.so.6[0x76d424] /lib/libc.so.6(__libc_free+0x77)[0x76d95f] /lib/libcom_err.so.2(remove_error_table+0x4b)[0x1e3abb] /usr/lib/libkrb5.so.3[0x15c8c4] /usr/lib/libkrb5.so.3[0x15c5c7] /usr/lib/libkrb5.so.3[0x1ad9da] /lib/ld-linux.so.2[0x5d0058] /lib/libc.so.6(exit+0xc5)[0x734c69] smbd(exit_server+0x25c)[0xad1ae6] smbd(main+0x995)[0xad26a1] /lib/libc.so.6(__libc_start_main+0xc6)[0x71ede6] smbd[0x8d04f1] ======= Memory map: ======== I snipped the Memory map area as it was pretty long. It appears that smbd takes a dive during a free operation. This looks exactly like failure that I got at the end of the 'net join' command. I did a 'yum update' hoping there was some fix out there that I hadn't yet picked up. All installed well, but same problem. The failure happens every time. So, What next? From brad.mugleston at retirementpartner.com Tue Aug 23 14:32:55 2005 From: brad.mugleston at retirementpartner.com (Mugleston, Brad) Date: Tue, 23 Aug 2005 08:32:55 -0600 Subject: Data Recovery Help Message-ID: <772B2AC8A595E14EBBC725F641A2AC64826C5A@ITS-EXMBX4.its.corp.gwl.com> My son's college computer died. He's got a lot of files on the drive he needs. It's been years since I've messed with windows and file recovery BUT I believe I know how to do it using Linux 8^). I'm looking for a Linux rescue CD (probably and ISO). I know there were some credit card once available and I've found those but they are very old. Anyone know of a newer version, full size CD would be fine (don't have one of those neat USB things, yet). I'll need it to be able to access an Windows XP drive(s) and move the files across my home network to save someplace. Graphical would be best as that way my son can do the work but if command line is all that is available he will survive - he needs to grow up sometime. Also, some basic instructions would be fantastic as I'll probably just given him the location and get one of his friends to burn the CD for him. One last thing - please respond directly as I can only send email to the list from where I'm at (I get all the traffic at home). Thanks Brad From robertmcclure at earthlink.net Tue Aug 23 16:17:53 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Tue, 23 Aug 2005 11:17:53 -0500 Subject: Data Recovery Help In-Reply-To: <772B2AC8A595E14EBBC725F641A2AC64826C5A@ITS-EXMBX4.its.corp.gwl.com> References: <772B2AC8A595E14EBBC725F641A2AC64826C5A@ITS-EXMBX4.its.corp.gwl.com> Message-ID: <20050823161752.GA5833@bobcat.bobcatos.com> Any chance you could beat your mailer into submission and make it wrap lines every 72 chars or so? I'll reformat this. On Tue, Aug 23, 2005 at 08:32:55AM -0600, Mugleston, Brad wrote: > My son's college computer died. He's got a lot of files on the > drive he needs. It's been years since I've messed with windows and > file recovery BUT I believe I know how to do it using Linux 8^). > I'm looking for a Linux rescue CD (probably and ISO). I know there > were some credit card once available and I've found those but they > are very old. Anyone know of a newer version, full size CD would be > fine (don't have one of those neat USB things, yet). All of the FC distro CD1s (and RH 9, I think) have a rescue function. Just put "linux rescue" at the boot prompt. You might consider Tom's Root and Boot: http://www.toms.net/rb/ It fits the essentials of Linux on a floppy. > I'll need it to be able to access an Windows XP drive(s) If it's an NTFS filesystem, you may well have problems. If it's FAT* you're okay. > and move > the files across my home network to save someplace. Graphical would > be best as that way my son can do the work but if command line is > all that is available he will survive - he needs to grow up > sometime. > > Also, some basic instructions would be fantastic as I'll probably > just given him the location and get one of his friends to burn the > CD for him. > > One last thing - please respond directly as I can only send email to > the list from where I'm at (I get all the traffic at home). > > Thanks > > Brad Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com Peace at any price is inflationary. From ron.h at linuxsyscorp.com Tue Aug 23 17:06:52 2005 From: ron.h at linuxsyscorp.com (LSC Ron) Date: Tue, 23 Aug 2005 10:06:52 -0700 Subject: Data Recovery Help In-Reply-To: <20050823161752.GA5833@bobcat.bobcatos.com> References: <772B2AC8A595E14EBBC725F641A2AC64826C5A@ITS-EXMBX4.its.corp.gwl.com> <20050823161752.GA5833@bobcat.bobcatos.com> Message-ID: <430B57AC.8040101@linuxsyscorp.com> I have had success in recovery by several different means - - With a win system you might want to try Active Partition Recovery. This is a DOS program I've had success with. http://www.downloadjunction.com/product/store/10884 USD$30 - Also check for the manufactures hard drive maintenance program. - Give the web a search for HD recovery programs. Some will recover on line and let you see files to be recovered and pay to actually recover. This process will at least tell you that recovery is possible, then go to the least expensive method. Here is a good How-TO article with good references. http://www.pcstats.com/articleview.cfm?articleID=1139 -R Bob McClure Jr wrote: >Any chance you could beat your mailer into submission and make it wrap >lines every 72 chars or so? I'll reformat this. > >On Tue, Aug 23, 2005 at 08:32:55AM -0600, Mugleston, Brad wrote: > > >>My son's college computer died. He's got a lot of files on the >>drive he needs. It's been years since I've messed with windows and >>file recovery BUT I believe I know how to do it using Linux 8^). >>I'm looking for a Linux rescue CD (probably and ISO). I know there >>were some credit card once available and I've found those but they >>are very old. Anyone know of a newer version, full size CD would be >>fine (don't have one of those neat USB things, yet). >> >> > >All of the FC distro CD1s (and RH 9, I think) have a rescue function. >Just put "linux rescue" at the boot prompt. > >You might consider Tom's Root and Boot: > >http://www.toms.net/rb/ > >It fits the essentials of Linux on a floppy. > > > >>I'll need it to be able to access an Windows XP drive(s) >> >> > >If it's an NTFS filesystem, you may well have problems. If it's FAT* >you're okay. > > > >>and move >>the files across my home network to save someplace. Graphical would >>be best as that way my son can do the work but if command line is >>all that is available he will survive - he needs to grow up >>sometime. >> >>Also, some basic instructions would be fantastic as I'll probably >>just given him the location and get one of his friends to burn the >>CD for him. >> >>One last thing - please respond directly as I can only send email to >>the list from where I'm at (I get all the traffic at home). >> >>Thanks >> >>Brad >> >> > >Cheers, > > From rstevens at vitalstream.com Tue Aug 23 17:36:37 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 23 Aug 2005 10:36:37 -0700 Subject: Kerberos Help Needed In-Reply-To: <200508230653.j7N6rYac021826@mx3.redhat.com> References: <200508230653.j7N6rYac021826@mx3.redhat.com> Message-ID: <430B5EA5.6080906@vitalstream.com> Greg Julius wrote: > This is a reply to the last two emails from Rick. > > I've been poking around and trying various combinations of things that > Rick suggested. I also have some questions from all of this. Because > this note is a reply to two notes, I've just decided to cut and paste > as necessary, hopefully keeping the context for each item intact. > > >>>>>OK, Some general questions: >>>>>My linux server is supposed to be running Kerberos and maintaining the >>>>>KDC, correct? >>>> >>>>No, your PDC is the KDC. The Linux machine is a kerberos client, not >>>>a kerberos server or controller. >>>> >>> >>>OK. If my PDC (the Windows 2003 ADS system) is my KDC, then which > > services > >>>should be running on my Linux machine? >>>Clearly I need winbind and samba running, do I need krb5kdc or kadmin as >>>well?? >> >>No, you don't. You only need winbind, smbd and nmbd running. You >>probably should have ntpd running and aimed at a time server that your >>PDC watches, too. If the date/time on the machines varies as little as >>5 minutes, your clients will be booted out of the Windows domain by the >>PDC. Annoying, but true. > > > The biggest thing was getting the location of the PDC straightened > out. Basically I've been barking up the wrong tree. > > I changed up the services to only run the winbind and samba services. > Both machines do ntp although they don't use the same clock (Linux is using > the pool method). Anyway, they are within 1 minute of each other. > > >>>If I should be running krb5kdc and kadmin, then do I point the kdc >>>paramerters to filesrv2.ocinternal.local (which is the Win ADS/PDC > > machine) > >>>and simply delete the kdc on the Linux Machine? >> >>You shouldn't have to do anything. The krb5.conf file should aim all >>Kerberos requests at your PDC. You should also make sure the >>resolv.conf file also looks at your PDC for DNS info (and, of course, >>set up the PDC to do DNS). > > > I changed the krb5.conf file to point the kdc and admin stuff to the PDC. > The PDC is running the DNS. Pings from the various machines resolve to the > correct machines, with and without the domain name attached. > resolv.conf references the DNS on the PDC. No other DNS is running. > Seems to be working fine. > >>The only other tricky thing can be if you have multiple Linux servers >>talking to the PDC. It's possible for the winbind cache to get out of >>sync between all of them and the ACLs won't work since the machines >>don't have a consistent view of the user list. >> >>Oh, and since I'm on ACLs, are you using them? If so, you may have a >>rude awakening as RHEL doesn't have ACL support built into smbd by >>default. If you do "smbd -b", look at the output. Verify that you >>have "HAVE_SYS_ACL_H" in the "System Headers" section. If you don't >>see it, you don't have ACL support and you need to rebuild smbd from >>the source RPM or tarball and specify "--with-acl-suppport" in the >>"./configure" command. > > > I'm only running one Linux server at this time, probably not ever going > to run more than a couple for file services. For now, I'm going to be > thrilled to get just one working well. > > I dodged the bullet on the ACLs. My samba has the correct entry in > "System Headers". > > >>>When I join the linux machine to the windows PDC, I issue "net join -U >>>administrator". Was I supposed to do a kinit on something first? >> >>First, you need to delete the Linux machine's machine account on the >>PDC, Next, do the kinit to get a new Kerberos ticket. THEN you do the >>"net join" to set up the login and passwords. > > > I deleted the prior join attempt and did a 'kinit administrator'. > The kinit failed however because of "KDC has no support for > encryption type while getting initial credentials". So I removed > the enctypes that were suggested in the first reply and tried again. > That seemed to work just fine. > > When I then did the 'net join' it seemed to work except that it > died a horrible death in glibc free() with an invalid > pointer. It looks like it added to the ads anyway. > > In fact, when I try to view the guardian machine from the windows server, > I get further than I have ever gotten in this configuration. I can > actually see the shares! This is progress. > > HOWEVER, when I trie to view a share, I get the following in the samba log > area under the IP address of the windows ads server: > *** glibc detected *** smbd: free(): invalid pointer: 0x001bedb0 *** > ======= Backtrace: ========= > /lib/libc.so.6[0x76d424] > /lib/libc.so.6(__libc_free+0x77)[0x76d95f] > /lib/libcom_err.so.2(remove_error_table+0x4b)[0x1e3abb] > /usr/lib/libkrb5.so.3[0x15c8c4] > /usr/lib/libkrb5.so.3[0x15c5c7] > /usr/lib/libkrb5.so.3[0x1ad9da] > /lib/ld-linux.so.2[0x5d0058] > /lib/libc.so.6(exit+0xc5)[0x734c69] > smbd(exit_server+0x25c)[0xad1ae6] > smbd(main+0x995)[0xad26a1] > /lib/libc.so.6(__libc_start_main+0xc6)[0x71ede6] > smbd[0x8d04f1] > ======= Memory map: ======== > > I snipped the Memory map area as it was pretty long. It appears that > smbd takes a dive during a free operation. This looks exactly like > failure that I got at the end of the 'net join' command. > > I did a 'yum update' hoping there was some fix out there that I > hadn't yet picked up. All installed well, but same problem. > > The failure happens every time. > > So, What next? I'd try to get the samba source code from samba.org and build it myself. The updates from Red Hat or Fedora are necessarily behind the current release. My guess is that yours has a bug (trying to free an invalid pointer is certainly and example of a coding bug). We are using 3.0.14a ourselves, built from the source tarballs at samba.org. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Admitting you have a problem is the first step toward getting - - medicated for it. -- Jim Evarts (http://www.TopFive.com) - ---------------------------------------------------------------------- From rstevens at vitalstream.com Tue Aug 23 17:45:59 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 23 Aug 2005 10:45:59 -0700 Subject: Setting up Raid 1 disks In-Reply-To: References: Message-ID: <430B60D7.90007@vitalstream.com> john.bergeski at alpsautomotive.com wrote: > I setup the RAID disks, the install went ok, however when the server boots > it stops at a screen with only GRUB in the upper left hand corner of the > screen and just sits there. Nothing happens when I hit any keys. The > install encountered zero problems. Yoikes! Yet another hoseup by anaconda. Hoo, boy. It looks like the ramdisk image doesn't have the driver loaded. I've not done software RAID in a long time, so the driver names I mention below may not be correct. Perhaps someone else can help. Anyway, here's the steps needed to rebuild a boot ramdisk image with the necessary drivers. Here's what you do: Boot off the first CD in "rescue" mode (enter "linux rescue" at the "boot:" prompt. Make sure you load the i2o block driver again and allow the system to mount the system image at /mnt/sysimage. Next, at the "#" prompt, enter "cat /mnt/sysimage/boot/grub/grub.conf". Look carefully at the output to see which kernel the system will try to boot up. Make note of the version number...you'll need that later for the mkinitrd command. Next, enter "chroot /mnt/sysimage". This spawns a new shell where the root of the filesystem is now "/mnt/sysimage" (so even if you do a "cd /", you won't leave the installed CentOS environment). You now need to edit the /etc/modprobe.conf file. In there, make SURE you have an entry to the effect: alias scsi_hostadapter raid1 (or whatever the appropriate driver is) This tells the system that there is a SCSI driver that MUST be included in the boot ramdisk image. Save the file after editing. Once that's done, enter "cd /boot". This puts you into the installed CentOS' /boot directory. You now have to rebuild the ramdisk image used at boot time. Enter this command: # mkinitrd -f -v initrd-[kernelversion].img [kernelversion] replacing "[kernelversion]" with the version number you got when you looked at the grub.conf file. For example, for the 2.6.9-11.ELhugemem kernel: # mkinitrd -f -v initrd-2.6.9-11.ELhugemem.img 2.6.9-11.ELhugemem When the ramdisk image is being built, watch the output of the command and make SURE that the raid1 (or whatever driver is appropriate) gets loaded. If everything appears OK at this point, try to reboot the system. Enter the "exit" command. This kicks you out of the chrooted shell and back to the rescue environment. A second "exit" command will cause the system to reboot. Pop the CD out and see if it'll come up. Good luck, kemosabe! Keep us posted! ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - If it's stupid and it works...it ain't stupid! - ---------------------------------------------------------------------- From karlp at ourldsfamily.com Tue Aug 23 21:27:52 2005 From: karlp at ourldsfamily.com (karlp at ourldsfamily.com) Date: Tue, 23 Aug 2005 15:27:52 -0600 (MDT) Subject: IMAP Performance (again) Message-ID: <35014.207.173.117.242.1124832472.squirrel@ourldsfamily.com> I sent an email a bit ago asking relative performance questions about different IMAP servers. I saved the responses and plan to do something... But, because of the philosophy "if it ain't broke, don't fix it" I haven't changed anything yet. BUT, I have figured something out. Whenever an Outlook Express IMAP user accesses the server, it's unbearably overwhelming to the system and causes incredible slowness. When Pine or Squirrelmail users access the system, there's no noticable performance hits. With Pine, I understand because it doesn't access all the folders everytime it tries to update things. Outlook Express does this, as does Squirrelmail if the option is set. With the option set in Squirrelmail, it doesn't hit the server as hard as Outlook. Or, have I been smoking something? (don't answer that)... It's not unusual for this server to have 'uptime' rates in the 4-6 range when Outlook Express is accessing it. I guess I don't really have a question as much as wondered what thoughts you might have... Karl From robertmcclure at earthlink.net Tue Aug 23 21:44:36 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Tue, 23 Aug 2005 16:44:36 -0500 Subject: IMAP Performance (again) In-Reply-To: <35014.207.173.117.242.1124832472.squirrel@ourldsfamily.com> References: <35014.207.173.117.242.1124832472.squirrel@ourldsfamily.com> Message-ID: <20050823214436.GA20556@bobcat.bobcatos.com> On Tue, Aug 23, 2005 at 03:27:52PM -0600, karlp at ourldsfamily.com wrote: > I sent an email a bit ago asking relative performance questions about > different IMAP servers. I saved the responses and plan to do something... > But, because of the philosophy "if it ain't broke, don't fix it" I haven't > changed anything yet. > > BUT, I have figured something out. Whenever an Outlook Express IMAP user > accesses the server, it's unbearably overwhelming to the system and causes > incredible slowness. When Pine or Squirrelmail users access the system, > there's no noticable performance hits. With Pine, I understand because it > doesn't access all the folders everytime it tries to update things. > Outlook Express does this, as does Squirrelmail if the option is set. With > the option set in Squirrelmail, it doesn't hit the server as hard as > Outlook. Or, have I been smoking something? (don't answer that)... > > It's not unusual for this server to have 'uptime' rates in the 4-6 range > when Outlook Express is accessing it. > > I guess I don't really have a question as much as wondered what thoughts > you might have... > > Karl I'm curious which IMAP server you are using. Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com Peace at any price is inflationary. From fromRHIL at outtacyte.com Wed Aug 24 01:22:36 2005 From: fromRHIL at outtacyte.com (Greg Julius) Date: Tue, 23 Aug 2005 20:22:36 -0500 Subject: Kerberos Help Needed In-Reply-To: <430B5EA5.6080906@vitalstream.com> Message-ID: <200508240149.j7O1nD0L004093@mx3.redhat.com> >> I deleted the prior join attempt and did a 'kinit administrator'. >> The kinit failed however because of "KDC has no support for >> encryption type while getting initial credentials". So I removed >> the enctypes that were suggested in the first reply and tried again. >> That seemed to work just fine. >> >> When I then did the 'net join' it seemed to work except that it >> died a horrible death in glibc free() with an invalid >> pointer. It looks like it added to the ads anyway. >> >> In fact, when I try to view the guardian machine from the windows server, >> I get further than I have ever gotten in this configuration. I can >> actually see the shares! This is progress. >> >> HOWEVER, when I trie to view a share, I get the following in the samba log >> area under the IP address of the windows ads server: >> *** glibc detected *** smbd: free(): invalid pointer: 0x001bedb0 *** >> ======= Backtrace: ========= >> /lib/libc.so.6[0x76d424] >> /lib/libc.so.6(__libc_free+0x77)[0x76d95f] >> /lib/libcom_err.so.2(remove_error_table+0x4b)[0x1e3abb] >> /usr/lib/libkrb5.so.3[0x15c8c4] >> /usr/lib/libkrb5.so.3[0x15c5c7] >> /usr/lib/libkrb5.so.3[0x1ad9da] >> /lib/ld-linux.so.2[0x5d0058] >> /lib/libc.so.6(exit+0xc5)[0x734c69] >> smbd(exit_server+0x25c)[0xad1ae6] >> smbd(main+0x995)[0xad26a1] >> /lib/libc.so.6(__libc_start_main+0xc6)[0x71ede6] >> smbd[0x8d04f1] >> ======= Memory map: ======== >> >> I snipped the Memory map area as it was pretty long. It appears that >> smbd takes a dive during a free operation. This looks exactly like >> failure that I got at the end of the 'net join' command. >> >> I did a 'yum update' hoping there was some fix out there that I >> hadn't yet picked up. All installed well, but same problem. >> >> The failure happens every time. >> >> So, What next? > >I'd try to get the samba source code from samba.org and build it myself. >The updates from Red Hat or Fedora are necessarily behind the current >release. My guess is that yours has a bug (trying to free an invalid >pointer is certainly and example of a coding bug). We are using 3.0.14a >ourselves, built from the source tarballs at samba.org. While I don't have a problem with doing this, I'm not sure that samba is the culprit, just a victum. The net command fails the same way when I do a 'net join': *** glibc detected *** net: free(): invalid pointer: 0x00bd1db0 *** ======= Backtrace: ========= /lib/libc.so.6[0x1be424] /lib/libc.so.6(__libc_free+0x77)[0x1be95f] /lib/libcom_err.so.2(remove_error_table+0x4b)[0x114abb] /usr/lib/libkrb5.so.3[0xb6f8c4] /usr/lib/libkrb5.so.3[0xb6f5c7] /usr/lib/libkrb5.so.3[0xbc09da] /lib/ld-linux.so.2[0xda4058] /lib/libc.so.6(exit+0xc5)[0x185c69] /lib/libc.so.6(__libc_start_main+0xce)[0x16fdee] net[0x3070f1] ======= Memory map: ======== The addresses shown appear to be the same relative to each other. I haven't shot dumps since writing APAR's for IBM 20 years ago but looking at the backtrace I would guess that the free is being issued by libcom_err, perhaps as part of a request from libkrb5. All that aside, could the failure be caused by a bad config parm? I have a very minimal krb5.conf file. I have been trying variations of that. I stopped winbind and did a 'net join' test and it failed the same way, seems that winbind couldn't be a part of the problem. What else might be involved parameterwise? If it's not likely that a parameter change could work around the failure, what would you suggest as the next step? Which source items should I try first and where would I get them? (Gad I must be desparate to even ask this...) -g From karlp at ourldsfamily.com Wed Aug 24 03:30:03 2005 From: karlp at ourldsfamily.com (Karl Pearson) Date: Tue, 23 Aug 2005 21:30:03 -0600 Subject: IMAP Performance (again) In-Reply-To: <20050823214436.GA20556@bobcat.bobcatos.com> References: <35014.207.173.117.242.1124832472.squirrel@ourldsfamily.com> <20050823214436.GA20556@bobcat.bobcatos.com> Message-ID: <430BE9BB.5080504@ourldsfamily.com> Bob McClure Jr wrote: >On Tue, Aug 23, 2005 at 03:27:52PM -0600, karlp at ourldsfamily.com wrote: > > >>I sent an email a bit ago asking relative performance questions about >>different IMAP servers. I saved the responses and plan to do something... >>But, because of the philosophy "if it ain't broke, don't fix it" I haven't >>changed anything yet. >> >>BUT, I have figured something out. Whenever an Outlook Express IMAP user >>accesses the server, it's unbearably overwhelming to the system and causes >>incredible slowness. When Pine or Squirrelmail users access the system, >>there's no noticable performance hits. With Pine, I understand because it >>doesn't access all the folders everytime it tries to update things. >>Outlook Express does this, as does Squirrelmail if the option is set. With >>the option set in Squirrelmail, it doesn't hit the server as hard as >>Outlook. Or, have I been smoking something? (don't answer that)... >> >>It's not unusual for this server to have 'uptime' rates in the 4-6 range >>when Outlook Express is accessing it. >> >>I guess I don't really have a question as much as wondered what thoughts >>you might have... >> >>Karl >> >> > >I'm curious which IMAP server you are using. > >Cheers, > > The default that comes with RH8.0... I've not installed anything other than default stuff, kind of... That's my general philosophy. It makes recovery easier for me. Karl From harold at hallikainen.com Wed Aug 24 03:47:03 2005 From: harold at hallikainen.com (Harold Hallikainen) Date: Tue, 23 Aug 2005 20:47:03 -0700 (PDT) Subject: sample lftp command lines? In-Reply-To: <430A118D.70108@vitalstream.com> References: <37240.207.177.227.29.1124723918.squirrel@kauko.hallikainen.org> <430A118D.70108@vitalstream.com> Message-ID: <1120.192.168.1.1.1124855223.squirrel@kauko.hallikainen.org> > Harold Hallikainen wrote: >> As I SLOWLY move stuff from an RH8 to an FC4 system, I've found that >> ncftp >> is not included in FC4, but lftp is included. I have a script that does >> a >> daily ftp of a tar file to a remote server. I'm having difficulty >> figuring >> out from the man page on lftp what a command line would look like that >> would log me in to the remote server and put the local file in the >> appropriate remote directory. Anyone know of some sample lftp command >> lines? > > ncftp comes with FC4. It's not part of the "default" install > configurations, but you can "yum install ncftp" and get it, either from > one of the repos on the net or from your DVD or CD collection. > > lftp isn't that hard to grok. Just put the commands you want to run in > some file somewhere, then launch lftp with the "-f" flag and specify the > name of the script file. Sample script file, "/tmp/lftp.scp": > > user remoteusername remoteuserpassword > cd /remote/directory > lcd /local/directory > put name-of-tar-file > exit > > To run it: "lftp -f /tmp/lftp.scp". > >> THANKS! >> >> Harold >> ps - I'm CLOSE to getting everything working! I had to modify a buncy of >> php stuff to work on the new machine. I've got this ftp problem and some >> perl stuff to update, then it might be ready to put on line! > > To be brutally honest, rsync is more suited to this sort of thing. > Using rsync in an ssh tunnel is even better and far more secure to boot. > Assuming the data you're copying around is in the same directory or > directory tree, rsync would obviate the need to tar it up in the first > place. IT WORKS! I added open hostname to the top of the script. I appreciate the help and the brutal honesty. I am using rsyncbetween my own servers, but my ISP does not support anything other than ftp uploads. lftp did it. Thanks! Harold -- FCC Rules Updated Daily at http://www.hallikainen.com From akelly at corisweb.org Wed Aug 24 07:36:48 2005 From: akelly at corisweb.org (Andrew Kelly) Date: 24 Aug 2005 09:36:48 +0200 Subject: Data Recovery Help In-Reply-To: <20050823161752.GA5833@bobcat.bobcatos.com> References: <772B2AC8A595E14EBBC725F641A2AC64826C5A@ITS-EXMBX4.its.corp.gwl.com> <20050823161752.GA5833@bobcat.bobcatos.com> Message-ID: <1124869008.3507.10.camel@hermes.at.home> On Tue, 2005-08-23 at 18:17, Bob McClure Jr wrote: > Any chance you could beat your mailer into submission and make it wrap > lines every 72 chars or so? I'll reformat this. > > On Tue, Aug 23, 2005 at 08:32:55AM -0600, Mugleston, Brad wrote: > > My son's college computer died. He's got a lot of files on the > > drive he needs. It's been years since I've messed with windows and > > file recovery BUT I believe I know how to do it using Linux 8^). > > I'm looking for a Linux rescue CD (probably and ISO). I know there > > were some credit card once available and I've found those but they > > are very old. Anyone know of a newer version, full size CD would be > > fine (don't have one of those neat USB things, yet). > > All of the FC distro CD1s (and RH 9, I think) have a rescue function. > Just put "linux rescue" at the boot prompt. > > You might consider Tom's Root and Boot: > > http://www.toms.net/rb/ > > It fits the essentials of Linux on a floppy. > > > I'll need it to be able to access an Windows XP drive(s) > > If it's an NTFS filesystem, you may well have problems. If it's FAT* > you're okay. Another option (although it rather runs screaming from anything list related) would be to pull the disk, jump it as a slave and hang it in a Windows box.* * Assuming, of course, that it's just the OS that got toasted and not the disk itself. Andy > > and move > > the files across my home network to save someplace. Graphical would > > be best as that way my son can do the work but if command line is > > all that is available he will survive - he needs to grow up > > sometime. > > > > Also, some basic instructions would be fantastic as I'll probably > > just given him the location and get one of his friends to burn the > > CD for him. > > > > One last thing - please respond directly as I can only send email to > > the list from where I'm at (I get all the traffic at home). > > > > Thanks > > > > Brad > > Cheers, From friedhelm.storms at hp.com Wed Aug 24 08:19:59 2005 From: friedhelm.storms at hp.com (Storms, Friedhelm) Date: Wed, 24 Aug 2005 10:19:59 +0200 Subject: mke2fs error Message-ID: <29160BFA3AC1A84E877783464A99A272748A0C@IDAEXC04.emea.cpqcorp.net> Hello, I'm trying to install RHEL 3AS on a rx4640 server. Based on following partitions I tried to create new filesystems. This was no problem for sda1 to sda7 but for sda8 I got follwing error: -/bin/sh-2.05b# mke2fs -jv /dev/sda8 mke2fs 1.32 (09-Nov-2002) mke2fs: No such device or address while trying to determine filesystem size -/bin/sh-2.05b# fdisk /dev/sda Command (m for help): p Disk /dev/sda: 73.4 GB, 73407865856 bytes 255 heads, 63 sectors/track, 8924 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sda1 1 13 104391 ee EFI GPT /dev/sda2 14 512 4008217+ fd Linux raid autodetect /dev/sda3 513 2505 16008772+ fd Linux raid autodetect /dev/sda4 2506 8924 51560617+ 5 Extended /dev/sda5 2506 3502 8008371 fd Linux raid autodetect /dev/sda6 3503 4001 4008186 fd Linux raid autodetect /dev/sda7 4002 4500 4008186 fd Linux raid autodetect /dev/sda8 4501 4999 4008186 fd Linux raid autodetect Any ideas what's going wrong with this sda8 partition? Regards Friedhelm ___ From David.Mackintosh at xdroop.com Wed Aug 24 12:06:02 2005 From: David.Mackintosh at xdroop.com (David Mackintosh) Date: Wed, 24 Aug 2005 08:06:02 -0400 Subject: IMAP Performance (again) In-Reply-To: <35014.207.173.117.242.1124832472.squirrel@ourldsfamily.com> References: <35014.207.173.117.242.1124832472.squirrel@ourldsfamily.com> Message-ID: <20050824120602.GF17491@xdroop.com> On Tue, Aug 23, 2005 at 03:27:52PM -0600, karlp at ourldsfamily.com wrote: > BUT, I have figured something out. Whenever an Outlook Express IMAP user > accesses the server, it's unbearably overwhelming to the system and causes > incredible slowness. When Pine or Squirrelmail users access the system, > there's no noticable performance hits. With Pine, I understand because it > doesn't access all the folders everytime it tries to update things. > Outlook Express does this, as does Squirrelmail if the option is set. With > the option set in Squirrelmail, it doesn't hit the server as hard as > Outlook. Or, have I been smoking something? (don't answer that)... In my experience, we had extreme performance slowdowns when using the UWash imapd. What was happening is that the users had large spools or folders, and since UWash was spawning a new instance every time someone connected to it, nothing about the mailbox(es) was getting cached; which meant that these large spools or folders had to be read each and every time the folder was accessed. Multiply this by extreme email hoarding (people with a gig in their inbox spools were not uncommon) and volume (over 150 people accessing the server) and you had for a very large, very powerful computer doing nothing but waiting on disk I/O. Our solution was to use the cyrus IMAPd. This uses a different format for storing email, but more importantly the message statuses were stored in a database format separate from the actual messages, which meant that folder status queries (ie, anything new in my inbox?) were much lighter, more likely cached, and due to both reasons, much faster. The learning curve for cyrus is much steeper than UWash (especially if you are doing either virtual domaining and/or building from source on Solaris); but in our case it was well worth it as it saved us the cost of a brand new machine. -- /\oo/\ / /()\ \ David Mackintosh | Public Key: dave at xdroop.com | http://www.xdroop.com/dave/gpg.html $ gpg --recv-keys --keyserver subkeys.pgp.net 4C032504 Mystery attachment? http://xdroop.dhs.org/space/GPG -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From karlp at ourldsfamily.com Wed Aug 24 14:10:50 2005 From: karlp at ourldsfamily.com (karlp at ourldsfamily.com) Date: Wed, 24 Aug 2005 08:10:50 -0600 (MDT) Subject: IMAP Performance (again) In-Reply-To: <20050824120602.GF17491@xdroop.com> References: <35014.207.173.117.242.1124832472.squirrel@ourldsfamily.com> <20050824120602.GF17491@xdroop.com> Message-ID: <36583.207.173.117.242.1124892650.squirrel@ourldsfamily.com> > On Tue, Aug 23, 2005 at 03:27:52PM -0600, karlp at ourldsfamily.com wrote: > >> BUT, I have figured something out. Whenever an Outlook Express IMAP user >> accesses the server, it's unbearably overwhelming to the system and >> causes >> incredible slowness. When Pine or Squirrelmail users access the system, >> there's no noticable performance hits. With Pine, I understand because >> it >> doesn't access all the folders everytime it tries to update things. >> Outlook Express does this, as does Squirrelmail if the option is set. >> With >> the option set in Squirrelmail, it doesn't hit the server as hard as >> Outlook. Or, have I been smoking something? (don't answer that)... > > In my experience, we had extreme performance slowdowns when using the > UWash imapd. What was happening is that the users had large spools > or folders, and since UWash was spawning a new instance every time > someone connected to it, nothing about the mailbox(es) was getting > cached; which meant that these large spools or folders had to be read > each and every time the folder was accessed. Multiply this by > extreme email hoarding (people with a gig in their inbox spools were > not uncommon) and volume (over 150 people accessing the server) and > you had for a very large, very powerful computer doing nothing but > waiting on disk I/O. > > Our solution was to use the cyrus IMAPd. This uses a different > format for storing email, but more importantly the message statuses > were stored in a database format separate from the actual messages, > which meant that folder status queries (ie, anything new in my > inbox?) were much lighter, more likely cached, and due to both > reasons, much faster. > > The learning curve for cyrus is much steeper than UWash (especially > if you are doing either virtual domaining and/or building from source > on Solaris); but in our case it was well worth it as it saved us the > cost of a brand new machine. Wow, Great information! I guess the learning curve starts now. With 2 mail servers, this will help more than one community of users. When I decided to install mplayer several years ago, I got a working copy going, including codecs, etc. and put the whole kit and kaboodle on a single CD. Doing that made my life easier as I moved up the upgrade path. . . I guess doing the same with Cyrus might be a good idea so disaster recovery can be done much easier. Again, thanks. Karl > > -- > /\oo/\ > / /()\ \ David Mackintosh | Public Key: > dave at xdroop.com | http://www.xdroop.com/dave/gpg.html > $ gpg --recv-keys --keyserver subkeys.pgp.net 4C032504 > Mystery attachment? http://xdroop.dhs.org/space/GPG > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe From jaymlist at gmail.com Wed Aug 24 14:14:47 2005 From: jaymlist at gmail.com (Jay Shampur) Date: Wed, 24 Aug 2005 10:14:47 -0400 Subject: Strange ownership issues Message-ID: <98168c5a05082407147e6a3f8c@mail.gmail.com> I've recently installed a Red Hat ES3 Update5 on a Compaq Proliant box. There are only two accounts defined at the moment: darryl and mysql. I logged in as root, unzipped a tarball in /root folder, and this tarball uncompressed into a folder. So far, so good. The wierd part is that this new folder - which did not exist prior me uncompressing - has the owner darryl group darryl. I know I did not su into this account or otherwise - also various folders which were created when I installed Apache 1.3.33 from source and other software, have their ownership set to various other groups such as mysql, games etc., I have not found any pattern in this - can anyone help? Thanks, Jay From robertmcclure at earthlink.net Wed Aug 24 15:13:38 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Wed, 24 Aug 2005 10:13:38 -0500 Subject: IMAP Performance (again) In-Reply-To: <36583.207.173.117.242.1124892650.squirrel@ourldsfamily.com> References: <35014.207.173.117.242.1124832472.squirrel@ourldsfamily.com> <20050824120602.GF17491@xdroop.com> <36583.207.173.117.242.1124892650.squirrel@ourldsfamily.com> Message-ID: <20050824151338.GB18537@bobcat.bobcatos.com> On Wed, Aug 24, 2005 at 08:10:50AM -0600, karlp at ourldsfamily.com wrote: > > On Tue, Aug 23, 2005 at 03:27:52PM -0600, karlp at ourldsfamily.com wrote: > > > >> BUT, I have figured something out. Whenever an Outlook Express IMAP user > >> accesses the server, it's unbearably overwhelming to the system and > >> causes > >> incredible slowness. When Pine or Squirrelmail users access the system, > >> there's no noticable performance hits. With Pine, I understand because > >> it > >> doesn't access all the folders everytime it tries to update things. > >> Outlook Express does this, as does Squirrelmail if the option is set. > >> With > >> the option set in Squirrelmail, it doesn't hit the server as hard as > >> Outlook. Or, have I been smoking something? (don't answer that)... > > > > In my experience, we had extreme performance slowdowns when using the > > UWash imapd. What was happening is that the users had large spools > > or folders, and since UWash was spawning a new instance every time > > someone connected to it, nothing about the mailbox(es) was getting > > cached; which meant that these large spools or folders had to be read > > each and every time the folder was accessed. Multiply this by > > extreme email hoarding (people with a gig in their inbox spools were > > not uncommon) and volume (over 150 people accessing the server) and > > you had for a very large, very powerful computer doing nothing but > > waiting on disk I/O. > > > > Our solution was to use the cyrus IMAPd. This uses a different > > format for storing email, but more importantly the message statuses > > were stored in a database format separate from the actual messages, > > which meant that folder status queries (ie, anything new in my > > inbox?) were much lighter, more likely cached, and due to both > > reasons, much faster. > > > > The learning curve for cyrus is much steeper than UWash (especially > > if you are doing either virtual domaining and/or building from source > > on Solaris); but in our case it was well worth it as it saved us the > > cost of a brand new machine. > > Wow, Great information! I guess the learning curve starts now. With 2 mail > servers, this will help more than one community of users. > > When I decided to install mplayer several years ago, I got a working copy > going, including codecs, etc. and put the whole kit and kaboodle on a > single CD. Doing that made my life easier as I moved up the upgrade path. > . . I guess doing the same with Cyrus might be a good idea so disaster > recovery can be done much easier. > > Again, thanks. > > Karl Well, before you jump too quickly, you might check out dovecot. It is the default IMAP (and POP3) server in the Fedora Core set, replacing the UW package. I have no information on its technical virtures over UW, if any, but it configures more simply than Cyrus. I'm using it on our local ISP's mail server which has over 1100 customers and is _very_ busy. Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com Peace at any price is inflationary. From rstevens at vitalstream.com Wed Aug 24 18:19:10 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Wed, 24 Aug 2005 11:19:10 -0700 Subject: Kerberos Help Needed In-Reply-To: <200508240149.j7O1nD0L004093@mx3.redhat.com> References: <200508240149.j7O1nD0L004093@mx3.redhat.com> Message-ID: <430CBA1E.8010708@vitalstream.com> Greg Julius wrote: >>>I deleted the prior join attempt and did a 'kinit administrator'. >>>The kinit failed however because of "KDC has no support for >>>encryption type while getting initial credentials". So I removed >>>the enctypes that were suggested in the first reply and tried again. >>>That seemed to work just fine. >>> >>>When I then did the 'net join' it seemed to work except that it >>>died a horrible death in glibc free() with an invalid >>>pointer. It looks like it added to the ads anyway. >>> >>>In fact, when I try to view the guardian machine from the windows server, >>>I get further than I have ever gotten in this configuration. I can >>>actually see the shares! This is progress. >>> >>>HOWEVER, when I trie to view a share, I get the following in the samba > > log > >>>area under the IP address of the windows ads server: >>> *** glibc detected *** smbd: free(): invalid pointer: 0x001bedb0 *** >>> ======= Backtrace: ========= >>> /lib/libc.so.6[0x76d424] >>> /lib/libc.so.6(__libc_free+0x77)[0x76d95f] >>> /lib/libcom_err.so.2(remove_error_table+0x4b)[0x1e3abb] >>> /usr/lib/libkrb5.so.3[0x15c8c4] >>> /usr/lib/libkrb5.so.3[0x15c5c7] >>> /usr/lib/libkrb5.so.3[0x1ad9da] >>> /lib/ld-linux.so.2[0x5d0058] >>> /lib/libc.so.6(exit+0xc5)[0x734c69] >>> smbd(exit_server+0x25c)[0xad1ae6] >>> smbd(main+0x995)[0xad26a1] >>> /lib/libc.so.6(__libc_start_main+0xc6)[0x71ede6] >>> smbd[0x8d04f1] >>> ======= Memory map: ======== >>> >>>I snipped the Memory map area as it was pretty long. It appears that >>>smbd takes a dive during a free operation. This looks exactly like >>>failure that I got at the end of the 'net join' command. >>> >>>I did a 'yum update' hoping there was some fix out there that I >>>hadn't yet picked up. All installed well, but same problem. >>> >>>The failure happens every time. >>> >>>So, What next? >> >>I'd try to get the samba source code from samba.org and build it myself. >>The updates from Red Hat or Fedora are necessarily behind the current >>release. My guess is that yours has a bug (trying to free an invalid >>pointer is certainly and example of a coding bug). We are using 3.0.14a >>ourselves, built from the source tarballs at samba.org. > > > While I don't have a problem with doing this, I'm not sure that samba > is the culprit, just a victum. Well, actually we just installed Samba 3.0.20 last night. There are a LOT of updates in it--so many that the Samba gang decided to skip versions 3.0.15, .16, .17, .18 and .19 and went straight to .20. > The net command fails the same way when I do a 'net join': > *** glibc detected *** net: free(): invalid pointer: 0x00bd1db0 *** > ======= Backtrace: ========= > /lib/libc.so.6[0x1be424] > /lib/libc.so.6(__libc_free+0x77)[0x1be95f] > /lib/libcom_err.so.2(remove_error_table+0x4b)[0x114abb] > /usr/lib/libkrb5.so.3[0xb6f8c4] > /usr/lib/libkrb5.so.3[0xb6f5c7] > /usr/lib/libkrb5.so.3[0xbc09da] > /lib/ld-linux.so.2[0xda4058] > /lib/libc.so.6(exit+0xc5)[0x185c69] > /lib/libc.so.6(__libc_start_main+0xce)[0x16fdee] > net[0x3070f1] > ======= Memory map: ======== > > The addresses shown appear to be the same relative to each other. > I haven't shot dumps since writing APAR's for IBM 20 years ago > but looking at the backtrace I would guess that the free is being > issued by libcom_err, perhaps as part of a request from libkrb5. That's entirely possible. Have you upgraded the kerberos RPMs yet? > All that aside, could the failure be caused by a bad config parm? > I have a very minimal krb5.conf file. I have been trying > variations of that. I stopped winbind and did a 'net join' test > and it failed the same way, seems that winbind couldn't be a > part of the problem. What else might be involved parameterwise? I doubt it's a config issue. The trying to free an invalid pointer is typically caused by a coding bug. I have no idea which parameter would cause the thread of execution to go down this buggy path, but trying to find it would take a full-up debug session. > If it's not likely that a parameter change could work around the > failure, what would you suggest as the next step? > > Which source items should I try first and where would I get them? > (Gad I must be desparate to even ask this...) First off, make sure you update Kerberos and possibly glibc. I can't recall which system you have (I think it was CentOS), but update ASAP. Under CentOS or a licensed version of RHEL, you should be able to "up2date" it. For Fedora Core, use "yum -y update". ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Whoever said "Money can't buy friends" obviously never brought - - donuts to the office. - ---------------------------------------------------------------------- From rstevens at vitalstream.com Wed Aug 24 18:25:57 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Wed, 24 Aug 2005 11:25:57 -0700 Subject: IMAP Performance (again) In-Reply-To: <430BE9BB.5080504@ourldsfamily.com> References: <35014.207.173.117.242.1124832472.squirrel@ourldsfamily.com> <20050823214436.GA20556@bobcat.bobcatos.com> <430BE9BB.5080504@ourldsfamily.com> Message-ID: <430CBBB5.2010908@vitalstream.com> Karl Pearson wrote: > Bob McClure Jr wrote: > >> On Tue, Aug 23, 2005 at 03:27:52PM -0600, karlp at ourldsfamily.com wrote: >> >> >>> I sent an email a bit ago asking relative performance questions about >>> different IMAP servers. I saved the responses and plan to do >>> something... >>> But, because of the philosophy "if it ain't broke, don't fix it" I >>> haven't >>> changed anything yet. >>> >>> BUT, I have figured something out. Whenever an Outlook Express IMAP user >>> accesses the server, it's unbearably overwhelming to the system and >>> causes >>> incredible slowness. When Pine or Squirrelmail users access the system, >>> there's no noticable performance hits. With Pine, I understand >>> because it >>> doesn't access all the folders everytime it tries to update things. >>> Outlook Express does this, as does Squirrelmail if the option is set. >>> With >>> the option set in Squirrelmail, it doesn't hit the server as hard as >>> Outlook. Or, have I been smoking something? (don't answer that)... >>> >>> It's not unusual for this server to have 'uptime' rates in the 4-6 range >>> when Outlook Express is accessing it. >>> >>> I guess I don't really have a question as much as wondered what thoughts >>> you might have... >>> >>> Karl >>> >> >> >> I'm curious which IMAP server you are using. >> >> Cheers, >> >> > The default that comes with RH8.0... I've not installed anything other > than default stuff, kind of... That's my general philosophy. It makes > recovery easier for me. RH8.0 came with UWimap (Crispin's version), and it has issues with large mailboxes and folders. imap-2002e handles it much better (that's what I use with over 9,000 domains and 50,000 users), and dovecot (the standard with Fedora) would probably work as well...but you have to migrate the mailboxes to mh format from standard mailbox format. Not difficult and they do provide a tool to do that. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Any sufficiently advanced technology is indistinguishable from a - - rigged demo. - ---------------------------------------------------------------------- From rstevens at vitalstream.com Wed Aug 24 18:33:49 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Wed, 24 Aug 2005 11:33:49 -0700 Subject: sample lftp command lines? In-Reply-To: <1120.192.168.1.1.1124855223.squirrel@kauko.hallikainen.org> References: <37240.207.177.227.29.1124723918.squirrel@kauko.hallikainen.org> <430A118D.70108@vitalstream.com> <1120.192.168.1.1.1124855223.squirrel@kauko.hallikainen.org> Message-ID: <430CBD8D.3040706@vitalstream.com> Harold Hallikainen wrote: >>Harold Hallikainen wrote: >> >>>As I SLOWLY move stuff from an RH8 to an FC4 system, I've found that >>>ncftp >>>is not included in FC4, but lftp is included. I have a script that does >>>a >>>daily ftp of a tar file to a remote server. I'm having difficulty >>>figuring >>>out from the man page on lftp what a command line would look like that >>>would log me in to the remote server and put the local file in the >>>appropriate remote directory. Anyone know of some sample lftp command >>>lines? >> >>ncftp comes with FC4. It's not part of the "default" install >>configurations, but you can "yum install ncftp" and get it, either from >>one of the repos on the net or from your DVD or CD collection. >> >>lftp isn't that hard to grok. Just put the commands you want to run in >>some file somewhere, then launch lftp with the "-f" flag and specify the >>name of the script file. Sample script file, "/tmp/lftp.scp": >> >> user remoteusername remoteuserpassword >> cd /remote/directory >> lcd /local/directory >> put name-of-tar-file >> exit >> >>To run it: "lftp -f /tmp/lftp.scp". >> >> >>>THANKS! >>> >>>Harold >>>ps - I'm CLOSE to getting everything working! I had to modify a buncy of >>>php stuff to work on the new machine. I've got this ftp problem and some >>>perl stuff to update, then it might be ready to put on line! >> >>To be brutally honest, rsync is more suited to this sort of thing. >>Using rsync in an ssh tunnel is even better and far more secure to boot. >>Assuming the data you're copying around is in the same directory or >>directory tree, rsync would obviate the need to tar it up in the first >>place. > > > IT WORKS! I added open hostname to the top of the script. I appreciate the > help and the brutal honesty. I am using rsyncbetween my own servers, but > my ISP does not support anything other than ftp uploads. lftp did it. Ah, yes, I forgot that bit (sleep deprivation does that to me). Glad to hear that you got it working. Also keep in mind that lftp's default transfer mode is binary (or "image"). If you upload or download a text file, make sure you add the "-a" option to the "put" or "get" commands: put -a name-of-file to force ASCII (text) mode. There is no global "mode" command (e.g. "binary" or "image" or "text" or "ascii") as there is in conventional FTP clients. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - I'm afraid my karma just ran over your dogma - ---------------------------------------------------------------------- From mlm at loanprocessing.net Wed Aug 24 18:37:55 2005 From: mlm at loanprocessing.net (Mike McMullen) Date: Wed, 24 Aug 2005 11:37:55 -0700 Subject: IMAP Performance (again) References: <35014.207.173.117.242.1124832472.squirrel@ourldsfamily.com> <20050823214436.GA20556@bobcat.bobcatos.com><430BE9BB.5080504@ourldsfamily.com> <430CBBB5.2010908@vitalstream.com> Message-ID: <047501c5a8da$f1be13b0$3e01a8c0@express.loanprocessing.net> >>> I'm curious which IMAP server you are using. >>> >>> Cheers, >>> >>> >> The default that comes with RH8.0... I've not installed anything other >> than default stuff, kind of... That's my general philosophy. It makes >> recovery easier for me. > > RH8.0 came with UWimap (Crispin's version), and it has issues with large > mailboxes and folders. imap-2002e handles it much better (that's what I > use with over 9,000 domains and 50,000 users), and dovecot (the standard > with Fedora) would probably work as well...but you have to migrate the > mailboxes to mh format from standard mailbox format. Not difficult and > they do provide a tool to do that. > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - My Dovecot in FC3+4 uses mbox format out of the box. When I migrated to Dovecot from UWimap, it was trivial. Frankly, one of the easiest transitions I ever had. The Dovecot configuration file has many different options to tweak if you want. Also Dovecot handles large mail folders very well. We commonly have folders in the 400MB-1.5GB range and I'm damn impressed by the performance of the server with Outlook Express. Hope this helps, Mike From rstevens at vitalstream.com Wed Aug 24 18:41:19 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Wed, 24 Aug 2005 11:41:19 -0700 Subject: Strange ownership issues In-Reply-To: <98168c5a05082407147e6a3f8c@mail.gmail.com> References: <98168c5a05082407147e6a3f8c@mail.gmail.com> Message-ID: <430CBF4F.7090702@vitalstream.com> Jay Shampur wrote: > I've recently installed a Red Hat ES3 Update5 on a Compaq Proliant > box. There are only two accounts defined at the moment: darryl and > mysql. > > I logged in as root, unzipped a tarball in /root folder, and this > tarball uncompressed into a folder. So far, so good. The wierd part > is that this new folder - which did not exist prior me uncompressing - > has the owner darryl group darryl. > > I know I did not su into this account or otherwise - also various > folders which were created when I installed Apache 1.3.33 from source > and other software, have their ownership set to various other groups > such as mysql, games etc., > > I have not found any pattern in this - can anyone help? Keep in mind that the user names and group names shown in "ls" listings are for your benefit. The system doesn't store names in the ownerships, it stores the UID and GID (user and group numeric ID) values. "ls", by default, tries to match the numeric UID or GID to the /etc/passwd or /etc/group file. If there's a match, the corresponding name is displayed. All this means is that the tarball was created by someone on another machine whose UID matches the UID of user "darryl" on your box. Do an "ls -n" on the new folder, then compare those UIDs and GIDs to your /etc/passwd file and you'll find that they match. By default, RHEL starts creating new users using UID 100 and GID 100 and increments them as each user is added. This is controlled by the file /etc/defaults/useradd. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Lottery: A tax on people who are bad at math. - ---------------------------------------------------------------------- From rstevens at vitalstream.com Wed Aug 24 18:43:41 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Wed, 24 Aug 2005 11:43:41 -0700 Subject: mke2fs error In-Reply-To: <29160BFA3AC1A84E877783464A99A272748A0C@IDAEXC04.emea.cpqcorp.net> References: <29160BFA3AC1A84E877783464A99A272748A0C@IDAEXC04.emea.cpqcorp.net> Message-ID: <430CBFDD.5080802@vitalstream.com> Storms, Friedhelm wrote: > Hello, > > I'm trying to install RHEL 3AS on a rx4640 server. > Based on following partitions I tried to create new filesystems. > This was no problem for sda1 to sda7 but for sda8 I got follwing error: > > -/bin/sh-2.05b# mke2fs -jv /dev/sda8 > mke2fs 1.32 (09-Nov-2002) > mke2fs: No such device or address while trying to determine filesystem > size > > -/bin/sh-2.05b# fdisk /dev/sda > > Command (m for help): p > > Disk /dev/sda: 73.4 GB, 73407865856 bytes > 255 heads, 63 sectors/track, 8924 cylinders > Units = cylinders of 16065 * 512 = 8225280 bytes > > Device Boot Start End Blocks Id System > /dev/sda1 1 13 104391 ee EFI GPT > /dev/sda2 14 512 4008217+ fd Linux raid autodetect > /dev/sda3 513 2505 16008772+ fd Linux raid autodetect > /dev/sda4 2506 8924 51560617+ 5 Extended > /dev/sda5 2506 3502 8008371 fd Linux raid autodetect > /dev/sda6 3503 4001 4008186 fd Linux raid autodetect > /dev/sda7 4002 4500 4008186 fd Linux raid autodetect > /dev/sda8 4501 4999 4008186 fd Linux raid autodetect > > Any ideas what's going wrong with this sda8 partition? Er, is the RAID system running at the time you're doing these mke2fs commands? And you didn't do "mke2fs -jv /dev/sda4", did you? (NEVER "mke2fs" an extended partition itself--only the sub partitions in it such as /dev/sda5, sda6, sda7, sda8). ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - A squeegee, by any other name, wouldn't sound as funny. - ---------------------------------------------------------------------- From harold at hallikainen.com Wed Aug 24 20:00:52 2005 From: harold at hallikainen.com (Harold Hallikainen) Date: Wed, 24 Aug 2005 13:00:52 -0700 (PDT) Subject: IMAP Performance (again) In-Reply-To: <430CBBB5.2010908@vitalstream.com> References: <35014.207.173.117.242.1124832472.squirrel@ourldsfamily.com> <20050823214436.GA20556@bobcat.bobcatos.com><430BE9BB.5080504@ourldsfamily.com> <430CBBB5.2010908@vitalstream.com> Message-ID: <47139.207.177.227.29.1124913652.squirrel@kauko.hallikainen.org> > > RH8.0 came with UWimap (Crispin's version), and it has issues with large > mailboxes and folders. imap-2002e handles it much better (that's what I > use with over 9,000 domains and 50,000 users), and dovecot (the standard > with Fedora) would probably work as well...but you have to migrate the > mailboxes to mh format from standard mailbox format. Not difficult and > they do provide a tool to do that. > ---------------------------------------------------------------------- I got dovecot working without having to change the mailbox format. I DID have to get rid of the mail/ prefix in all my folder references in SquirrelMail, then it all worked. I think I read something in the dovecot config file that it automatically figures out what folder format you're running... Harold -- FCC Rules Updated Daily at http://www.hallikainen.com From karlp at ourldsfamily.com Wed Aug 24 20:37:07 2005 From: karlp at ourldsfamily.com (karlp at ourldsfamily.com) Date: Wed, 24 Aug 2005 14:37:07 -0600 (MDT) Subject: IMAP Performance (again) In-Reply-To: <20050824151338.GB18537@bobcat.bobcatos.com> References: <35014.207.173.117.242.1124832472.squirrel@ourldsfamily.com> <20050824120602.GF17491@xdroop.com> <36583.207.173.117.242.1124892650.squirrel@ourldsfamily.com> <20050824151338.GB18537@bobcat.bobcatos.com> Message-ID: <37704.207.173.117.242.1124915827.squirrel@ourldsfamily.com> < stuff deleted > >> >> Wow, Great information! I guess the learning curve starts now. With 2 >> mail >> servers, this will help more than one community of users. >> >> When I decided to install mplayer several years ago, I got a working >> copy >> going, including codecs, etc. and put the whole kit and kaboodle on a >> single CD. Doing that made my life easier as I moved up the upgrade >> path. >> . . I guess doing the same with Cyrus might be a good idea so disaster >> recovery can be done much easier. >> >> Again, thanks. >> >> Karl > > Well, before you jump too quickly, you might check out dovecot. It is > the default IMAP (and POP3) server in the Fedora Core set, replacing > the UW package. I have no information on its technical virtures over > UW, if any, but it configures more simply than Cyrus. I'm using it on > our local ISP's mail server which has over 1100 customers and is > _very_ busy. Thanks Bob. I've already installed and configured dovecot and it's very fast. Great improvement over WUIMAP. Configuration was annoying, but not that hard. Just a matter of reading the configuration file's comments and trying different things out. I can't get POP to work, but ipop3d isn't a problem so I just enabled imap. Thanks loads. karl > > Cheers, > -- > Bob McClure, Jr. Bobcat Open Systems, Inc. > robertmcclure at earthlink.net http://www.bobcatos.com > Peace at any price is inflationary. > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > From karlp at ourldsfamily.com Wed Aug 24 20:43:12 2005 From: karlp at ourldsfamily.com (karlp at ourldsfamily.com) Date: Wed, 24 Aug 2005 14:43:12 -0600 (MDT) Subject: IMAP Performance (again) In-Reply-To: <430CBBB5.2010908@vitalstream.com> References: <35014.207.173.117.242.1124832472.squirrel@ourldsfamily.com> <20050823214436.GA20556@bobcat.bobcatos.com> <430BE9BB.5080504@ourldsfamily.com> <430CBBB5.2010908@vitalstream.com> Message-ID: <37736.207.173.117.242.1124916192.squirrel@ourldsfamily.com> > Karl Pearson wrote: >> Bob McClure Jr wrote: >> >>> On Tue, Aug 23, 2005 at 03:27:52PM -0600, karlp at ourldsfamily.com wrote: >>> >>> >>>> I sent an email a bit ago asking relative performance questions about >>>> different IMAP servers. I saved the responses and plan to do >>>> something... >>>> But, because of the philosophy "if it ain't broke, don't fix it" I >>>> haven't >>>> changed anything yet. >>>> >>>> BUT, I have figured something out. Whenever an Outlook Express IMAP >>>> user >>>> accesses the server, it's unbearably overwhelming to the system and >>>> causes >>>> incredible slowness. When Pine or Squirrelmail users access the >>>> system, >>>> there's no noticable performance hits. With Pine, I understand >>>> because it >>>> doesn't access all the folders everytime it tries to update things. >>>> Outlook Express does this, as does Squirrelmail if the option is set. >>>> With >>>> the option set in Squirrelmail, it doesn't hit the server as hard as >>>> Outlook. Or, have I been smoking something? (don't answer that)... >>>> >>>> It's not unusual for this server to have 'uptime' rates in the 4-6 >>>> range >>>> when Outlook Express is accessing it. >>>> >>>> I guess I don't really have a question as much as wondered what >>>> thoughts >>>> you might have... >>>> >>>> Karl >>>> >>> >>> >>> I'm curious which IMAP server you are using. >>> >>> Cheers, >>> >>> >> The default that comes with RH8.0... I've not installed anything other >> than default stuff, kind of... That's my general philosophy. It makes >> recovery easier for me. > > RH8.0 came with UWimap (Crispin's version), and it has issues with large > mailboxes and folders. imap-2002e handles it much better (that's what I > use with over 9,000 domains and 50,000 users), and dovecot (the standard > with Fedora) would probably work as well...but you have to migrate the > mailboxes to mh format from standard mailbox format. Not difficult and > they do provide a tool to do that. dovecot 1.0.alpha1 comes with mbox format enabled by default. The only thing I had to do was in the Squirrelmail conf.pl settings for folder collections. It's like Courier IMAP in that the entry is blank instead of mail/ which created /home/$USER/mail/mail/... Once I figured that out, dovecot is very fast and very nice. The indexing is good enough to make the access quick enough on one server. I'll be putting it on the other later today... karl > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > - VitalStream, Inc. http://www.vitalstream.com - > - - > - Any sufficiently advanced technology is indistinguishable from a - > - rigged demo. - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > From karlp at ourldsfamily.com Wed Aug 24 20:44:54 2005 From: karlp at ourldsfamily.com (karlp at ourldsfamily.com) Date: Wed, 24 Aug 2005 14:44:54 -0600 (MDT) Subject: IMAP Performance (again) In-Reply-To: <47139.207.177.227.29.1124913652.squirrel@kauko.hallikainen.org> References: <35014.207.173.117.242.1124832472.squirrel@ourldsfamily.com> <20050823214436.GA20556@bobcat.bobcatos.com><430BE9BB.5080504@ourldsfamily.com> <430CBBB5.2010908@vitalstream.com> <47139.207.177.227.29.1124913652.squirrel@kauko.hallikainen.org> Message-ID: <37742.207.173.117.242.1124916294.squirrel@ourldsfamily.com> > >> >> RH8.0 came with UWimap (Crispin's version), and it has issues with large >> mailboxes and folders. imap-2002e handles it much better (that's what I >> use with over 9,000 domains and 50,000 users), and dovecot (the standard >> with Fedora) would probably work as well...but you have to migrate the >> mailboxes to mh format from standard mailbox format. Not difficult and >> they do provide a tool to do that. >> ---------------------------------------------------------------------- > > > I got dovecot working without having to change the mailbox format. I DID > have to get rid of the mail/ prefix in all my folder references in > SquirrelMail, then it all worked. I think I read something in the dovecot > config file that it automatically figures out what folder format you're > running... It did figure it out. I read that, too. I wish I would have read this email before going through all the docs... Thanks for the knowledge. I am at fault for not reading this first. KLP > > Harold > > > > -- > FCC Rules Updated Daily at http://www.hallikainen.com > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > From erdinc at prosoft.com.tr Wed Aug 24 21:48:18 2005 From: erdinc at prosoft.com.tr (Ali =?ISO-8859-9?Q?Erdin=E7_K=F6ro=F0lu?=) Date: Thu, 25 Aug 2005 00:48:18 +0300 Subject: IMAP Performance (again) In-Reply-To: <20050824151338.GB18537@bobcat.bobcatos.com> References: <35014.207.173.117.242.1124832472.squirrel@ourldsfamily.com> <20050824120602.GF17491@xdroop.com> <36583.207.173.117.242.1124892650.squirrel@ourldsfamily.com> <20050824151338.GB18537@bobcat.bobcatos.com> Message-ID: <20050825004818.522b469b.erdinc@prosoft.com.tr> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi everyone, On Wed, 24 Aug 2005 10:13:38 -0500 Bob McClure Jr wrote: > Well, before you jump too quickly, you might check out dovecot. It is > the default IMAP (and POP3) server in the Fedora Core set, replacing > the UW package. I have no information on its technical virtures over > UW, if any, but it configures more simply than Cyrus. I'm using it on > our local ISP's mail server which has over 1100 customers and is > _very_ busy. Dovecot is good (Im also using) but there some important things to choose cyrus IMAP, such as single copy option. Assume that you'll send a mail (60K) to 100.000 users which will make 6.000.000K or server will try to send 6.000.000 mail size of 60K. Instead of doing this cyrus will send 1 mail but 100.000 users will able to see it. But I advice cyrus for huge amount of users.. Regards Ali Erdin? K?roglu http://www.prosoft.com.tr -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDDOsiUZ8xvL9ToPoRAkTMAKCgkqBFqlP0Q7gZC0+pttDs53McYwCeLroJ vJrVpUrn2tt1kGqrOfOzqEE= =8SEo -----END PGP SIGNATURE----- From erdinc at prosoft.com.tr Wed Aug 24 21:51:08 2005 From: erdinc at prosoft.com.tr (Ali =?ISO-8859-9?Q?Erdin=E7_K=F6ro=F0lu?=) Date: Thu, 25 Aug 2005 00:51:08 +0300 Subject: IMAP Performance (again) In-Reply-To: <20050825004818.522b469b.erdinc@prosoft.com.tr> References: <35014.207.173.117.242.1124832472.squirrel@ourldsfamily.com> <20050824120602.GF17491@xdroop.com> <36583.207.173.117.242.1124892650.squirrel@ourldsfamily.com> <20050824151338.GB18537@bobcat.bobcatos.com> <20050825004818.522b469b.erdinc@prosoft.com.tr> Message-ID: <20050825005108.144d3ead.erdinc@prosoft.com.tr> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 25 Aug 2005 00:48:18 +0300 Ali Erdin? K?ro?lu wrote: > send 6.000.000 mail size of 60K. Sorry I'm sleepy little bit, let me make a correction server will try to send 100.000 mail size of 60K :)) Regards Ali Erdin? K?roglu http://www.prosoft.com.tr -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDDOvMUZ8xvL9ToPoRAuwAAJ9HNgl8Dtffsv6DrDNtJJeypKAkzgCgirHO MwQ92DftLNBsBf+Eek5UVhU= =Acgm -----END PGP SIGNATURE----- From drumilnarayan at yahoo.com Thu Aug 25 11:39:52 2005 From: drumilnarayan at yahoo.com (drumil narayan) Date: Thu, 25 Aug 2005 12:39:52 +0100 (BST) Subject: configuring a service In-Reply-To: Message-ID: <20050825113952.33148.qmail@web8308.mail.in.yahoo.com> --- Michael Velez wrote: > > ----- Original Message ----- > From: "drumil narayan" > To: "Getting started with Red Hat Linux" > > Sent: Monday, August 22, 2005 10:50 AM > Subject: configuring a service > > > > Dear All, > > > > I have a configured a service oraclewhich will > start > > and stop the database. > > this service works finw while starting/rebooting > the > > database and do not gets displayed while am > shutting > > down the linux server. > > how do i achieve this. > > > > my oracle service is in /etc/rc.d/oracle > > symbolic links to this service are present > > /etc/rc.d/rc.0, /etc/rc.d/rc.2, rc.3, rc.6 > > > > am i supposed to somthing else.. > > > > kindly communicate..Drumil > thanx michel, your suggestion were verymuch useful and they worked for me..thanx..drumil ____________________________________________________ Send a rakhi to your brother, buy gifts and win attractive prizes. Log on to http://in.promos.yahoo.com/rakhi/index.html From jaymlist at gmail.com Thu Aug 25 14:13:33 2005 From: jaymlist at gmail.com (Jay Shampur) Date: Thu, 25 Aug 2005 10:13:33 -0400 Subject: Strange ownership issues In-Reply-To: <430CBF4F.7090702@vitalstream.com> References: <98168c5a05082407147e6a3f8c@mail.gmail.com> <430CBF4F.7090702@vitalstream.com> Message-ID: <98168c5a05082507136cd2cb6@mail.gmail.com> Hi Rick, Thank you very much - that is indeed the case. ...Jay On 8/24/05, Rick Stevens wrote: > Jay Shampur wrote: > > I've recently installed a Red Hat ES3 Update5 on a Compaq Proliant > > box. There are only two accounts defined at the moment: darryl and > > mysql. > > > > I logged in as root, unzipped a tarball in /root folder, and this > > tarball uncompressed into a folder. So far, so good. The wierd part > > is that this new folder - which did not exist prior me uncompressing - > > has the owner darryl group darryl. > > > > I know I did not su into this account or otherwise - also various > > folders which were created when I installed Apache 1.3.33 from source > > and other software, have their ownership set to various other groups > > such as mysql, games etc., > > > > I have not found any pattern in this - can anyone help? > > Keep in mind that the user names and group names shown in "ls" listings > are for your benefit. The system doesn't store names in the ownerships, > it stores the UID and GID (user and group numeric ID) values. "ls", by > default, tries to match the numeric UID or GID to the /etc/passwd or > /etc/group file. If there's a match, the corresponding name is displayed. > > All this means is that the tarball was created by someone on another > machine whose UID matches the UID of user "darryl" on your box. Do an > "ls -n" on the new folder, then compare those UIDs and GIDs to your > /etc/passwd file and you'll find that they match. > > By default, RHEL starts creating new users using UID 100 and GID 100 > and increments them as each user is added. This is controlled by the > file /etc/defaults/useradd. > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > - VitalStream, Inc. http://www.vitalstream.com - > - - > - Lottery: A tax on people who are bad at math. - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > From rstevens at vitalstream.com Thu Aug 25 16:43:05 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Thu, 25 Aug 2005 09:43:05 -0700 Subject: Strange ownership issues In-Reply-To: <98168c5a05082507136cd2cb6@mail.gmail.com> References: <98168c5a05082407147e6a3f8c@mail.gmail.com> <430CBF4F.7090702@vitalstream.com> <98168c5a05082507136cd2cb6@mail.gmail.com> Message-ID: <430DF519.5040300@vitalstream.com> Jay Shampur wrote: > Hi Rick, > > Thank you very much - that is indeed the case. Glad to help. It _is_ a bit disconcerting, isn't it? I remember getting a tarball from someone, untarring it and finding it had _my_ UID in it. I then recalled that I helped him set up the box and it was set up just as mine was (first user added was "master", second was his login, just as my machine had the first user as "master" and the second MY login). As a result, his UID on his machine was 101, and the UID for my account on my machine was also 101, so the unpacked tarball appeared to come from me. As I said, a bit disconcerting at first! We use the "master" login as the only allowed ssh or ftp remote login name. From there you have to "su -" and know the root password to do any damage. Just one more hoop to make hackers jump through. > On 8/24/05, Rick Stevens wrote: > >>Jay Shampur wrote: >> >>>I've recently installed a Red Hat ES3 Update5 on a Compaq Proliant >>>box. There are only two accounts defined at the moment: darryl and >>>mysql. >>> >>>I logged in as root, unzipped a tarball in /root folder, and this >>>tarball uncompressed into a folder. So far, so good. The wierd part >>>is that this new folder - which did not exist prior me uncompressing - >>>has the owner darryl group darryl. >>> >>>I know I did not su into this account or otherwise - also various >>>folders which were created when I installed Apache 1.3.33 from source >>>and other software, have their ownership set to various other groups >>>such as mysql, games etc., >>> >>>I have not found any pattern in this - can anyone help? >> >>Keep in mind that the user names and group names shown in "ls" listings >>are for your benefit. The system doesn't store names in the ownerships, >>it stores the UID and GID (user and group numeric ID) values. "ls", by >>default, tries to match the numeric UID or GID to the /etc/passwd or >>/etc/group file. If there's a match, the corresponding name is displayed. >> >>All this means is that the tarball was created by someone on another >>machine whose UID matches the UID of user "darryl" on your box. Do an >>"ls -n" on the new folder, then compare those UIDs and GIDs to your >>/etc/passwd file and you'll find that they match. >> >>By default, RHEL starts creating new users using UID 100 and GID 100 >>and increments them as each user is added. This is controlled by the >>file /etc/defaults/useradd. >>---------------------------------------------------------------------- >>- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - >>- VitalStream, Inc. http://www.vitalstream.com - >>- - >>- Lottery: A tax on people who are bad at math. - >>---------------------------------------------------------------------- >> >>_______________________________________________ >>Redhat-install-list mailing list >>Redhat-install-list at redhat.com >>https://www.redhat.com/mailman/listinfo/redhat-install-list >>To Unsubscribe Go To ABOVE URL or send a message to: >>redhat-install-list-request at redhat.com >>Subject: unsubscribe >> > > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > -- ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - "I'd explain it to you, but your brain might explode." - ---------------------------------------------------------------------- From rstevens at vitalstream.com Thu Aug 25 17:12:47 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Thu, 25 Aug 2005 10:12:47 -0700 Subject: Kerberos Help Needed In-Reply-To: References: Message-ID: <430DFC0F.1060408@vitalstream.com> Greg Julius wrote: >>>While I don't have a problem with doing this, I'm not sure that samba >>>is the culprit, just a victum. >> >>Well, actually we just installed Samba 3.0.20 last night. There are a >>LOT of updates in it--so many that the Samba gang decided to skip >>versions 3.0.15, .16, .17, .18 and .19 and went straight to .20. > > > Lots of Stuff on that it appears. Still, If I shut off samba and winbind > I still fail on the 'net join'. > > >>>The net command fails the same way when I do a 'net join': >>> *** glibc detected *** net: free(): invalid pointer: 0x00bd1db0 *** >>> ======= Backtrace: ========= >>> /lib/libc.so.6[0x1be424] >>> /lib/libc.so.6(__libc_free+0x77)[0x1be95f] >>> /lib/libcom_err.so.2(remove_error_table+0x4b)[0x114abb] >>> /usr/lib/libkrb5.so.3[0xb6f8c4] >>> /usr/lib/libkrb5.so.3[0xb6f5c7] >>> /usr/lib/libkrb5.so.3[0xbc09da] >>> /lib/ld-linux.so.2[0xda4058] >>> /lib/libc.so.6(exit+0xc5)[0x185c69] >>> /lib/libc.so.6(__libc_start_main+0xce)[0x16fdee] >>> net[0x3070f1] >>> ======= Memory map: ======== >>> >>>The addresses shown appear to be the same relative to each other. >>>I haven't shot dumps since writing APAR's for IBM 20 years ago >>>but looking at the backtrace I would guess that the free is being >>>issued by libcom_err, perhaps as part of a request from libkrb5. >> >>That's entirely possible. Have you upgraded the kerberos RPMs yet? > > > I did a 'yum update' and installed everything it had to offer. > > >>>All that aside, could the failure be caused by a bad config parm? >>>I have a very minimal krb5.conf file. I have been trying >>>variations of that. I stopped winbind and did a 'net join' test >>>and it failed the same way, seems that winbind couldn't be a >>>part of the problem. What else might be involved parameterwise? >> >>I doubt it's a config issue. The trying to free an invalid pointer is >>typically caused by a coding bug. I have no idea which parameter would >>cause the thread of execution to go down this buggy path, but trying to >>find it would take a full-up debug session. > > > Ug!. Yeah, ugh! >>>If it's not likely that a parameter change could work around the >>>failure, what would you suggest as the next step? >>> >>>Which source items should I try first and where would I get them? >>>(Gad I must be desparate to even ask this...) >> >>First off, make sure you update Kerberos and possibly glibc. I can't >>recall which system you have (I think it was CentOS), but update ASAP. >>Under CentOS or a licensed version of RHEL, you should be able to >>"up2date" it. For Fedora Core, use "yum -y update". > > > I'm running Fedora Core 4. Scratch install and all updates applied. Hmmm. I've not tried this with FC4. The running environment we're using is RHES3U4 with a U5 kernel. > I just did a 'yum -y update' and rebooted after all was installed. > There were some glibc stuff that I saw go in this time, but I didn't > see any kerberos looking things. > > Still failed, same way, same (relative) offsets. > > Here is what I have for krb5: > [xxx at guardian ~]# rpm -qa | grep krb5 > krb5-workstation-1.4-3 > krb5-auth-dialog-0.2-5 > krb5-workstation-1.4.1-5 > pam_krb5-2.1.7-3 > krb5-server-1.4-3 > krb5-devel-1.4.1-5 > krb5-libs-1.4-3 > krb5-devel-1.4-3 > krb5-libs-1.4.1-5 > krb5-server-1.4.1-5 > > > Is the fact that I have what look to be two releases a problem? > I have krb5-libs twice. a -1.4.1-5 and a -1.4-3 Well, it's a bit disconcerning, but it shouldn't be fatal. It rather depends on what ld uses when it links things on the fly. The only way to really see that is to do an "ldconfig -v" and verify that it's using the latest krb5 libraries. Here's what we have: [root at dn-1a root]# rpm -qa | grep krb5 krb5-workstation-1.2.7-44 pam_krb5-1.75-1 krb5-libs-1.2.7-44 krb5-devel-1.2.7-44 Cleaned up, here's our krb5.conf file: ------------------------------ cut here -------------------------------- [root at dn-1a etc]# cat krb5.conf [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] ticket_lifetime = 24000 default_realm = NT.SITESTREAM.NET dns_lookup_realm = false dns_lookup_kdc = false default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc [realms] NT.SITESTREAM.NET = { kdc = nt.sitestream.net default_domain = NT.SITESTREAM.NET } [domain_realm] nt.sitestream.net = NT.SITESTREAM.NET .nt.sitestream.net = NT.SITESTREAM.NET [kdc] profile = /var/kerberos/krb5kdc/kdc.conf [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false } ------------------------------ cut here -------------------------------- And yet more cleaned up, here's our smb.conf file: ------------------------------ cut here -------------------------------- #----------------------------------------------------------------------------- # Filename: smb.conf Main Samba config file # # Synopsis: # This file is the main config file for Samba. # # Author: Rick Stevens, VitalStream, Inc. # Last Edit: 22 June 2005 # #----------------------------------------------------------------------------- [global] # netbios name is the name of the machine in NetBIOS... netbios name = dn-1a unix charset = LOCAL # server string is the equivalent of the NT Description field... server string = dn-1a Media connection node # Items specific to clustered file system... kernel oplocks = Yes oplocks = Yes level2 oplocks = Yes oplock contention limit = 2 blocking locks = yes locking = yes posix locking = yes strict locking = no # Include the VitalStream-specific stuff... # Set the domain we belong to... workgroup = NT realm = NT.SITESTREAM.NET # domain = NT.SITESTREAM.NET # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the "loopback" interface. For more examples of the syntax see # the smb.conf man page ; hosts allow = 192.168.1. 192.168.2. 127. # if you want to automatically load your printer list rather # than setting them up individually then you'll need this printcap name = cups load printers = yes disable spoolss = yes show add printer wizard = no # It should not be necessary to spell out the print system type unless # yours is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx printing = cups # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest # this tells Samba to use a separate log file for each machine # that connects # log file = /var/log/samba/%m.log # all log information in one file (with 170+ machines, we need this!) log file = /var/log/samba/log.smbd # Put a capping on the size of the log files (in Kb). max log size = 50 # Security mode. Most people will want user level security. See # security_level.txt for details. security = ADS # Use password server option only with security = server password server = nt.sitestream.net client schannel = no # Password Level allows matching of _n_ characters of the password for # all combinations of upper and lower case. ; password level = 8 ; username level = 8 # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents encrypt passwords = yes ; smb passwd file = /etc/samba/smbpasswd # The following are needed to allow password changing from Windows to # update the Linux system password also. # NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. # NOTE2: You do NOT need these to allow workstations to change only # the encrypted SMB passwords. They allow the Unix password # to be kept in sync with the SMB password. ; unix password sync = Yes ; passwd program = /usr/bin/passwd %u ; passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* # Unix users can map to different SMB User names username map = /etc/samba/smbusers # Set up the UID and GID numbers allowed idmap uid = 15000-40000 idmap gid = 15000-40000 # Use the default Windows domain winbind use default domain = yes winbind separator = + winbind enum users = yes winbind enum groups = yes winbind uid = 400001-60000 winbind gid = 400001-60000 # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name # of the machine that is connecting ; include = /etc/samba/smb.conf.