headers
Joseph L. Casale | 1 Apr 2009 01:07

Authconfig

Anyone used authconfig to join a CentOS box to an AD Domain?
I can't for the life of me get this command to even execute without
error?

Looking at the tui which I can make work, I am trying to glean possible
settings from it but have no luck. Although krb5 auth is disabled and winbind
is enabled, there is kerb conf that must be setup etc...

Looking at /etc/sysconfig/authconfig from a temporary box built with
a gui and joined successfully, I also can't make the cli equivalent work?

I can't find a single piece of info via Google either.

Any pointers would be helpful!
jlc
Permalink | Reply | 0 comments |
headers
Lanny Marcus | 1 Apr 2009 01:25
Picon

Re: live audio feed via telephone link

On Tue, Mar 31, 2009 at 11:55 AM, Frank Cox <theatre@...> wrote:
> On Tue, 31 Mar 2009 09:28:30 -0500
> Lanny Marcus wrote:
>
>> The OP is in Saskatchewan, Canada. Hopefully, as a later poster
>> suggested, the Canadian government has some $ available, to contribute
>>  for this project. I believe the distance is much too far for WiMax,
>> even if it were line of sight, which is not the case here.
>
> I suspect that INAC may be approached regarding this once the project has been
> figured out and costed.
>
> However, "Not my department".

However, a very interesting idea! Maybe they can provide funding for
the project, or a part of the funding.    :-)
Permalink | Reply | 0 comments |
headers
Lanny Marcus | 1 Apr 2009 01:38
Picon

Re: I see 5.3 ISO images on the mirrors

On Tue, Mar 31, 2009 at 1:42 PM, Robert Heller <heller@...> wrote:
> At Tue, 31 Mar 2009 12:44:00 -0500 (CDT) CentOS mailing list <centos <at> centos.org> wrote:
>> On Tue, 31 Mar 2009, Florin Andrei wrote:
>> > On one mirror that I tried, at least.
>> > So, is it live yet? :-)
>> Almost. Another several more hours before they all sync, and then we're
>> good to go.
>>
>> BTW, how does this work? If I want to go from 5.2 to 5.3, can I just
>> type "yum upgrade"? If so, what /etc/yum.repos.d entry has to be active
>> for that?
>
> You don't need to change anything.  'yum update' will update things,
> within a given major release (eg 4.x or 5.x).  It will happen
> automagically.  Going from 4.x to 5.x requires using the installer (eg
> the ISOs and a reboot with the installer CD/DVD). I don't know if it is
> possible (or advisable) to do a major release update with yum.

Maybe possible, but usually/always strongly discouraged, by upstream
and the CentOS team, to upgrade from one major release to another.
Best to BACKUP and install fresh.

The caution about first updating glibc (?) is important. I recall from
the  update to 5.2, there is a difference, between "yum upgrade" and
"yum update". I believe "yum upgrade" is a better way to go from 5.2
to 5.3.    *BACKUP*, read the Release Notes and then you are ready to
roll. Probably the standard CentOS Repos that you have from the
original install will do it.
Permalink | Reply | 4 comments |
headers
Markus Falb | 1 Apr 2009 01:39
Picon
Favicon

Re: NTP error message on /var/log/messages


> Mar 15 14:28:15 SER1 ntpd[25037]: sendto(172.29.21.16): Invalid argument
> Mar 15 14:45:22 SER1 ntpd[25037]: sendto(172.29.21.16): Invalid argument
> Mar 15 15:02:29 SER1 ntpd[25037]: sendto(172.29.21.16): Invalid argument

i remember (or think so) i had this some time ago on one of my machines.
it turned out that 2 ntpd were running. if so, kill the "bad" one.

best regards,
markus
Permalink | Reply | 1 comment |
headers
Robert Moskowitz | 1 Apr 2009 01:39

Re: Replacing my Scalix mail server

Les Mikesell wrote:
> Robert Moskowitz wrote:
>   
>>>> Also I would NEVER consider running SMB services on a gateway/firewall 
>>>> and I need IPv6 support anyway on the gateway/firewall. So far I have 
>>>> used Astaro with roll-your-own (Astaro predates the IPv6 /48 
>>>> allocation), and I am getting a 'nice' box from a vendor I work with...
>>>>     
>>>>         
>>> Agreed that separation is theoretically safer, but the scripted 
>>> configuration on SME takes care of most of the things you would be 
>>> likely to forget if you did it by hand (setting up iptables firewalling, 
>>> hosts.allow, binding services only to the appropriate interface, adding 
>>> ip range restrictions within the app configs, etc.).
>>>   
>>>       
>> My concern is not 'out of the box', and even there I have problems with 
>> their 1st update procedure. I have problems with the time lag between 
>> security bugs and updates applied.
>>     
>
> Nearly all config changes on SME are done though it's web interface and 
> all of the appropriate iptables/hosts.allow/apps configs are re-written 
> as needed each time by the underlying scripts.  The updates for the 
> applications themselves should track Centos very closely since much of 
> it is unchanged (except the mail system).  You can just log in as root 
> and do a 'yum update' if you have any trouble with the admin page hiding 
> that from you.  You just have to run a couple of commands that it will 
> suggest afterwards.
>
(Continue reading)

Permalink | Reply | 1 comment |
headers
Gilbert Sebenste | 1 Apr 2009 01:57
Gravatar

Re: I see 5.3 ISO images on the mirrors

On Tue, 31 Mar 2009, Lanny Marcus wrote:

>> You don't need to change anything.  'yum update' will update things,
>> within a given major release (eg 4.x or 5.x).  It will happen
>> automagically.  Going from 4.x to 5.x requires using the installer (eg
>> the ISOs and a reboot with the installer CD/DVD). I don't know if it is
>> possible (or advisable) to do a major release update with yum.
>
> Maybe possible, but usually/always strongly discouraged, by upstream
> and the CentOS team, to upgrade from one major release to another.
> Best to BACKUP and install fresh.

