logs archiveIRC Archive / Freenode / #centos / 2015 / July / 9 / 1
dememorized
Zerberus: that is true, sslb might also want to ensure that the processes aren't hogging all the memory and I/O as well
sslb
dememorized: Very true, the IO could very well be the issue. I'm actually thinking that more than the CPU. Memory is fine.
DMA
This is a question about readline: I was wondering if any of you know a way of clearing the line that isn't cutting all to the beggining (usually Ctrl-U). I'd like just to vanish the contents of the line but without affecting other buffers (as ESC does in Windows Command Line).
trojanski
hi ppl. how can I load a module from initrd img ? I used mkinitrd with preload and with options to add my module to initrd image, but seems that's not enough to start it. what am I missing ?
sslb
So I took a look at atop and it is for sure IO that is the problem. Their read/writes are almost always 90% and above.
I checked fstab and noatime is not there which is supposed to help with IO tuning. Can I add that to fstab for LVM?
gagalicious
can deskop users use ldap server for login in?
trojanski
yes
wN
ssf: athime is a fs optino right? you can set that on an lvm device
johndoe2
This may be a really silly question, but what else is new, right? :P can sudo tell if its being called from a shell session or mod_phps shell_exec() ? If that php script is running under the same user (whoami confirms it), is there anything else that could stand in the way of that script being run under sudo?
         

mspo
sudo knows if it has a tty or not
your mod_php should *not* be doing shell exec or system calls
certainly not sudo
use pub/sub or something
johndoe2
mspo: Do you know if /etc/sudoers is no longer in effect if theres no tty? Im sorry, I dont know what pub/sub is.
mspo
johndoe2: sudoers is always in effect when using sudo
johndoe2: but who am i isn't always accurate, etc
johndoe2
mspo: gotcha. Thank you. Any ideas on how to securely run a bash script when theres an http request? :) So far google only turned up this method which people say should be fairly safe if sudoers restricts the bash script to be run, and the bash script is not owned, or writable to the user executing it.
mspo
johndoe2: I would run rabbitmq, put a message "run this script" on a web request
johndoe2: and then your consumer can implement all of the necessary sanity/security
johndoe2
mspo: youre awesome. Thank you, Im looking into it now.
mspo
johndoe2: it's more complex so it's up to you, but the web -> shell bridge is pretty dangerous
johndoe2
mspo: If its not as complex as regex, Im good :P But Im sure I can figure it out, their docs seem clean and clear so far. Thank you again.
kerin
Anyone familiar with PAM?
I've got a bit of a brain-tickler in that area... I'm using PAM to allow certain users to su as specific other users sans password. The first one of these PAM rules fails with a strange error, but /var/log/secure says it succeeded. The second such rule does succeed.
http://pastebin.centos.org/29511/
Interestingly, switching the order of the rules changes which one works. It looks like PAM isn't treating the rule on line 5 as sufficient?
bdonnahue
im trying to umount a luks device /dev/luks but the device or resource is busy
can anyone help
uid1
bdonnahue: lsof | grep "/dev/luks" might show which processes have files open on that device?
tommy_
anyone familiar with xcircuit and its quirks? I have a complex object, I can flip the instance of it horizontally for use, but of course when I edit the object, it is unflipped, the solution I thought was, in the object editor, simply flip the object there, so it is the way round I want it, but when I flip the whole object in the object editor, it disappearsor even have mirror image copies in the library
bah garbled at end, but horizontally flipped object dissappears in object editor (vertically flipped doesn't)
I simply need in the user library, both flipped and unflipped versions
sorry guys wrong channel
bdonnahue
can anyone tell me what ports i need to open for nfs server? the ports for the daemons seem to change on reeboot
YamakasY
is it possible to install an older package on centos from whatever ?
I need ipa 4.1.2 and 4.1.4 is in
iam8up
after installing ruby via yum it looks like my yum tool is broken - any ideas on how to fix it? http://pastebin.com/cxgrxThB
fenrus02
@rpmforge
centbot
rpmforge/repoforge can no longer be considered a trusted resource. Updates are few and far between which can, has and will continue to put people at risk. Please find alternative package sources such as EPEL.
fenrus02
you have rpmforge in your repolist .. not ideal.
iam8up
so how do i fix it after removing rpm forge?
fenrus02
el5? is there a reason you've not upgraded to el6 / el7 ?