%m # Most people will find that this option gives better performance. # See speed.txt and the manual pages for details socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 # Configure Samba to use multiple interfaces # If you have multiple network interfaces then you must list them # here. See the man page for details. ; interfaces = 192.168.12.2/24 192.168.13.2/24 # Configure remote browse list synchronisation here # request announcement to, or browse list sync from: # a specific host or from / to a whole subnet (see below) ; remote browse sync = 192.168.3.25 192.168.5.255 # Cause this host to announce itself to local subnets here ; remote announce = 192.168.1.255 192.168.2.44 # Browser Control Options: # set local master to no if you don't want Samba to become a master # browser on your network. Otherwise the normal election rules apply ; local master = no # OS Level determines the precedence of this server in master browser # elections. The default value should be reasonable ; os level = 33 # Domain Master specifies Samba to be the Domain Master Browser. This # allows Samba to collate browse lists between subnets. Don't use this # if you already have a Windows NT domain controller doing this job ; domain master = yes # Preferred Master causes Samba to force a local browser election on startup # and gives it a slightly higher chance of winning the election ; preferred master = yes # Enable this if you want Samba to be a domain logon server for # Windows95 workstations. ; domain logons = yes # if you enable domain logons then you may want a per-machine or # per user logon script # run a specific logon batch file per workstation (machine) ; logon script = %m.bat # run a specific logon batch file per username ; logon script = %U.bat # Where to store roving profiles (only for Win95 and WinNT) # %L substitutes for this servers netbios name, %U is username # You must uncomment the [Profiles] share below ; logon path = \\%L\Profiles\%U # All NetBIOS names must be resolved to IP Addresses # 'Name Resolve Order' allows the named resolution mechanism to be specified # the default order is "host lmhosts wins bcast". "host" means use the unix # system gethostbyname() function call that will use either /etc/hosts OR # DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf # and the /etc/resolv.conf file. "host" therefore is system configuration # dependant. This parameter is most often of use to prevent DNS lookups # in order to resolve NetBIOS names to IP Addresses. Use with care! # The example below excludes use of name resolution for machines that are NOT # on the local network segment # - OR - are not deliberately to be known via lmhosts or via WINS. ; name resolve order = wins lmhosts bcast # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server ; wins support = yes # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both ; wins server = w.x.y.z # WINS Proxy - Tells Samba to answer name resolution queries on # behalf of a non WINS capable client, for this to work there must be # at least one WINS Server on the network. The default is NO. ; wins proxy = yes # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names # via DNS nslookups. The built-in default for versions 1.9.17 is yes, # this has been changed in version 1.9.18 to no. dns proxy = no # Case Preservation can be handy - system default is _no_ # NOTE: These can be set on a per share basis ; preserve case = no ; short preserve case = no # Default case is normally upper case for all DOS files ; default case = lower # Be very careful with case sensitivity - it can break things! ; case sensitive = no # Include the share definitions... (scrubbed...you really don't need to know that stuff) ------------------------------ cut here -------------------------------- > BTW, you sent the reply straight to me, so I replied straight > to you. Was that your intent? If not, feel free to resend your > reply via RHIL and I will re-reply to it to keep the thread > intact. Oops! I guess you were the first entry in the "Reply-To:" header and I only did a "Reply", not a "Reply All". I'll add the install list to the "To:" fields to get this back on the list. It will be out of thread order, but that's the best I can do. > OK, what's next? You could try the layout I've given above. It works for us, but I really am concerned about that crash from the kerberos libraries. Have you checked bugzilla about such behaviour? ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - To err is human, to moo bovine. - ---------------------------------------------------------------------- From mikev777 at hotmail.com Thu Aug 25 18:43:07 2005 From: mikev777 at hotmail.com (Michael Velez) Date: Thu, 25 Aug 2005 14:43:07 -0400 Subject: configuring a service In-Reply-To: <20050825113952.33148.qmail@web8308.mail.in.yahoo.com> Message-ID: > -----Original Message----- > From: redhat-install-list-bounces at redhat.com > [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of > drumil narayan > Sent: Thursday, August 25, 2005 7:40 AM > To: Getting started with Red Hat Linux > Subject: Re: configuring a service > > --- Michael Velez wrote: > > > > > ----- Original Message ----- > > From: "drumil narayan" > > To: "Getting started with Red Hat Linux" > > > > Sent: Monday, August 22, 2005 10:50 AM > > Subject: configuring a service > > > > > > > Dear All, > > > > > > I have a configured a service oraclewhich will > > start > > > and stop the database. > > > this service works finw while starting/rebooting > > the > > > database and do not gets displayed while am > > shutting > > > down the linux server. > > > how do i achieve this. > > > > > > my oracle service is in /etc/rc.d/oracle symbolic links to this > > > service are present /etc/rc.d/rc.0, /etc/rc.d/rc.2, rc.3, rc.6 > > > > > > am i supposed to somthing else.. > > > > > > kindly communicate..Drumil > > > > thanx michel, your suggestion were verymuch useful and they > worked for me..thanx..drumil > Glad I could help. Michael From Travis.R.Waldher at boeing.com Thu Aug 25 20:56:22 2005 From: Travis.R.Waldher at boeing.com (Waldher, Travis R) Date: Thu, 25 Aug 2005 13:56:22 -0700 Subject: Testing for Server MAX load Message-ID: Is there a utility to test for the max load you can place a server under? By load, I mean what top returns at the top line. Thanks, Travis Waldher From brad.mugleston at comcast.net Fri Aug 26 03:49:30 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Thu, 25 Aug 2005 21:49:30 -0600 (MDT) Subject: NFS help Message-ID: I'm trying again to get an NFS system set up on my home network. The book I have says I need to add to my /etc/fstab file a line like this mailserver:/var/spool/mail /var/spool/mail nfs timeo=20,intr When I do that I get the error mount: can't get address for mailserver and yes the machine I'm looking for is named mailserver. I've had this problem before and ended up getting around it by giving the server a fixed IP but if possible I'd rather not do that (no reason, I'm just trying to learn the correct way). So, any help out there? I'm running FC2 on mailserver and RH9 on the machine I'm trying to connect from. Brad Mugleston, KI0OT There are 10 types of people in this world. Those that understand binary and those that don't. From brad.mugleston at comcast.net Fri Aug 26 03:54:22 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Thu, 25 Aug 2005 21:54:22 -0600 (MDT) Subject: Strange Modem In-Reply-To: <430A0C55.3060500@vitalstream.com> References: <430625FA.8070401@vitalstream.com> <430A0C55.3060500@vitalstream.com> Message-ID: On Mon, 22 Aug 2005, Rick Stevens wrote: > brad.mugleston at comcast.net wrote: > > On Fri, 19 Aug 2005, Rick Stevens wrote: > > > > > > > brad.mugleston at comcast.net wrote: > > > > > > > I just built a file server using an old Pentium II with FC2 but > > > > it's got a 180G hard drive on it (for home use). When I hook it > > > > into my home network everything works great - the switch assigns > > > > it an IP address and it seems to work fine. BUt after awhile the > > > > modem starts rebooting. If I unplug the network cable from the > > > > comuter the modem goes back to normal. I've tried two different > > > > NIC's in the computer and they both do the same thing. > > > > > > > > Any ideas? > > > > > > Uh, serial modem or PCI-based? If it's PCI, have you looked at the IRQ > > > assignments between the modem and the NICs? (lspci -v) > > > > > > > > > Sorry - it's a Cable Modem - RCA - goes to my Motorola WR850G > > Router. I'll have to check the dmesg and interrupts - get back > > ot you later on the rest of it. > > Oh. Hmmmm. So, I take it that your layout is something like: > > ------------- ------------------ > --cable-->| cable modem |--->|WAN router/switch | > ------------- port 1 port 2 > ------------------ > ^ ^ > | +--System 2 > +---System 1 > > If so, then SOMEONE on your network is probably asking the modem to > fetch a new DHCP connection from your ISP. You'd need to watch the > TCP traffic to know for sure. You could use something like: > > tcpdump dest host local-ip-address-of-cable-modem > > and that ONLY if you can get the monitoring machine and the cable modem > on the same cable segment (insert a hub--NOT a switch--into the WAN > connection between your router and modem and plug your machine into > that hub as well). > > If that's the case, you can fix that by setting the cable modem's WAN > port to a different subnet. E.g. my cable modem is 192.168.100.1/16, > while my switch uses 192.168.0.1/24 on all ports EXCEPT the WAN port. > The DHCP server on my switch also uses 192.168.0.0/24 in its pool. Thanks for the help Rick - haven't been able to check things out and it started working again. Got online and checked out the comcast web site. Checked into their forum section and it wasn't just my problem but a problem all across the US+. Talking to comcast they said it was my problem but they set out a fix and it went away. Theory is they did a software update on everyones modems and it didn't work..... It would sure make things eaiser if they weren't lying to all their users all the time. From karlp at ourldsfamily.com Fri Aug 26 04:33:58 2005 From: karlp at ourldsfamily.com (karlp at ourldsfamily.com) Date: Thu, 25 Aug 2005 22:33:58 -0600 (MDT) Subject: Dovecot IMAP Update Message-ID: <25856.198.60.114.90.1125030838.squirrel@webmail.ourldsfamily.com> I installed Dovecot on both email servers I administer. The Outlook users who have IMAP accounts have noticed a significant improvement. One user, with over 300 folders, some which have 4 - 5 thousand emails each (don't ask; I don't want to know) told me that the difference in checking email (Outlook checks every folder for new mail) is awesome. I asked how much faster and was told "Well before I could get up and walk around while it checked email, so I never knew how long it really took. Now it happens as fast as it did when I first started doing email and only had a few folders." Cool and easy this was. In Squirrelmail, I had to remove the root folder entry. Dovecot sends mail/ automagically for me. That's made setting up new accounts very easy. But, it took a bit to figure it out first. Pine also continues to work flawlessly for those users. Overall, Dovecot has been a very nice find for me. Thanks to all for making that recommendation. With servers of the size I manage, I doubt I'll ever need Cyrus, but thanks for letting me know about that one, too. Karl From rstevens at vitalstream.com Fri Aug 26 07:53:21 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Fri, 26 Aug 2005 00:53:21 -0700 Subject: Testing for Server MAX load In-Reply-To: References: Message-ID: <430ECA71.8030303@vitalstream.com> Waldher, Travis R wrote: > Is there a utility to test for the max load you can place a server > under? > > By load, I mean what top returns at the top line. Or "uptime". The "load" is made up of a number of things and each of those affect the load in different ways. For example, if you have a lot of processes stuck in IO wait states (ps would show them in a "D" state), that'll up the load significantly. Lots of network connections (especially those in FIN1 states) will affect the load. Not as much as "D" processes, but a lot. Lots of context switching also affects load, as will swapping if you run out of memory. For example, due to a problem we've been having with a SAN system here, I had a web server with about 300 stalled apache processes ("D" state). The load on the system was 1722.6 (dual proc Xeon, 2.8GHz with 2GB RAM). That enough load for you? ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - If you're not part of the solution, you're part of the precipitate - ---------------------------------------------------------------------- From rstevens at vitalstream.com Fri Aug 26 07:55:00 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Fri, 26 Aug 2005 00:55:00 -0700 Subject: Dovecot IMAP Update In-Reply-To: <25856.198.60.114.90.1125030838.squirrel@webmail.ourldsfamily.com> References: <25856.198.60.114.90.1125030838.squirrel@webmail.ourldsfamily.com> Message-ID: <430ECAD4.1030408@vitalstream.com> karlp at ourldsfamily.com wrote: > I installed Dovecot on both email servers I administer. The Outlook users > who have IMAP accounts have noticed a significant improvement. One user, > with over 300 folders, some which have 4 - 5 thousand emails each (don't > ask; I don't want to know) told me that the difference in checking email > (Outlook checks every folder for new mail) is awesome. I asked how much > faster and was told "Well before I could get up and walk around while it > checked email, so I never knew how long it really took. Now it happens as > fast as it did when I first started doing email and only had a few > folders." > > Cool and easy this was. > > In Squirrelmail, I had to remove the root folder entry. Dovecot sends > mail/ automagically for me. That's made setting up new accounts very easy. > But, it took a bit to figure it out first. > > Pine also continues to work flawlessly for those users. > > Overall, Dovecot has been a very nice find for me. > > Thanks to all for making that recommendation. With servers of the size I > manage, I doubt I'll ever need Cyrus, but thanks for letting me know about > that one, too. Well done, Karl! Now, if we could just get you to move up to FC... Heheheheh! :-) ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - "Microsoft is a cross between The Borg and the Ferengi. - - Unfortunately they use Borg to do their marketing and Ferengi to - - do their programming." -- Simon Slavin - ---------------------------------------------------------------------- From rstevens at vitalstream.com Fri Aug 26 07:57:59 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Fri, 26 Aug 2005 00:57:59 -0700 Subject: NFS help In-Reply-To: References: Message-ID: <430ECB87.9030607@vitalstream.com> brad.mugleston at comcast.net wrote: > I'm trying again to get an NFS system set up on my home network. > The book I have says I need to add to my /etc/fstab file a line > like this > > mailserver:/var/spool/mail /var/spool/mail nfs timeo=20,intr > > When I do that I get the error > > mount: can't get address for mailserver > > and yes the machine I'm looking for is named mailserver. > > I've had this problem before and ended up getting around it by > giving the server a fixed IP but if possible I'd rather not do > that (no reason, I'm just trying to learn the correct way). > > So, any help out there? "mailserver" must be resolvable, either via DNS or in your /etc/hosts file. In other words, if you can "ping mailserver", you should be able to mount it. If, however, "ping mailserver" ends up in a message such as: ping: Unknown host mailserver then it ain't resolving. The error you're seeing is mount_nfs' version of "unknown host mailserver". ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Never test for an error condition you don't know how to handle. - ---------------------------------------------------------------------- From rstevens at vitalstream.com Fri Aug 26 07:59:33 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Fri, 26 Aug 2005 00:59:33 -0700 Subject: Strange Modem In-Reply-To: References: <430625FA.8070401@vitalstream.com> <430A0C55.3060500@vitalstream.com> Message-ID: <430ECBE5.1050402@vitalstream.com> brad.mugleston at comcast.net wrote: > On Mon, 22 Aug 2005, Rick Stevens wrote: > > >>brad.mugleston at comcast.net wrote: >> >>>On Fri, 19 Aug 2005, Rick Stevens wrote: >>> >>> >>> >>>>brad.mugleston at comcast.net wrote: >>>> >>>> >>>>>I just built a file server using an old Pentium II with FC2 but >>>>>it's got a 180G hard drive on it (for home use). When I hook it >>>>>into my home network everything works great - the switch assigns >>>>>it an IP address and it seems to work fine. BUt after awhile the >>>>>modem starts rebooting. If I unplug the network cable from the >>>>>comuter the modem goes back to normal. I've tried two different >>>>>NIC's in the computer and they both do the same thing. >>>>> >>>>>Any ideas? >>>> >>>>Uh, serial modem or PCI-based? If it's PCI, have you looked at the IRQ >>>>assignments between the modem and the NICs? (lspci -v) >>>> >>> >>> >>>Sorry - it's a Cable Modem - RCA - goes to my Motorola WR850G >>>Router. I'll have to check the dmesg and interrupts - get back >>>ot you later on the rest of it. >> >>Oh. Hmmmm. So, I take it that your layout is something like: >> >> ------------- ------------------ >>--cable-->| cable modem |--->|WAN router/switch | >> ------------- port 1 port 2 >> ------------------ >> ^ ^ >> | +--System 2 >> +---System 1 >> >>If so, then SOMEONE on your network is probably asking the modem to >>fetch a new DHCP connection from your ISP. You'd need to watch the >>TCP traffic to know for sure. You could use something like: >> >> tcpdump dest host local-ip-address-of-cable-modem >> >>and that ONLY if you can get the monitoring machine and the cable modem >>on the same cable segment (insert a hub--NOT a switch--into the WAN >>connection between your router and modem and plug your machine into >>that hub as well). >> >>If that's the case, you can fix that by setting the cable modem's WAN >>port to a different subnet. E.g. my cable modem is 192.168.100.1/16, >>while my switch uses 192.168.0.1/24 on all ports EXCEPT the WAN port. >>The DHCP server on my switch also uses 192.168.0.0/24 in its pool. > > > > Thanks for the help Rick - haven't been able to check things out > and it started working again. Got online and checked out the > comcast web site. Checked into their forum section and it wasn't > just my problem but a problem all across the US+. Talking to > comcast they said it was my problem but they set out a fix and it > went away. Theory is they did a software update on everyones > modems and it didn't work..... > > It would sure make things eaiser if they weren't lying to all > their users all the time. "Lying to protect the guilty and prosecute the innocent (users)". Fairly common. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Never test for an error condition you don't know how to handle. - ---------------------------------------------------------------------- From geg1 at earthlink.net Fri Aug 26 13:50:12 2005 From: geg1 at earthlink.net (Gregory E. Garland) Date: Fri, 26 Aug 2005 09:50:12 -0400 (GMT-04:00) Subject: unknown GPG signature and up2date problems Message-ID: <20217413.1125064212834.JavaMail.root@elwamui-hound.atl.sa.earthlink.net> It has taken me three hours to finally install the latest RH updates. First of all every single update gets the error message pop up that states "The package .... is signed with an unknown GPG signature. Continue?". This is combined with the fact that up2date repeatedly hangs will trying to download the updates. The only option is to kill the up2date processes and restart, repeatedly mouse through the "unknown GPG signature" messages, and wait until the next of dozens of times the download freezes. Then kill it again, restart, blah-blah... its almost enough to praise Microsoft for distributing quality software. This occurs on an RHEL ES4 system running the AMD64 version of RH. The computer 3 feet to the left running RHEL WS4 on a 32 bit system always updates with no problem. From karlp at ourldsfamily.com Fri Aug 26 15:41:53 2005 From: karlp at ourldsfamily.com (karlp at ourldsfamily.com) Date: Fri, 26 Aug 2005 09:41:53 -0600 (MDT) Subject: Dovecot IMAP Update In-Reply-To: <430ECAD4.1030408@vitalstream.com> References: <25856.198.60.114.90.1125030838.squirrel@webmail.ourldsfamily.com> <430ECAD4.1030408@vitalstream.com> Message-ID: <39602.207.173.117.242.1125070913.squirrel@ourldsfamily.com> > karlp at ourldsfamily.com wrote: >> I installed Dovecot on both email servers I administer. The Outlook >> users >> who have IMAP accounts have noticed a significant improvement. One user, >> with over 300 folders, some which have 4 - 5 thousand emails each (don't >> ask; I don't want to know) told me that the difference in checking email >> (Outlook checks every folder for new mail) is awesome. I asked how much >> faster and was told "Well before I could get up and walk around while it >> checked email, so I never knew how long it really took. Now it happens >> as >> fast as it did when I first started doing email and only had a few >> folders." >> >> Cool and easy this was. >> >> In Squirrelmail, I had to remove the root folder entry. Dovecot sends >> mail/ automagically for me. That's made setting up new accounts very >> easy. >> But, it took a bit to figure it out first. >> >> Pine also continues to work flawlessly for those users. >> >> Overall, Dovecot has been a very nice find for me. >> >> Thanks to all for making that recommendation. With servers of the size I >> manage, I doubt I'll ever need Cyrus, but thanks for letting me know >> about >> that one, too. > > Well done, Karl! Now, if we could just get you to move up to FC... I have FC4 installed on a dual-homed PC. I've been having trouble with it hanging for 'no apparent reason' and haven't gotten to the bottom of that. I'll be using it as my new server when I get a handle on it better. Karl > > Heheheheh! :-) > ---------------------------------------------------------------------- > - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - > - VitalStream, Inc. http://www.vitalstream.com - > - - > - "Microsoft is a cross between The Borg and the Ferengi. - > - Unfortunately they use Borg to do their marketing and Ferengi to - > - do their programming." -- Simon Slavin - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > From john.bergeski at alpsautomotive.com Fri Aug 26 20:07:43 2005 From: john.bergeski at alpsautomotive.com (john.bergeski at alpsautomotive.com) Date: Fri, 26 Aug 2005 16:07:43 -0400 Subject: Redhat Linux ES 4 will not load after I installed a Raid card Message-ID: Hello, I installed a ServeRaid -7k Ultra 320 SCSI raid controller on my IBM 346 server. I tried to get software RAID to work but gave up after a few days(I am very new to LINUX). Now after I configured my drives as RAID 1 with the ServeRaid program Redhat will load up to a point and the server will show an error and then reboot by itself. Any thoughts? Thanks - John From rstevens at vitalstream.com Fri Aug 26 20:12:41 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Fri, 26 Aug 2005 13:12:41 -0700 Subject: Redhat Linux ES 4 will not load after I installed a Raid card In-Reply-To: References: Message-ID: <430F77B9.7080008@vitalstream.com> john.bergeski at alpsautomotive.com wrote: > Hello, > > I installed a ServeRaid -7k Ultra 320 SCSI raid controller on my IBM 346 > server. I tried to get software RAID to work but gave up after a few days(I > am very new to LINUX). Now after I configured my drives as RAID 1 with the > ServeRaid program Redhat will load up to a point and the server will show > an error and then reboot by itself. Any thoughts? The ServeRaid is a hardware RAID card...you don't use software RAID on it. You need to set up the RAID using the ServeRaid program first, THEN install RHES4 on the resulting RAID drive. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - "The Schizophrenic: An Unauthorized Autobiography" - ---------------------------------------------------------------------- From john.bergeski at alpsautomotive.com Fri Aug 26 20:17:12 2005 From: john.bergeski at alpsautomotive.com (john.bergeski at alpsautomotive.com) Date: Fri, 26 Aug 2005 16:17:12 -0400 Subject: Redhat Linux ES 4 will not load after I installed a Raid card In-Reply-To: <430F77B9.7080008@vitalstream.com> Message-ID: Thanks for the reply, I did setup the hardware raid first using the IBM ServeRAID disk. I setup 70GB RAID 1 drive and a 146GB Raid 1 drive. REDHAT ES4 only gets a little further than the first screen where it asks you if you want to use the GUI to load or the command line option. John Rick Stevens To Sent by: Getting started with Red Hat Linux redhat-install-li st-bounces at redhat cc .com Subject Re: Redhat Linux ES 4 will not load 08/26/2005 04:12 after I installed a Raid card PM Please respond to Getting started with Red Hat Linux john.bergeski at alpsautomotive.com wrote: > Hello, > > I installed a ServeRaid -7k Ultra 320 SCSI raid controller on my IBM 346 > server. I tried to get software RAID to work but gave up after a few days(I > am very new to LINUX). Now after I configured my drives as RAID 1 with the > ServeRaid program Redhat will load up to a point and the server will show > an error and then reboot by itself. Any thoughts? The ServeRaid is a hardware RAID card...you don't use software RAID on it. You need to set up the RAID using the ServeRaid program first, THEN install RHES4 on the resulting RAID drive. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - "The Schizophrenic: An Unauthorized Autobiography" - ---------------------------------------------------------------------- _______________________________________________ Redhat-install-list mailing list Redhat-install-list at redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request at redhat.com Subject: unsubscribe -- This message has been scanned for viruses and dangerous content by ALAI MailScanner, and is believed to be clean. From brad.mugleston at comcast.net Fri Aug 26 21:37:42 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Fri, 26 Aug 2005 15:37:42 -0600 (MDT) Subject: NFS help In-Reply-To: <430ECB87.9030607@vitalstream.com> References: <430ECB87.9030607@vitalstream.com> Message-ID: On Fri, 26 Aug 2005, Rick Stevens wrote: > brad.mugleston at comcast.net wrote: > > I'm trying again to get an NFS system set up on my home network. > > The book I have says I need to add to my /etc/fstab file a line > > like this > > > > mailserver:/var/spool/mail /var/spool/mail nfs timeo=20,intr > > > > When I do that I get the error > > > > mount: can't get address for mailserver > > > > and yes the machine I'm looking for is named mailserver. > > > > I've had this problem before and ended up getting around it by > > giving the server a fixed IP but if possible I'd rather not do > > that (no reason, I'm just trying to learn the correct way). > > > > So, any help out there? > > "mailserver" must be resolvable, either via DNS or in your /etc/hosts > file. In other words, if you can "ping mailserver", you should be > able to mount it. > > If, however, "ping mailserver" ends up in a message such as: > > ping: Unknown host mailserver > > then it ain't resolving. The error you're seeing is mount_nfs' version > of "unknown host mailserver". OK, I understand that - but I've only done /etc/hosts with fixed IP's. How does that work with DHCP assigned IP's? From markknecht at gmail.com Fri Aug 26 22:16:18 2005 From: markknecht at gmail.com (Mark Knecht) Date: Fri, 26 Aug 2005 15:16:18 -0700 Subject: NFS help In-Reply-To: References: <430ECB87.9030607@vitalstream.com> Message-ID: <5bdc1c8b05082615163839828f@mail.gmail.com> On 8/26/05, brad.mugleston at comcast.net wrote: > > OK, I understand that - but I've only done /etc/hosts with fixed > IP's. How does that work with DHCP assigned IP's? > What's wrong with using fixed IPs? If you have only 5-10 devices then why not just have them be fixed and be done with it? I see no value to the complexity of DHCP in this case. Just my 2 cents, Mark From brad.mugleston at comcast.net Fri Aug 26 22:30:01 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Fri, 26 Aug 2005 16:30:01 -0600 (MDT) Subject: NFS help In-Reply-To: <5bdc1c8b05082615163839828f@mail.gmail.com> References: <430ECB87.9030607@vitalstream.com> <5bdc1c8b05082615163839828f@mail.gmail.com> Message-ID: On Fri, 26 Aug 2005, Mark Knecht wrote: > On 8/26/05, brad.mugleston at comcast.net wrote: > > > > > OK, I understand that - but I've only done /etc/hosts with fixed > > IP's. How does that work with DHCP assigned IP's? > > > What's wrong with using fixed IPs? If you have only 5-10 devices then > why not just have them be fixed and be done with it? > > I see no value to the complexity of DHCP in this case. > > Just my 2 cents, > Mark > Mark, Your 2 cents are worth more than that and if I was doing this for anything important I probably would give it a fixed IP. BUT I'm trying to figure this stuff out (like my kids say) "JUST CAUSE". If in the real world people do this with fixed IP's then I'll do that (the machine I'm on has a fixed IP for other such reasons). BUT for learning I thought I'd try it with DHCP. Thanks, Brad From markknecht at gmail.com Fri Aug 26 22:34:04 2005 From: markknecht at gmail.com (Mark Knecht) Date: Fri, 26 Aug 2005 15:34:04 -0700 Subject: NFS help In-Reply-To: References: <430ECB87.9030607@vitalstream.com> <5bdc1c8b05082615163839828f@mail.gmail.com> Message-ID: <5bdc1c8b05082615344ffefdb9@mail.gmail.com> On 8/26/05, brad.mugleston at comcast.net wrote: > On Fri, 26 Aug 2005, Mark Knecht wrote: > > > On 8/26/05, brad.mugleston at comcast.net wrote: > > > > > > > > OK, I understand that - but I've only done /etc/hosts with fixed > > > IP's. How does that work with DHCP assigned IP's? > > > > > What's wrong with using fixed IPs? If you have only 5-10 devices then > > why not just have them be fixed and be done with it? > > > > I see no value to the complexity of DHCP in this case. > > > > Just my 2 cents, > > Mark > > > Mark, > > Your 2 cents are worth more than that and if I was doing this for > anything important I probably would give it a fixed IP. BUT I'm > trying to figure this stuff out (like my kids say) "JUST CAUSE". That's a completely fine reason. I do not know the answer to your question in terms of really running a network and having my laptop find my wife's machine called dragonfly when dragonfly is given an address using DHCP. In the end, and yes I was intersted in this same subject once, I decided logically that when the network wasn't working for some reason I didn't want to determine if it was a machine problem or a DHCP server problem or something else so I've always stuck to fixed IP address. The bedroom is .30, my son's room is .40 the living room is .50, etc. It's simple an has rarely failed me. > > If in the real world people do this with fixed IP's then I'll do > that (the machine I'm on has a fixed IP for other such reasons). > BUT for learning I thought I'd try it with DHCP. > Sure. Learning is good! Cheers, Mark From inode0 at gmail.com Fri Aug 26 22:52:57 2005 From: inode0 at gmail.com (inode0) Date: Fri, 26 Aug 2005 17:52:57 -0500 Subject: NFS help In-Reply-To: References: <430ECB87.9030607@vitalstream.com> <5bdc1c8b05082615163839828f@mail.gmail.com> Message-ID: On 8/26/05, brad.mugleston at comcast.net wrote: > Your 2 cents are worth more than that and if I was doing this for > anything important I probably would give it a fixed IP. BUT I'm > trying to figure this stuff out (like my kids say) "JUST CAUSE". > > If in the real world people do this with fixed IP's then I'll do > that (the machine I'm on has a fixed IP for other such reasons). > BUT for learning I thought I'd try it with DHCP. Brad, You can have dhcp give out fixed-addresses based on mac's and enter the appropriate stuff into DNS to resolve the name/ip assigned by dhcp. Using dhcp on your home network is quite nice once you get it set up because every subsequent installation is that much easier ... tweak the dhcp configuration and just install using dhcp. Running a caching nameserver with resolution of your internal IPs is a "good neighbor" thing to do too imo. John From ottohaliburton at comcast.net Fri Aug 26 22:57:47 2005 From: ottohaliburton at comcast.net (Otto Haliburton) Date: Fri, 26 Aug 2005 17:57:47 -0500 Subject: NFS help In-Reply-To: <5bdc1c8b05082615344ffefdb9@mail.gmail.com> References: <430ECB87.9030607@vitalstream.com> <5bdc1c8b05082615163839828f@mail.gmail.com> <5bdc1c8b05082615344ffefdb9@mail.gmail.com> Message-ID: <1125097067.4129.3.camel@c515816-a> On Fri, 2005-08-26 at 15:34 -0700, Mark Knecht wrote: > On 8/26/05, brad.mugleston at comcast.net wrote: > > On Fri, 26 Aug 2005, Mark Knecht wrote: > > > > > On 8/26/05, brad.mugleston at comcast.net wrote: > > > > > > > > > > > OK, I understand that - but I've only done /etc/hosts with fixed > > > > IP's. How does that work with DHCP assigned IP's? > > > > > > > What's wrong with using fixed IPs? If you have only 5-10 devices then > > > why not just have them be fixed and be done with it? > > > > > > I see no value to the complexity of DHCP in this case. > > > > > > Just my 2 cents, > > > Mark > > > > > Mark, > > > > Your 2 cents are worth more than that and if I was doing this for > > anything important I probably would give it a fixed IP. BUT I'm > > trying to figure this stuff out (like my kids say) "JUST CAUSE". > > That's a completely fine reason. > > I do not know the answer to your question in terms of really running a > network and having my laptop find my wife's machine called dragonfly > when dragonfly is given an address using DHCP. > > In the end, and yes I was intersted in this same subject once, I > decided logically that when the network wasn't working for some reason > I didn't want to determine if it was a machine problem or a DHCP > server problem or something else so I've always stuck to fixed IP > address. The bedroom is .30, my son's room is .40 the living room is > .50, etc. It's simple an has rarely failed me. > > > > > If in the real world people do this with fixed IP's then I'll do > > that (the machine I'm on has a fixed IP for other such reasons). > > BUT for learning I thought I'd try it with DHCP. > > > Sure. Learning is good! > > Cheers, > Mark Well it is magic, hahaha. Simply what resources that are available is not a function of the ip addresses, when a node reports to a dns it reports the resources available for sharing and it is this where all nodes are resolved and the resources they have for sharing. At least if I am wrong only barely!!! From greg at outtacyte.com Sat Aug 27 00:27:19 2005 From: greg at outtacyte.com (Greg Julius) Date: Fri, 26 Aug 2005 19:27:19 -0500 Subject: Kerberos Help Needed In-Reply-To: <430DFC0F.1060408@vitalstream.com> Message-ID: <200508270027.j7R0REhx020304@mx3.redhat.com> >> OK, what's next? > >You could try the layout I've given above. It works for us, but I >really am concerned about that crash from the kerberos libraries. >Have you checked bugzilla about such behaviour? Yes, see here: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=164353 Unfortunately no resolution yet. Not even work arounds. Found this last night. Upon re-reading it, the MALLOC_CHECK_=0 looked promising to give a try. If I can keep it from failing, then perhaps I'll be able to see what the real error is. I did an "export MALLOC_CHECK_=0" from my terminal and tried the 'net join' No abend. Modified the /etc/rc.d/init.d/smb script to add an "export MALLOC_CHECK_=0" to the script in the start section. I tried to figure out where I could put this export that would effect the system as a whole, but that's probably not a good idea anyway. When I restarted and re-created my net join (no abend) and then went to the windows system and browsed the guardian machine I was able to see the shares. When I accessed the share, I got the password box. I am logged on to windows as the windows user who has access to the share. I should not be getting the dialog box as I should already have authority. Right? I am in the list for 'admin users', 'valid users', and 'write list'. I think I should be able to access this share. Please let me know if I should check something else as I don't have a real good grip of how the users get their permissions on samba shares in the winbind world. Accessing the share has, in the past, been sufficient to trigger the abend. This time I get this (four times) [2005/08/26 00:09:00, 1] smbd/sesssetup.c:reply_spnego_kerberos(173) Failed to verify incoming ticket! Answering the prompt only generates more of the above errors, but no abends. The winbind log has no information, just the start header. So, What does this message mean? I've googled and I see that the question has been asked, but I didn't find an answer so I don't know where to poke around now. And I've got to go to bed. The thinker part is thunked out... -g From brad.mugleston at comcast.net Sat Aug 27 04:19:45 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Fri, 26 Aug 2005 22:19:45 -0600 (MDT) Subject: NFS help In-Reply-To: References: <430ECB87.9030607@vitalstream.com> <5bdc1c8b05082615163839828f@mail.gmail.com> Message-ID: On Fri, 26 Aug 2005, inode0 wrote: > On 8/26/05, brad.mugleston at comcast.net wrote: > > Your 2 cents are worth more than that and if I was doing this for > > anything important I probably would give it a fixed IP. BUT I'm > > trying to figure this stuff out (like my kids say) "JUST CAUSE". > > > > If in the real world people do this with fixed IP's then I'll do > > that (the machine I'm on has a fixed IP for other such reasons). > > BUT for learning I thought I'd try it with DHCP. > > Brad, > > You can have dhcp give out fixed-addresses based on mac's and enter > the appropriate stuff into DNS to resolve the name/ip assigned by > dhcp. Using dhcp on your home network is quite nice once you get it > set up because every subsequent installation is that much easier ... > tweak the dhcp configuration and just install using dhcp. Running a > caching nameserver with resolution of your internal IPs is a "good > neighbor" thing to do too imo. > John > So, why bother with DHCP if your going to assign a fixed IP anyway? Just wondering... From sarangi at bpost.kek.jp Sat Aug 27 11:28:29 2005 From: sarangi at bpost.kek.jp (Tapas Ranjan) Date: Sat, 27 Aug 2005 20:28:29 +0900 (JST) Subject: X problem(may be) In-Reply-To: Message-ID: Hi : I installed FC3 on a desktop, which has a bit old CPU confugurations and when I open a terminal, it acts so slow that only you can see the border of the terminal and the username, but can't see any cursor. I can't see what I type, just the wallpaper. It's very very very slow, I can't move anything and many times it just freezes and can't even logout. If I switch to single user mode without "X" then everything works fine and fast enough. First I thought it might be a memory problem, since I had 128 MB RAM, then I added another 512 MB, but no change. Second I thought it might be a disk problem, since I had only 4GB for the linux partition, where as another 30GB for windows (which works fine), and then I added complete new hard-disk of 80GB and installed the linux again, but still no change. Now I am clueless, what should I do ? Since I spent quite a few on this, I want help of you guys to guide if I can solve this problem. Here is the output of "/proc/cpuinfo" and "/proc/meminfo" `cat /proc/cpuinfo` -------------------- processor : 0 vendor_id : AuthenticAMD cpu family : 6 model : 4 model name : AMD Athlon(tm) Processor stepping : 2 cpu MHz : 1000.574 cache size : 256 KB fdiv_bug : no hlt_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 1 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 mtrr pge mca cmov pat mmx fxsr syscall mmxext 3dnowext 3dnow bogomips : 1957.88 `cat /proc/meminfo` -------------------- MemTotal: 645808 kB MemFree: 416152 kB Buffers: 37036 kB Cached: 159668 kB SwapCached: 0 kB Active: 83116 kB Inactive: 114612 kB HighTotal: 0 kB HighFree: 0 kB LowTotal: 645808 kB LowFree: 416152 kB SwapTotal: 1116508 kB SwapFree: 1116508 kB Dirty: 64 kB Writeback: 0 kB Mapped: 3344 kB Slab: 24060 kB Committed_AS: 11004 kB PageTables: 140 kB VmallocTotal: 3481592 kB VmallocUsed: 4048 kB VmallocChunk: 3477332 kB HugePages_Total: 0 HugePages_Free: 0 Hugepagesize: 4096 kB Thanks ---Tapas From bhussein at scs-net.org Sat Aug 27 13:03:48 2005 From: bhussein at scs-net.org (Bassam ALHUSSEIN) Date: Sat, 27 Aug 2005 16:03:48 +0300 Subject: Kylix3 In-Reply-To: <20050817160032.9690473841@hormel.redhat.com> References: <20050817160032.9690473841@hormel.redhat.com> Message-ID: Hello everyone ... I am getting some troubles with Kylix3 ( Delphi for Linux ) ... I can write and compile a project successfully ( Ctrl F9 )... But Running the project does NOT work ( F9 ) ...Simply NOTHING happens and delphi is frozen ... I need to send a kill signal to it ... Anybody can help ???? I am using RH9 .. will it work on fedora core4 ??? -- Bisssso ... Using Opera From inode0 at gmail.com Sat Aug 27 12:59:54 2005 From: inode0 at gmail.com (inode0) Date: Sat, 27 Aug 2005 07:59:54 -0500 Subject: NFS help In-Reply-To: References: <430ECB87.9030607@vitalstream.com> <5bdc1c8b05082615163839828f@mail.gmail.com> Message-ID: On 8/26/05, brad.mugleston at comcast.net wrote: > So, why bother with DHCP if your going to assign a fixed IP > anyway? Just wondering... If you use DHCP anyway, perhaps you have a dynamic pool of IPs you hand out to random machines that "plug in" to your network, perhaps you have a pool of IPs (dynamic or fixed) to use with machines that boot over the network, you just might find it more convenient to set up all of your machines to configure their networking using DHCP. That is usually much simpler than configuring things by hand. You can still configure the machines with fixed addresses by hand if you prefer, but you can also boot them up with DHCP providing the networking details. John From robertmcclure at earthlink.net Sat Aug 27 14:25:24 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Sat, 27 Aug 2005 09:25:24 -0500 Subject: X problem(may be) In-Reply-To: References: Message-ID: <20050827142524.GA17919@bobcat.bobcatos.com> On Sat, Aug 27, 2005 at 08:28:29PM +0900, Tapas Ranjan wrote: > Hi : > I installed FC3 on a desktop, which has a bit old > CPU confugurations and when I open a terminal, > it acts so slow that only you can see the border of the terminal and the > username, but can't see any cursor. I can't see what I type, just the > wallpaper. It's very very very slow, I can't move anything and many times > it just freezes and can't even logout. If I switch to single user mode > without "X" then everything works fine and fast enough. > First I thought it might be a memory problem, since I > had 128 MB RAM, then I added another 512 MB, but no change. Second > I thought it might be a disk problem, since I had only 4GB for the > linux partition, where as another 30GB for windows (which works fine), > and then I added complete new hard-disk of 80GB and installed > the linux again, but still no change. Now I am clueless, what should > I do ? Since I spent quite a few on this, I want help of you guys > to guide if I can solve this problem. > > Here is the output of "/proc/cpuinfo" and "/proc/meminfo" > > `cat /proc/cpuinfo` > -------------------- > processor : 0 > vendor_id : AuthenticAMD > cpu family : 6 > model : 4 > model name : AMD Athlon(tm) Processor > stepping : 2 > cpu MHz : 1000.574 > cache size : 256 KB > fdiv_bug : no > hlt_bug : no > f00f_bug : no > coma_bug : no > fpu : yes > fpu_exception : yes > cpuid level : 1 > wp : yes > flags : fpu vme de pse tsc msr pae mce cx8 mtrr pge mca cmov pat > mmx fxsr syscall mmxext 3dnowext 3dnow > bogomips : 1957.88 > > > `cat /proc/meminfo` > -------------------- > MemTotal: 645808 kB > MemFree: 416152 kB > Buffers: 37036 kB > Cached: 159668 kB > SwapCached: 0 kB > Active: 83116 kB > Inactive: 114612 kB > HighTotal: 0 kB > HighFree: 0 kB > LowTotal: 645808 kB > LowFree: 416152 kB > SwapTotal: 1116508 kB > SwapFree: 1116508 kB > Dirty: 64 kB > Writeback: 0 kB > Mapped: 3344 kB > Slab: 24060 kB > Committed_AS: 11004 kB > PageTables: 140 kB > VmallocTotal: 3481592 kB > VmallocUsed: 4048 kB > VmallocChunk: 3477332 kB > HugePages_Total: 0 > HugePages_Free: 0 > Hugepagesize: 4096 kB > > > Thanks > ---Tapas Looks like you have plenty of horsepower. What window manager are you using? You might try creating a new user (who thus has no pre-existing X or WM configuration) and see how X behaves with that user. If all is well, you may need to blow away some of your existing WM configuration, e.g. ~/.gnome for the GNOME wm. Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com Peace at any price is inflationary. From brad.mugleston at comcast.net Sat Aug 27 23:20:05 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Sat, 27 Aug 2005 17:20:05 -0600 (MDT) Subject: NFS and firewall Message-ID: I'm trying to set NFS up on my home computers and from going through the HOW-TO and other write up's it should be working, but it's not. I can ping from machine to machine, I'm using IP address to allow everything to work as suggested in the writeups (for instance /etc/exposts is /home 192.168.1.0/255.255.255.0(rw)). I'm getting an error message rpcinfo:can't contact portmapper: RPC:Remote system error- No route to host Searching on the web it sounds like I may have a firewall set up to restrictive but as far as I can tell I've every firewall down. So, how can I tell the status of a firewall 1 - Red Hat 9.0 (client) 2 - FC2 (server) 3 Motorola WR850G (Wireless Broadband Switch) - note the machines are wired to the Motorola and from what it looks like the firewall is off on this box. OR, what else would you suggest? Also, the server is two floors down from where the client it - how difficult is it to get SSH working, or will it work if NFS will not? Thanks and have a great rest of the weekend. Brad Mugleston, KI0OT There are 10 types of people in this world. Those that understand binary and those that don't. From brad.mugleston at comcast.net Sat Aug 27 23:45:11 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Sat, 27 Aug 2005 17:45:11 -0600 (MDT) Subject: NFS help In-Reply-To: References: <430ECB87.9030607@vitalstream.com> <5bdc1c8b05082615163839828f@mail.gmail.com> Message-ID: On Sat, 27 Aug 2005, inode0 wrote: > On 8/26/05, brad.mugleston at comcast.net wrote: > > So, why bother with DHCP if your going to assign a fixed IP > > anyway? Just wondering... > > If you use DHCP anyway, perhaps you have a dynamic pool of IPs you > hand out to random machines that "plug in" to your network, perhaps > you have a pool of IPs (dynamic or fixed) to use with machines that > boot over the network, you just might find it more convenient to set > up all of your machines to configure their networking using DHCP. That > is usually much simpler than configuring things by hand. > > You can still configure the machines with fixed addresses by hand if > you prefer, but you can also boot them up with DHCP providing the > networking details. > > John > John, I don't follow what your saying - I'm trying to set up an NFS system using DHPC - it sounds like your suggesting I use DHCP (which I am) but how do I set up my /etc/fstab to mount the files on different machines using hostnames with IP's that can change under DHCP? Brad > From brad.mugleston at comcast.net Sat Aug 27 23:50:11 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Sat, 27 Aug 2005 17:50:11 -0600 (MDT) Subject: hostname Message-ID: how does one permenately change a hostname? typing "hostname new.name" doesn't do it permenately and I can't find which file to change. Thanks, Brad Mugleston, KI0OT There are 10 types of people in this world. Those that understand binary and those that don't. From markknecht at gmail.com Sun Aug 28 00:31:10 2005 From: markknecht at gmail.com (Mark Knecht) Date: Sat, 27 Aug 2005 17:31:10 -0700 Subject: NFS help In-Reply-To: References: <430ECB87.9030607@vitalstream.com> <5bdc1c8b05082615163839828f@mail.gmail.com> Message-ID: <5bdc1c8b0508271731b2d01fd@mail.gmail.com> On 8/27/05, brad.mugleston at comcast.net wrote: > On Sat, 27 Aug 2005, inode0 wrote: > > > On 8/26/05, brad.mugleston at comcast.net wrote: > > > So, why bother with DHCP if your going to assign a fixed IP > > > anyway? Just wondering... > > > > If you use DHCP anyway, perhaps you have a dynamic pool of IPs you > > hand out to random machines that "plug in" to your network, perhaps > > you have a pool of IPs (dynamic or fixed) to use with machines that > > boot over the network, you just might find it more convenient to set > > up all of your machines to configure their networking using DHCP. That > > is usually much simpler than configuring things by hand. > > > > You can still configure the machines with fixed addresses by hand if > > you prefer, but you can also boot them up with DHCP providing the > > networking details. > > > > John > > > John, > > I don't follow what your saying - I'm trying to set up an NFS > system using DHPC - it sounds like your suggesting I use DHCP > (which I am) but how do I set up my /etc/fstab to mount the files > on different machines using hostnames with IP's that can change > under DHCP? > > Brad > Brad, As I've said, I'm no expert at this. I don't use DHCP. I don't want to. You get the picture. That said I believe the basic requirement is that the DHCP server needsto also be a DNS server. A machine with a name asks for an address and is given one. That address and name have to be mapped into the DNS server so that any other machine on the network can discover the address from the name. So, I believe that if you are going to do this you need to point all your machines to an internal DNS server, most likely in the firewall. My firewall has one. For instance I look for www.cisco.com first using an outside DNS server, which happens to be my default server: mark at flash ~ $ nslookup www.cisco.com Server: 204.127.199.8 Address: 204.127.199.8#53 Non-authoritative answer: Name: www.cisco.com Address: 198.133.219.25 Following that I ask my firewall for the same info. Notice that the IP address of the server (linksys) is 192.168.1.1: mark at flash ~ $ nslookup www.cisco.com linksys Server: linksys Address: 192.168.1.1#53 Non-authoritative answer: Name: www.cisco.com Address: 198.133.219.25 mark at flash ~ $ The firewall gives me the same address as the outside default DNS server. If you want to use DHCP then the fireall hands out the address and puts it in the DNS server it runs. Your internal machines are remapped to go there (/etc/resolv.conf) and they get the addresses from it. Geez....it seems so simple maybe I should be using it. ;-) Hope this helps, Mark From linuxr at gmail.com Sun Aug 28 01:08:57 2005 From: linuxr at gmail.com (Marc M) Date: Sat, 27 Aug 2005 21:08:57 -0400 Subject: hostname In-Reply-To: References: Message-ID: Check these two files $ cat /etc/sysconfig/network NETWORKING=yes HOSTNAME=whateverboxname.domain may have to add the ip-addresss map to /etc/hosts 127.0.0.1 whateverboxname Marc On 8/27/05, brad.mugleston at comcast.net wrote: > > how does one permenately change a hostname? typing "hostname > new.name " doesn't do it permenately and I can't find > which file > to change. > > Thanks, > > Brad Mugleston, KI0OT > > There are 10 types of people in this world. Those that > understand binary and those that don't. > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > -------------- next part -------------- An HTML attachment was scrubbed... URL: From inode0 at gmail.com Sun Aug 28 01:36:39 2005 From: inode0 at gmail.com (inode0) Date: Sat, 27 Aug 2005 20:36:39 -0500 Subject: NFS help In-Reply-To: References: <430ECB87.9030607@vitalstream.com> <5bdc1c8b05082615163839828f@mail.gmail.com> Message-ID: On 8/27/05, brad.mugleston at comcast.net wrote: > I don't follow what your saying - I'm trying to set up an NFS > system using DHPC - it sounds like your suggesting I use DHCP > (which I am) but how do I set up my /etc/fstab to mount the files > on different machines using hostnames with IP's that can change > under DHCP? Brad, I think you are misunderstanding me. I understood that you wanted to use DHCP for the machine you are using as an NFS server and I suggested having the DHCP server assign your NFS server a fixed address based on its MAC. In dhcp.conf you would have something like the following to do that ... host nfs-1 { hardware ethernet XX:XX:XX:XX:XX:XX; fixed-address YYY.YYY.YYY.YYY; } where XX:XX:XX:XX:XX:XX is the MAC address of your NFS server and YYY.YYY.YYY.YYY is the IP you want to always assign to it. You can then have your DNS server get updates from your DHCP server or you can just set up your DNS server to resolve the name and IP correctly. Either way, if you aren't running your own DNS and DHCP servers, then perhaps this isn't what you really want to do. I think you are going to just have problems if the IP of your NFS server keeps changing. I don't know how to configure /etc/fstab to accommodate that. It expects an IP or a name that resolves to the correct IP. But you can configure DHCP to not change the IP of your NFS server. That is what I was suggesting. John From ottohaliburton at comcast.net Sun Aug 28 01:54:17 2005 From: ottohaliburton at comcast.net (Otto Haliburton) Date: Sat, 27 Aug 2005 20:54:17 -0500 Subject: NFS help In-Reply-To: Message-ID: <003b01c5ab73$668024f0$4801a8c0@C515816A> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of inode0 > Sent: Saturday, August 27, 2005 8:37 PM > To: Getting started with Red Hat Linux > Subject: Re: NFS help > > On 8/27/05, brad.mugleston at comcast.net wrote: > > I don't follow what your saying - I'm trying to set up an NFS > > system using DHPC - it sounds like your suggesting I use DHCP > > (which I am) but how do I set up my /etc/fstab to mount the files > > on different machines using hostnames with IP's that can change > > under DHCP? > > Brad, > > I think you are misunderstanding me. I understood that you wanted to > use DHCP for the machine you are using as an NFS server and I > suggested having the DHCP server assign your NFS server a fixed > address based on its MAC. > > In dhcp.conf you would have something like the following to do that ... > > host nfs-1 { > hardware ethernet XX:XX:XX:XX:XX:XX; > fixed-address YYY.YYY.YYY.YYY; > } > > where XX:XX:XX:XX:XX:XX is the MAC address of your NFS server and > YYY.YYY.YYY.YYY is the IP you want to always assign to it. > > You can then have your DNS server get updates from your DHCP server or > you can just set up your DNS server to resolve the name and IP > correctly. > > Either way, if you aren't running your own DNS and DHCP servers, then > perhaps this isn't what you really want to do. > > I think you are going to just have problems if the IP of your NFS > server keeps changing. I don't know how to configure /etc/fstab to > accommodate that. It expects an IP or a name that resolves to the > correct IP. But you can configure DHCP to not change the IP of your > NFS server. That is what I was suggesting. > > John > This may sound a little callous, but the first thing I think you should do is read up on NFS, DNS, DHCP. Cause you are trying to do something you have no idea how to do. The reason I am saying this is that you need to know how a name is resolved in order to see how to mount the resource. Tha assignment of the IP is irrelevant to what you are doing, what you should be worried about is how everyone resolves the name you assign the resource and that will be done thru the DNS. So if everyone is looking for resource A then when DHCP assigns a IP to resource A and that resource is reported to the DMS server then everyone can mount the resource cause they know who and what it is cause the DNS is going to report its current ip address and if it changes it will report the new one so everyone will always be happy. So forget the assignment of a fixed IP and worry about resolving the name with the DNS. Hopefully you will go out on the net and search for the facts you need and see what you need to do. It might make it easier in your mind to assign a fixed IP but it in no way a necessary requirement for what you are wanting to do. Good Luck!!!!!!!!!1 From fromRHIL at outtacyte.com Sun Aug 28 02:00:15 2005 From: fromRHIL at outtacyte.com (Greg Julius) Date: Sat, 27 Aug 2005 21:00:15 -0500 Subject: Kerberos Help Needed In-Reply-To: <200508270027.j7R0REhx020304@mx3.redhat.com> Message-ID: <200508280200.j7S20Eeq008176@mx3.redhat.com> Y Y A H H OOOO OOOO !! Y Y A A H H O O O O !! Y Y A A H H O O O O !! Y AAAAAAA HHHHHHH O O O O !! Y A A H H O O O O !! Y A A H H O O O O Y A AH H OOOO OOOO !! IT WORKS More on the solution later - write-up forthcoming. I think the biggest problem was (is?) a disconnect between the left and right ear! -g # sometimes you really can't see the forrest due to the trees -----Original Message----- From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of Greg Julius Sent: Friday, August 26, 2005 7:27 PM To: redhat-install-list at redhat.com Subject: RE: Kerberos Help Needed >> OK, what's next? > >You could try the layout I've given above. It works for us, but I >really am concerned about that crash from the kerberos libraries. >Have you checked bugzilla about such behaviour? Yes, see here: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=164353 Unfortunately no resolution yet. Not even work arounds. Found this last night. Upon re-reading it, the MALLOC_CHECK_=0 looked promising to give a try. If I can keep it from failing, then perhaps I'll be able to see what the real error is. I did an "export MALLOC_CHECK_=0" from my terminal and tried the 'net join' No abend. Modified the /etc/rc.d/init.d/smb script to add an "export MALLOC_CHECK_=0" to the script in the start section. I tried to figure out where I could put this export that would effect the system as a whole, but that's probably not a good idea anyway. When I restarted and re-created my net join (no abend) and then went to the windows system and browsed the guardian machine I was able to see the shares. When I accessed the share, I got the password box. I am logged on to windows as the windows user who has access to the share. I should not be getting the dialog box as I should already have authority. Right? I am in the list for 'admin users', 'valid users', and 'write list'. I think I should be able to access this share. Please let me know if I should check something else as I don't have a real good grip of how the users get their permissions on samba shares in the winbind world. Accessing the share has, in the past, been sufficient to trigger the abend. This time I get this (four times) [2005/08/26 00:09:00, 1] smbd/sesssetup.c:reply_spnego_kerberos(173) Failed to verify incoming ticket! Answering the prompt only generates more of the above errors, but no abends. The winbind log has no information, just the start header. So, What does this message mean? I've googled and I see that the question has been asked, but I didn't find an answer so I don't know where to poke around now. And I've got to go to bed. The thinker part is thunked out... -g _______________________________________________ Redhat-install-list mailing list Redhat-install-list at redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request at redhat.com Subject: unsubscribe From brad.mugleston at comcast.net Sun Aug 28 02:39:00 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Sat, 27 Aug 2005 20:39:00 -0600 (MDT) Subject: NFS help In-Reply-To: References: <430ECB87.9030607@vitalstream.com> <5bdc1c8b05082615163839828f@mail.gmail.com> Message-ID: On Sat, 27 Aug 2005, inode0 wrote: > On 8/27/05, brad.mugleston at comcast.net wrote: > > I don't follow what your saying - I'm trying to set up an NFS > > system using DHPC - it sounds like your suggesting I use DHCP > > (which I am) but how do I set up my /etc/fstab to mount the files > > on different machines using hostnames with IP's that can change > > under DHCP? > > Brad, > > I think you are misunderstanding me. I understood that you wanted to > use DHCP for the machine you are using as an NFS server and I > suggested having the DHCP server assign your NFS server a fixed > address based on its MAC. > > In dhcp.conf you would have something like the following to do that ... > > host nfs-1 { > hardware ethernet XX:XX:XX:XX:XX:XX; > fixed-address YYY.YYY.YYY.YYY; > } > > where XX:XX:XX:XX:XX:XX is the MAC address of your NFS server and > YYY.YYY.YYY.YYY is the IP you want to always assign to it. > > You can then have your DNS server get updates from your DHCP server or > you can just set up your DNS server to resolve the name and IP > correctly. > > Either way, if you aren't running your own DNS and DHCP servers, then > perhaps this isn't what you really want to do. > > I think you are going to just have problems if the IP of your NFS > server keeps changing. I don't know how to configure /etc/fstab to > accommodate that. It expects an IP or a name that resolves to the > correct IP. But you can configure DHCP to not change the IP of your > NFS server. That is what I was suggesting. > > John > OK, Now I understand what you were saying and yes I can do that but - as I said before this is more of a learning exercise and I was just wondering how it would be done using full DHCP assigned IP addresses Brad From brad.mugleston at comcast.net Sun Aug 28 02:44:57 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Sat, 27 Aug 2005 20:44:57 -0600 (MDT) Subject: NFS help In-Reply-To: <003b01c5ab73$668024f0$4801a8c0@C515816A> References: <003b01c5ab73$668024f0$4801a8c0@C515816A> Message-ID: > > > This may sound a little callous, but the first thing I think you should do > is read up on NFS, DNS, DHCP. Cause you are trying to do something you have > no idea how to do. The reason I am saying this is that you need to know how > a name is resolved in order to see how to mount the resource. Tha > assignment of the IP is irrelevant to what you are doing, what you should be > worried about is how everyone resolves the name you assign the resource and > that will be done thru the DNS. So if everyone is looking for resource A > then when DHCP assigns a IP to resource A and that resource is reported to > the DMS server then everyone can mount the resource cause they know who and > what it is cause the DNS is going to report its current ip address and if it > changes it will report the new one so everyone will always be happy. So > forget the assignment of a fixed IP and worry about resolving the name with > the DNS. Hopefully you will go out on the net and search for the facts you > need and see what you need to do. It might make it easier in your mind to > assign a fixed IP but it in no way a necessary requirement for what you are > wanting to do. Good Luck!!!!!!!!!1 > Go ahead and be a little callous - you also answered my question at least it's helping to confirm what I was picking up from the discussion. Basically, if I'm going to use DHCP to assign IP addresses then I need to also set up a local DNS server to connect the new IP addresses with the hostnames already assigned to the computers. I haven't been able to do any reading on this but I'm guessing the DNS server must do this by knowing the combination of hostnames and MAC addresses then when the DHCP server assigns the new IP address it must repor that somehow to the DNS server with the MAC address - the DNS ties the two MAC addresses together and bingo I can go from hostname to IP. Now more reading to do. From inode0 at gmail.com Sun Aug 28 02:46:06 2005 From: inode0 at gmail.com (inode0) Date: Sat, 27 Aug 2005 21:46:06 -0500 Subject: NFS help In-Reply-To: References: <5bdc1c8b05082615163839828f@mail.gmail.com> Message-ID: On 8/27/05, brad.mugleston at comcast.net wrote: > OK, Now I understand what you were saying and yes I can do that > but - as I said before this is more of a learning exercise and I > was just wondering how it would be done using full DHCP assigned > IP addresses Rick can come save me perhaps here ... Rick? You out there? :) NFS in my limited experience doesn't fill me with confidence about its robustness. I really don't think I'd want to see what happens when 40 machines have mounts on my NFS server and my server reboots spontaneously and gets a new IP. What happens to all those existing mounts? I'm skeptical about NFS handling this gracefully, but perhaps someone with more experience and knowledge could fill us in on the consequences. John From brad.mugleston at comcast.net Sun Aug 28 02:47:45 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Sat, 27 Aug 2005 20:47:45 -0600 (MDT) Subject: NFS help In-Reply-To: <5bdc1c8b0508271731b2d01fd@mail.gmail.com> References: <430ECB87.9030607@vitalstream.com> <5bdc1c8b05082615163839828f@mail.gmail.com> <5bdc1c8b0508271731b2d01fd@mail.gmail.com> Message-ID: On Sat, 27 Aug 2005, Mark Knecht wrote: > On 8/27/05, brad.mugleston at comcast.net wrote: > > On Sat, 27 Aug 2005, inode0 wrote: > > > > > On 8/26/05, brad.mugleston at comcast.net wrote: > > > > So, why bother with DHCP if your going to assign a fixed IP > > > > anyway? Just wondering... > > > > > > If you use DHCP anyway, perhaps you have a dynamic pool of IPs you > > > hand out to random machines that "plug in" to your network, perhaps > > > you have a pool of IPs (dynamic or fixed) to use with machines that > > > boot over the network, you just might find it more convenient to set > > > up all of your machines to configure their networking using DHCP. That > > > is usually much simpler than configuring things by hand. > > > > > > You can still configure the machines with fixed addresses by hand if > > > you prefer, but you can also boot them up with DHCP providing the > > > networking details. > > > > > > John > > > > > John, > > > > I don't follow what your saying - I'm trying to set up an NFS > > system using DHPC - it sounds like your suggesting I use DHCP > > (which I am) but how do I set up my /etc/fstab to mount the files > > on different machines using hostnames with IP's that can change > > under DHCP? > > > > Brad > > > > Brad, > As I've said, I'm no expert at this. I don't use DHCP. I don't want > to. You get the picture. > > That said I believe the basic requirement is that the DHCP server > needsto also be a DNS server. A machine with a name asks for an > address and is given one. That address and name have to be mapped into > the DNS server so that any other machine on the network can discover > the address from the name. > > So, I believe that if you are going to do this you need to point > all your machines to an internal DNS server, most likely in the > firewall. My firewall has one. For instance I look for www.cisco.com > first using an outside DNS server, which happens to be my default > server: > > mark at flash ~ $ nslookup www.cisco.com > Server: 204.127.199.8 > Address: 204.127.199.8#53 > > Non-authoritative answer: > Name: www.cisco.com > Address: 198.133.219.25 > > Following that I ask my firewall for the same info. Notice that the IP > address of the server (linksys) is 192.168.1.1: > > mark at flash ~ $ nslookup www.cisco.com linksys > Server: linksys > Address: 192.168.1.1#53 > > Non-authoritative answer: > Name: www.cisco.com > Address: 198.133.219.25 > > mark at flash ~ $ > > The firewall gives me the same address as the outside default DNS server. > > If you want to use DHCP then the fireall hands out the address and > puts it in the DNS server it runs. Your internal machines are remapped > to go there (/etc/resolv.conf) and they get the addresses from it. > > Geez....it seems so simple maybe I should be using it. ;-) > > Hope this helps, > Mark > Mark, I am stepping out on a limb here but I bet your linksys isn't a DNS server but is acting as a gateway to a real DNS when you request a DNS service from it. It probably takes a lot more memory than whats in that linksys to hold all the addresses a DNS has...... Brad From fromRHIL at outtacyte.com Sun Aug 28 03:07:57 2005 From: fromRHIL at outtacyte.com (Greg Julius) Date: Sat, 27 Aug 2005 22:07:57 -0500 Subject: NFS help In-Reply-To: <003b01c5ab73$668024f0$4801a8c0@C515816A> Message-ID: <200508280307.j7S37sMo017327@mx3.redhat.com> > On 8/27/05, brad.mugleston at comcast.net wrote: > > I don't follow what your saying - I'm trying to set up an NFS > > system using DHPC - it sounds like your suggesting I use DHCP > > (which I am) but how do I set up my /etc/fstab to mount the files > > on different machines using hostnames with IP's that can change > > under DHCP? > > Brad, > > I think you are misunderstanding me. I understood that you wanted to > use DHCP for the machine you are using as an NFS server and I > suggested having the DHCP server assign your NFS server a fixed > address based on its MAC. > > In dhcp.conf you would have something like the following to do that ... > > host nfs-1 { > hardware ethernet XX:XX:XX:XX:XX:XX; >> fixed-address YYY.YYY.YYY.YYY; >> } >> >> where XX:XX:XX:XX:XX:XX is the MAC address of your NFS server and >> YYY.YYY.YYY.YYY is the IP you want to always assign to it. >> >> You can then have your DNS server get updates from your DHCP server or >> you can just set up your DNS server to resolve the name and IP >> correctly. >> >> Either way, if you aren't running your own DNS and DHCP servers, then >> perhaps this isn't what you really want to do. >> >> I think you are going to just have problems if the IP of your NFS >> server keeps changing. I don't know how to configure /etc/fstab to >> accommodate that. It expects an IP or a name that resolves to the >> correct IP. But you can configure DHCP to not change the IP of your >> NFS server. That is what I was suggesting. >> >> John >> >This may sound a little callous, but the first thing I think you should do >is read up on NFS, DNS, DHCP. Yeah, callous was probably the correct word. But you are right, boning up on these facilities is the thing to do. In support of Brad, however, sometimes a bit of plain old-fashioned help navigating the waters is pricelss. >Cause you are trying to do something you have >no idea how to do. The reason I am saying this is that you need to know how >a name is resolved in order to see how to mount the resource. Tha >assignment of the IP is irrelevant to what you are doing, what you should be >worried about is how everyone resolves the name you assign the resource and >that will be done thru the DNS. So if everyone is looking for resource A >then when DHCP assigns a IP to resource A and that resource is reported to >the DMS server then everyone can mount the resource cause they know who and >what it is cause the DNS is going to report its current ip address and if it >changes it will report the new one so everyone will always be happy. So >forget the assignment of a fixed IP and worry about resolving the name with >the DNS. Hopefully you will go out on the net and search for the facts you >need and see what you need to do. It might make it easier in your mind to >assign a fixed IP but it in no way a necessary requirement for what you are >wanting to do. Good Luck!!!!!!!!!1 Brad, As I understand it, you want to be able to use a name in the NFS mount. A name is a good thing for it's value as a handle. It's much the same reason we use domain names instead of IP quads to navigate the web. Names are just easier and if necessary the underlying address can change without everyone having to update their URLs. Having said that, the point was made that having the IP address dance around would not be a terribly good idea. One of the replies was to the point you can prevent the IP from changing until you want it to by using some DHCP parameters to have DHCP reserve the desired IP for that server's use by keying on the MAC address. However, unless the DNS has the same IP address assignment, nothing else is going to know what that IP is. To do what you want to do, that is give a name to a device/server/host that is centrally managed (meaning you don't want to update every hosts file on your network), then you need to have both DHCP and DNS running on your network. And you must be able to administer them. I strongly suggest that DNS and DHCP services DO run on the same server. At a minimum, your DHCP server is going to require an assigned (by you) IP address. You can set up DHCP to update the DNS - called Dynamic DNS (DDNS) - when IP assignments are made. OR, more simply, you can just have DHCP 'stick' the address based upon the MAC address and at the same time manually update your DNS to associate the name with the same IP. After all, you are administering both of them. That makes it just two places to update should you want to change the address. This latter is the first thing I would do. Break your training project into pieces. 1) Make sure the NFS stuff is working by using an IP you have in mind. 2) Set up DHCP to 'stick' the IP to the desired machine by the MAC address. 3) Update the DNS by manually assigning the name to the IP. 4) Make sure you can reach the machine by name (use ping for example). 5) Change the NFS mount to use the Name and make sure it works that way. 6) If you are still up to it, then play with getting DHCP to update the DNS. I hope that's useful to you. There is some good material out on the web for setting up stuff such as this. I've had good luck getting assistance from the folks who frequent this list. Blessings, -g From brad.mugleston at comcast.net Sun Aug 28 03:09:56 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Sat, 27 Aug 2005 21:09:56 -0600 (MDT) Subject: NFS help In-Reply-To: References: <5bdc1c8b05082615163839828f@mail.gmail.com> Message-ID: On Sat, 27 Aug 2005, inode0 wrote: > On 8/27/05, brad.mugleston at comcast.net wrote: > > OK, Now I understand what you were saying and yes I can do that > > but - as I said before this is more of a learning exercise and I > > was just wondering how it would be done using full DHCP assigned > > IP addresses > > Rick can come save me perhaps here ... Rick? You out there? :) > > NFS in my limited experience doesn't fill me with confidence about its > robustness. I really don't think I'd want to see what happens when 40 > machines have mounts on my NFS server and my server reboots > spontaneously and gets a new IP. What happens to all those existing > mounts? I'm skeptical about NFS handling this gracefully, but perhaps > someone with more experience and knowledge could fill us in on the > consequences. > > John > I'll join that request - from what I've read it's not really graceful and in my reading I get conflicting suggestions - it would be nice if each article indicated which version of Linux they were talking about.... Brad From brad.mugleston at comcast.net Sun Aug 28 03:22:40 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Sat, 27 Aug 2005 21:22:40 -0600 (MDT) Subject: NFS help In-Reply-To: <200508280307.j7S37sMo017327@mx3.redhat.com> References: <200508280307.j7S37sMo017327@mx3.redhat.com> Message-ID: On Sat, 27 Aug 2005, Greg Julius wrote: > > Yeah, callous was probably the correct word. But you are right, boning up > on > these facilities is the thing to do. > > In support of Brad, however, sometimes a bit of plain old-fashioned help > navigating the waters is pricelss. > > >Cause you are trying to do something you have > >no idea how to do. The reason I am saying this is that you need to know > how > >a name is resolved in order to see how to mount the resource. Tha > >assignment of the IP is irrelevant to what you are doing, what you should > be > >worried about is how everyone resolves the name you assign the resource and > >that will be done thru the DNS. So if everyone is looking for resource A > >then when DHCP assigns a IP to resource A and that resource is reported to > >the DMS server then everyone can mount the resource cause they know who and > >what it is cause the DNS is going to report its current ip address and if > it > >changes it will report the new one so everyone will always be happy. So > >forget the assignment of a fixed IP and worry about resolving the name with > >the DNS. Hopefully you will go out on the net and search for the facts you > >need and see what you need to do. It might make it easier in your mind to > >assign a fixed IP but it in no way a necessary requirement for what you are > >wanting to do. Good Luck!!!!!!!!!1 > > Brad, As I understand it, you want to be able to use a name in the NFS > mount. > > A name is a good thing for it's value as a handle. It's much the same > reason > we use domain names instead of IP quads to navigate the web. Names are just > easier and if necessary the underlying address can change without everyone > having to update their URLs. > > Having said that, the point was made that having the IP address dance around > would not be a terribly good idea. > > One of the replies was to the point you can prevent the IP from changing > until you want it to by using some DHCP parameters to have DHCP reserve the > desired IP for that server's use by keying on the MAC address. However, > unless the DNS has the same IP address assignment, nothing else is going to > know what that IP is. > > To do what you want to do, that is give a name to a device/server/host that > is centrally managed (meaning you don't want to update every hosts file on > your network), then you need to have both DHCP and DNS running on your > network. And you must be able to administer them. I strongly suggest that > DNS and DHCP services DO run on the same server. At a minimum, your DHCP > server is going to require an assigned (by you) IP address. > > You can set up DHCP to update the DNS - called Dynamic DNS (DDNS) - when IP > assignments are made. OR, more simply, you can just have DHCP 'stick' the > address based upon the MAC address and at the same time manually update your > DNS to associate the name with the same IP. After all, you are > administering > both of them. That makes it just two places to update should you want to > change the address. > > This latter is the first thing I would do. Break your training project into > pieces. 1) Make sure the NFS stuff is working by using an IP you have in > mind. 2) Set up DHCP to 'stick' the IP to the desired machine by the MAC > address. 