logs archiveIRC Archive / Freenode / #centos / 2015 / August / 8 / 1
sekhmet
jwash: If you don't have pulseaudio installed, try a "yum remove alsa-plugins-pulseaudio"
jwash
ok
that seems better
no error now
but still no sound
do i need to do a .asoundrc?
Sokel
You should not need .asoundrc.
jwash
speakertest works
but no sound on youtube videos
nm, all i needed to do was restart the browser
Jordy
Hi, how to install these modules "_bsddb, bsddb185, dbm
dl, gdbm, imageop" python says they are missing when I want to "make" python2.7.9/10
linux-ninja
running spacewalk to upgrade system, when I upgraded to version 2.3 my clients are reporting some sort of HTML uppon running "yum update", any ideas?
daspence
how can i send commands to a remote screen that's already attached? Basically I'm at the office, I ssh into my box and I can't Ctrl+A +n or p on any screen
B_rake
daspence: you can use screen -x $screen_name to attach to an attached screen
linux-ninja
anyone knows why this is happening, when I try to run a yum upgrade to a centos box against a spacewalk server I Keep getting like the spacewalk homepage via CLI followby by a list of my repos.
This happended after I upgraded from 202 to 2.3
any ideason how to fix it
         

B_rake
What's the repo url linux-ninja
linux-ninja
I have a few register on this system,
When I do a yum repolist
I see a bunch of repos
B_rake
Or better yet, can you paste the results to pastebin?
linux-ninja
issue is, I have the same repos running on a centos 7 box and it work fine
When I try running 'yum update" under centos 6.x I get the following:
http://pastebin.com/XHNtHXbE
B_rake, any ideas as to why this is the effect?
B_rake
linux-ninja
B-rake, where do I check that?
B_rake
oh, I misread
This url http://yum.spacewalkproject.org/2.3/RHEL/6/x86_64/
grep for baseurl in the /etc/yum.repos.d/ repo file
or just grep -r baseurl /etc/yum.repos.d/
linux-ninja
looks like, its pointing to http://yumrepo.us1.exmaple.com/OEL/$releasever/x86_64/
B_rake
example.com is unlikely
linux-ninja
well, I mean my own domain
;-)
B_rake
aww, gotcha. Well it looks like it was loading a login page. When you navigate to it in your browser does it load the directory index?
linux-ninja
it doesn't give me nothing else
under Centos 7, I get all working OK
I get all my repos loading with the ############## repectively
This only happened after I upgrade spacewalk from 2.2 to 2.3
I am not sure what changed
B_rake
K, so http://yumrepo.us1.exmaple.com/OEL/6/x86_64/ loads the list of rpms in your browser?
linux-ninja
yes it does
I checked 6.x and 7.x and both load fine in the browser
B_rake
linux-ninja: I pm'd you
checkit
for the love of god please someone help me.... Deployed a new vagrant box for a project, lamp stack isntalled, vhost created/enabled/resarted.. Updated local host file getting default apache it works page...
WTF?
kj
look your access log to see on which vhost your GET goes
and be sure to have an index file in your directory
atmx
kj: edit welcome.conf
Psi-Jack
Hmmm, so audit2allow -a -M antivirus, for example, outputs an antivirus.pp, but I want to actually see the policy itself so I can try to adjust it to a better state than audit2allow alone does.
Zerberus
and what is the problem to have a look at the generated policy?
         

Psi-Jack
Well, getting the actual .te file. audit2allow seems to only be generated the .oo
err .pp
gaurdro
Psi-Jack, read the man page for audit2allow, especially the -m option.
Psi-Jack
Ahh. -m, not -M
Not exactly cut and dry as mentioned in the manpage, just doesn't read right. heh
I finally have 75% of my VM's running CentOS 6 and 7 running with SELinux fully enforcing thanks mostly in part to finally learning some about audit2allow.
Hmm, seems audit2allow makes very generic unspecific rules.
fenrus02
audit2why can provide hints .. like what labels your files might need to be, or what bool you could set
Psi-Jack
Yeah, That I've used for various things already, but I'm getting issues where clamd, for example, wanted to write to /var/log/clamd.log, as specified in it's config. audit2allow wanted to give it allow antivirus_t default_t:file { write append };
Really mostly what I needed that I can see is to switch clamd to use syslog directly instead of a direct logfile, which fits into my thing of logstash everything.
But, definitely shows to me, audit2allow makes very vague and not very secure policies. :)
fenrus02
nxlog can ship flat files out to logstash too.
Psi-Jack
As can logstash-forwarder.
fenrus02
sure. some tools are better than others ;)
Psi-Jack
Including providing a type for filtering. :)
It's how I'm sending my selinux audit logs to logstash so I can work on filtering that into a more usable format, and make a fully useful dashboard.
fenrus02
http://nxlog.org/documentation/nxlog-community-edition-reference-manual-v20928#pm_filter
el6 or el7 ?
Psi-Jack
Both.
fenrus02
the journald -> logstash thing isnt available yet, but there is a bugid on it already
Psi-Jack
I have rsyslogd shipping json directly to a logstash input in json format.
For the most part.
fenrus02
on el7, i'd suggest turning off local journal files if you're just going to use rsyslog's logstash forwarder anyhow
Psi-Jack
Eh, I like journalctl when I'm looking at it directly. :)
fenrus02
the log files are for historical value only. not "now" or "today"
Psi-Jack
Yeah.
fenrus02
if you're already using logstash - you've already got the "now" and "history"
(Action) shrugs .. whatever works for you.
Psi-Jack
Well, "now" is a bit delayed, by a few seconds anyway, while it goes to my input servers (of 2), then goes into rabbitmq, then gets picked up my the elk servers (of 2), to be put into es. ;)
My logstash setup is new from this week, though. :)
Hmmm. So, one more question off the top.
I want to move /var/log/audit/* to another directory, but the audit.log is being kept open.
How so I get it to stop that and start a new log?
Ahh there we go.
systemctl reload auditd ;)
mmlj4
I've got centos 7 and don't have bind-chroot installed, but I'm getting "isc_file_isplainfile '/var/named/data/named.run' failed: permission denied" anyhow, though the ownership and permissions of /var/named are correct
...with a vanilla named.conf, plus rndc was generated
Psi-Jack
Hmmm.
fenrus02: This nxlog-ce is pretty cool lookin.
fenrus02
cool. glad you found a new toy to mess with Psi-Jack
Psi-Jack
heh
Well, definitely could be good, to say the least. C, so may be better than logstash-forwarder, written in python.
fenrus02
mmlj4, https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/SELinux_Users_and_Administrators_Guide/chap-Managing_Confined_Services-Berkeley_Internet_Name_Domain.html
mmlj4, that's likely where you'll find the problem and solution
Psi-Jack, i'm a fan of short dep-trees. anything with a shorter dep list is more likely to "randomly break" less often.
Psi-Jack
Heh
« prev 1 2 3 4 5 6 7 next »