logs archiveIRC Archive / Freenode / #centos / 2015 / August / 27 / 1
matt_keys
I just had a customer report issues running yum update, particularly openssh-server-5.3p1-112.el6_7.x86_64.rpm
yum clean all && yum update doesn't fix it.
markinfo
billings, i have found it. GDM takes in menu the names of the users that were logged before from some of .tdb files in /var/lib/samba/
matt_keys
It seems there's a checksum mismatch
not sure who to report that to
Evolution
matt_keys: are they running a local mirror?
matt_keys
nope, this is pulling from mirrorlist
i also verified on a test box that I have already up with this rpm
run a rpm -V and the md5sum flag appears
Evolution
sounds like whatever repo you're pulling from has a corrupt download.
matt_keys
exactly... this is the centos base updates repo
who do you report that to?
it has propagated to all mirrors in mirrorlist
Evolution
matt_keys: if that were the case there'd be a few thousand more users yelling about it.
matt_keys
well, do you have a centos6 box handy?
run a "rpm -V openssh-server' and let me know if you see the md5sum flag
maybe my customer was the first to notice :)
         

Evolution
on which file are you seeing that?
matt_keys: also, rpm -V means the package *installed* has been modified
it has nothing to do with yum output in the slightest.
matt_keys
openssh-server-5.3p1-112.el6_7.x86_64.rpm
"compares information about the installed files in the package with information about the files taken from the package meta-data stored in the rpm database."
Evolution
the key word there being "installed files"
it has nothing to do with yum, I can assure you.
that's there to ensure that the package hasn't been messed with since it was installed.
matt_keys
ok, so if my test box has not been altered it should be the same as that in the repo, yes?
Evolution
so if you change the /etc/ssh/sshd_config for example, then in 'rpm -V openssh-server' output you'd see something like S.5....T. c /etc/ssh/sshd_config
matt_keys: again, it has *nothing* to do with the repo.
matt_keys
ah, how do I verify the rpm I have is the same as that in the repo?
checksum wise
Evolution
that's what yum and rpm do on install. it verifies the gpg signature, and that the header data matches the payload.
if yum is complaining, then either the gpg signature is invalid, or the payload doesn't match the header data.
it's nearly always the latter.
and that simply means you've either got a bad download, or one of the mirrors didn't sync correctly.
since the mirrors used for mirrorlist are largely not controlled by the project, that happens from time to time.
if you want, the easy way is download a copy of the rpm from multiple mirrors, and compare the checksum of them via md5sum or sha256sum or similar.
mirrors.kernel.org for example, and then compare that against the bad copy that might be stored in /var/cache/yum/ somewhere before you do a 'yum clean all'
matt_keys
should rhn and centos have the same checksum?
Evolution
no.
matt_keys
k
Zathrus
why did RHN get pulled in here?
Evolution
Zathrus: see, I thought we talked about not asking the sort of questions that lead to... *answers*
Zathrus
(Action) whistles innocently
fishcooker
i have keyauth enabled on sshd config .. how to show whois login through accepted key when one login has many authorized keys?
matt_keys
so it matches the sum on my test box, checking with the customer
iluminator105
hi is there work around regarding google contacts not working in centos 6 with evolution unable to open address book
matt_keys
Evolution : thanks for the help, I think I can handle it from here :)
Have to wait on customer to reply..
Evolution
iluminator105: which version of 6?
iluminator105
Evolution, 6.7
Evolution
iluminator105: upgrade to 7, or use thunderbird?
         

iluminator105
Evolution, I like 6 so much and I dont like system d is there version 7 without system d
Evolution
iluminator105: even ubuntu and debian have gone systemd. you might as well adapt.
shivaya
hello, is it possible to use X11 applications on remote host without groupinstalling whole X Window and Deskop groups?
like what's the minimal packages needed for that
carpii
just migrated from 5.11 to 6.2, and im having a problem with crond it seems. crond is running and cron.log shows its running /scripts/task - but a file its supposed to modify isnt being modified. If I run /scripts/task from cmdline it works fine.
where could i find any output or errors from the script?
when its run by cron
Sokel
carpii: run mail
Cron usually outputs results to the user's mail
carpii
i have my gmail set as MAILTO in the crontab, but I havent recieved any
ill remove that and see if it ends up local
could anacron be interfering with it somehow? in /etc/anacrontab it says START_HOURS_RANGE=3-22
but anacrond isnt listed in chkconfig
so i dont know if its even being used
ah im so stupid :/
my script was redirecting stderr to /dev/null
and now i change it to a file... "sudo: sorry, you must have a tty to run sudo" :-)
Zequal
Good evening all.
minormedor
Attempting to resize a drive on a virtualized CentOS 7 box. df -h shows 14G where pretty much everything else shows 35G. What gives?
Zequal
minormedor: Have you eliminated deleted files?
minormedor: lsof -n | grep deleted
minormedor: You could do a fsck too as it might remove any unrecovered inodes. XFS itself also uses 5% or so, AFAIK.
carpii
done a sync too?
wannabegeekster
I upgraded my kernel with an encrypted LUKS partition and now it is not asking me for the boot password when booting and giving a kernel panic.
It looks like none of my LVM volumes are showing up.
rec\\
D30
hello all, i found several SYN_SENT when i issue tcptrack on my centos server,, is it an indication that my server was attacked / compromised?
however issuing netstat would only display http ports
please advice,, need some inputs thanks..
Sokel
You understand what a SYN_SENT is right?
midgaze
a socket gets wedged in the SYN_SENT state for a time if it sends an initial tcp SYN to a remote host and the remote host sends nothing back
so no, you're not compromised
D30
yes it is my understanding that SYN_SENT is when the server sends out a request and is awaiting a reply
midgaze
in this case you're the client because you're initiating the connection, but yes
D30
midgaze: thanks for the clarrification.. however i cannot pinpoint exactly the process that keeps my outbound bandwidht really high..
so i thought it was the SYN_SENT
midgaze
tcpdump and ss -tp should get you what you need, maybe somebody can think of a better way
iptraf or one of several "network top" utilities will tell you what connection it is, ss -tp will tell you what process has that connection
D30
midgaze: im not quite sure with those commands, can you give some example?
yes i used iptraf too..
midgaze
that's what google is for my friend
fenrus02
https://en.wikipedia.org/wiki/TCP_half-open
explains what syn_sent is
midgaze
use google images and look for 'tcp flow diagram'
lots to choose from, tcp has lots of neat states
D30
okay thanks for that..
TechIsCool
So I am trying to wrap my head around selinux for the first time and I cani't seem to get semange to apply correctly
for example
semanage fcontext -a -t httpd_sys_content_t "/svr/wordpress(/.*)?"
« prev 1 2 next »