3) Update the DNS by manually assigning the name to the IP. > 4) Make sure you can reach the machine by name (use ping for example). > 5) Change the NFS mount to use the Name and make sure it works that way. > 6) If you are still up to it, then play with getting DHCP to update the DNS. > > I hope that's useful to you. There is some good material out on the web > for setting up stuff such as this. I've had good luck getting assistance > from the folks who frequent this list. > > Blessings, > -g > Greg, Thanks for the info and that is the plan I will take - I'm still trying to get the NFS to just work between my two machines right now - no luck. Strange, I can't SSH from my NFS client to my NFS server but I can SSH from my NFS server to my NFS client - getting the same error message "no route to host". I think once I get that cleared things will move ahead a little easier. Part of my problem is I'm working on something then I think ahead of myself - I haven't even got NFS working and I'm wondering how it's going to work if the IP changes..... I need to use names not numbers if the numbers are going to change as I'll never get it straight fast enough for the family - I'll start getting calls from home "Dad I can't get to my homework!!!!" I've only got 24 hours in a day and other than weekends I don't have a lot of time to play Linux (and then it's worked in between honey-do's). Reading is great, I learn alot but if I spend all my free time reading on how to do something it can be a week before I get to use it and with as much information that there is on the web there is a LOT to read... Thanks Brad From markknecht at gmail.com Sun Aug 28 04:27:44 2005 From: markknecht at gmail.com (Mark Knecht) Date: Sat, 27 Aug 2005 21:27:44 -0700 Subject: NFS help In-Reply-To: References: <5bdc1c8b05082615163839828f@mail.gmail.com> <5bdc1c8b0508271731b2d01fd@mail.gmail.com> Message-ID: <5bdc1c8b05082721273897f375@mail.gmail.com> On 8/27/05, brad.mugleston at comcast.net wrote: > > On Sat, 27 Aug 2005, Mark Knecht wrote: > > > > > mark at flash ~ $ nslookup www.cisco.com > > Server: 204.127.199.8 > > Address: 204.127.199.8#53 > > > > Non-authoritative answer: > > Name: www.cisco.com > > Address: 198.133.219.25 > > > > Following that I ask my firewall for the same info. Notice that the IP > > address of the server (linksys) is 192.168.1.1: > > > > mark at flash ~ $ nslookup www.cisco.com linksys > > Server: linksys > > Address: 192.168.1.1#53 > > > > Non-authoritative answer: > > Name: www.cisco.com > > Address: 198.133.219.25 > > > > mark at flash ~ $ > > > > The firewall gives me the same address as the outside default DNS server. > > > > If you want to use DHCP then the fireall hands out the address and > > puts it in the DNS server it runs. Your internal machines are remapped > > to go there (/etc/resolv.conf) and they get the addresses from it. > > > > Geez....it seems so simple maybe I should be using it. ;-) > > > > Hope this helps, > > Mark > > > Mark, > > I am stepping out on a limb here but I bet your linksys isn't a > DNS server but is acting as a gateway to a real DNS when > you request a DNS service from it. It probably takes a lot more > memory than whats in that linksys to hold all the addresses a DNS > has...... > > Brad > Brad, Nope. Not true. My LinkSys router is acting as a DNS server, but is 'authoritative ONLY for machines on my network. You are correct that there are far too many addresses in the world for my little router to handle, but that's true for almost every DNS server out there. This is all handled by the DNS protocol and what's called 'caching'. If my little router doesn't have an address then it has an address in it of another DNS server that it can get it from. However if it does have the address then it doesn't have to ask the outside server to resolve it. If you look at your router (like my LinkSys) then you will se it is probably getting a DNS server address from your ISP automatically. When my DNS server doesn't know the answer to a question it just passes the question to the other, outside, DNS server to get the answer. Now, as for your 'internal' addresses, most probably 192.168.1.XXX, those addresses are unrouteable and therefore the external, outside, DNS server cannot know that your machine with name 'basement' has been given address 192.168.1.100 by your DHCP server. Those "name to address" translations must be done by a machine on your network since I would have my own machine 'livingroom' at address 192.168.1.100 here on my network. We don't want confusion. Again, the internal DNS server is only responsible for your domain. For these machines your DNS server will be considered 'authoritative' for names and addresses on your network, but 'non-authoritative' for addresses not on your network. (The world...) Hope this helps, Mark From ottohaliburton at comcast.net Sun Aug 28 08:24:55 2005 From: ottohaliburton at comcast.net (Otto Haliburton) Date: Sun, 28 Aug 2005 03:24:55 -0500 Subject: NFS help In-Reply-To: Message-ID: <004001c5aba9$f900a940$4801a8c0@C515816A> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of brad.mugleston at comcast.net > Sent: Saturday, August 27, 2005 9:45 PM > To: Getting started with Red Hat Linux > Subject: RE: NFS help > > > > > > This may sound a little callous, but the first thing I think you should > do > > is read up on NFS, DNS, DHCP. Cause you are trying to do something you > have > > no idea how to do. The reason I am saying this is that you need to know > how > > a name is resolved in order to see how to mount the resource. Tha > > assignment of the IP is irrelevant to what you are doing, what you > should be > > worried about is how everyone resolves the name you assign the resource > and > > that will be done thru the DNS. So if everyone is looking for resource > A > > then when DHCP assigns a IP to resource A and that resource is reported > to > > the DMS server then everyone can mount the resource cause they know who > and > > what it is cause the DNS is going to report its current ip address and > if it > > changes it will report the new one so everyone will always be happy. So > > forget the assignment of a fixed IP and worry about resolving the name > with > > the DNS. Hopefully you will go out on the net and search for the facts > you > > need and see what you need to do. It might make it easier in your mind > to > > assign a fixed IP but it in no way a necessary requirement for what you > are > > wanting to do. Good Luck!!!!!!!!!1 > > > Go ahead and be a little callous - you also answered my question > at least it's helping to confirm what I was picking up from the > discussion. > > Basically, if I'm going to use DHCP to assign IP addresses then I > need to also set up a local DNS server to connect the new IP > addresses with the hostnames already assigned to the computers. > I haven't been able to do any reading on this but I'm guessing > the DNS server must do this by knowing the combination > of hostnames and MAC addresses then when the DHCP server assigns > the new IP address it must repor that somehow to the DNS server > with the MAC address - the DNS ties the two MAC addresses > together and bingo I can go from hostname to IP. Now more > reading to do. > you sort of have the idea, but not really. When a node comes up all computers basically report their resources to the DNS where they are used to resolve the addresses for the lan, so a node wants to communicate with another node it's request goes to the DNS and bingo if the node has reported to the DNS then it sends the info. This is a transparent thing, you don't need to do anything with the hostname cause if you have a DNS server then the node will report to the DNS. Simply you don't have to do anything DNS stands for dynamic name server. From ottohaliburton at comcast.net Sun Aug 28 08:31:39 2005 From: ottohaliburton at comcast.net (Otto Haliburton) Date: Sun, 28 Aug 2005 03:31:39 -0500 Subject: NFS help In-Reply-To: <200508280307.j7S37sMo017327@mx3.redhat.com> Message-ID: <004301c5abaa$e9e0a1d0$4801a8c0@C515816A> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of Greg Julius > Sent: Saturday, August 27, 2005 10:08 PM > To: Redhat Install List > Subject: RE: NFS help > > > On 8/27/05, brad.mugleston at comcast.net > wrote: > > > I don't follow what your saying - I'm trying to set up an NFS > > > system using DHPC - it sounds like your suggesting I use DHCP > > > (which I am) but how do I set up my /etc/fstab to mount the files > > > on different machines using hostnames with IP's that can change > > > under DHCP? > > > > Brad, > > > > I think you are misunderstanding me. I understood that you wanted to > > use DHCP for the machine you are using as an NFS server and I > > suggested having the DHCP server assign your NFS server a fixed > > address based on its MAC. > > > > In dhcp.conf you would have something like the following to do that ... > > > > host nfs-1 { > > hardware ethernet XX:XX:XX:XX:XX:XX; > >> fixed-address YYY.YYY.YYY.YYY; > >> } > >> > >> where XX:XX:XX:XX:XX:XX is the MAC address of your NFS server and > >> YYY.YYY.YYY.YYY is the IP you want to always assign to it. > >> > >> You can then have your DNS server get updates from your DHCP server or > >> you can just set up your DNS server to resolve the name and IP > >> correctly. > >> > >> Either way, if you aren't running your own DNS and DHCP servers, then > >> perhaps this isn't what you really want to do. > >> > >> I think you are going to just have problems if the IP of your NFS > >> server keeps changing. I don't know how to configure /etc/fstab to > >> accommodate that. It expects an IP or a name that resolves to the > >> correct IP. But you can configure DHCP to not change the IP of your > >> NFS server. That is what I was suggesting. > >> > >> John > >> > >This may sound a little callous, but the first thing I think you should > do > >is read up on NFS, DNS, DHCP. > > Yeah, callous was probably the correct word. But you are right, boning up > on > these facilities is the thing to do. > > In support of Brad, however, sometimes a bit of plain old-fashioned help > navigating the waters is pricelss. > > >Cause you are trying to do something you have > >no idea how to do. The reason I am saying this is that you need to know > how > >a name is resolved in order to see how to mount the resource. Tha > >assignment of the IP is irrelevant to what you are doing, what you should > be > >worried about is how everyone resolves the name you assign the resource > and > >that will be done thru the DNS. So if everyone is looking for resource A > >then when DHCP assigns a IP to resource A and that resource is reported > to > >the DMS server then everyone can mount the resource cause they know who > and > >what it is cause the DNS is going to report its current ip address and if > it > >changes it will report the new one so everyone will always be happy. So > >forget the assignment of a fixed IP and worry about resolving the name > with > >the DNS. Hopefully you will go out on the net and search for the facts > you > >need and see what you need to do. It might make it easier in your mind > to > >assign a fixed IP but it in no way a necessary requirement for what you > are > >wanting to do. Good Luck!!!!!!!!!1 > > Brad, As I understand it, you want to be able to use a name in the NFS > mount. > > A name is a good thing for it's value as a handle. It's much the same > reason > we use domain names instead of IP quads to navigate the web. Names are > just > easier and if necessary the underlying address can change without everyone > having to update their URLs. > > Having said that, the point was made that having the IP address dance > around > would not be a terribly good idea. > > One of the replies was to the point you can prevent the IP from changing > until you want it to by using some DHCP parameters to have DHCP reserve > the > desired IP for that server's use by keying on the MAC address. However, > unless the DNS has the same IP address assignment, nothing else is going > to > know what that IP is. > > To do what you want to do, that is give a name to a device/server/host > that > is centrally managed (meaning you don't want to update every hosts file on > your network), then you need to have both DHCP and DNS running on your > network. And you must be able to administer them. I strongly suggest > that > DNS and DHCP services DO run on the same server. At a minimum, your DHCP > server is going to require an assigned (by you) IP address. > > You can set up DHCP to update the DNS - called Dynamic DNS (DDNS) - when > IP > assignments are made. OR, more simply, you can just have DHCP 'stick' the > address based upon the MAC address and at the same time manually update > your > DNS to associate the name with the same IP. After all, you are > administering > both of them. That makes it just two places to update should you want to > change the address. > > This latter is the first thing I would do. Break your training project > into > pieces. 1) Make sure the NFS stuff is working by using an IP you have in > mind. 2) Set up DHCP to 'stick' the IP to the desired machine by the MAC > address. 3) Update the DNS by manually assigning the name to the IP. > 4) Make sure you can reach the machine by name (use ping for example). > 5) Change the NFS mount to use the Name and make sure it works that way. > 6) If you are still up to it, then play with getting DHCP to update the > DNS. > > I hope that's useful to you. There is some good material out on the web > for setting up stuff such as this. I've had good luck getting assistance > from the folks who frequent this list. > > Blessings, > -g just throwing this out there, along with DNS there are dynamic routing tables that are sent to each router, if not present then to each node. >From this thread everyone needs to understand what happens in a network, cause there is a lot of confusion. When a node changes ip addresses it is dynamically updated through the routing tables and thus the name that is associated with that ip gets updated, so there is no need to have a specific ip associated with a name!!!!!!!!!!!! From ottohaliburton at comcast.net Sun Aug 28 08:35:41 2005 From: ottohaliburton at comcast.net (Otto Haliburton) Date: Sun, 28 Aug 2005 03:35:41 -0500 Subject: NFS help In-Reply-To: <5bdc1c8b05082721273897f375@mail.gmail.com> Message-ID: <004401c5abab$7a294710$4801a8c0@C515816A> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of Mark Knecht > Sent: Saturday, August 27, 2005 11:28 PM > To: Getting started with Red Hat Linux > Subject: Re: NFS help > > On 8/27/05, brad.mugleston at comcast.net wrote: > > > > On Sat, 27 Aug 2005, Mark Knecht wrote: > > > > > > > > mark at flash ~ $ nslookup www.cisco.com > > > Server: 204.127.199.8 > > > Address: 204.127.199.8#53 > > > > > > Non-authoritative answer: > > > Name: www.cisco.com > > > Address: 198.133.219.25 > > > > > > Following that I ask my firewall for the same info. Notice that the IP > > > address of the server (linksys) is 192.168.1.1: > > > > > > mark at flash ~ $ nslookup www.cisco.com linksys > > > Server: linksys > > > Address: 192.168.1.1#53 > > > > > > Non-authoritative answer: > > > Name: www.cisco.com > > > Address: 198.133.219.25 > > > > > > mark at flash ~ $ > > > > > > The firewall gives me the same address as the outside default DNS > server. > > > > > > If you want to use DHCP then the fireall hands out the address and > > > puts it in the DNS server it runs. Your internal machines are remapped > > > to go there (/etc/resolv.conf) and they get the addresses from it. > > > > > > Geez....it seems so simple maybe I should be using it. ;-) > > > > > > Hope this helps, > > > Mark > > > > > Mark, > > > > I am stepping out on a limb here but I bet your linksys isn't a > > DNS server but is acting as a gateway to a real DNS when > > you request a DNS service from it. It probably takes a lot more > > memory than whats in that linksys to hold all the addresses a DNS > > has...... > > > > Brad > > > > Brad, > Nope. Not true. My LinkSys router is acting as a DNS server, but is > 'authoritative ONLY for machines on my network. > > You are correct that there are far too many addresses in the world > for my little router to handle, but that's true for almost every DNS > server out there. This is all handled by the DNS protocol and what's > called 'caching'. If my little router doesn't have an address then it > has an address in it of another DNS server that it can get it from. > However if it does have the address then it doesn't have to ask the > outside server to resolve it. If you look at your router (like my > LinkSys) then you will se it is probably getting a DNS server address > from your ISP automatically. When my DNS server doesn't know the > answer to a question it just passes the question to the other, > outside, DNS server to get the answer. > > Now, as for your 'internal' addresses, most probably 192.168.1.XXX, > those addresses are unrouteable and therefore the external, outside, > DNS server cannot know that your machine with name 'basement' has been > given address 192.168.1.100 by your DHCP server. Those "name to > address" translations must be done by a machine on your network since > I would have my own machine 'livingroom' at address 192.168.1.100 here > on my network. We don't want confusion. > > Again, the internal DNS server is only responsible for your domain. > For these machines your DNS server will be considered 'authoritative' > for names and addresses on your network, but 'non-authoritative' for > addresses not on your network. (The world...) > > Hope this helps, > Mark > good, this explanation is good!!!!!!!!!!!!1 From sarangi at bpost.kek.jp Sun Aug 28 12:13:09 2005 From: sarangi at bpost.kek.jp (Tapas Ranjan) Date: Sun, 28 Aug 2005 21:13:09 +0900 (JST) Subject: X problem(may be) In-Reply-To: <20050827142524.GA17919@bobcat.bobcatos.com> Message-ID: On Sat, 27 Aug 2005, Bob McClure Jr wrote: > On Sat, Aug 27, 2005 at 08:28:29PM +0900, Tapas Ranjan wrote: > > Hi : > > I installed FC3 on a desktop, which has a bit old > > CPU confugurations and when I open a terminal, > > it acts so slow that only you can see the border of the terminal and the > > username, but can't see any cursor. I can't see what I type, just the > > wallpaper. It's very very very slow, I can't move anything and many times > > it just freezes and can't even logout. If I switch to single user mode > > without "X" then everything works fine and fast enough. > > First I thought it might be a memory problem, since I > > had 128 MB RAM, then I added another 512 MB, but no change. Second > > I thought it might be a disk problem, since I had only 4GB for the > > linux partition, where as another 30GB for windows (which works fine), > > and then I added complete new hard-disk of 80GB and installed > > the linux again, but still no change. Now I am clueless, what should > > I do ? Since I spent quite a few on this, I want help of you guys > > to guide if I can solve this problem. > > > > Here is the output of "/proc/cpuinfo" and "/proc/meminfo" > > > > `cat /proc/cpuinfo` > > -------------------- > > processor : 0 > > vendor_id : AuthenticAMD > > cpu family : 6 > > model : 4 > > model name : AMD Athlon(tm) Processor > > stepping : 2 > > cpu MHz : 1000.574 > > cache size : 256 KB > > fdiv_bug : no > > hlt_bug : no > > f00f_bug : no > > coma_bug : no > > fpu : yes > > fpu_exception : yes > > cpuid level : 1 > > wp : yes > > flags : fpu vme de pse tsc msr pae mce cx8 mtrr pge mca cmov pat > > mmx fxsr syscall mmxext 3dnowext 3dnow > > bogomips : 1957.88 > > > > > > `cat /proc/meminfo` > > -------------------- > > MemTotal: 645808 kB > > MemFree: 416152 kB > > Buffers: 37036 kB > > Cached: 159668 kB > > SwapCached: 0 kB > > Active: 83116 kB > > Inactive: 114612 kB > > HighTotal: 0 kB > > HighFree: 0 kB > > LowTotal: 645808 kB > > LowFree: 416152 kB > > SwapTotal: 1116508 kB > > SwapFree: 1116508 kB > > Dirty: 64 kB > > Writeback: 0 kB > > Mapped: 3344 kB > > Slab: 24060 kB > > Committed_AS: 11004 kB > > PageTables: 140 kB > > VmallocTotal: 3481592 kB > > VmallocUsed: 4048 kB > > VmallocChunk: 3477332 kB > > HugePages_Total: 0 > > HugePages_Free: 0 > > Hugepagesize: 4096 kB > > > > > > Thanks > > ---Tapas > > Looks like you have plenty of horsepower. What window manager are you > using? > Thanks Bob : I have installed gnome, KDE and xfce. I tried gnome first with the default user and also tried xfce, but no change. I dont understand what do you mean by " plenty of horsepower" ? > You might try creating a new user (who thus has no pre-existing X or > WM configuration) and see how X behaves with that user. If all is > well, you may need to blow away some of your existing WM > configuration, e.g. ~/.gnome for the GNOME wm. > Did the above but no change for the new user. It behaves the same way. Please somebody give some more clue...!!! Tapas From inode0 at gmail.com Sun Aug 28 12:15:47 2005 From: inode0 at gmail.com (inode0) Date: Sun, 28 Aug 2005 07:15:47 -0500 Subject: NFS help In-Reply-To: <004001c5aba9$f900a940$4801a8c0@C515816A> References: <004001c5aba9$f900a940$4801a8c0@C515816A> Message-ID: On 8/28/05, Otto Haliburton wrote: > you sort of have the idea, but not really. When a node comes up all > computers basically report their resources to the DNS where they are used to > resolve the addresses for the lan, so a node wants to communicate with > another node it's request goes to the DNS and bingo if the node has reported > to the DNS then it sends the info. This is a transparent thing, you don't > need to do anything with the hostname cause if you have a DNS server then > the node will report to the DNS. Simply you don't have to do anything DNS > stands for dynamic name server. DNS stands for Domain Name System and no DNS server I run works like this as it would make it incredibly easy for services on the network to be hijacked. The mappings from IPs to names are set by me in the DNS server, not by what random machines report to the DNS server. If a machine comes up and reports to my DNS server that it is my kerberos server, well, my DNS server will laugh at that machine and continue to report the correct IP and name for the real kerberos server on the network. A DNS server can accept dynamic updates, however, these typically come from other trusted DNS servers, not from random machines on the network. John From ottohaliburton at comcast.net Sun Aug 28 13:01:56 2005 From: ottohaliburton at comcast.net (Otto Haliburton) Date: Sun, 28 Aug 2005 08:01:56 -0500 Subject: NFS help In-Reply-To: Message-ID: <004d01c5abd0$ac1e2090$4801a8c0@C515816A> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of inode0 > Sent: Sunday, August 28, 2005 7:16 AM > To: Getting started with Red Hat Linux > Subject: Re: NFS help > > On 8/28/05, Otto Haliburton wrote: > > you sort of have the idea, but not really. When a node comes up all > > computers basically report their resources to the DNS where they are > used to > > resolve the addresses for the lan, so a node wants to communicate with > > another node it's request goes to the DNS and bingo if the node has > reported > > to the DNS then it sends the info. This is a transparent thing, you > don't > > need to do anything with the hostname cause if you have a DNS server > then > > the node will report to the DNS. Simply you don't have to do anything > DNS > > stands for dynamic name server. > > DNS stands for Domain Name System and no DNS server I run works like > this as it would make it incredibly easy for services on the network > to be hijacked. The mappings from IPs to names are set by me in the > DNS server, not by what random machines report to the DNS server. If a > machine comes up and reports to my DNS server that it is my kerberos > server, well, my DNS server will laugh at that machine and continue to > report the correct IP and name for the real kerberos server on the > network. > > A DNS server can accept dynamic updates, however, these typically come > from other trusted DNS servers, not from random machines on the > network. > > John > I am so glad that you caught the correct name, hahaha. But I don't know what you are saying. The purpose of the DNS is to resolve the names on a network and everyone reports there, if your keberous server changed it's ip address then it will be resolve in the DNS (dynamic Name server hahaha) From inode0 at gmail.com Sun Aug 28 13:14:17 2005 From: inode0 at gmail.com (inode0) Date: Sun, 28 Aug 2005 08:14:17 -0500 Subject: NFS help In-Reply-To: <004d01c5abd0$ac1e2090$4801a8c0@C515816A> References: <004d01c5abd0$ac1e2090$4801a8c0@C515816A> Message-ID: On 8/28/05, Otto Haliburton wrote: > I am so glad that you caught the correct name, hahaha. But I don't know what > you are saying. The purpose of the DNS is to resolve the names on a network > and everyone reports there, if your keberous server changed it's ip address > then it will be resolve in the DNS (dynamic Name server hahaha) If my kerberos server changes its IP then DNS will be broken unless I configure the DNS server to hand out my kerberos server's new IP. It doesn't happen by magic. John From ottohaliburton at comcast.net Sun Aug 28 13:32:22 2005 From: ottohaliburton at comcast.net (Otto Haliburton) Date: Sun, 28 Aug 2005 08:32:22 -0500 Subject: NFS help In-Reply-To: Message-ID: <005001c5abd4$ec031a90$4801a8c0@C515816A> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of inode0 > Sent: Sunday, August 28, 2005 8:14 AM > To: Getting started with Red Hat Linux > Subject: Re: NFS help > > On 8/28/05, Otto Haliburton wrote: > > I am so glad that you caught the correct name, hahaha. But I don't know > what > > you are saying. The purpose of the DNS is to resolve the names on a > network > > and everyone reports there, if your keberous server changed it's ip > address > > then it will be resolve in the DNS (dynamic Name server hahaha) > > If my kerberos server changes its IP then DNS will be broken unless I > configure the DNS server to hand out my kerberos server's new IP. It > doesn't happen by magic. > > John > The point is it is magic. A protocol exist through out the network where as addresses are resolved by some one. Routing tables and everything are constantly being updated and changed according to what is up and what is down and what has changed. Networks are not static and they do change, well something has to keep up with these changes the DNS and routing tables are the means by which this is done, I am not saying that you can't have static addresses on the network, but whatever address is reported is the address that the DNS will report and I think that what you are saying is confusing. If your server has a static address it is reporting that to the DNS and that address will be reported. The DNS only reports what is reported to it as the address. The assignment of dynamic addresses is done by the DHCP and that is the relationship. So what you are saying is confused and frankly out of sorts. That is why I don't understand what you are saying. There is a relationship between all elements of the network, but the main element is to resolve addresses so that you can send messages where ever you have access freely so if your server changes it IP address it will get reported with the new address and the DNS is not broken your server is broken. The DNS does not assign addresses get it. From inode0 at gmail.com Sun Aug 28 13:47:28 2005 From: inode0 at gmail.com (inode0) Date: Sun, 28 Aug 2005 08:47:28 -0500 Subject: NFS help In-Reply-To: <005001c5abd4$ec031a90$4801a8c0@C515816A> References: <005001c5abd4$ec031a90$4801a8c0@C515816A> Message-ID: On 8/28/05, Otto Haliburton wrote: > The point is it is magic. Ok, maybe your network works by magic. I'm going to be happy for you and leave it at that now. John From ottohaliburton at comcast.net Sun Aug 28 13:49:55 2005 From: ottohaliburton at comcast.net (Otto Haliburton) Date: Sun, 28 Aug 2005 08:49:55 -0500 Subject: NFS help In-Reply-To: <005001c5abd4$ec031a90$4801a8c0@C515816A> Message-ID: <005101c5abd7$5fe26cc0$4801a8c0@C515816A> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of Otto Haliburton > Sent: Sunday, August 28, 2005 8:32 AM > To: 'Getting started with Red Hat Linux' > Subject: RE: NFS help > > > > > -----Original Message----- > > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install- > list- > > bounces at redhat.com] On Behalf Of inode0 > > Sent: Sunday, August 28, 2005 8:14 AM > > To: Getting started with Red Hat Linux > > Subject: Re: NFS help > > > > On 8/28/05, Otto Haliburton wrote: > > > I am so glad that you caught the correct name, hahaha. But I don't > know > > what > > > you are saying. The purpose of the DNS is to resolve the names on a > > network > > > and everyone reports there, if your keberous server changed it's ip > > address > > > then it will be resolve in the DNS (dynamic Name server hahaha) > > > > If my kerberos server changes its IP then DNS will be broken unless I > > configure the DNS server to hand out my kerberos server's new IP. It > > doesn't happen by magic. > > > > John > > > The point is it is magic. A protocol exist through out the network where > as > addresses are resolved by some one. Routing tables and everything are > constantly being updated and changed according to what is up and what is > down and what has changed. Networks are not static and they do change, > well > something has to keep up with these changes the DNS and routing tables are > the means by which this is done, I am not saying that you can't have > static > addresses on the network, but whatever address is reported is the address > that the DNS will report and I think that what you are saying is > confusing. > If your server has a static address it is reporting that to the DNS and > that > address will be reported. The DNS only reports what is reported to it as > the address. The assignment of dynamic addresses is done by the DHCP and > that is the relationship. So what you are saying is confused and frankly > out of sorts. That is why I don't understand what you are saying. There > is > a relationship between all elements of the network, but the main element > is > to resolve addresses so that you can send messages where ever you have > access freely so if your server changes it IP address it will get reported > with the new address and the DNS is not broken your server is broken. The > DNS does not assign addresses get it. > > by the way there is no dynamic assignment of names on the network. From jkinz at kinz.org Sun Aug 28 17:44:20 2005 From: jkinz at kinz.org (Jeff Kinz) Date: Sun, 28 Aug 2005 13:44:20 -0400 Subject: NFS help (.. is definitely needed) In-Reply-To: <005001c5abd4$ec031a90$4801a8c0@C515816A>; from ottohaliburton@comcast.net on Sun, Aug 28, 2005 at 08:32:22AM -0500 References: <005001c5abd4$ec031a90$4801a8c0@C515816A> Message-ID: <20050828134420.A5540@redline.comcast.net> There is, apparently, a great deal of confusion about the relationship between the dynamic host control protocol, "DHCP" and the domain name service, "DNS". The relationship between these two is very simple and can be summed up in as follows: "They have no relationship. DNS and DHCP have no intersecting messages. They never communicate with each other." On Sun, Aug 28, 2005 at 08:32:22AM -0500, Otto Haliburton wrote: > If your server has a static address it is reporting that to the DNS and that > address will be reported. The DNS only reports what is reported to it as > the address. The assignment of dynamic addresses is done by the DHCP and > that is the relationship. So what you are saying is confused and frankly > out of sorts. That is why I don't understand what you are saying. There is > a relationship between all elements of the network, but the main element is > to resolve addresses so that you can send messages where ever you have > access freely so > if your server changes it IP address it will get reported > with the new address and the DNS is not broken your server is broken. The > DNS does not assign addresses get it. This statement is neither correct nor incorrect. It is simply too vague. Point No. 1: Most servers do not get their IP addresses assigned dynamically. Most servers have static IP addresses. (We will not bother discussing the special needs of clusters of load sharing servers which are all accessed through a specially constructed Internet facing network interface) Point No. 2: when a server does exist which has a dynamically assigned IP address, such as in the case of Kinz.org, it is the responsibility of the human administrator to update the IP address information with the domain name registrar: In this case dyndns.org. Dyndns.org is a company which evolved specifically to address the special needs of people who wished to have a domain name, but whom were unfortunately saddled with a dynamically assigned IP address. Point No. 3: No "server" automatically reports its new IP address to it's domain name registrar. Because of the huge headaches involved when a server or domain name changes its IP address, most site administrators avoid, as strenuously as possible, having their servers' IP addresses change. For years, all the IP address information which the domain name service, DNS, reported was all entered by hand into the DNS "databases" (mostly text files). The notion that a server automatically updates the DNS system whenever it's dynamically assigned IP address changes conveys a huge mis-perception about how the Internet actually works. By and large most servers maintain the same IP address for long periods of time. These are statically assigned IP addresses, not dynamic. Dynamically assigned IP addresses are, in main, used for end-users dynamically connecting and disconnecting from their various ISP's networks. In other words, every desktop and laptop accessing the Internet through a dial-up, cable, DSL, or even satellite, and even on an internal corporate LAN, usually has a dynamically assigned IP address and does not have a domain name so there would simply be no point in communicating its "new" IP address to the domain name system. Consider the large number of possible IP addresses available with just IP4 (four octets): if any significant fraction of these addresses were to begin to change dynamically it could quite literally overwhelm the DNS system. By far, the vast majority of addresses which are registered in the DNS system are almost completely static. And the many site administrators struggle mightily to keep them that way. One of the security issues, discussed in small dark backroom's, by nervous large site administrators, security personnel for large financial organizations as well as government officials associated with keeping the banking and economic infrastructure functioning smoothly is the notion of a failure of the DNS system caused by an attack on the DNS system using the application of large numbers of address assignment changes as a "denial of service" style of attack. Today there are tools, mostly small scripts, which can be run on servers that will automatically send IP address up-to-date information to the domain name registrar of that server. Dyndns.org provides such tools. However, these tools are specifically built to access a custom interface which exists only at Dyndns.org and you can't depend on these tools to work with any other registrar. Furthermore these tools are only useful on the few domains which are being operated on systems which have dynamically assigned IP addresses. Because of the way information is propagated, (slowly), through the DNS system, this only works at all because relatively few domains have dynamically assigned IP addresses. one last note, at large Web hosting companies which are also domain name registrars for their customers, custom-built tools exist to manage updating IP address assignment to the DNS system for their customer's domains. When using virtual hosting, on a large number of machines it is quite easy to understand that one machine may host a few hundred valid domain names, and therefore all of those domains will have the same IP address. Imagine what happens when that machine fails. Those hundreds of domains must be redistributed to the other virtual servers owned by that Web hosting company and the IP address for each of those domains must be updated. This is an absolute pain in the neck to do by hand. Naturally the first thing a lazy administrator does is to read the script or some other tool which automates or eases that workload. (Being lazy is a virtue in a programmer :-)) Clearly using Dragon NaturallySpeaking's speech recognition software is making it too easy to run on about this. I'll stop here. Sincerely yours, Jeff "Lefty" Kinz -- speech recognition software was used in the composition of this e-mail Jeff Kinz, Emergent Research, Hudson, MA. ??Ya no mas! From ottohaliburton at comcast.net Sun Aug 28 21:42:15 2005 From: ottohaliburton at comcast.net (Otto Haliburton) Date: Sun, 28 Aug 2005 16:42:15 -0500 Subject: NFS help (.. is definitely needed) In-Reply-To: <20050828134420.A5540@redline.comcast.net> Message-ID: <001001c5ac19$5bd17260$4801a8c0@C515816A> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of Jeff Kinz > Sent: Sunday, August 28, 2005 12:44 PM > To: redhat-install-list at redhat.com > Subject: Re: NFS help (.. is definitely needed) > > > There is, apparently, a great deal of confusion about the relationship > between the dynamic host control protocol, "DHCP" and the domain name > service, "DNS". > > The relationship between these two is very simple and can be summed up > in as follows: > > "They have no relationship. DNS and DHCP have no intersecting messages. > They never communicate with each other." > > > On Sun, Aug 28, 2005 at 08:32:22AM -0500, Otto Haliburton wrote: > > > If your server has a static address it is reporting that to the DNS and > that > > address will be reported. The DNS only reports what is reported to it > as > > the address. The assignment of dynamic addresses is done by the DHCP > and > > that is the relationship. So what you are saying is confused and > frankly > > out of sorts. That is why I don't understand what you are saying. > There is > > a relationship between all elements of the network, but the main element > is > > to resolve addresses so that you can send messages where ever you have > > access freely so > > > > if your server changes it IP address it will get reported > > with the new address and the DNS is not broken your server is broken. > The > > DNS does not assign addresses get it. > > > This statement is neither correct nor incorrect. It is simply too > vague. > > Point No. 1: Most servers do not get their IP addresses assigned > dynamically. Most servers have static IP addresses. (We will not > bother discussing the special needs of clusters of load sharing servers > which are all accessed through a specially constructed Internet > facing network interface) > > Point No. 2: when a server does exist which has a dynamically assigned > IP address, such as in the case of Kinz.org, it is the responsibility > of the human administrator to update the IP address information with the > domain name registrar: In this case dyndns.org. Dyndns.org is a company > which evolved specifically to address the special needs of people who > wished to have a domain name, but whom were unfortunately saddled with > a dynamically assigned IP address. > > Point No. 3: No "server" automatically reports its new IP address to > it's domain name registrar. Because of the huge headaches involved when > a server or domain name changes its IP address, most site administrators > avoid, as strenuously as possible, having their servers' IP addresses > change. > > For years, all the IP address information which the domain name service, > DNS, reported was all entered by hand into the DNS "databases" (mostly > text files). > > The notion that a server automatically updates the DNS system > whenever it's dynamically assigned IP address changes conveys a huge > mis-perception about how the Internet actually works. By and large most > servers maintain the same IP address for long periods of time. These are > statically assigned IP addresses, not dynamic. > > Dynamically assigned IP addresses are, in main, used for end-users > dynamically connecting and disconnecting from their various ISP's > networks. In other words, every desktop and laptop accessing > the Internet through a dial-up, cable, DSL, or even satellite, and even > on an internal corporate LAN, usually has a dynamically assigned IP > address and does not have a domain name so there would simply be no > point in communicating its "new" IP address to the domain name system. > > Consider the large number of possible IP addresses available with just > IP4 (four octets): if any significant fraction of these addresses were > to begin to change dynamically it could quite literally overwhelm the > DNS system. By far, the vast majority of addresses which are registered > in the DNS system are almost completely static. And the many site > administrators struggle mightily to keep them that way. > > One of the security issues, discussed in small dark backroom's, by > nervous large site administrators, security personnel for large > financial organizations as well as government officials associated with > keeping the banking and economic infrastructure functioning smoothly is > the notion of a failure of the DNS system caused by an attack on the DNS > system using the application of large numbers of address assignment > changes as a "denial of service" style of attack. > > Today there are tools, mostly small scripts, which can be run on servers > that will automatically send IP address up-to-date information to the > domain name registrar of that server. Dyndns.org provides such tools. > > However, these tools are specifically built to access a custom interface > which exists only at Dyndns.org and you can't depend on these tools to > work with any other registrar. Furthermore these tools are only useful > on the few domains which are being operated on systems which have > dynamically assigned IP addresses. Because of the way information is > propagated, (slowly), through the DNS system, this only works at all > because relatively few domains have dynamically assigned IP addresses. > > one last note, at large Web hosting companies which are also domain name > registrars for their customers, custom-built tools exist to manage > updating IP address assignment to the DNS system for their customer's > domains. When using virtual hosting, on a large number of machines it > is quite easy to understand that one machine may host a few hundred > valid domain names, and therefore all of those domains will have the > same IP address. Imagine what happens when that machine fails. Those > hundreds of domains must be redistributed to the other virtual servers > owned by that Web hosting company and the IP address for each of those > domains must be updated. This is an absolute pain in the neck to do by > hand. Naturally the first thing a lazy administrator does is to read > the script or some other tool which automates or eases that workload. > > (Being lazy is a virtue in a programmer :-)) > > Clearly using Dragon NaturallySpeaking's speech recognition software > is making it too easy to run on about this. > > I'll stop here. > Sincerely yours, Jeff "Lefty" Kinz > > -- > speech recognition software was used in the composition of this e-mail > Jeff Kinz, Emergent Research, Hudson, MA. > ??Ya no mas! > not wanting to get into a heavy discussion on this issue, I will just state this simply. My ISP assigns me a IP address, I have a router and through the DHCP my computer is assigned a local IP address and since I have connected to my local address I have up to 5 local IP addresses(could have many more if I liked) under this standard each of the 5 IP addresses are translated to go out the one address assigned by the ISP. When it assigns me the one IP address it assigns my IP address to two DNS IP addresses and it also assigns a gateway. The ISP can change the IP address it assigns to me(this assignment is a dynamic assignment) anytime it wants and it will be transparent to me because the DNS to which this IP is assigned is updated with the IP address and since it is transparent somebody in China can still send a message or connect to my network and they don't need to have the new IP address that is assigned. Now on my local network I can have the same setup. I can have my own DNS server that I assign my local IP to and it resolves the issues for my local network. On local networks arbitration goes on and somebody declares I'm the boss and I will handle all of this info and if he drops out then the arbitration happens again and somebody else becomes boss, etc etc. The DNS declares himself to be the boss of the 5 computers on my local and does all of the resolutions for my network and communicates with the outside world to resolve the issues. One of the issues that you mention is true for domains like .com, .net, and etc. but that is only part of the answer the other part is the routing and routing tables and these are important in the address resolution. While I don't disagree with you completely. There are definitely holes, I am not a expert, but you can check any ISP assignment to see that the structure I presented above is alive and working. SNMP is a part of what you presented so I am not completely positive about all of this but there is chaos going on when you decide to send a message, cause a route has to be setup and it is this arbitration between the DNS that determine how to setup this route. From robertmcclure at earthlink.net Sun Aug 28 21:59:01 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Sun, 28 Aug 2005 16:59:01 -0500 Subject: X problem(may be) In-Reply-To: References: <20050827142524.GA17919@bobcat.bobcatos.com> Message-ID: <20050828215901.GA1615@bobcat.bobcatos.com> On Sun, Aug 28, 2005 at 09:13:09PM +0900, Tapas Ranjan wrote: > On Sat, 27 Aug 2005, Bob McClure Jr wrote: > > > On Sat, Aug 27, 2005 at 08:28:29PM +0900, Tapas Ranjan wrote: > > > Hi : > > > I installed FC3 on a desktop, which has a bit old > > > CPU confugurations and when I open a terminal, > > > it acts so slow that only you can see the border of the terminal and the > > > username, but can't see any cursor. I can't see what I type, just the > > > wallpaper. It's very very very slow, I can't move anything and many times > > > it just freezes and can't even logout. If I switch to single user mode > > > without "X" then everything works fine and fast enough. > > > First I thought it might be a memory problem, since I > > > had 128 MB RAM, then I added another 512 MB, but no change. Second > > > I thought it might be a disk problem, since I had only 4GB for the > > > linux partition, where as another 30GB for windows (which works fine), > > > and then I added complete new hard-disk of 80GB and installed > > > the linux again, but still no change. Now I am clueless, what should > > > I do ? Since I spent quite a few on this, I want help of you guys > > > to guide if I can solve this problem. > > > > > > Here is the output of "/proc/cpuinfo" and "/proc/meminfo" > > > > > > `cat /proc/cpuinfo` > > > -------------------- > > > processor : 0 > > > vendor_id : AuthenticAMD > > > cpu family : 6 > > > model : 4 > > > model name : AMD Athlon(tm) Processor > > > stepping : 2 > > > cpu MHz : 1000.574 > > > cache size : 256 KB > > > > > > bogomips : 1957.88 > > > > > > > > > `cat /proc/meminfo` > > > -------------------- > > > MemTotal: 645808 kB > > > MemFree: 416152 kB > > > > > > > > > Thanks > > > ---Tapas > > > > Looks like you have plenty of horsepower. What window manager are you > > using? > > > > Thanks Bob : > > I have installed gnome, KDE and xfce. I tried gnome first with the default > user and also tried xfce, but no change. I dont understand what do you > mean by " plenty of horsepower" ? I'm saying you have enough processor speed and memory. > > You might try creating a new user (who thus has no pre-existing X or > > WM configuration) and see how X behaves with that user. If all is > > well, you may need to blow away some of your existing WM > > configuration, e.g. ~/.gnome for the GNOME wm. > > > Did the above but no change for the new user. It behaves the same > way. Please somebody give some more clue...!!! > > Tapas Sorry I can't help you any further. Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com Peace at any price is inflationary. From fromRHIL at outtacyte.com Sun Aug 28 22:21:52 2005 From: fromRHIL at outtacyte.com (Greg Julius) Date: Sun, 28 Aug 2005 17:21:52 -0500 Subject: NFS help (.. is definitely needed) In-Reply-To: <20050828134420.A5540@redline.comcast.net> Message-ID: <200508282229.j7SMT9Rg029651@mx3.redhat.com> >There is, apparently, a great deal of confusion about the relationship >between the dynamic host control protocol, "DHCP" and the domain name >service, "DNS". > >The relationship between these two is very simple and can be summed up >in as follows: > >"They have no relationship. DNS and DHCP have no intersecting messages. >They never communicate with each other." > One might say the same between Windows and Samba. But the fact of the matter is that they can and do communicate with each other. DHCP can and does update my DNS. The fact that it does it only within the confines of my internal network is a crucial distinction, but my DNS is updated for sure. All I have to do is dump my A records to see that, sho'nuff, the computer's name matches the assigned IP. However, it is not the machines on my network doing the update (contra Otto), it is DHCP doing the updates. Furthermore, in the configuration, DHCP and DNS share an encryption key so that the updates can only be made by one to the other and none other. Also, in my setup, only the 127.0.0.1 IP (localhost loopback) is allowed to do the update - no other machine in the network can do the updates. Of course using the loopback IP means that my DNS and DHCP services must run on the same machine. > >On Sun, Aug 28, 2005 at 08:32:22AM -0500, Otto Haliburton wrote: > >> If your server has a static address it is reporting that to the DNS and that >> address will be reported. The DNS only reports what is reported to it as >> the address. The assignment of dynamic addresses is done by the DHCP and >> that is the relationship. So what you are saying is confused and frankly >> out of sorts. That is why I don't understand what you are saying. There is >> a relationship between all elements of the network, but the main element is >> to resolve addresses so that you can send messages where ever you have >> access freely so > > >> if your server changes it IP address it will get reported >> with the new address and the DNS is not broken your server is broken. The >> DNS does not assign addresses get it. > > >This statement is neither correct nor incorrect. It is simply too >vague. > >Point No. 1: Most servers do not get their IP addresses assigned >dynamically. Most servers have static IP addresses. (We will not >bother discussing the special needs of clusters of load sharing servers >which are all accessed through a specially constructed Internet >facing network interface) > >Point No. 2: when a server does exist which has a dynamically assigned >IP address, such as in the case of Kinz.org, it is the responsibility >of the human administrator to update the IP address information with the >domain name registrar: In this case dyndns.org. Dyndns.org is a company >which evolved specifically to address the special needs of people who >wished to have a domain name, but whom were unfortunately saddled with >a dynamically assigned IP address. > >Point No. 3: No "server" automatically reports its new IP address to >it's domain name registrar. Because of the huge headaches involved when >a server or domain name changes its IP address, most site administrators >avoid, as strenuously as possible, having their servers' IP addresses >change. > >For years, all the IP address information which the domain name service, >DNS, reported was all entered by hand into the DNS "databases" (mostly >text files). > >The notion that a server automatically updates the DNS system >whenever it's dynamically assigned IP address changes conveys a huge >mis-perception about how the Internet actually works. By and large most >servers maintain the same IP address for long periods of time. These are >statically assigned IP addresses, not dynamic. > >Dynamically assigned IP addresses are, in main, used for end-users >dynamically connecting and disconnecting from their various ISP's >networks. In other words, every desktop and laptop accessing >the Internet through a dial-up, cable, DSL, or even satellite, and even >on an internal corporate LAN, usually has a dynamically assigned IP >address and does not have a domain name so there would simply be no >point in communicating its "new" IP address to the domain name system. > >Consider the large number of possible IP addresses available with just >IP4 (four octets): if any significant fraction of these addresses were >to begin to change dynamically it could quite literally overwhelm the >DNS system. By far, the vast majority of addresses which are registered >in the DNS system are almost completely static. And the many site >administrators struggle mightily to keep them that way. > >One of the security issues, discussed in small dark backroom's, by >nervous large site administrators, security personnel for large >financial organizations as well as government officials associated with >keeping the banking and economic infrastructure functioning smoothly is >the notion of a failure of the DNS system caused by an attack on the DNS >system using the application of large numbers of address assignment >changes as a "denial of service" style of attack. > >Today there are tools, mostly small scripts, which can be run on servers >that will automatically send IP address up-to-date information to the >domain name registrar of that server. Dyndns.org provides such tools. > >However, these tools are specifically built to access a custom interface >which exists only at Dyndns.org and you can't depend on these tools to >work with any other registrar. Furthermore these tools are only useful >on the few domains which are being operated on systems which have >dynamically assigned IP addresses. Because of the way information is >propagated, (slowly), through the DNS system, this only works at all >because relatively few domains have dynamically assigned IP addresses. > >one last note, at large Web hosting companies which are also domain name >registrars for their customers, custom-built tools exist to manage >updating IP address assignment to the DNS system for their customer's >domains. When using virtual hosting, on a large number of machines it >is quite easy to understand that one machine may host a few hundred >valid domain names, and therefore all of those domains will have the >same IP address. Imagine what happens when that machine fails. Those >hundreds of domains must be redistributed to the other virtual servers >owned by that Web hosting company and the IP address for each of those >domains must be updated. This is an absolute pain in the neck to do by >hand. Naturally the first thing a lazy administrator does is to read >the script or some other tool which automates or eases that workload. > >(Being lazy is a virtue in a programmer :-)) > All of Jeff's points are well stated. I think the difference is between the DNS as a generic internet-wide function and DNS as a particular implementation in an internal network. -g From ottohaliburton at comcast.net Sun Aug 28 22:44:56 2005 From: ottohaliburton at comcast.net (Otto Haliburton) Date: Sun, 28 Aug 2005 17:44:56 -0500 Subject: NFS help (.. is definitely needed) In-Reply-To: <200508282229.j7SMT9Rg029651@mx3.redhat.com> Message-ID: <001101c5ac22$1d8aac20$4801a8c0@C515816A> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of Greg Julius > Sent: Sunday, August 28, 2005 5:22 PM > To: 'Getting started with Red Hat Linux' > Subject: RE: NFS help (.. is definitely needed) > > >There is, apparently, a great deal of confusion about the relationship > >between the dynamic host control protocol, "DHCP" and the domain name > >service, "DNS". > > > >The relationship between these two is very simple and can be summed up > >in as follows: > > > >"They have no relationship. DNS and DHCP have no intersecting messages. > >They never communicate with each other." > > > One might say the same between Windows and Samba. > But the fact of the matter is that they can and do communicate with each > other. > > DHCP can and does update my DNS. The fact that it does it only within the > confines of my internal network is a crucial distinction, but my DNS is > updated for sure. All I have to do is dump my A records to see that, > sho'nuff, the computer's name matches the assigned IP. > > However, it is not the machines on my network doing the update (contra > Otto), it is DHCP doing the updates. Furthermore, in the configuration, I guess this is where I differ, because you don't have to have a DNS in fact there are LANS without them that you can see them slowing down because of passing the routing tables around, but no big deal. I am just saying that there is some confusions, cause no one is taking in consideration the CISCO routers and other network components, but for the area you are in the DNS does the resolutions for you or the network would start moving at a snail pace not that they don't do that already. In fact you get a domain name that may resemble this ~~~fsy.newyork.attbi.net. > DHCP and DNS share an encryption key so that the updates can only be made > by > one to the other and none other. Also, in my setup, only the 127.0.0.1 IP > (localhost loopback) is allowed to do the update - no other machine in the > network can do the updates. Of course using the loopback IP means that my > DNS and DHCP services must run on the same machine. > > > > >On Sun, Aug 28, 2005 at 08:32:22AM -0500, Otto Haliburton wrote: > > > >> If your server has a static address it is reporting that to the DNS and > that > >> address will be reported. The DNS only reports what is reported to it > as > >> the address. The assignment of dynamic addresses is done by the DHCP > and > >> that is the relationship. So what you are saying is confused and > frankly > >> out of sorts. That is why I don't understand what you are saying. > There > is > >> a relationship between all elements of the network, but the main > element > is > >> to resolve addresses so that you can send messages where ever you have > >> access freely so > > > > > >> if your server changes it IP address it will get reported > >> with the new address and the DNS is not broken your server is broken. > The > >> DNS does not assign addresses get it. > > > > > >This statement is neither correct nor incorrect. It is simply too > >vague. > > > >Point No. 1: Most servers do not get their IP addresses assigned > >dynamically. Most servers have static IP addresses. (We will not > >bother discussing the special needs of clusters of load sharing servers > >which are all accessed through a specially constructed Internet > >facing network interface) > > > >Point No. 2: when a server does exist which has a dynamically assigned > >IP address, such as in the case of Kinz.org, it is the responsibility > >of the human administrator to update the IP address information with the > >domain name registrar: In this case dyndns.org. Dyndns.org is a company > >which evolved specifically to address the special needs of people who > >wished to have a domain name, but whom were unfortunately saddled with > >a dynamically assigned IP address. > > > >Point No. 3: No "server" automatically reports its new IP address to > >it's domain name registrar. Because of the huge headaches involved when > >a server or domain name changes its IP address, most site administrators > >avoid, as strenuously as possible, having their servers' IP addresses > >change. > > > >For years, all the IP address information which the domain name service, > >DNS, reported was all entered by hand into the DNS "databases" (mostly > >text files). > > > >The notion that a server automatically updates the DNS system > >whenever it's dynamically assigned IP address changes conveys a huge > >mis-perception about how the Internet actually works. By and large most > >servers maintain the same IP address for long periods of time. These are > >statically assigned IP addresses, not dynamic. > > > >Dynamically assigned IP addresses are, in main, used for end-users > >dynamically connecting and disconnecting from their various ISP's > >networks. In other words, every desktop and laptop accessing > >the Internet through a dial-up, cable, DSL, or even satellite, and even > >on an internal corporate LAN, usually has a dynamically assigned IP > >address and does not have a domain name so there would simply be no > >point in communicating its "new" IP address to the domain name system. > > > >Consider the large number of possible IP addresses available with just > >IP4 (four octets): if any significant fraction of these addresses were > >to begin to change dynamically it could quite literally overwhelm the > >DNS system. By far, the vast majority of addresses which are registered > >in the DNS system are almost completely static. And the many site > >administrators struggle mightily to keep them that way. > > > >One of the security issues, discussed in small dark backroom's, by > >nervous large site administrators, security personnel for large > >financial organizations as well as government officials associated with > >keeping the banking and economic infrastructure functioning smoothly is > >the notion of a failure of the DNS system caused by an attack on the DNS > >system using the application of large numbers of address assignment > >changes as a "denial of service" style of attack. > > > >Today there are tools, mostly small scripts, which can be run on servers > >that will automatically send IP address up-to-date information to the > >domain name registrar of that server. Dyndns.org provides such tools. > > > >However, these tools are specifically built to access a custom interface > >which exists only at Dyndns.org and you can't depend on these tools to > >work with any other registrar. Furthermore these tools are only useful > >on the few domains which are being operated on systems which have > >dynamically assigned IP addresses. Because of the way information is > >propagated, (slowly), through the DNS system, this only works at all > >because relatively few domains have dynamically assigned IP addresses. > > > >one last note, at large Web hosting companies which are also domain name > >registrars for their customers, custom-built tools exist to manage > >updating IP address assignment to the DNS system for their customer's > >domains. When using virtual hosting, on a large number of machines it > >is quite easy to understand that one machine may host a few hundred > >valid domain names, and therefore all of those domains will have the > >same IP address. Imagine what happens when that machine fails. Those > >hundreds of domains must be redistributed to the other virtual servers > >owned by that Web hosting company and the IP address for each of those > >domains must be updated. This is an absolute pain in the neck to do by > >hand. Naturally the first thing a lazy administrator does is to read > >the script or some other tool which automates or eases that workload. > > > >(Being lazy is a virtue in a programmer :-)) > > > > All of Jeff's points are well stated. I think the difference is between > the > DNS as a generic internet-wide function and DNS as a particular > implementation in an internal network. > > -g > From mikev777 at hotmail.com Mon Aug 29 00:29:16 2005 From: mikev777 at hotmail.com (Michael Velez) Date: Sun, 28 Aug 2005 20:29:16 -0400 Subject: X problem(may be) In-Reply-To: <20050828215901.GA1615@bobcat.bobcatos.com> Message-ID: > Hi : > I installed FC3 on a desktop, which has a bit old CPU > confugurations and when I open a terminal, it acts so slow that only you can see the border of the terminal and the > username, but > can't see any cursor. I can't see what I type, just the > wallpaper. > It's very very very slow, I can't move anything and > many times it > just freezes and can't even logout. If I switch to single user > mode without "X" then everything works fine and fast enough. > First I thought it might be a memory problem, > since I had 128 MB > RAM, then I added another 512 MB, but no change. Second > I thought > it might be a disk problem, since I had only 4GB for the linux > partition, where as another 30GB for windows (which > works fine), > and then I added complete new hard-disk of 80GB and > installed the > linux again, but still no change. Now I am clueless, > what should I > do ? Since I spent quite a few on this, I want help of > you guys to > guide if I can solve this problem. > Here is the output of "/proc/cpuinfo" and "/proc/meminfo" > `cat /proc/cpuinfo` > -------------------- > processor : 0 > > vendor_id : AuthenticAMD > > cpu family : 6 > > model : 4 > > model name : AMD Athlon(tm) Processor > > stepping : 2 > > cpu MHz : 1000.574 > > cache size : 256 KB > > > bogomips : 1957.88 > > > `cat /proc/meminfo` > -------------------- > MemTotal: 645808 kB > > MemFree: 416152 kB > > > > Thanks > ---Tapas > When I had problems with X, somebody suggested I look in the log file. Have you looked at the X log file to see if there are any errors (any line with EE)? You may have to update something in the X config file. On my system (RHEL 4), the two files you need are found in: /etc/X11/xorg.conf /var/log/Xorg.0.log FC3 may have different names. I think it uses XFree, I'm not sure. Michael From fromRHIL at outtacyte.com Mon Aug 29 00:35:33 2005 From: fromRHIL at outtacyte.com (Greg Julius) Date: Sun, 28 Aug 2005 19:35:33 -0500 Subject: NFS help (.. is definitely needed) In-Reply-To: <001001c5ac19$5bd17260$4801a8c0@C515816A> Message-ID: <200508290035.j7T0ZUfk006188@mx1.redhat.com> I broke this up to understand it and reply in parts. >not wanting to get into a heavy discussion on this issue, I will just state >this simply. > >My ISP assigns me a IP address, I have a router and through >the DHCP my computer is assigned a local IP address and since I have >connected to my local address I have up to 5 local IP addresses(could have >many more if I liked) under this standard each of the 5 IP addresses are >translated to go out the one address assigned by the ISP. This router sounds like a standard router which you can get from Linksys, NetGear, et. al. In comes one wire (the WAN from your ISP) and out goes one or more wires (the LAN). Many even have an access point built into them to give wireless capability to the LAN. These things are quite amazing when you think about it. They have multiple Network ports, they accomplish many networking chores, they provide address translation and some firewall capabilities and even wireless. All in a box between $25 and $125. Easy to use and easy to set up. Reliable as the day is long. Discourse on DHCP, WAN, LAN, NAT, and SPI forthcomming, skip if you know all about it. But since this thread is turning into a general education on networking, it feels right to do this. I hope I'm not insane and showing too many flaws in my understanding. Everyone please jump in where I have boned it up. Most ISPs providing high-speed internet give a dynamic address. If you are providing services to the internet (say a web-site or an email server) then you will probably need a static IP. There are a few reasons where you might need one even if you don't provide services to the internet. Some providers will only give you static addresses and some providers will never give you a static address. In any event, the router has the ability to "speak DHCP" to the ISP and request an IP from the ISP (they come out of the box configured that way). They can also be configured to respond to a specific static ip if that is what your ISP gave you. Some routers have the ability to report to one of the "dynamic DNS" providers (like DynDNS JEff mentions) the IP address assigned by the ISP. This gives the ability for the internet at large to find your router even though it doesn't have the decency to stay at a given address. Static IP assignments don't need the dynamic DNS solutions. The configuration of the WAN side of the router, either static or dynamic provides some much needed information: The network address & subnet, the router's address as seen from the internet, the router's gateway IP to the internet, and a couple (usually two or more) Domain Name Servers for Domain Name resolution. So, for the sake of this discussion, let's say that the WAN IP address (the address of the router as seen from the Internet) is A.A.A.34 (make up your own numbers for A.A.A For the literal, the A number is between 0 and 255). This WAN IP could have been dynamic or static. The important thing is that there is one. There will also be the other values as mentioned above. That covers the WAN side. Now for the LAN side. The router usually provides DHCP services to the devices attached to the LAN by wires or wireless. The router can also accept devices that have a fixed IP address. On the LAN side, you would commonly get a set of addresses starting with 192.168.0.x or sometimes 192.168.1.x - I've seen both - if the address were generated by an out of the box router by DHCP. x is usually a value starting at 100 and going up. Supposing you have two devices attached, then one could be 192.168.0.100 and another could be 192.168.0.101. If you configure the DHCP service provided by the router you can end up with anything. Note that the router also has a network address on the LAN, usually 192.168.0.1. This is the address of your router as seen from inside your network. OK, now we have a wire on the right (The WAN) and wires on the left (The LAN). The WAN side of things can be thought of as the Internet. The LAN side of things can be thought of as the internal network or Intranet. >From the point of view of the internet, all of your computers have the same address, Namely A.A.A.34, the address of the WAN IP on your router. The crowd on the internet never sees your internal 192.168.0.x address. So, how does your computer attached at 192.168.0.100 carry on a "conversation" with a computer on the internet? More to the point, how does a response from something on the internet get to your PC if all of the PCs on your internal network appear to have the same address? That's NAT's job. NAT is Network Address Translation. ** Note: I am about to really simplify here to avoid confusing on exactly how this works ** When you start a "conversation" with an Internet service (say your email at your ISP) your PC says I want to talk to IP B.B.B.B (which is the IP provided by some DNS server for the name of your email server on your ISP). The first thing your computer does is look up to see where it should send it. It doesn't know so it sends it to the gateway for your network. The gateway will usually be the router (remember the 192.168.0.1 address from earlier?). The router then takes note of which computer the message came from and where it was going (it remembers), it then translates the internal network address into a variation of the A.A.A.34 address and then sends the message along on to the next hop which will be the gateway address of the WAN. When the reply comes back, the router looks up where it came from and where it was going (the variation of the A.A.A.34), "untranslates" the addresses and sends the message to the appropriate computer. That's NAT in a nutshell. Now what about when somebody sends something to A.A.A.34 out of the blue? Usually, because it doesn't know who it was intended for (can't find anything in it's memory about it) it throws it away. This feature is a part of what is called SPI (Stateful Packet Inspection). When you send something out (an outgoing packet), the router remembers who, what, when, how. When a reply comes back (an incoming packet) the who, what, when, and how is compared to prior outgoing packets looking for a match. If it doesn't find it, and the router isn't configured to do something special with it, then it just throws it away. This is a basic firewall feature and helps to prevent uninvited outsiders from getting into your network. That's SPI in a nutshell. >When it assigns >me the one IP address it assigns my IP address to two DNS IP addresses and >it also assigns a gateway. A bit of care here on the terminology. Your ISP assigned your router a network address & subnet, an IP, and a gateway and INFORMED it of two DNS addresses that it could use for retrieving IP addresses from Domain names. It didn't send anything to the DNS for you. >The ISP can change the IP address it assigns to >me(this assignment is a dynamic assignment) anytime it wants and it will be >transparent to me because the DNS to which this IP is assigned is updated >with the IP address and since it is transparent somebody in China can still >send a message or connect to my network and they don't need to have the new >IP address that is assigned. Sigh. Not exactly right. Yes, the ISP can, will, and does change the address which gets assigned to your router. It does not send anything to the DNS. Period. Your router may send something to a DynDNS type service, but you can rest assured that your ISP did not. For clarity, I would like to find out why you think your address is getting assigned to the DNS so somebody in china can get to you? I'm not denying that they can send you messages via email or even via some instant messanger or something of the sort, but not by the name of your pc which is inside your internal network. >Now on my local network I can have the same >setup. I can have my own DNS server that I assign my local IP to and it >resolves the issues for my local network. On local networks arbitration >goes on and somebody declares I'm the boss and I will handle all of this >info and if he drops out then the arbitration happens again and somebody >else becomes boss, etc etc. This sound extremely like NETBIOS processes and is not a function of TCP/IP at all, nor even of the internet. Are you sure you are not confusing the two as they are very similar in purpose and function? Yes, you can set up a DNS on your internal network. All it takes is a host to run it on. Yes, you can put in your DNS the IP addresses of the machines on your network. This is manually done usually. There are even some routers which now contain am mDNS which works in conjunction with their internal DHCP and gives a "Dynamic DNS" ability. The Dynamic part is the Address assignment from DHCP and a real-time update of the DNS of that assignment data. But even in this case, the mDNS is being updated by the DHCP and not by the host. I know it sounds like splitting hairs, but of such is the network made. The rest of the statement is not DHCP nor DNS and sounds like NETBIOS. >The DNS declares himself to be the boss of the >5 computers on my local and does all of the resolutions for my network and >communicates with the outside world to resolve the issues. This would definately be NETBIOS. It isn't DNS. While DNS may give name resolution services, it doesn't declare itself boss. The Network setup data provided by DHCP or by manual configuration says where to go look for name to address resolution. >One of the >issues that you mention is true for domains like .com, .net, and etc. ??? >but >that is only part of the answer the other part is the routing and routing >tables and these are important in the address resolution. Actually, routing and routing tables have nothing to do with name to address resolution. Nor DHCP. Routing and routing tables are the underlying mechanism for getting a packet from point Address A.A.A.A to B.B.B.B This involves a lot of things like address resolution protocol and transmission metrics and RIPs and such which I won't even begin to touch. My understanding of that is shakey at best. DHCP is the assignment of an internet address (your WAN or LAN addresses for example) to a particular host or device. This device may be on your internal network or perhaps your router address from your ISP. DNS is concerned with mapping a name (POP.EXAMPLE.COM) to an internet IP address (the A.A.A.A or B.B.B.B). >While I don't >disagree with you completely. There are definitely holes, I am not a >expert, but you can check any ISP assignment to see that the structure I >presented above is alive and working. Jeff makes excellent points about the internet and shows a keen grasp of the issues facing dynamic domain name service issues on the internet as a whole. I think Jeff was thinking mostly about the internet at large in his response. LANs have a bit more flexibility and that is where this discussion originally started. Regarding your claim that that's how it works, I just don't see it. I don't know which part of the internet you are using, but mine doesn't work the way you describe. Neither the parts inside my three LANs nor the parts of the internet I interface with connecting my LANs to the internet and while providing web hosting to my clients. I get the feeling you are mixing NETBIOS and DNS and DHCP and such in a big mash. >SNMP is a part of what you presented >so I am not completely positive about all of this but there is chaos going >on when you decide to send a message, cause a route has to be setup and it >is this arbitration between the DNS that determine how to setup this route. I did a search on the original message and don't find SNMP mentioned. Simple Network Management Protocol is a tool used to manage the devices on the network and to diagnose the network when it is down or not working correctly. I don't really use it yet as my needs have been simple to this point. Soon, but not now. -g From brad.mugleston at comcast.net Mon Aug 29 01:46:27 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Sun, 28 Aug 2005 19:46:27 -0600 (MDT) Subject: NFS help (.. is definitely needed) In-Reply-To: <20050828134420.A5540@redline.comcast.net> References: <005001c5abd4$ec031a90$4801a8c0@C515816A> <20050828134420.A5540@redline.comcast.net> Message-ID: OK, I'm getting dizzy... I believe right now I'm going with what Jeff Said - too much magic in what else was said - now Jeff don't go getting a big head on this - your reply just makes the most sence to me for the following reasons 1 - it's not magic 2 - thew eork would be in a mess if the DNS servers could be updated by anyone - that would be a mess, Just think how easy a virus could make it impossible for anyone to get anywhere on the web. 3 - NO ONE IN THE WORLD needs to know what IP address comcast has assigned to me (there than comcast). Someone sends me an email and it goes back to comcast.net then comcast holds that email until I request it to be either delivered to my box or I read it on line -both times I'm using the current IP assigned to me and my login and password. I would imaging if fetchmail sent out a request and there was a delay and my IP got changed before I got my mail it would just bounce back to comcast and wait for a second try. I could see if it happened in a split second that my email could be sent to a different machine IF that machine had fetchmail waiting for some mail to be delivered... I'm going back to see what I can do about my NFS connections - I have been convinced that a "server" needs aa static IP for the best reliablility (read EASY). Thanks and let the debate go on.... Brad Mugleston, KI0OT There are 10 types of people in this world. Those that understand binary and those that don't. From brad.mugleston at comcast.net Mon Aug 29 02:56:30 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Sun, 28 Aug 2005 20:56:30 -0600 (MDT) Subject: NFS status Message-ID: OK, Here's where I'm at. Background - I'm trying to set up an NFS server in my house so the files I need in any room will be available AND it's got more free hard drive space on it than all of the other machines in the house put together. Server - FC2 Client - RH9 Where I'm at - I've followed quite a few write up's on how to do it (including the HOW-TO) and I believe it's set up right. The test programs give the expected results (rpcinfo -p lists what is expected) The client is set up as instructed. I can ping both machines from each other I can SSH from the server to the client but not the other way around. The error I get is: mount: RPC: Remote System Error - No Route to Host and that is where I'm stuck. Suggestions? Thanks, Brad Mugleston, KI0OT There are 10 types of people in this world. Those that understand binary and those that don't. From inode0 at gmail.com Mon Aug 29 03:09:13 2005 From: inode0 at gmail.com (inode0) Date: Sun, 28 Aug 2005 22:09:13 -0500 Subject: NFS status In-Reply-To: References: Message-ID: On 8/28/05, brad.mugleston at comcast.net wrote: > The error I get is: > > mount: RPC: Remote System Error - No Route to Host > > and that is where I'm stuck. > > Suggestions? Perhaps a firewall on the FC2 box? I don't have a fedora box handy so I'm going to guess the syntax to check as # service iptables status What does that return? If it is on try # service iptables stop and see if NFS starts working ... John From ottohaliburton at comcast.net Mon Aug 29 03:13:56 2005 From: ottohaliburton at comcast.net (Otto Haliburton) Date: Sun, 28 Aug 2005 22:13:56 -0500 Subject: NFS help (.. is definitely needed) In-Reply-To: <200508290035.j7T0ZUfk006188@mx1.redhat.com> Message-ID: <001801c5ac47$b1d37d10$4801a8c0@C515816A> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of Greg Julius > Sent: Sunday, August 28, 2005 7:36 PM > To: Redhat Install List > Subject: RE: NFS help (.. is definitely needed) > > I broke this up to understand it and reply in parts. > > >not wanting to get into a heavy discussion on this issue, I will just > state > >this simply. > > > >My ISP assigns me a IP address, I have a router and through > >the DHCP my computer is assigned a local IP address and since I have > >connected to my local address I have up to 5 local IP addresses(could > have > >many more if I liked) under this standard each of the 5 IP addresses are > >translated to go out the one address assigned by the ISP. > > This router sounds like a standard router which you can get from Linksys, > NetGear, et. al. In comes one wire (the WAN from your ISP) and out goes > one > or more wires (the LAN). Many even have an access point built into them > to > give wireless capability to the LAN. These things are quite amazing when > you think about it. They have multiple Network ports, they accomplish > many > networking chores, they provide address translation and some firewall > capabilities and even wireless. All in a box between $25 and $125. Easy > to > use and easy to set up. Reliable as the day is long. > > > Discourse on DHCP, WAN, LAN, NAT, and SPI forthcomming, skip if you know > all > about it. But since this thread is turning into a general education on > networking, it feels right to do this. I hope I'm not insane and showing > too many flaws in my understanding. Everyone please jump in where I have > boned it up. > > > Most ISPs providing