I agree. I was with Redhat starting with 6, and left after Fedora 9 got 
too restrictive with things. I have done upgrades, and it wasn't pretty, 
between major releases. Going from CentOS 5.2 to 5.3 is most worthy of 
doing a backup, no matter what.

> The caution about first updating glibc (?) is important. I recall from
> the  update to 5.2, there is a difference, between "yum upgrade" and
> "yum update". I believe "yum upgrade" is a better way to go from 5.2
> to 5.3.    *BACKUP*, read the Release Notes and then you are ready to
> roll. Probably the standard CentOS Repos that you have from the
> original install will do it.

OK, sounds good. Thanks, everyone!

*******************************************************************************
Gilbert Sebenste                                                     ********
(My opinions only!)                                                  ******
*******************************************************************************
(Continue reading)

Permalink | Reply | 1 comment |
headers
Ross Walker | 1 Apr 2009 02:11
Picon

Re: I see 5.3 ISO images on the mirrors

On Mar 31, 2009, at 7:57 PM, Gilbert Sebenste
<sebenste@... 
 > wrote:

> On Tue, 31 Mar 2009, Lanny Marcus wrote:
>
>>> You don't need to change anything.  'yum update' will update things,
>>> within a given major release (eg 4.x or 5.x).  It will happen
>>> automagically.  Going from 4.x to 5.x requires using the installer  
>>> (eg
>>> the ISOs and a reboot with the installer CD/DVD). I don't know if  
>>> it is
>>> possible (or advisable) to do a major release update with yum.
>>
>> Maybe possible, but usually/always strongly discouraged, by upstream
>> and the CentOS team, to upgrade from one major release to another.
>> Best to BACKUP and install fresh.
>
> I agree. I was with Redhat starting with 6, and left after Fedora 9  
> got too restrictive with things. I have done upgrades, and it wasn't  
> pretty, between major releases. Going from CentOS 5.2 to 5.3 is most  
> worthy of doing a backup, no matter what.
>
>> The caution about first updating glibc (?) is important. I recall  
>> from
>> the  update to 5.2, there is a difference, between "yum upgrade" and
>> "yum update". I believe "yum upgrade" is a better way to go from 5.2
>> to 5.3.    *BACKUP*, read the Release Notes and then you are ready to
>> roll. Probably the standard CentOS Repos that you have from the
>> original install will do it.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Christopher Chan | 1 Apr 2009 02:43
Picon
Favicon

Re: Getting ready for CentOS 5.4


> Yes, there are not too many surprises with CentOS.  However, debian has 
> also had a very good reputation for stability - and Ubuntu builds on 
> that while also providing timely releases.
>
>   

Please do not subscribe to the notion that ubuntu builds on Debian 
stability.

Ubuntu has had releases with certain key tools broken such as the GNOME 
Network configuration tool.
Permalink | Reply | 13 comments |
headers
Les Mikesell | 1 Apr 2009 02:57
Picon

Re: Replacing my Scalix mail server

Robert Moskowitz wrote:
> 
> I have seen attacks and mitigations that often never make it out to the 
> public, or make it out after we have worked with the vendors for weeks 
> to get patches before the S* hits the fans. I am particularly paranoid 
> about what may be exposed on a gateway/firewall while waiting for that 
> all so important patch.
> 
> I don't like SME's laid back attitude to getting a 1st install patched, 
> for example. One 1st install, all services on the server MUST be blocked 
> until current updates are installed and configured, and only then opened.
> 
> So, no, your explaination does not make me feel more comfortable. But 
> then as indicated, I am a hard one to make comfortable....

I could have missed something, but I don't recall any services being 
open on the external nic until you configure them.  Are any?  If you 
have a 1-nic setup they probably assume that something else is handling 
the firewalling.

>> That's not particularly relevant - if you access from more than one 
>> location you might want to set up imaps access so all the messages are 
>> stored on the server and available through the hoard web interface if 
>> you aren't at you usual client(s).
> 
> I was at the IETF when IMAP was brought out of CMU and standardized, I 
> know the beast all too well.

Yeah, on R4 and you still can't count on a good notification mechanism, 
but it is usable.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Les Mikesell | 1 Apr 2009 03:06
Picon

Re: Getting ready for CentOS 5.4

Christopher Chan wrote:
>> Yes, there are not too many surprises with CentOS.  However, debian has 
>> also had a very good reputation for stability - and Ubuntu builds on 
>> that while also providing timely releases.
>>
>>   
> 
> Please do not subscribe to the notion that ubuntu builds on Debian 
> stability.

Debian stability comes from never changing anything, so obviously not...

> Ubuntu has had releases with certain key tools broken such as the GNOME 
> Network configuration tool.

Has that been the case in the LTS release?

--

-- 
   Les Mikesell
    lesmikesell@...
Permalink | Reply | 1 comment |

Gmane