         

YamakasY
fenrus02: nope
its nit advisable
not
I did it once tho
6-7
after that it never happened in a decent way again :)
fenrus02
your paste has el5. why? why have you not replaced it with something newer and less crufty?
iam8up
i haven't built a new machine since this one was working perfectly fine...now it is doing its job but yum is broken
YamakasY
fenrus02: it's not always possible and for internal machines mostly running them is more important than upgrading them and fall into issues
is anyone able to find the centos freeipa 4.1.2 packages ?
it's all 4.1.4 now and I need 4.1.2
fenrus02
ok, well cleaning up after what you pasted is going to make you wish you simply had formatted and started over.
iam8up
all i did was a yum install ruby and it broke yum - are you saying the entire system is ruined because of two packages being installed?
YamakasY
started over ?
fenrus02: never heard of migration?
fenrus02
YamakasY your problems are completely unrelated to the paste above from iam8up
YamakasY, read what he posted before you comment,
iam8up
how so? yum worked, yum installed ruby, yum broke
fenrus02
iam8up, and cleaning up after what you've got now is going to hurt. most likely: A LOT.
YamakasY
iam8up: no snapshot ?
I doubt it on 2 packages
fenrus02
YamakasY, Again, READ WHAT HE POSTED.
iam8up
i do from early early morning
YamakasY
fenrus02: yes he installed ruby, so ?
fenrus02
iam8up, in that case, revert first, then remove rpmforge, remove everything it did to you, then move forward.
YamakasY, clearly you have no concept of the error and what causes it then
iam8up
fenrus02, ok that's probably my best bet =(
YamakasY
fenrus02: it really depends on what actually happened and gor upgraded... he can revert I think and I'm quite sure
fenrus02
YamakasY, for yours, -alis- #freeipa 138 :http://www.freeipa.org | did you know of ipa-advise ? Try it | RHEL 7.1 with FreeIPA 4.1 released: http://red.ht/1DNNGnd
YamakasY, he cannot. read his post. AGAIN.
YamakasY
fenrus02: packages are downloadblae
fenrus02
(Action) facepalms
YamakasY
or he will have an iso somewhere
fenrus02
good luck to you then YamakasY - you're not reading what people are posting.
YamakasY
fenrus02: your paste is really leading nowwhere
-w
fenrus02: no you are just telling the opposite of trying to get to a way he can solve it
and he can
fenrus02
YamakasY, it's where you answer for your ipa question.
YamakasY
fenrus02: ipa 4.1 is on 4.1.4, I need 4.1.2
fenrus02
and .. again, you can find your answer there YamakasY
YamakasY
fenrus02: I have close contact with the devs, but they are sleeping atm
fenrus02
YamakasY, i'm really tired of repeating everything to you multiple times.
YamakasY
fenrus02: I'm tired of you being best mate of the class
fenrus02
good luck to you then. i'm out.
YamakasY
nice ignored
dgbaley
bdonnahue: I believe the ports for NFSv3 are not fixed, but are for NSFv4. If you're doing v3, there are settings to fix them
Kniaz
hey, anyone has LPI-010 practice exam?
eb0t
hey if i set up l2tpvpn server
if i remote into the server via ssh
that is effectively a tunnel ..i think
but will i then be able to use vnc and get onto a desktop machine and have the full xwindows come all the way
from the desktop back to the server then through the tunnel and then to the remote pc
mspo
you mean ssh -Y ?
uid1
eb0t: I recall using OpenVPN and "client-to-client" on the server to go from remote-1 to remote-2 with VNC. No need for ssh tunnelling. Not sure if that applies to your situation?
eb0t
ah ok maybe that is how i should do it
uid1
From kitchen table near Toronto, through server in Vancouver, to upstairs computer near Toronto. Kinda round-about, but I was too lazy to go upstairs...
« prev 1 2 3 4 5 6 7 8 next »