high-speed internet give a dynamic address. If you > are > providing services to the internet (say a web-site or an email server) > then > you will probably need a static IP. There are a few reasons where you > might > need one even if you don't provide services to the internet. Some > providers > will only give you static addresses and some providers will never give you > a > static address. > > In any event, the router has the ability to "speak DHCP" to the ISP and > request an IP from the ISP (they come out of the box configured that way). > They can also be configured to respond to a specific static ip if that is > what your ISP gave you. > > Some routers have the ability to report to one of the "dynamic DNS" > providers (like DynDNS JEff mentions) the IP address assigned by the ISP. > This gives the ability for the internet at large to find your router even > though it doesn't have the decency to stay at a given address. > Static IP assignments don't need the dynamic DNS solutions. > > The configuration of the WAN side of the router, either static or dynamic > provides some much needed information: The network address & subnet, the > router's address as seen from the internet, the router's gateway IP to the > internet, and a couple (usually two or more) Domain Name Servers for > Domain > Name resolution. > > So, for the sake of this discussion, let's say that the WAN IP address > (the > address of the router as seen from the Internet) is A.A.A.34 (make up your > own numbers for A.A.A For the literal, the A number is between 0 > and > 255). This WAN IP could have been dynamic or static. The important thing > is that there is one. There will also be the other values as mentioned > above. > > That covers the WAN side. Now for the LAN side. > > The router usually provides DHCP services to the devices attached to the > LAN > by wires or wireless. The router can also accept devices that have a > fixed > IP address. > > On the LAN side, you would commonly get a set of addresses starting with > 192.168.0.x or sometimes 192.168.1.x - I've seen both - if the address > were > generated by an out of the box router by DHCP. x is usually a value > starting at 100 and going up. Supposing you have two devices attached, > then > one could be 192.168.0.100 and another could be 192.168.0.101. If you > configure the DHCP service provided by the router you can end up with > anything. Note that the router also has a network address on the LAN, > usually 192.168.0.1. This is the address of your router as seen from > inside > your network. > > OK, now we have a wire on the right (The WAN) and wires on the left (The > LAN). The WAN side of things can be thought of as the Internet. The LAN > side of things can be thought of as the internal network or Intranet. > > >From the point of view of the internet, all of your computers have the > same > address, Namely A.A.A.34, the address of the WAN IP on your router. The > crowd on the internet never sees your internal 192.168.0.x address. > > So, how does your computer attached at 192.168.0.100 carry on a > "conversation" with a computer on the internet? More to the point, how > does > a response from something on the internet get to your PC if all of the > PCs > on your internal network appear to have the same address? That's NAT's > job. > > NAT is Network Address Translation. ** Note: I am about to really > simplify > here to avoid confusing on exactly how this works ** When you start a > "conversation" with an Internet service (say your email at your ISP) your > PC > says I want to talk to IP B.B.B.B (which is the IP provided by some DNS > server for the name of your email server on your ISP). The first thing > your > computer does is look up to see where it should send it. It doesn't know > so > it sends it to the gateway for your network. The gateway will usually be > the router (remember the 192.168.0.1 address from earlier?). > > The router then takes note of which computer the message came from and > where > it was going (it remembers), it then translates the internal network > address > into a variation of the A.A.A.34 address and then sends the message along > on > to the next hop which will be the gateway address of the WAN. > > When the reply comes back, the router looks up where it came from and > where > it was going (the variation of the A.A.A.34), "untranslates" the addresses > and sends the message to the appropriate computer. > > That's NAT in a nutshell. > > Now what about when somebody sends something to A.A.A.34 out of the blue? > Usually, because it doesn't know who it was intended for (can't find > anything in it's memory about it) it throws it away. This feature is a > part > of what is called SPI (Stateful Packet Inspection). When you send > something > out (an outgoing packet), the router remembers who, what, when, how. When > a > reply comes back (an incoming packet) the who, what, when, and how is > compared to prior outgoing packets looking for a match. If it doesn't > find > it, and the router isn't configured to do something special with it, then > it > just throws it away. This is a basic firewall feature and helps to > prevent > uninvited outsiders from getting into your network. > > That's SPI in a nutshell. > > > >When it assigns > >me the one IP address it assigns my IP address to two DNS IP addresses > and > >it also assigns a gateway. > > A bit of care here on the terminology. Your ISP assigned your router a > network address & subnet, an IP, and a gateway and INFORMED it of two DNS > addresses that it could use for retrieving IP addresses from Domain names. > It didn't send anything to the DNS for you. > > >The ISP can change the IP address it assigns to > >me(this assignment is a dynamic assignment) anytime it wants and it will > be > >transparent to me because the DNS to which this IP is assigned is updated > >with the IP address and since it is transparent somebody in China can > still > >send a message or connect to my network and they don't need to have the > new > >IP address that is assigned. > > Sigh. Not exactly right. Yes, the ISP can, will, and does change the > address which gets assigned to your router. It does not send anything to > the DNS. Period. Your router may send something to a DynDNS type > service, > but you can rest assured that your ISP did not. > > For clarity, I would like to find out why you think your address is > getting > assigned to the DNS so somebody in china can get to you? > > I'm not denying that they can send you messages via email or even via some > instant messanger or something of the sort, but not by the name of your pc > which is inside your internal network. > > >Now on my local network I can have the same > >setup. I can have my own DNS server that I assign my local IP to and it > >resolves the issues for my local network. On local networks arbitration > >goes on and somebody declares I'm the boss and I will handle all of this > >info and if he drops out then the arbitration happens again and somebody > >else becomes boss, etc etc. > > This sound extremely like NETBIOS processes and is not a function of > TCP/IP > at all, nor even of the internet. Are you sure you are not confusing the > two as they are very similar in purpose and function? > > Yes, you can set up a DNS on your internal network. All it takes is a > host > to run it on. Yes, you can put in your DNS the IP addresses of the > machines > on your network. This is manually done usually. > > There are even some routers which now contain am mDNS which works in > conjunction with their internal DHCP and gives a "Dynamic DNS" ability. > The > Dynamic part is the Address assignment from DHCP and a real-time update of > the DNS of that assignment data. But even in this case, the mDNS is being > updated by the DHCP and not by the host. I know it sounds like splitting > hairs, but of such is the network made. > > > The rest of the statement is not DHCP nor DNS and sounds like NETBIOS. > > >The DNS declares himself to be the boss of the > >5 computers on my local and does all of the resolutions for my network > and > >communicates with the outside world to resolve the issues. > > This would definately be NETBIOS. It isn't DNS. While DNS may give name > resolution services, it doesn't declare itself boss. The Network setup > data > provided by DHCP or by manual configuration says where to go look for name > to address resolution. > > >One of the > >issues that you mention is true for domains like .com, .net, and etc. > ??? > > >but > >that is only part of the answer the other part is the routing and routing > >tables and these are important in the address resolution. > > Actually, routing and routing tables have nothing to do with name to > address > resolution. Nor DHCP. > > Routing and routing tables are the underlying mechanism for getting a > packet > from point Address A.A.A.A to B.B.B.B This involves a lot of things like > address resolution protocol and transmission metrics and RIPs and such > which > I won't even begin to touch. My understanding of that is shakey at best. > > DHCP is the assignment of an internet address (your WAN or LAN addresses > for > example) to a particular host or device. This device may be on your > internal network or perhaps your router address from your ISP. > > DNS is concerned with mapping a name (POP.EXAMPLE.COM) to an internet IP > address (the A.A.A.A or B.B.B.B). > > > >While I don't > >disagree with you completely. There are definitely holes, I am not a > >expert, but you can check any ISP assignment to see that the structure I > >presented above is alive and working. > > Jeff makes excellent points about the internet and shows a keen grasp of > the > issues facing dynamic domain name service issues on the internet as a > whole. > I think Jeff was thinking mostly about the internet at large in his > response. LANs have a bit more flexibility and that is where this > discussion originally started. > > Regarding your claim that that's how it works, I just don't see it. I > don't > know which part of the internet you are using, but mine doesn't work the > way > you describe. Neither the parts inside my three LANs nor the parts of the > internet I interface with connecting my LANs to the internet and while > providing web hosting to my clients. I get the feeling you are mixing > NETBIOS and DNS and DHCP and such in a big mash. > > >SNMP is a part of what you presented > >so I am not completely positive about all of this but there is chaos > going > >on when you decide to send a message, cause a route has to be setup and > it > >is this arbitration between the DNS that determine how to setup this > route. > > I did a search on the original message and don't find SNMP mentioned. > Simple Network Management Protocol is a tool used to manage the devices on > the network and to diagnose the network when it is down or not working > correctly. I don't really use it yet as my needs have been simple to this > point. Soon, but not now. > > -g > > you have gone through what you think is a heavy analysis, let me now give the the simplest and the skinny about how you isp works, when your router comes up it goes to the DHCP for the ISP and get assigned a IP address this ISP address is usually assigned to computername.state.city.isp.domain in the dns now you can go from there From ottohaliburton at comcast.net Mon Aug 29 03:27:30 2005 From: ottohaliburton at comcast.net (Otto Haliburton) Date: Sun, 28 Aug 2005 22:27:30 -0500 Subject: NFS help (.. is definitely needed) In-Reply-To: <001801c5ac47$b1d37d10$4801a8c0@C515816A> Message-ID: <001901c5ac49$96b40f20$4801a8c0@C515816A> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of Otto Haliburton > Sent: Sunday, August 28, 2005 10:14 PM > To: fromRHIL at outtacyte.com; 'Getting started with Red Hat Linux' > Subject: RE: NFS help (.. is definitely needed) > > > > > -----Original Message----- > > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install- > list- > > bounces at redhat.com] On Behalf Of Greg Julius > > Sent: Sunday, August 28, 2005 7:36 PM > > To: Redhat Install List > > Subject: RE: NFS help (.. is definitely needed) > > > > I broke this up to understand it and reply in parts. > > > > >not wanting to get into a heavy discussion on this issue, I will just > > state > > >this simply. > > > > > >My ISP assigns me a IP address, I have a router and through > > >the DHCP my computer is assigned a local IP address and since I have > > >connected to my local address I have up to 5 local IP addresses(could > > have > > >many more if I liked) under this standard each of the 5 IP addresses > are > > >translated to go out the one address assigned by the ISP. > > > > This router sounds like a standard router which you can get from > Linksys, > > NetGear, et. al. In comes one wire (the WAN from your ISP) and out goes > > one > > or more wires (the LAN). Many even have an access point built into them > > to > > give wireless capability to the LAN. These things are quite amazing > when > > you think about it. They have multiple Network ports, they accomplish > > many > > networking chores, they provide address translation and some firewall > > capabilities and even wireless. All in a box between $25 and $125. > Easy > > to > > use and easy to set up. Reliable as the day is long. > > > > > > Discourse on DHCP, WAN, LAN, NAT, and SPI forthcomming, skip if you know > > all > > about it. But since this thread is turning into a general education on > > networking, it feels right to do this. I hope I'm not insane and > showing > > too many flaws in my understanding. Everyone please jump in where I > have > > boned it up. > > > > > > Most ISPs providing high-speed internet give a dynamic address. If you > > are > > providing services to the internet (say a web-site or an email server) > > then > > you will probably need a static IP. There are a few reasons where you > > might > > need one even if you don't provide services to the internet. Some > > providers > > will only give you static addresses and some providers will never give > you > > a > > static address. > > > > In any event, the router has the ability to "speak DHCP" to the ISP and > > request an IP from the ISP (they come out of the box configured that > way). > > They can also be configured to respond to a specific static ip if that > is > > what your ISP gave you. > > > > Some routers have the ability to report to one of the "dynamic DNS" > > providers (like DynDNS JEff mentions) the IP address assigned by the > ISP. > > This gives the ability for the internet at large to find your router > even > > though it doesn't have the decency to stay at a given address. > > Static IP assignments don't need the dynamic DNS solutions. > > > > The configuration of the WAN side of the router, either static or > dynamic > > provides some much needed information: The network address & subnet, > the > > router's address as seen from the internet, the router's gateway IP to > the > > internet, and a couple (usually two or more) Domain Name Servers for > > Domain > > Name resolution. > > > > So, for the sake of this discussion, let's say that the WAN IP address > > (the > > address of the router as seen from the Internet) is A.A.A.34 (make up > your > > own numbers for A.A.A For the literal, the A number is between 0 > > and > > 255). This WAN IP could have been dynamic or static. The important > thing > > is that there is one. There will also be the other values as mentioned > > above. > > > > That covers the WAN side. Now for the LAN side. > > > > The router usually provides DHCP services to the devices attached to the > > LAN > > by wires or wireless. The router can also accept devices that have a > > fixed > > IP address. > > > > On the LAN side, you would commonly get a set of addresses starting with > > 192.168.0.x or sometimes 192.168.1.x - I've seen both - if the address > > were > > generated by an out of the box router by DHCP. x is usually a value > > starting at 100 and going up. Supposing you have two devices attached, > > then > > one could be 192.168.0.100 and another could be 192.168.0.101. If you > > configure the DHCP service provided by the router you can end up with > > anything. Note that the router also has a network address on the LAN, > > usually 192.168.0.1. This is the address of your router as seen from > > inside > > your network. > > > > OK, now we have a wire on the right (The WAN) and wires on the left (The > > LAN). The WAN side of things can be thought of as the Internet. The > LAN > > side of things can be thought of as the internal network or Intranet. > > > > >From the point of view of the internet, all of your computers have the > > same > > address, Namely A.A.A.34, the address of the WAN IP on your router. The > > crowd on the internet never sees your internal 192.168.0.x address. > > > > So, how does your computer attached at 192.168.0.100 carry on a > > "conversation" with a computer on the internet? More to the point, how > > does > > a response from something on the internet get to your PC if all of the > > PCs > > on your internal network appear to have the same address? That's NAT's > > job. > > > > NAT is Network Address Translation. ** Note: I am about to really > > simplify > > here to avoid confusing on exactly how this works ** When you start a > > "conversation" with an Internet service (say your email at your ISP) > your > > PC > > says I want to talk to IP B.B.B.B (which is the IP provided by some DNS > > server for the name of your email server on your ISP). The first thing > > your > > computer does is look up to see where it should send it. It doesn't > know > > so > > it sends it to the gateway for your network. The gateway will usually > be > > the router (remember the 192.168.0.1 address from earlier?). > > > > The router then takes note of which computer the message came from and > > where > > it was going (it remembers), it then translates the internal network > > address > > into a variation of the A.A.A.34 address and then sends the message > along > > on > > to the next hop which will be the gateway address of the WAN. > > > > When the reply comes back, the router looks up where it came from and > > where > > it was going (the variation of the A.A.A.34), "untranslates" the > addresses > > and sends the message to the appropriate computer. > > > > That's NAT in a nutshell. > > > > Now what about when somebody sends something to A.A.A.34 out of the > blue? > > Usually, because it doesn't know who it was intended for (can't find > > anything in it's memory about it) it throws it away. This feature is a > > part > > of what is called SPI (Stateful Packet Inspection). When you send > > something > > out (an outgoing packet), the router remembers who, what, when, how. > When > > a > > reply comes back (an incoming packet) the who, what, when, and how is > > compared to prior outgoing packets looking for a match. If it doesn't > > find > > it, and the router isn't configured to do something special with it, > then > > it > > just throws it away. This is a basic firewall feature and helps to > > prevent > > uninvited outsiders from getting into your network. > > > > That's SPI in a nutshell. > > > > > > >When it assigns > > >me the one IP address it assigns my IP address to two DNS IP addresses > > and > > >it also assigns a gateway. > > > > A bit of care here on the terminology. Your ISP assigned your router a > > network address & subnet, an IP, and a gateway and INFORMED it of two > DNS > > addresses that it could use for retrieving IP addresses from Domain > names. > > It didn't send anything to the DNS for you. > > > > >The ISP can change the IP address it assigns to > > >me(this assignment is a dynamic assignment) anytime it wants and it > will > > be > > >transparent to me because the DNS to which this IP is assigned is > updated > > >with the IP address and since it is transparent somebody in China can > > still > > >send a message or connect to my network and they don't need to have the > > new > > >IP address that is assigned. > > > > Sigh. Not exactly right. Yes, the ISP can, will, and does change the > > address which gets assigned to your router. It does not send anything > to > > the DNS. Period. Your router may send something to a DynDNS type > > service, > > but you can rest assured that your ISP did not. > > > > For clarity, I would like to find out why you think your address is > > getting > > assigned to the DNS so somebody in china can get to you? > > > > I'm not denying that they can send you messages via email or even via > some > > instant messanger or something of the sort, but not by the name of your > pc > > which is inside your internal network. > > > > >Now on my local network I can have the same > > >setup. I can have my own DNS server that I assign my local IP to and > it > > >resolves the issues for my local network. On local networks > arbitration > > >goes on and somebody declares I'm the boss and I will handle all of > this > > >info and if he drops out then the arbitration happens again and > somebody > > >else becomes boss, etc etc. > > > > This sound extremely like NETBIOS processes and is not a function of > > TCP/IP > > at all, nor even of the internet. Are you sure you are not confusing > the > > two as they are very similar in purpose and function? > > > > Yes, you can set up a DNS on your internal network. All it takes is a > > host > > to run it on. Yes, you can put in your DNS the IP addresses of the > > machines > > on your network. This is manually done usually. > > > > There are even some routers which now contain am mDNS which works in > > conjunction with their internal DHCP and gives a "Dynamic DNS" ability. > > The > > Dynamic part is the Address assignment from DHCP and a real-time update > of > > the DNS of that assignment data. But even in this case, the mDNS is > being > > updated by the DHCP and not by the host. I know it sounds like > splitting > > hairs, but of such is the network made. > > > > > > The rest of the statement is not DHCP nor DNS and sounds like NETBIOS. > > > > >The DNS declares himself to be the boss of the > > >5 computers on my local and does all of the resolutions for my network > > and > > >communicates with the outside world to resolve the issues. > > > > This would definately be NETBIOS. It isn't DNS. While DNS may give name > > resolution services, it doesn't declare itself boss. The Network setup > > data > > provided by DHCP or by manual configuration says where to go look for > name > > to address resolution. > > > > >One of the > > >issues that you mention is true for domains like .com, .net, and etc. > > ??? > > > > >but > > >that is only part of the answer the other part is the routing and > routing > > >tables and these are important in the address resolution. > > > > Actually, routing and routing tables have nothing to do with name to > > address > > resolution. Nor DHCP. > > > > Routing and routing tables are the underlying mechanism for getting a > > packet > > from point Address A.A.A.A to B.B.B.B This involves a lot of things > like > > address resolution protocol and transmission metrics and RIPs and such > > which > > I won't even begin to touch. My understanding of that is shakey at > best. > > > > DHCP is the assignment of an internet address (your WAN or LAN addresses > > for > > example) to a particular host or device. This device may be on your > > internal network or perhaps your router address from your ISP. > > > > DNS is concerned with mapping a name (POP.EXAMPLE.COM) to an internet IP > > address (the A.A.A.A or B.B.B.B). > > > > > > >While I don't > > >disagree with you completely. There are definitely holes, I am not a > > >expert, but you can check any ISP assignment to see that the structure > I > > >presented above is alive and working. > > > > Jeff makes excellent points about the internet and shows a keen grasp of > > the > > issues facing dynamic domain name service issues on the internet as a > > whole. > > I think Jeff was thinking mostly about the internet at large in his > > response. LANs have a bit more flexibility and that is where this > > discussion originally started. > > > > Regarding your claim that that's how it works, I just don't see it. I > > don't > > know which part of the internet you are using, but mine doesn't work the > > way > > you describe. Neither the parts inside my three LANs nor the parts of > the > > internet I interface with connecting my LANs to the internet and while > > providing web hosting to my clients. I get the feeling you are mixing > > NETBIOS and DNS and DHCP and such in a big mash. > > > > >SNMP is a part of what you presented > > >so I am not completely positive about all of this but there is chaos > > going > > >on when you decide to send a message, cause a route has to be setup and > > it > > >is this arbitration between the DNS that determine how to setup this > > route. > > > > I did a search on the original message and don't find SNMP mentioned. > > Simple Network Management Protocol is a tool used to manage the devices > on > > the network and to diagnose the network when it is down or not working > > correctly. I don't really use it yet as my needs have been simple to > this > > point. Soon, but not now. > > > > -g > > > > > you have gone through what you think is a heavy analysis, let me now give > the the simplest and the skinny about how you isp works, when your router > comes up it goes to the DHCP for the ISP and get assigned a IP address > this > ISP address is usually assigned to computername.state.city.isp.domain in > the > dns now you can go from there > > I forgot to attach the mac address which is what makes it unique in the dns. From brad.mugleston at comcast.net Mon Aug 29 03:27:39 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Sun, 28 Aug 2005 21:27:39 -0600 (MDT) Subject: NFS status In-Reply-To: References: Message-ID: On Sun, 28 Aug 2005, inode0 wrote: > On 8/28/05, brad.mugleston at comcast.net wrote: > > The error I get is: > > > > mount: RPC: Remote System Error - No Route to Host > > > > and that is where I'm stuck. > > > > Suggestions? > > Perhaps a firewall on the FC2 box? I don't have a fedora box handy so > I'm going to guess the syntax to check as > > # service iptables status > > What does that return? If it is on try > > # service iptables stop > > and see if NFS starts working ... > > John > YES! OK, the firewall was running - now it's stopped and I can now ssh from the client to the server (no more running up and down two flights of stairs to change things). The error I now get when mounting my server is mount: RPC: Program Not Registered Were getting close, I can feel it (plus I have to get up in 7 1/2 hours). Thanks Brad From vjl at cullasaja.com Mon Aug 29 03:41:12 2005 From: vjl at cullasaja.com (Vince LaMonica) Date: Sun, 28 Aug 2005 23:41:12 -0400 (EDT) Subject: NFS help (.. is definitely needed) In-Reply-To: <001901c5ac49$96b40f20$4801a8c0@C515816A> References: <001901c5ac49$96b40f20$4801a8c0@C515816A> Message-ID: On Sun, 28 Aug 2005, Otto Haliburton wrote: } > you have gone through what you think is a heavy analysis, let me now give } > the the simplest and the skinny about how you isp works, when your router } > comes up it goes to the DHCP for the ISP and get assigned a IP address } > this } > ISP address is usually assigned to computername.state.city.isp.domain in } > the } > dns now you can go from there } > } > } I forgot to attach the mac address which is what makes it unique in the dns. A NIC's MAC address has 100% nothing to do with DNS. So far, what you have written is 99% inaccurate and will only cause people to be confused. You best read what others have written, since it is clear you don't have the knowledge you think you have. /vjl/ From ottohaliburton at comcast.net Mon Aug 29 03:55:49 2005 From: ottohaliburton at comcast.net (Otto Haliburton) Date: Sun, 28 Aug 2005 22:55:49 -0500 Subject: NFS help (.. is definitely needed) In-Reply-To: Message-ID: <001a01c5ac4d$8b434cb0$4801a8c0@C515816A> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of Vince LaMonica > Sent: Sunday, August 28, 2005 10:41 PM > To: Getting started with Red Hat Linux > Subject: RE: NFS help (.. is definitely needed) > > On Sun, 28 Aug 2005, Otto Haliburton wrote: > > } > you have gone through what you think is a heavy analysis, let me now > give > } > the the simplest and the skinny about how you isp works, when your > router > } > comes up it goes to the DHCP for the ISP and get assigned a IP address > } > this > } > ISP address is usually assigned to computername.state.city.isp.domain > in > } > the > } > dns now you can go from there > } > > } > > } I forgot to attach the mac address which is what makes it unique in the > dns. > > A NIC's MAC address has 100% nothing to do with DNS. So far, what you have > written is 99% inaccurate and will only cause people to be confused. You > best read what others have written, since it is clear you don't have the > knowledge you think you have. > > /vjl/ > > well then, ask yourself why your router has a mac address, but further to simplify this discussion, as yourself a simple question, what is WWW.redhat.com, don't you get a little suspicious when it is called a domain name? I would cause that suggest that somewhere along the way you are going to a DNS. From ottohaliburton at comcast.net Mon Aug 29 03:58:44 2005 From: ottohaliburton at comcast.net (Otto Haliburton) Date: Sun, 28 Aug 2005 22:58:44 -0500 Subject: NFS help (.. is definitely needed) In-Reply-To: <001a01c5ac4d$8b434cb0$4801a8c0@C515816A> Message-ID: <001b01c5ac4d$f3554c40$4801a8c0@C515816A> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of Otto Haliburton > Sent: Sunday, August 28, 2005 10:56 PM > To: 'Getting started with Red Hat Linux' > Subject: RE: NFS help (.. is definitely needed) > > > > > -----Original Message----- > > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install- > list- > > bounces at redhat.com] On Behalf Of Vince LaMonica > > Sent: Sunday, August 28, 2005 10:41 PM > > To: Getting started with Red Hat Linux > > Subject: RE: NFS help (.. is definitely needed) > > > > On Sun, 28 Aug 2005, Otto Haliburton wrote: > > > > } > you have gone through what you think is a heavy analysis, let me now > > give > > } > the the simplest and the skinny about how you isp works, when your > > router > > } > comes up it goes to the DHCP for the ISP and get assigned a IP > address > > } > this > > } > ISP address is usually assigned to > computername.state.city.isp.domain > > in > > } > the > > } > dns now you can go from there > > } > > > } > > > } I forgot to attach the mac address which is what makes it unique in > the > > dns. > > > > A NIC's MAC address has 100% nothing to do with DNS. So far, what you > have > > written is 99% inaccurate and will only cause people to be confused. You > > best read what others have written, since it is clear you don't have the > > knowledge you think you have. > > > > /vjl/ > > > > > well then, ask yourself why your router has a mac address, but further to > simplify this discussion, as yourself a simple question, what is > WWW.redhat.com, don't you get a little suspicious when it is called a > domain > name? I would cause that suggest that somewhere along the way you are > going > to a DNS. > that's just my opinion now I could be wrong, but a lot of people spend a lot of money buying these domain names, but I could be wrong. From ottohaliburton at comcast.net Mon Aug 29 04:36:48 2005 From: ottohaliburton at comcast.net (Otto Haliburton) Date: Sun, 28 Aug 2005 23:36:48 -0500 Subject: NFS help (.. is definitely needed) In-Reply-To: Message-ID: <001c01c5ac53$450bc730$4801a8c0@C515816A> > -----Original Message----- > From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list- > bounces at redhat.com] On Behalf Of Vince LaMonica > Sent: Sunday, August 28, 2005 10:41 PM > To: Getting started with Red Hat Linux > Subject: RE: NFS help (.. is definitely needed) > > On Sun, 28 Aug 2005, Otto Haliburton wrote: > > } > you have gone through what you think is a heavy analysis, let me now > give > } > the the simplest and the skinny about how you isp works, when your > router > } > comes up it goes to the DHCP for the ISP and get assigned a IP address > } > this > } > ISP address is usually assigned to computername.state.city.isp.domain > in > } > the > } > dns now you can go from there > } > > } > > } I forgot to attach the mac address which is what makes it unique in the > dns. > > A NIC's MAC address has 100% nothing to do with DNS. So far, what you have > written is 99% inaccurate and will only cause people to be confused. You > best read what others have written, since it is clear you don't have the > knowledge you think you have. > > /vjl/ > I decided that you don't know what you are talking about when you say that a NIC card has nothing to do with MAC address. Your router has it's own MAC address, if it is not present then the MAC address for the NIC is used. But of course you know what you are talking about, do you know what a DNS is, Do you know how MAC addresses are assigned. Do you know whether they are unique. And the last thing do you know what you are talking about. There is a general confusion here and this thread has been blown completely out of proportion. This guy gives this heavy analysis of how my ISP assigns me a IP and he does it with WAN, etc and it is really simple. My ISP uses a DHCP just as my router does to assign me a IP and this IP is then assigned to a primary DNS and a secondary DNS with a unique identifier for my node. That is not complicated but simple. All communications on the net has a too and a from header and data. Each stage adds it too and from header to the packet until it reaches it's destination the reply begins to unwind these header to get you back to where you started. Anyway, read all this BS and continue on you way of thinking. From akelly at corisweb.org Mon Aug 29 08:26:40 2005 From: akelly at corisweb.org (Andrew Kelly) Date: 29 Aug 2005 10:26:40 +0200 Subject: NFS status In-Reply-To: References: Message-ID: <1125304000.3647.4.camel@hermes.at.home> On Mon, 2005-08-29 at 05:27, brad.mugleston at comcast.net wrote: > On Sun, 28 Aug 2005, inode0 wrote: > > > On 8/28/05, brad.mugleston at comcast.net wrote: > > > The error I get is: > > > > > > mount: RPC: Remote System Error - No Route to Host > > > > > > and that is where I'm stuck. > > > > > > Suggestions? > > > > Perhaps a firewall on the FC2 box? I don't have a fedora box handy so > > I'm going to guess the syntax to check as > > > > # service iptables status > > > > What does that return? If it is on try > > > > # service iptables stop > > > > and see if NFS starts working ... > > > > John > > > YES! OK, the firewall was running - now it's stopped and I can > now ssh from the client to the server (no more running up and > down two flights of stairs to change things). The error I now > get when mounting my server is > > mount: RPC: Program Not Registered > > Were getting close, I can feel it (plus I have to get up in 7 1/2 > hours). Portmapper service running? > Thanks > > Brad > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe -- Andrew Kelly Senior Developer, Online Communications Group (OCG) Transparency International e.V. Alt Moabit 96 10559 Berlin, Germany Tel: +4930 3530 5701 Fax: +4930 3530 5702 mailto:devak at corisweb.org http://www.corisweb.org http://www.transparency.org From nnurdam_rh at yahoo.com Mon Aug 29 11:03:57 2005 From: nnurdam_rh at yahoo.com (Nofriyadi Nurdam) Date: Mon, 29 Aug 2005 04:03:57 -0700 (PDT) Subject: Migration From Red Hat to Mandrake In-Reply-To: <1125304000.3647.4.camel@hermes.at.home> Message-ID: <20050829110357.55120.qmail@web52509.mail.yahoo.com> Hi all, I have Red Hat on my computer. But since some months I have not used Red Hat more. Now I want to try Mandrake. How can I move my computer from Red Hat to Mandrake without lossing my files which I created under Red Hat. Could somebody tell me what I have to do? Thanks in advance Nofriyadi Nurdam __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From fdgrant at powercom.net Mon Aug 29 23:06:20 2005 From: fdgrant at powercom.net (Fred Grant) Date: Mon, 29 Aug 2005 18:06:20 -0500 Subject: host.conf problem Message-ID: <1125356780.2714.5.camel@localhost.localdomain> On log-in, I periodically and sporadically get a message that the system can't determine the host for Internet use. When I check the host.conf folder it is missing the "localhost.localdomain" info. I can fix it by (as root) copying hosts.bak to this folder but it is kind of a pain. Any ideas as to why this periodically drops out? I'm using FC2. Thanks From robertmcclure at earthlink.net Mon Aug 29 23:18:54 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Mon, 29 Aug 2005 18:18:54 -0500 Subject: host.conf problem In-Reply-To: <1125356780.2714.5.camel@localhost.localdomain> References: <1125356780.2714.5.camel@localhost.localdomain> Message-ID: <20050829231854.GA13530@bobcat.bobcatos.com> On Mon, Aug 29, 2005 at 06:06:20PM -0500, Fred Grant wrote: > On log-in, I periodically and sporadically get a message that the system > can't determine the host for Internet use. When I check the host.conf > folder it is missing the "localhost.localdomain" info. That does not compute. /etc/host.conf (a file, not a folder) normally contains order hosts,bind and that's all. Perhaps you're thinking of /etc/hosts, which should have something like (mine as an example): 127.0.0.1 localhost.localdomain localhost 192.168.2.2 bobcat.bobcatos.com bobcat > I can fix it by (as root) copying hosts.bak to this folder but it is > kind of a pain. > > Any ideas as to why this periodically drops out? I'm using FC2. > > Thanks Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com Peace at any price is inflationary. From brad.mugleston at comcast.net Mon Aug 29 23:44:46 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Mon, 29 Aug 2005 17:44:46 -0600 (MDT) Subject: NFS status In-Reply-To: <1125304000.3647.4.camel@hermes.at.home> References: <1125304000.3647.4.camel@hermes.at.home> Message-ID: On Mon, 29 Aug 2005, Andrew Kelly wrote: > On Mon, 2005-08-29 at 05:27, brad.mugleston at comcast.net wrote: > > On Sun, 28 Aug 2005, inode0 wrote: > > > > > On 8/28/05, brad.mugleston at comcast.net wrote: > > > > The error I get is: > > > > > > > > mount: RPC: Remote System Error - No Route to Host > > > > > > > > and that is where I'm stuck. > > > > > > > > Suggestions? > > > > > > Perhaps a firewall on the FC2 box? I don't have a fedora box handy so > > > I'm going to guess the syntax to check as > > > > > > # service iptables status > > > > > > What does that return? If it is on try > > > > > > # service iptables stop > > > > > > and see if NFS starts working ... > > > > > > John > > > > > YES! OK, the firewall was running - now it's stopped and I can > > now ssh from the client to the server (no more running up and > > down two flights of stairs to change things). The error I now > > get when mounting my server is > > > > mount: RPC: Program Not Registered > > > > Were getting close, I can feel it (plus I have to get up in 7 1/2 > > hours). > > Portmapper service running? > Running rpcinfo -p I get the following: program vers proto port 100000 2 tcp 111 portmapper 100000 2 udp 111 portmapper 100024 1 udp 32769 status 100024 1 tcp 32768 status 391002 2 tcp 32769 sgi_fam 100011 1 udp 829 rquotad 100011 2 udp 829 rquotad 100011 1 tcp 832 rquotad 100011 2 tcp 832 rquotad 100003 2 udp 2049 nfs 100003 3 udp 2049 nfs 100021 1 udp 32771 nlockmgr 100021 3 udp 32771 nlockmgr 100021 4 udp 32771 nlockmgr 100005 1 udp 32772 mountd 100005 1 tcp 32770 mountd 100005 2 udp 32772 mountd 100005 2 tcp 32770 mountd 100005 3 udp 32772 mountd 100005 3 tcp 32770 mountd I believe that will tell you what is running - Been doing more reading and I'm not sure what the problem is so I'm going to go through all the files (/etc/exports, /etc/hosts.allow, /etc/hosts.deny and anything else I can find) to make sure I don't have a typo someplace. I have read that portmapper is suppose to be running before NFS - if I discover that to not be true how does one go about changing the order? Thanks, Brad From inode0 at gmail.com Mon Aug 29 23:57:27 2005 From: inode0 at gmail.com (inode0) Date: Mon, 29 Aug 2005 18:57:27 -0500 Subject: NFS status In-Reply-To: References: <1125304000.3647.4.camel@hermes.at.home> Message-ID: On 8/29/05, brad.mugleston at comcast.net wrote: > > Running rpcinfo -p I get the following: > program vers proto port > 100000 2 tcp 111 portmapper > 100000 2 udp 111 portmapper > 100024 1 udp 32769 status > 100024 1 tcp 32768 status > 391002 2 tcp 32769 sgi_fam > 100011 