logs archiveIRC Archive / Freenode / #centos / 2015 / November / 19 / 1
illuminated_
on centos 7 if I do a yum update does it set the obsolete files flag? obsolete=1 is set in yum.conf
Bahhumbug
man yum should answer that.
illuminated_
yeah it did
Bahhumbug
:)
(I know behavior of that changed at some point, I'm thinking C6, but I didn't recall the particulars.)
illuminated_
yeah, i read that it changed and got confused
ok how do I find out what daemon is listening on a particular port in 7? netstat is not available
detha
ss -l
or rather, 'ss -lp' to show the actual process
illuminated_
thanks
Bahhumbug
@ifconfig
centbot
The 'ifconfig' and 'netstat' commands have been deprecated for over a decade now and have been removed from the default CentOS 7 install. You are strongly encouraged to learn to use the 'ip' and 'ss' commands instead. If you really need the old tools they are available via 'yum install net-tools'.
         

illuminated_
ahh gotcha
great
was trying to determine what mail server was running on my centos installation
an nmap showed port 25 open and I don't want it open. So, I was looking to see what process was listening on port 25 so I could disable the mail server. Not familiar with centos/rhel
dwqq
Hello, do you know why it adds :ffff: before my ip? tcp 0 0 ::ffff:myip:2106 :::* LISTEN 8280/java
force ipv6 off?
it listens on that port but something goes wrong..
_geo
i have a command that i need to run as root, i execute this command from a web framework in apache, how can i add sufficient privileges so current user can execute the command?
RemiFedora
_geo, find another way ;)
Norky
_geo, that sounds like a potential security problem, but you could use sudo
RemiFedora
it seems terribly bas for security to allow such thing
s/bas/bad/
_geo
well their access is limited only to an email account, dont believe its a huge security problem
dwqq
custom webmin panel looks better tho
Norky
"their access is limited only to X, dont believe its a huge security problem" - famous last words ;)
TrevorH
how is web access limited to an email account?
dwqq: that's an ipv6 address working in legacy mode and should be fine
Bahhumbug
dwqq: Nothing about webmin looks better than much of anything else. We try not to push such 'solutions' here.
dwqq
TrevorH because it says: Incorrect packet checksum, ignoring packet
apollo13
what is a "safe" way to enable and start firewalld without locking out current ssh connection (preferably without making any assumptions about existing zones etc)
ie something I can nicely script with ansible :D
dwqq
Bahhumbug true but it's not a solution,it's a preferred way
Bahhumbug
Let me rephrase, then. Please do not mention panels as a solution in this venue if you would be so kind?
@panels
centbot
Due to the gross changes that panels make to the underlying OS we are unable to support such boxes in this channel as they are effectively no longer running CentOS but rather a mixture of CentOS and the parts that they have replaced. You are encouraged to contact your hosting provider or panel vendor for further assistance.
Bahhumbug
We would appreciate it. Thank you.
TrevorH
he went
UrL
he is here,okey
_geo
imo, this a background process of creating an email account of a user, with no shell access, there is an entire interface to access his email and nothing more, its automated so no human can actually interfere unless they get access to server and start messing things up, i dont really see the security risk..
         

RemiFedora
_geo, you say you want to give web server a root access, this is obviously a huge security risk, sorry if you don't see it
_geo
can't i limit it to only a certain command?
Bahhumbug
Depends on exposure it may not be a security risk at all, but there are better ways of going such things. I assume this is for provisioning of some sort?
s/going/doing/
hifi
_geo: you can use *virtual* email accounts if email is only what you seek
UrL
doing*
_geo
well this is the command ,virtualmin create-user --domain NNNN.org --shell /dev/null --user ZZZZ18 --pass <somepass>
Bahhumbug
meh
UrL
No panels here.
Bahhumbug
@panels
centbot
Due to the gross changes that panels make to the underlying OS we are unable to support such boxes in this channel as they are effectively no longer running CentOS but rather a mixture of CentOS and the parts that they have replaced. You are encouraged to contact your hosting provider or panel vendor for further assistance.
Bahhumbug
Try #webmin
(And for what it's worth, webmin has been a trainwreck with regards to security throughout it's history.)
(I mean... what could possibly go wrong with a web agent running as root?)
UrL
(Action) Bahhumbug forcing to use plesk...
fossxplorer
Why does mount -a complain about my nofail option?
Norky
apollo13, if setting up iptables rules on a remote host, configure something (atq, cron) to remove/reset the iptables rules after a given amount of time, so if you do lock your self out, you need only wait for the scheduled task to reset
apollo13
Norky: well it is not as if I would not have access via ipmi and another connection, but still&
Norky
ahh, cool, if you have IPMI SoL then you don't need it
fossxplorer
nofail mount option seems to respected by the system on boot, i.e it doesn't interrupt the boot process when the device can't be mounted, but manual attempt to mount the device with mount -a gives syntax error
TrevorH
fossxplorer: then you have a syntax error
RealLinuX
mmm latest PHP version 5.4 for CentOS ? ..
RemiFedora
RealLinuX, 5.4 + 5.5 and 5.6 in SCL
RealLinuX
is there any official repo for update php version
Bahhumbug
@ius
centbot
A trusted source for more modern mysql, php and python is the IUS repo. For more information please see https://ius.io and the #iuscommunity channel on this network.
Bahhumbug
It's not 'official' but it's trusted and this channels recommended solution.
RemiFedora
RealLinuX, php55 and php56 shjould be soon in centos-scl official repo
fossxplorer
http://fpaste.org/292278/93771914/ TrevorH
RemiFedora
for now available on https://www.softwarecollections.org/en/
this is upstream answer to "recent" versions
RealLinuX
hmm .. ok :D thx on answer
fossxplorer
Removing the nofail option makes it work
Bahhumbug
And amusingly enough, IUS will remain this channel's preferred solution.
RemiFedora
s/this channel/some people on this channel/
Norky
apollo13, firewalld by default should allow existing (ESTABLISHed) connections, as well as new (ctstate:new) SSH connections. To be absolutely sure, read the configuration in /etc/firewalld/
apollo13
Norky: ah great
Bahhumbug
If by 'some people' you mean the channel regulars then sure.
If you have a problem with this, by all means, take it up with someone in power. But please understand that the person that owns this channel requested the @ius trigger. So you might be spitting in the wind.
But hey, you go for it.
fossxplorer
TrevorH, problem is limited to cvfs filesystem it seems...
goldenpockets
how can i install gtk+1 and gnome1 devel libraries? they are not in CentOS repositories nor EPEL
i can find just gtk+2 and gnome2 things
Bahhumbug
Short answer is... you don't.
Why do you need something so old?
goldenpockets
i must compile some legacy software
on centos7
Bahhumbug
I don't see that happening; at least not cleanly.
gtk1 and gnome1 predate EL5.
Might even predate EL4.
goldenpockets
so any idea on how to run an gtk1 app on CentOS7 if i complie it somewhere else?
Bahhumbug
Not offhand, sorry.
goldenpockets
ok thanks
theshadowx
hi, I have a big problem, I have a service that blocks the boot
I made a program as a service and I forget to make it to be in the background
so know it just take the control of the boot
I did ctrl+z / ctrl+c
nothing works
can someone help me please
1 2 3 next »