logs archiveIRC Archive / Freenode / #centos / 2015 / August / 27 / 1
I just had a customer report issues running yum update, particularly openssh-server-5.3p1-112.el6_7.x86_64.rpm
yum clean all && yum update doesn't fix it.
billings, i have found it. GDM takes in menu the names of the users that were logged before from some of .tdb files in /var/lib/samba/
It seems there's a checksum mismatch
not sure who to report that to
matt_keys: are they running a local mirror?
nope, this is pulling from mirrorlist
i also verified on a test box that I have already up with this rpm
run a rpm -V and the md5sum flag appears
sounds like whatever repo you're pulling from has a corrupt download.
exactly... this is the centos base updates repo
who do you report that to?
it has propagated to all mirrors in mirrorlist
matt_keys: if that were the case there'd be a few thousand more users yelling about it.
well, do you have a centos6 box handy?
run a "rpm -V openssh-server' and let me know if you see the md5sum flag
maybe my customer was the first to notice :)

on which file are you seeing that?
matt_keys: also, rpm -V means the package *installed* has been modified
it has nothing to do with yum output in the slightest.
"compares information about the installed files in the package with information about the files taken from the package meta-data stored in the rpm database."
the key word there being "installed files"
it has nothing to do with yum, I can assure you.
that's there to ensure that the package hasn't been messed with since it was installed.
ok, so if my test box has not been altered it should be the same as that in the repo, yes?
so if you change the /etc/ssh/sshd_config for example, then in 'rpm -V openssh-server' output you'd see something like S.5....T. c /etc/ssh/sshd_config
matt_keys: again, it has *nothing* to do with the repo.
ah, how do I verify the rpm I have is the same as that in the repo?
checksum wise
that's what yum and rpm do on install. it verifies the gpg signature, and that the header data matches the payload.
if yum is complaining, then either the gpg signature is invalid, or the payload doesn't match the header data.
it's nearly always the latter.
and that simply means you've either got a bad download, or one of the mirrors didn't sync correctly.
since the mirrors used for mirrorlist are largely not controlled by the project, that happens from time to time.
if you want, the easy way is download a copy of the rpm from multiple mirrors, and compare the checksum of them via md5sum or sha256sum or similar.
mirrors.kernel.org for example, and then compare that against the bad copy that might be stored in /var/cache/yum/ somewhere before you do a 'yum clean all'
should rhn and centos have the same checksum?
why did RHN get pulled in here?
Zathrus: see, I thought we talked about not asking the sort of questions that lead to... *answers*
(Action) whistles innocently
i have keyauth enabled on sshd config .. how to show whois login through accepted key when one login has many authorized keys?
so it matches the sum on my test box, checking with the customer
hi is there work around regarding google contacts not working in centos 6 with evolution unable to open address book
Evolution : thanks for the help, I think I can handle it from here :)
Have to wait on customer to reply..
iluminator105: which version of 6?
Evolution, 6.7
iluminator105: upgrade to 7, or use thunderbird?

Evolution, I like 6 so much and I dont like system d is there version 7 without system d
iluminator105: even ubuntu and debian have gone systemd. you might as well adapt.
hello, is it possible to use X11 applications on remote host without groupinstalling whole X Window and Deskop groups?
like what's the minimal packages needed for that
just migrated from 5.11 to 6.2, and im having a problem with crond it seems. crond is running and cron.log shows its running /scripts/task - but a file its supposed to modify isnt being modified. If I run /scripts/task from cmdline it works fine.
where could i find any output or errors from the script?
when its run by cron
carpii: run mail
Cron usually outputs results to the user's mail
i have my gmail set as MAILTO in the crontab, but I havent recieved any
ill remove that and see if it ends up local
could anacron be interfering with it somehow? in /etc/anacrontab it says START_HOURS_RANGE=3-22
but anacrond isnt listed in chkconfig
so i dont know if its even being used
ah im so stupid :/
my script was redirecting stderr to /dev/null
and now i change it to a file... "sudo: sorry, you must have a tty to run sudo" :-)
Good evening all.
Attempting to resize a drive on a virtualized CentOS 7 box. df -h shows 14G where pretty much everything else shows 35G. What gives?
minormedor: Have you eliminated deleted files?
minormedor: lsof -n | grep deleted
minormedor: You could do a fsck too as it might remove any unrecovered inodes. XFS itself also uses 5% or so, AFAIK.
done a sync too?
I upgraded my kernel with an encrypted LUKS partition and now it is not asking me for the boot password when booting and giving a kernel panic.
It looks like none of my LVM volumes are showing up.
hello all, i found several SYN_SENT when i issue tcptrack on my centos server,, is it an indication that my server was attacked / compromised?
however issuing netstat would only display http ports
please advice,, need some inputs thanks..
You understand what a SYN_SENT is right?
a socket gets wedged in the SYN_SENT state for a time if it sends an initial tcp SYN to a remote host and the remote host sends nothing back
so no, you're not compromised
yes it is my understanding that SYN_SENT is when the server sends out a request and is awaiting a reply
in this case you're the client because you're initiating the connection, but yes
midgaze: thanks for the clarrification.. however i cannot pinpoint exactly the process that keeps my outbound bandwidht really high..
so i thought it was the SYN_SENT
tcpdump and ss -tp should get you what you need, maybe somebody can think of a better way
iptraf or one of several "network top" utilities will tell you what connection it is, ss -tp will tell you what process has that connection
midgaze: im not quite sure with those commands, can you give some example?
yes i used iptraf too..
that's what google is for my friend
explains what syn_sent is
use google images and look for 'tcp flow diagram'
lots to choose from, tcp has lots of neat states
okay thanks for that..
So I am trying to wrap my head around selinux for the first time and I cani't seem to get semange to apply correctly
for example
semanage fcontext -a -t httpd_sys_content_t "/svr/wordpress(/.*)?"
« prev 1 2 next »