1 udp 829 rquotad > 100011 2 udp 829 rquotad > 100011 1 tcp 832 rquotad > 100011 2 tcp 832 rquotad > 100003 2 udp 2049 nfs > 100003 3 udp 2049 nfs > 100021 1 udp 32771 nlockmgr > 100021 3 udp 32771 nlockmgr > 100021 4 udp 32771 nlockmgr > 100005 1 udp 32772 mountd > 100005 1 tcp 32770 mountd > 100005 2 udp 32772 mountd > 100005 2 tcp 32770 mountd > 100005 3 udp 32772 mountd > 100005 3 tcp 32770 mountd > > I believe that will tell you what is running - Been doing more > reading and I'm not sure what the problem is so I'm going to go > through all the files (/etc/exports, /etc/hosts.allow, > /etc/hosts.deny and anything else I can find) to make sure I > don't have a typo someplace. > > I have read that portmapper is suppose to be running before NFS - > if I discover that to not be true how does one go about changing > the order? > What is running on the client ... I think your current problem is on that end. Is the portmap service running there too? John -------------- next part -------------- An HTML attachment was scrubbed... URL: From brad.mugleston at comcast.net Tue Aug 30 00:15:35 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Mon, 29 Aug 2005 18:15:35 -0600 (MDT) Subject: NFS status In-Reply-To: References: <1125304000.3647.4.camel@hermes.at.home> Message-ID: On Mon, 29 Aug 2005, inode0 wrote: > On 8/29/05, brad.mugleston at comcast.net wrote: > > > > Running rpcinfo -p I get the following: > > program vers proto port > > 100000 2 tcp 111 portmapper > > 100000 2 udp 111 portmapper > > 100024 1 udp 32769 status > > 100024 1 tcp 32768 status > > 391002 2 tcp 32769 sgi_fam > > 100011 1 udp 829 rquotad > > 100011 2 udp 829 rquotad > > 100011 1 tcp 832 rquotad > > 100011 2 tcp 832 rquotad > > 100003 2 udp 2049 nfs > > 100003 3 udp 2049 nfs > > 100021 1 udp 32771 nlockmgr > > 100021 3 udp 32771 nlockmgr > > 100021 4 udp 32771 nlockmgr > > 100005 1 udp 32772 mountd > > 100005 1 tcp 32770 mountd > > 100005 2 udp 32772 mountd > > 100005 2 tcp 32770 mountd > > 100005 3 udp 32772 mountd > > 100005 3 tcp 32770 mountd > > > > I believe that will tell you what is running - Been doing more > > reading and I'm not sure what the problem is so I'm going to go > > through all the files (/etc/exports, /etc/hosts.allow, > > /etc/hosts.deny and anything else I can find) to make sure I > > don't have a typo someplace. > > > > I have read that portmapper is suppose to be running before NFS - > > if I discover that to not be true how does one go about changing > > the order? > > > > What is running on the client ... I think your current problem is on that > end. > Is the portmap service running there too? > > John > Sorry, this is the client end.... From nnurdam_rh at yahoo.com Tue Aug 30 01:21:01 2005 From: nnurdam_rh at yahoo.com (Nofriyadi Nurdam) Date: Mon, 29 Aug 2005 18:21:01 -0700 (PDT) Subject: Migration From Red Hat to Mandrake In-Reply-To: <20050829110357.55120.qmail@web52509.mail.yahoo.com> Message-ID: <20050830012102.51331.qmail@web52509.mail.yahoo.com> Hi all, I have Red Hat on my computer. But since some months I have not used Red Hat more. Now I want to try Mandrake. How can I move my computer from Red Hat to Mandrake without lossing my files which I created under Red Hat. Could somebody tell me what I have to do? Thanks in advance Nofriyadi Nurdam __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From brad.mugleston at comcast.net Tue Aug 30 02:28:23 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Mon, 29 Aug 2005 20:28:23 -0600 (MDT) Subject: Migration From Red Hat to Mandrake In-Reply-To: <20050830012102.51331.qmail@web52509.mail.yahoo.com> References: <20050830012102.51331.qmail@web52509.mail.yahoo.com> Message-ID: As this is a Red Hat Install list you may not get great answers but I think I would 1 - put the mandrake install in the cd 2 - boot on the CD 3 - select install - either custom or one of the pre-configured ones At least thats how you do it the other way around. Brad Mugleston, KI0OT There are 10 types of people in this world. Those that understand binary and those that don't. On Mon, 29 Aug 2005, Nofriyadi Nurdam wrote: > > > Hi all, > > I have Red Hat on my computer. But since some months I have not used Red Hat more. > > Now I want to try Mandrake. How can I move my computer from Red Hat to Mandrake without lossing my files which I created under Red Hat. > > Could somebody tell me what I have to do? > > Thanks in advance > > Nofriyadi Nurdam > > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com From inode0 at gmail.com Tue Aug 30 02:45:28 2005 From: inode0 at gmail.com (inode0) Date: Mon, 29 Aug 2005 21:45:28 -0500 Subject: NFS status In-Reply-To: References: <1125304000.3647.4.camel@hermes.at.home> Message-ID: On 8/29/05, brad.mugleston at comcast.net wrote: > > Sorry, this is the client end.... > Would you mind posting your exports file from the server and your fstab file from the client? Make sure you have portmap running on both the client and the server too. What command are you using to try to do the mount exactly? John -------------- next part -------------- An HTML attachment was scrubbed... URL: From brad.mugleston at comcast.net Tue Aug 30 03:57:17 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Mon, 29 Aug 2005 21:57:17 -0600 (MDT) Subject: NFS status In-Reply-To: References: <1125304000.3647.4.camel@hermes.at.home> Message-ID: On Mon, 29 Aug 2005, inode0 wrote: > On 8/29/05, brad.mugleston at comcast.net wrote: > > > > Sorry, this is the client end.... > > > > Would you mind posting your exports file from the server and your fstab file > from the client? > Make sure you have portmap running on both the client and the server too. > What command are you using to try to do the mount exactly? > > John > Exactly 192.168.1.55:/photos /mnt/photos nfs rw,hard,intr 0 0 this is in /etc/fstab From brad.mugleston at comcast.net Tue Aug 30 04:23:08 2005 From: brad.mugleston at comcast.net (brad.mugleston at comcast.net) Date: Mon, 29 Aug 2005 22:23:08 -0600 (MDT) Subject: System SLOWS Message-ID: I'm runnnig rh 9 and every once in awhile it just goes into limbo for about 5 seconds then comes back for a minute or more. If I log in a root I get error messages about HDH and SCSI not being ready and ATAPI not beign ready and things timing out (I'd copy the screen but my mouse doesn't work on a command line screen). It's making it difficult to even send an email. I know rebooting will make it go away for a little while but then it comes back. ANy solutions? Brad Mugleston, KI0OT There are 10 types of people in this world. Those that understand binary and those that don't. From karlp at ourldsfamily.com Tue Aug 30 04:33:30 2005 From: karlp at ourldsfamily.com (karlp at ourldsfamily.com) Date: Mon, 29 Aug 2005 22:33:30 -0600 (MDT) Subject: System SLOWS In-Reply-To: References: Message-ID: <26268.198.60.114.90.1125376410.squirrel@webmail.ourldsfamily.com> > I'm runnnig rh 9 and every once in awhile it just goes into > limbo for about 5 seconds then comes back for a minute or more. > > If I log in a root I get error messages about HDH and SCSI not > being ready and ATAPI not beign ready and things timing out (I'd > copy the screen but my mouse doesn't work on a command line > screen). It's making it difficult to even send an email. > > I know rebooting will make it go away for a little while but > then it comes back. > > ANy solutions? Solutions? No, but suggest checking the IDE/SCSI controllers. It sounds like they are having trouble with IO... Either that or hda is going bad. Just a thought. Karl > > Brad Mugleston, KI0OT > > There are 10 types of people in this world. Those that > understand binary and those that don't. > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > From akelly at corisweb.org Tue Aug 30 06:44:22 2005 From: akelly at corisweb.org (Andrew Kelly) Date: 30 Aug 2005 08:44:22 +0200 Subject: NFS status In-Reply-To: References: <1125304000.3647.4.camel@hermes.at.home> Message-ID: <1125384262.3646.13.camel@hermes.at.home> On Tue, 2005-08-30 at 01:44, brad.mugleston at comcast.net wrote: > On Mon, 29 Aug 2005, Andrew Kelly wrote: > > > On Mon, 2005-08-29 at 05:27, brad.mugleston at comcast.net wrote: > > > On Sun, 28 Aug 2005, inode0 wrote: > > > > > > > On 8/28/05, brad.mugleston at comcast.net wrote: > > > > > The error I get is: > > > > > > > > > > mount: RPC: Remote System Error - No Route to Host > > > > > > > > > > and that is where I'm stuck. > > > > > > > > > > Suggestions? > > > > > > > > Perhaps a firewall on the FC2 box? I don't have a fedora box handy so > > > > I'm going to guess the syntax to check as > > > > > > > > # service iptables status > > > > > > > > What does that return? If it is on try > > > > > > > > # service iptables stop > > > > > > > > and see if NFS starts working ... > > > > > > > > John > > > > > > > YES! OK, the firewall was running - now it's stopped and I can > > > now ssh from the client to the server (no more running up and > > > down two flights of stairs to change things). The error I now > > > get when mounting my server is > > > > > > mount: RPC: Program Not Registered > > > > > > Were getting close, I can feel it (plus I have to get up in 7 1/2 > > > hours). > > > > Portmapper service running? > > > > Running rpcinfo -p I get the following: > program vers proto port > 100000 2 tcp 111 portmapper > 100000 2 udp 111 portmapper > 100024 1 udp 32769 status > 100024 1 tcp 32768 status > 391002 2 tcp 32769 sgi_fam > 100011 1 udp 829 rquotad > 100011 2 udp 829 rquotad > 100011 1 tcp 832 rquotad > 100011 2 tcp 832 rquotad > 100003 2 udp 2049 nfs > 100003 3 udp 2049 nfs > 100021 1 udp 32771 nlockmgr > 100021 3 udp 32771 nlockmgr > 100021 4 udp 32771 nlockmgr > 100005 1 udp 32772 mountd > 100005 1 tcp 32770 mountd > 100005 2 udp 32772 mountd > 100005 2 tcp 32770 mountd > 100005 3 udp 32772 mountd > 100005 3 tcp 32770 mountd > > I believe that will tell you what is running - Yeah, looks about right. As you'll have seen in other mail, the portmapper service needs to be running on both server and client. > Been doing more > reading and I'm not sure what the problem is so I'm going to go > through all the files (/etc/exports, /etc/hosts.allow, > /etc/hosts.deny and anything else I can find) to make sure I > don't have a typo someplace. These would be interesting to see. > I have read that portmapper is suppose to be running before NFS - > if I discover that to not be true how does one go about changing > the order? The quickest and easiest I can think of without yet having had a good tea is: use chkconfig. Look for the chkconfig line in the early parts of the init.d scripts in question, adjust the start and stop priorities as desired, run chkconfig reset on any modified files (assuming of course these services are controlled by chkconfig. man chkconfig for more info, of course.) Off the top of my not-yet-up-to-speed nugget, I believe the starting order should be portmap, netfs, nfs, but don't take that as the gospel. Andy > Thanks, > > Brad > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe From robertmcclure at earthlink.net Tue Aug 30 14:57:01 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Tue, 30 Aug 2005 09:57:01 -0500 Subject: System SLOWS In-Reply-To: References: Message-ID: <20050830145701.GA8110@bobcat.bobcatos.com> On Mon, Aug 29, 2005 at 10:23:08PM -0600, brad.mugleston at comcast.net wrote: > I'm runnnig rh 9 and every once in awhile it just goes into > limbo for about 5 seconds then comes back for a minute or more. > > If I log in a root I get error messages about HDH and SCSI not > being ready and ATAPI not beign ready and things timing out (I'd > copy the screen but my mouse doesn't work on a command line > screen). It's making it difficult to even send an email. Those messages should show up in /var/log/messages. > I know rebooting will make it go away for a little while but > then it comes back. > > ANy solutions? > > Brad Mugleston, KI0OT > > There are 10 types of people in this world. Those that > understand binary and those that don't. Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com Peace at any price is inflationary. From john.j.poole at usa-spaceops.com Tue Aug 30 15:19:43 2005 From: john.j.poole at usa-spaceops.com (Poole, John J) Date: Tue, 30 Aug 2005 11:19:43 -0400 Subject: gdm problem with WS update 5 upgrade Message-ID: <2CE66A1ABBED8C4B85DFF5E0860987A3051D6B6B@usaflcms03.usa-spaceops.ksc.nasa.gov> Sirs, I have upgraded a couple of boxes from WS update 4 to WS update 5. After upgrade gdm would not come up. I get a message about "another X server appears to be running". A debug listing from gdm follows this paragraph. Both KDM and xdm appear to work fine. The suspect gdm is gdm-2.4.1.6-10. I have temporarily rolled back to gdm-2.4.1.6-5 which works. An email to the gdm folks indicated they were not familiar with the -5 an -10 versions of gdm. I suspect these may be Redhat version numbers? I did a fresh install of WS update 5 on similar hardware and it appears to be OK. Anyone run into a similar situation or have any hints? I do not have much time to dedicate to major troubleshooting, but any ideas would be welcome. Thanks, John Debug info: Aug 17 14:02:59 lnx035 gdm[2709]: gdm_main: Here we go... > Aug 17 14:02:59 lnx035 gdm[2709]: gdm_start_first_unborn_local: Starting :0 > Aug 17 14:02:59 lnx035 gdm[2709]: gdm_display_manage: Managing :0 > Aug 17 14:02:59 lnx035 gdm[2709]: Resetting counts for loop of death detection > Aug 17 14:02:59 lnx035 gdm[2762]: gdm_slave_start: Starting slave process for :0 > Aug 17 14:02:59 lnx035 gdm[2762]: gdm_slave_start: Loop Thingie > Aug 17 14:02:59 lnx035 gdm[2762]: Sending VT_NUM == -1 for slave 2762 > Aug 17 14:02:59 lnx035 gdm[2762]: Sending VT_NUM 2762 -1 > Aug 17 14:02:59 lnx035 gdm[2709]: gdm_display_manage: Forked slave: 2762 > Aug 17 14:02:59 lnx035 gdm[2709]: Handling message: 'VT_NUM 2762 -1' > Aug 17 14:02:59 lnx035 gdm[2709]: Got VT_NUM == -1 > Aug 17 14:02:59 lnx035 gdm[2762]: gdm_server_start: :0 > Aug 17 14:02:59 lnx035 gdm[2762]: gdm_auth_secure_display: Setting up access for :0 > Aug 17 14:02:59 lnx035 gdm[2762]: gdm_auth_secure_display: Setting up socket access > Aug 17 14:02:59 lnx035 gdm[2762]: gdm_auth_secure_display: Setting up network access > Aug 17 14:02:59 lnx035 gdm[2709]: (child 2762) gdm_slave_usr2_handler: :0 got USR2 signal > Aug 17 14:02:59 lnx035 gdm[2762]: gdm_auth_secure_display: Setting up access for :0 - 5 entries > Aug 17 14:02:59 lnx035 gdm[2762]: Sending COOKIE == for slave 2762 > Aug 17 14:02:59 lnx035 gdm[2762]: Sending COOKIE 2762 3d27f029564379eabcdb82248cf7420a > Aug 17 14:02:59 lnx035 gdm[2709]: Handling message: 'COOKIE 2762 3d...' > Aug 17 14:02:59 lnx035 gdm[2709]: Got COOKIE == > Aug 17 14:02:59 lnx035 gdm[2762]: gdm_server_spawn: Forked server on pid 2763 > Aug 17 14:02:59 lnx035 gdm[2763]: gdm_server_spawn: '/usr/X11R6/bin/X :0 -auth /var/gdm/:0.Xauth vt7' > Aug 17 14:02:59 lnx035 gdm[2762]: gdm_server_start: Before mainloop waiting for server > Aug 17 14:02:59 lnx035 gdm[2709]: (child 2762) gdm_slave_usr2_handler: :0 got USR2 signal > Aug 17 14:03:09 lnx035 gdm[2762]: gdm_server_start: After mainloop waiting for server > Aug 17 14:03:09 lnx035 gdm[2709]: (child 2762) gdm_server_alarm_handler: Got SIGALRM, server abort > Aug 17 14:03:09 lnx035 gdm[2762]: gdm_server_start: Temporary server failure (:0) > Aug 17 14:03:09 lnx035 gdm[2709]: mainloop_sig_callback: Got signal 17 > Aug 17 14:03:09 lnx035 gdm[2709]: gdm_cleanup_children: child 2762 returned 64 > Aug 17 14:03:09 lnx035 gdm[2709]: gdm_child_action: Slave process returned 64 > Aug 17 14:03:09 lnx035 gdm[2709]: gdm_display_manage: Managing :0 > Aug 17 14:03:09 lnx035 gdm[2709]: Resetting counts for loop of death detection > Aug 17 14:03:09 lnx035 gdm[2764]: gdm_slave_start: Starting slave process for :0 > Aug 17 14:03:09 lnx035 gdm[2764]: gdm_slave_start: Loop Thingie > Aug 17 14:03:09 lnx035 gdm[2764]: Sending VT_NUM == -1 for slave 2764 > Aug 17 14:03:09 lnx035 gdm[2764]: Sending VT_NUM 2764 -1 > Aug 17 14:03:09 lnx035 gdm[2709]: gdm_display_manage: Forked slave: 2764 > Aug 17 14:03:09 lnx035 gdm[2709]: main: Exited main loop > Aug 17 14:03:09 lnx035 gdm[2709]: Handling message: 'VT_NUM 2764 -1' > Aug 17 14:03:09 lnx035 gdm[2709]: Got VT_NUM == -1 > Aug 17 14:03:09 lnx035 gdm[2709]: (child 2764) gdm_slave_usr2_handler: :0 got USR2 signal > Aug 17 14:03:09 lnx035 gdm[2764]: gdm_server_start: :0 > Aug 17 14:03:09 lnx035 gdm[2764]: gdm_auth_secure_display: Setting up access for :0 > Aug 17 14:03:09 lnx035 gdm[2764]: gdm_auth_secure_display: Setting up socket access > Aug 17 14:03:09 lnx035 gdm[2764]: gdm_auth_secure_display: Setting up network access > Aug 17 14:03:09 lnx035 gdm[2764]: gdm_auth_secure_display: Setting up access for :0 - 5 entries > Aug 17 14:03:09 lnx035 gdm[2764]: Sending COOKIE == for slave 2764 > Aug 17 14:03:09 lnx035 gdm[2764]: Sending COOKIE 2764 1b223fbe3e181a5c5089086331b2f040 > Aug 17 14:03:09 lnx035 gdm[2709]: Handling message: 'COOKIE 2764 1b...' > Aug 17 14:03:09 lnx035 gdm[2709]: Got COOKIE == > Aug 17 14:03:09 lnx035 gdm[2709]: (child 2764) gdm_slave_usr2_handler: :0 got USR2 signal > Aug 17 14:03:09 lnx035 gdm[2765]: gdm_server_spawn: '/usr/X11R6/bin/X :0 -auth /var/gdm/:0.Xauth vt7' > Aug 17 14:03:09 lnx035 gdm[2764]: gdm_server_spawn: Forked server on pid 2765 > Aug 17 14:03:09 lnx035 gdm[2764]: gdm_server_start: Before mainloop waiting for server > Aug 17 14:03:10 lnx035 gdm[2709]: (child 2764) gdm_server_child_handler: Got SIGCHLD > Aug 17 14:03:10 lnx035 gdm[2764]: check_child_status: 2765 died > Aug 17 14:03:10 lnx035 gdm[2764]: check_child_status: 2765 returned 1 > Aug 17 14:03:10 lnx035 gdm[2764]: check_child_status: Got SIGCHLD from server, server abort > Aug 17 14:03:10 lnx035 gdm[2764]: gdm_server_start: After mainloop waiting for server > Aug 17 14:03:10 lnx035 gdm[2764]: gdm_server_start: Server :0 died during startup! > Aug 17 14:03:10 lnx035 gdm[2764]: Display :0 is busy. There is another X server running already. > Aug 17 14:03:10 lnx035 gdm[2764]: gdm_server_start: Display :0 busy. Trying once again (after 2 sec delay) > Aug 17 14:03:12 lnx035 gdm[2764]: Sending VT_NUM == -1 for slave 2764 > Aug 17 14:03:12 lnx035 gdm[2764]: Sending VT_NUM 2764 -1 > Aug 17 14:03:12 lnx035 gdm[2709]: Handling message: 'VT_NUM 2764 -1' > Aug 17 14:03:12 lnx035 gdm[2709]: Got VT_NUM == -1 > Aug 17 14:03:12 lnx035 gdm[2709]: (child 2764) gdm_slave_usr2_handler: :0 got USR2 signal > Aug 17 14:03:12 lnx035 gdm[2764]: gdm_server_start: :0 > Aug 17 14:03:12 lnx035 gdm[2764]: gdm_auth_secure_display: Setting up access for :0 > Aug 17 14:03:12 lnx035 gdm[2764]: gdm_auth_secure_display: Setting up socket access > Aug 17 14:03:12 lnx035 gdm[2764]: gdm_auth_secure_display: Setting up network access > Aug 17 14:03:12 lnx035 gdm[2764]: gdm_auth_secure_display: Setting up access for :0 - 5 entries > Aug 17 14:03:12 lnx035 gdm[2764]: Sending COOKIE == for slave 2764 > Aug 17 14:03:12 lnx035 gdm[2764]: Sending COOKIE 2764 550d3008aa678165db9fc9ccb3368159 > Aug 17 14:03:12 lnx035 gdm[2709]: Handling message: 'COOKIE 2764 55...' > Aug 17 14:03:12 lnx035 gdm[2709]: Got COOKIE == > Aug 17 14:03:12 lnx035 gdm[2709]: (child 2764) gdm_slave_usr2_handler: :0 got USR2 signal > Aug 17 14:03:12 lnx035 gdm[2766]: gdm_server_spawn: '/usr/X11R6/bin/X :0 -auth /var/gdm/:0.Xauth vt7' > Aug 17 14:03:12 lnx035 gdm[2764]: gdm_server_spawn: Forked server on pid 2766 > Aug 17 14:03:12 lnx035 gdm[2764]: gdm_server_start: Before mainloop waiting for server > Aug 17 14:03:13 lnx035 gdm[2709]: (child 2764) gdm_server_child_handler: Got SIGCHLD > Aug 17 14:03:13 lnx035 gdm[2764]: check_child_status: 2766 died > Aug 17 14:03:13 lnx035 gdm[2764]: check_child_status: 2766 returned 1 > Aug 17 14:03:13 lnx035 gdm[2764]: check_child_status: Got SIGCHLD from server, server abort > Aug 17 14:03:13 lnx035 gdm[2764]: gdm_server_start: After mainloop waiting for server > Aug 17 14:03:13 lnx035 gdm[2764]: gdm_server_start: Server :0 died during startup! > Aug 17 14:03:13 lnx035 gdm[2764]: Display :0 is busy. There is another X server running already. > Aug 17 14:03:13 lnx035 dialog: /dev/gpmctl: No such file or directory > Aug 17 14:03:13 lnx035 dialog: /dev/gpmctl: No such file or directory > Aug 17 14:03:18 lnx035 modprobe: modprobe: Can't locate module char-major-226 > Aug 17 14:03:18 lnx035 last message repeated 3 times > Aug 17 14:03:18 lnx035 kernel: Linux agpgart interface v0.99 (c) Jeff Hartmann > Aug 17 14:03:18 lnx035 kernel: agpgart: Maximum main memory to use for agp memory: 439M > Aug 17 14:03:18 lnx035 kernel: agpgart: Detected an Intel(R) 865G, but could not find the secondary device. Assuming a non-integrated video card. > Aug 17 14:03:18 lnx035 kernel: agpgart: Detected Intel(R) 865G chipset > Aug 17 14:03:18 lnx035 kernel: agpgart: AGP aperture is 128M @ 0xe8000000 > Aug 17 14:03:18 lnx035 kernel: [drm] AGP 0.99 Aperture @ 0xe8000000 128MB > Aug 17 14:03:18 lnx035 kernel: [drm] Initialized radeon 1.7.0 20020828 on minor 0 > Aug 17 14:03:18 lnx035 kernel: PCI: Found IRQ 11 for device 01:00.0 > Aug 17 14:03:18 lnx035 kernel: PCI: Sharing IRQ 11 with 00:1d.0 > Aug 17 14:03:18 lnx035 kernel: PCI: Sharing IRQ 11 with 00:1d.3 > Aug 17 14:06:22 lnx035 ntpd[2604]: kernel time discipline status change 41 > Aug 17 14:06:36 lnx035 sshd(pam_unix)[2814]: session opened for user root by (uid=0) John J. Poole Mail Stop: USK-615 Phone: 321-861-0561 Email: john.j.poole at usa-spaceops.com Opinions expressed are my own and are not endorsed by United Space Alliance. "More hay, Trigger?" "No thanks, Roy, I'm stuffed!" From Travis.R.Waldher at boeing.com Tue Aug 30 17:31:20 2005 From: Travis.R.Waldher at boeing.com (Waldher, Travis R) Date: Tue, 30 Aug 2005 10:31:20 -0700 Subject: Error message I can't find answer for Message-ID: "lockd: weird return 1 for CANCEL call" Any ideas? It's happening every 1-2 seconds. From rstevens at vitalstream.com Tue Aug 30 17:38:58 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 30 Aug 2005 10:38:58 -0700 Subject: hostname In-Reply-To: References: Message-ID: <431499B2.3030701@vitalstream.com> brad.mugleston at comcast.net wrote: > how does one permenately change a hostname? typing "hostname > new.name" doesn't do it permenately and I can't find which file > to change. The hostname is set during boot by the contents of the "HOSTNAME" variable in /etc/sysconfig/network. Change that and it'll stick. Note that the hostname you put in there must be resolvable to your IP address--either via your /etc/hosts file or DNS. If it's not, a lot of things won't work (X, for instance). ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Make it idiot proof and someone will make a better idiot. - ---------------------------------------------------------------------- From robertmcclure at earthlink.net Tue Aug 30 17:43:17 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Tue, 30 Aug 2005 12:43:17 -0500 Subject: Error message I can't find answer for In-Reply-To: References: Message-ID: <20050830174317.GA13692@bobcat.bobcatos.com> On Tue, Aug 30, 2005 at 10:31:20AM -0700, Waldher, Travis R wrote: > "lockd: weird return 1 for CANCEL call" > > Any ideas? It's happening every 1-2 seconds. Googling for that phrase, in quotes, returns two links. I didn't dig much further, but it appears to be a problem in the 2.6.8 kernel. Is that what you are running? If so, I'd upgrade the kernel. The latest I have running is kernel-2.6.11-1.35_FC3. Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com Peace at any price is inflationary. From Travis.R.Waldher at boeing.com Tue Aug 30 17:48:47 2005 From: Travis.R.Waldher at boeing.com (Waldher, Travis R) Date: Tue, 30 Aug 2005 10:48:47 -0700 Subject: Error message I can't find answer for Message-ID: > -----Original Message----- > From: Bob McClure Jr [mailto:robertmcclure at earthlink.net] > Sent: Tuesday, August 30, 2005 10:43 AM > To: Getting started with Red Hat Linux > Subject: Re: Error message I can't find answer for > > On Tue, Aug 30, 2005 at 10:31:20AM -0700, Waldher, Travis R wrote: > > "lockd: weird return 1 for CANCEL call" > > > > Any ideas? It's happening every 1-2 seconds. > > Googling for that phrase, in quotes, returns two links. I didn't dig > much further, but it appears to be a problem in the 2.6.8 kernel. Is > that what you are running? If so, I'd upgrade the kernel. The latest > I have running is kernel-2.6.11-1.35_FC3. > Sorry, should have already stated that I already found that one, and upgraded the kernel to 2.6.9-11ELsmp. This is Redhat AS 4.0. Calling their tech support is next up, but the people here seem to be more knowledgable so I thought I'de try here first. From rstevens at vitalstream.com Tue Aug 30 17:59:08 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 30 Aug 2005 10:59:08 -0700 Subject: NFS and firewall In-Reply-To: References: Message-ID: <43149E6C.8070206@vitalstream.com> brad.mugleston at comcast.net wrote: > I'm trying to set NFS up on my home computers and from going > through the HOW-TO and other write up's it should be working, but > it's not. I can ping from machine to machine, I'm using IP > address to allow everything to work as suggested in the writeups > (for instance /etc/exposts is /home > 192.168.1.0/255.255.255.0(rw)). > > I'm getting an error message > > rpcinfo:can't contact portmapper: RPC:Remote system error- No > route to host > > Searching on the web it sounds like I may have a firewall set up > to restrictive but as far as I can tell I've every firewall down. > > So, how can I tell the status of a firewall A "no route to host" error generally indicates a routing issue. Can you "ping" the NFS server? If not, check the routes (this includes such mundane things as netmasks and routers) and see what's going on. As far as firewalls are concerned, just do "iptables -L -n". If you don't get a list of rules, your internal firewall is not running. With external firewalls, you'll have to manually check them. Unfortunately, NFS is a difficult thing to set up cleanly on a firewall because the portmapper changes port numbers used for the various services on the fly. This is especially nasty if you're using UDP transport for NFS (the default). You can specify TCP transport if your NFS server can run NFS V3 or V4. In fact, for heavy NFS activity, I'd recommend it. You can find out which ports your NFS server is using for the various services by getting on the NFS server and using "rpcinfo -p". Provided you can fix the route issue "rpcinfo -p " can get the same information remotely. You can then tailor the firewall based on that, but be aware that the port numbers used will likely change whenever the NFS server is rebooted. That's the nature of the beast. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Make it idiot proof and someone will make a better idiot. - ---------------------------------------------------------------------- From rstevens at vitalstream.com Tue Aug 30 17:59:58 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 30 Aug 2005 10:59:58 -0700 Subject: Kerberos Help Needed In-Reply-To: <200508280200.j7S20Eeq008176@mx3.redhat.com> References: <200508280200.j7S20Eeq008176@mx3.redhat.com> Message-ID: <43149E9E.7060202@vitalstream.com> Greg Julius wrote: > > Y Y A H H OOOO OOOO !! > Y Y A A H H O O O O !! > Y Y A A H H O O O O !! > Y AAAAAAA HHHHHHH O O O O !! > Y A A H H O O O O !! > Y A A H H O O O O > Y A AH H OOOO OOOO !! > > IT WORKS > > More on the solution later - write-up forthcoming. > > I think the biggest problem was (is?) a disconnect between > the left and right ear! > > -g > # sometimes you really can't see the forrest due to the trees Can't wait to see this one! ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Hard work has a future payoff. Laziness pays off now. - ---------------------------------------------------------------------- From fdgrant at powercom.net Tue Aug 30 23:24:55 2005 From: fdgrant at powercom.net (Fred Grant) Date: Tue, 30 Aug 2005 18:24:55 -0500 Subject: host.conf problem In-Reply-To: <20050829231854.GA13530@bobcat.bobcatos.com> References: <1125356780.2714.5.camel@localhost.localdomain> <20050829231854.GA13530@bobcat.bobcatos.com> Message-ID: <1125444295.2716.6.camel@localhost.localdomain> On Mon, 2005-08-29 at 18:18, Bob McClure Jr wrote: > On Mon, Aug 29, 2005 at 06:06:20PM -0500, Fred Grant wrote: > > On log-in, I periodically and sporadically get a message that the system > > can't determine the host for Internet use. When I check the host.conf > > folder it is missing the "localhost.localdomain" info. > > That does not compute. /etc/host.conf (a file, not a folder) normally > contains > > order hosts,bind > > and that's all. Perhaps you're thinking of /etc/hosts, which should > have something like (mine as an example): > > 127.0.0.1 localhost.localdomain localhost > 192.168.2.2 bobcat.bobcatos.com bobcat > > > I can fix it by (as root) copying hosts.bak to this folder but it is > > kind of a pain. > > > > Any ideas as to why this periodically drops out? I'm using FC2. > > > > Thanks > > Cheers, You are right Bob, it's /etc/hosts that loses the localhost.localdomain info. I wonder if I could incorporate copying of this info into the daily cron job? Seems funny that the info periodically gets lost. From robertmcclure at earthlink.net Tue Aug 30 23:35:53 2005 From: robertmcclure at earthlink.net (Bob McClure Jr) Date: Tue, 30 Aug 2005 18:35:53 -0500 Subject: host.conf problem In-Reply-To: <1125444295.2716.6.camel@localhost.localdomain> References: <1125356780.2714.5.camel@localhost.localdomain> <20050829231854.GA13530@bobcat.bobcatos.com> <1125444295.2716.6.camel@localhost.localdomain> Message-ID: <20050830233553.GA24726@bobcat.bobcatos.com> On Tue, Aug 30, 2005 at 06:24:55PM -0500, Fred Grant wrote: > On Mon, 2005-08-29 at 18:18, Bob McClure Jr wrote: > > On Mon, Aug 29, 2005 at 06:06:20PM -0500, Fred Grant wrote: > > > On log-in, I periodically and sporadically get a message that the system > > > can't determine the host for Internet use. When I check the host.conf > > > folder it is missing the "localhost.localdomain" info. > > > > That does not compute. /etc/host.conf (a file, not a folder) normally > > contains > > > > order hosts,bind > > > > and that's all. Perhaps you're thinking of /etc/hosts, which should > > have something like (mine as an example): > > > > 127.0.0.1 localhost.localdomain localhost > > 192.168.2.2 bobcat.bobcatos.com bobcat > > > > > I can fix it by (as root) copying hosts.bak to this folder but it is > > > kind of a pain. > > > > > > Any ideas as to why this periodically drops out? I'm using FC2. > > > > > > Thanks > > > > Cheers, > You are right Bob, it's /etc/hosts that loses the localhost.localdomain > info. I wonder if I could incorporate copying of this info into the > daily cron job? Seems funny that the info periodically gets lost. No, that's a band-aid. Something else is wrong that needs to be fixed. Look in /etc/sysconfig/networking/profiles/default/hosts and see what it looks like. It it's improper, fix it and see if the problem doesn't go away. No, I don't know how that gets into the game. Rick probably does. Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. robertmcclure at earthlink.net http://www.bobcatos.com Peace at any price is inflationary. From rstevens at vitalstream.com Wed Aug 31 01:23:48 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Tue, 30 Aug 2005 18:23:48 -0700 Subject: host.conf problem In-Reply-To: <20050830233553.GA24726@bobcat.bobcatos.com> References: <1125356780.2714.5.camel@localhost.localdomain> <20050829231854.GA13530@bobcat.bobcatos.com> <1125444295.2716.6.camel@localhost.localdomain> <20050830233553.GA24726@bobcat.bobcatos.com> Message-ID: <431506A4.2080207@vitalstream.com> Bob McClure Jr wrote: > On Tue, Aug 30, 2005 at 06:24:55PM -0500, Fred Grant wrote: > >>On Mon, 2005-08-29 at 18:18, Bob McClure Jr wrote: >> >>>On Mon, Aug 29, 2005 at 06:06:20PM -0500, Fred Grant wrote: >>> >>>>On log-in, I periodically and sporadically get a message that the system >>>>can't determine the host for Internet use. When I check the host.conf >>>>folder it is missing the "localhost.localdomain" info. >>> >>>That does not compute. /etc/host.conf (a file, not a folder) normally >>>contains >>> >>> order hosts,bind >>> >>>and that's all. Perhaps you're thinking of /etc/hosts, which should >>>have something like (mine as an example): >>> >>>127.0.0.1 localhost.localdomain localhost >>>192.168.2.2 bobcat.bobcatos.com bobcat >>> >>> >>>>I can fix it by (as root) copying hosts.bak to this folder but it is >>>>kind of a pain. >>>> >>>>Any ideas as to why this periodically drops out? I'm using FC2. >>>> >>>>Thanks >>> >>>Cheers, >> >>You are right Bob, it's /etc/hosts that loses the localhost.localdomain >>info. I wonder if I could incorporate copying of this info into the >>daily cron job? Seems funny that the info periodically gets lost. > > > No, that's a band-aid. Something else is wrong that needs to be fixed. > > Look in /etc/sysconfig/networking/profiles/default/hosts and see what > it looks like. It it's improper, fix it and see if the problem > doesn't go away. > > No, I don't know how that gets into the game. Rick probably does. Er, it could be the DHCP client requesting it from the DHCP server and gronking it. I'd have to look. ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Treat each day as if it's your last...a lot of crying and whining - - usually gets you what you want! -- Sam Sledge - ---------------------------------------------------------------------- From sarangi at bpost.kek.jp Wed Aug 31 03:20:51 2005 From: sarangi at bpost.kek.jp (Tapas Ranjan) Date: Wed, 31 Aug 2005 12:20:51 +0900 (JST) Subject: X problem(may be) In-Reply-To: Message-ID: > > > > Hi : > > I installed FC3 on a desktop, which has a bit old CPU > > confugurations and when I open a terminal, it acts so slow that > only you can see the border of the terminal and the > > username, but > > can't see any cursor. I can't see what I type, just the > > wallpaper. > > It's very very very slow, I can't move anything and > > many times it > > just freezes and can't even logout. If I switch to single user > > mode without "X" then everything works fine and fast enough. > > First I thought it might be a memory problem, > > since I had 128 MB > > RAM, then I added another 512 MB, but no change. Second > > I thought > > it might be a disk problem, since I had only 4GB for the linux > > partition, where as another 30GB for windows (which > > works fine), > > and then I added complete new hard-disk of 80GB and > > installed the > > linux again, but still no change. Now I am clueless, > > what should I > > do ? Since I spent quite a few on this, I want help of > > you guys to > > guide if I can solve this problem. > > > Here is the output of "/proc/cpuinfo" and "/proc/meminfo" > > > `cat /proc/cpuinfo` > > -------------------- > > processor : 0 > > > > vendor_id : AuthenticAMD > > > > cpu family : 6 > > > > model : 4 > > > > model name : AMD Athlon(tm) Processor > > > > stepping : 2 > > > > cpu MHz : 1000.574 > > > > cache size : 256 KB > > > > > > bogomips : 1957.88 > > > > > > `cat /proc/meminfo` > > -------------------- > > MemTotal: 645808 kB > > > > MemFree: 416152 kB > > > > > > > > Thanks > > ---Tapas > > > > When I had problems with X, somebody suggested I look in the log file. > > Have you looked at the X log file to see if there are any errors (any line > with EE)? You may have to update something in the X config file. > > On my system (RHEL 4), the two files you need are found in: > > /etc/X11/xorg.conf > /var/log/Xorg.0.log > > FC3 may have different names. I think it uses XFree, I'm not sure. > > Michael > Thanks for the suggestion. Without getting into so much of trouble, I installed VMware workstation on the windows partition and now, its working fine with FC3. I have an extended question. Since I have another FC3 installed in another 80 GB hard disk separately, now when I add it into my box, the the hard disk which has windows, windows doesnt boot anymore. I guess the former has become the "master disk" and all the time booting to fedora...Can anyboy please suggest, if I can delete these linux partition, so that I can use more space for the "Linux in Windows"... Thanks Tapas From zheny.j at gmail.com Wed Aug 31 10:46:55 2005 From: zheny.j at gmail.com (Jerry(Zhenyong,Jiang)) Date: Wed, 31 Aug 2005 18:46:55 +0800 Subject: Do anyone have a ICH5R Sata RAID driver for AS3.0/AS3.0up1 Message-ID: <009101c5ae19$5c98a450$6400a8c0@home.langchao.com> help! Do anyone have a ICH5R Sata RAID driver for AS3.0/AS3.0up1 Jerry -------------- next part -------------- An HTML attachment was scrubbed... URL: From sabraham at cwjamaica.com Wed Aug 31 15:43:47 2005 From: sabraham at cwjamaica.com (Sidney Abrahams) Date: Wed, 31 Aug 2005 10:43:47 -0500 Subject: Installation fails on AsRock P4i65GV motherboard Message-ID: <20050831154427.8640115F8A@smtp.cwjamaica.com> Hi, Can anyone help me get the AsRock P4i65GV SATA motherboard to install RedHat Enterprise WS4? It has the Intel ICH5 south bridge chipset it says. When I try the graphical install it eventually get to a screen where I can type on the screen below a mass of codes and numbers. The text or no probe install reports no drive found. Sidney43h -------------- next part -------------- An HTML attachment was scrubbed... URL: From rstevens at vitalstream.com Wed Aug 31 18:35:34 2005 From: rstevens at vitalstream.com (Rick Stevens) Date: Wed, 31 Aug 2005 11:35:34 -0700 Subject: Installation fails on AsRock P4i65GV motherboard In-Reply-To: <20050831154427.8640115F8A@smtp.cwjamaica.com> References: <20050831154427.8640115F8A@smtp.cwjamaica.com> Message-ID: <4315F876.1010305@vitalstream.com> Sidney Abrahams wrote: > Hi, > > > > Can anyone help me get the AsRock P4i65GV SATA motherboard to install > RedHat Enterprise WS4? It has the Intel ICH5 south bridge chipset it says. > > When I try the graphical install it eventually get to a screen where I > can type on the screen below a mass of codes and numbers. The text or no > probe install reports no drive found. Is this a RAID- or SATA-based disk system? ---------------------------------------------------------------------- - Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com - - VitalStream, Inc. http://www.vitalstream.com - - - - Batteries not included. Offer not valid in some states. - - Your mileage may vary. Void where prohibited. - ---------------------------------------------------------------------- From fdgrant at powercom.net Wed Aug 31 22:20:39 2005 From: fdgrant at powercom.net (Fred Grant) Date: Wed, 31 Aug 2005 17:20:39 -0500 Subject: host.conf problem In-Reply-To: <431506A4.2080207@vitalstream.com> References: <1125356780.2714.5.camel@localhost.localdomain> <20050829231854.GA13530@bobcat.bobcatos.com> <1125444295.2716.6.camel@localhost.localdomain> <20050830233553.GA24726@bobcat.bobcatos.com> <431506A4.2080207@vitalstream.com> Message-ID: <1125526839.2737.1.camel@localhost> On Tue, 2005-08-30 at 20:23, Rick Stevens wrote: > Bob McClure Jr wrote: > > On Tue, Aug 30, 2005 at 06:24:55PM -0500, Fred Grant wrote: > > > >>On Mon, 2005-08-29 at 18:18, Bob McClure Jr wrote: > >> > >>>On Mon, Aug 29, 2005 at 06:06:20PM -0500, Fred Grant wrote: > >>> > >>>>On log-in, I periodically and sporadically get a message that the system > >>>>can't determine the host for Internet use. When I check the host.conf > >>>>folder it is missing the "localhost.localdomain" info. > >>> > >>>That does not compute. /etc/host.conf (a file, not a folder) normally > >>>contains > >>> > >>> order hosts,bind > >>> > >>>and that's all. Perhaps you're thinking of /etc/hosts, which should > >>>have something like (mine as an example): > >>> > >>>127.0.0.1 localhost.localdomain localhost > >>>192.168.2.2 bobcat.bobcatos.com bobcat > >>> > >>> > >>>>I can fix it by (as root) copying hosts.bak to this folder but it is > >>>>kind of a pain. > >>>> > >>>>Any ideas as to why this periodically drops out? I'm using FC2. > >>>> > >>>>Thanks > >>> > >>>Cheers, > >> > >>You are right Bob, it's /etc/hosts that loses the localhost.localdomain > >>info. I wonder if I could incorporate copying of this info into the > >>daily cron job? Seems funny that the info periodically gets lost. > > > > > > No, that's a band-aid. Something else is wrong that needs to be fixed. > > > > Look in /etc/sysconfig/networking/profiles/default/hosts and see what > > it looks like. It it's improper, fix it and see if the problem > > doesn't go away. > > > > No, I don't know how that gets into the game. Rick probably does. > > Er, it could be the DHCP client requesting it from the DHCP server and > gronking it. I'd have to look. > Is that something the ISP does?