Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us $3,400 per month for bandwidth bills alone, and since we don't believe in shoving popup ads to our registered users, we try to make the money back through forum registrations.
«5 »
  • Post
  • Reply
anthonypants
May 6, 2007



Dinosaur Gum

I have five active subscriptions/entitlements for RHEL, but as far as I know we only have three RHEL servers. Can I get the list of system IDs using those entitlements from RedHat's portal anywhere? I think the other two might belong to one of our dozen offline VMs, or maybe they belong to ancient decommissioned servers, but I think getting the list of known system IDs would be a start.

e: nevermind, I found it

ee: I don't need to use these subscriptions for CentOS machines, do I? Would they even provide support for it?

anthonypants fucked around with this message at Jul 12, 2016 around 23:08

Adbot
ADBOT LOVES YOU

anthonypants
May 6, 2007



Dinosaur Gum

evol262 posted:

No. This is one of the only ways to make Red Hat mad at you about entitlements -- filing bugs on CentOS against RHEL.
That's good. Exactly one of the five servers I have an entitlement for is using its entitlement (even though it hasn't updated in years) and at least one of them is a CentOS box -- I can tell because it's the same VMware UUID, so someone installed RedHat on this VM, went through rhn_register, and then decided to go back and install CentOS??? I still need to go through the other three tomorrow, but this is really stupid.

anthonypants
May 6, 2007



Dinosaur Gum

Got an alert this morning that one the root partition on server 36 was filling up, so I ran 'yum clean all' and cleared up like 30GB. Patted myself on the back, called it a day.

Earlier this evening we got an alert that some workflow mailer service had stopped on server 15. The oracle contractors who got this ticket checked port 25 on server 17 and then emailed us asking where this nonexistent server is. This made my boss flip out, and he wants to blame this on my running yum clean this morning, which is complete idiocy. He thinks server 36 is to blame because that's what the contractor logged into to telnet into server 17, and it's the server that's trying to use server 15 as some mail relay or something.

How do I get my boss to be less willfully ignorant when it comes to Linux?

anthonypants
May 6, 2007



Dinosaur Gum

evol262 posted:

First off, you mean ssh, right? Not telnet?

But, in general, this problem isn't specific to a Linux, and your boss isn't "willfully ignorant". He just sounds like he's kind of incompetent or clueless regarding managing systems in general.

You solve your problem in multiple steps:
  • no telnet
  • Lists of servers in some centralized source. DNS is fine. That way "server17" returns an address lookup
  • You do root cause analysis on why the workflow mailer failed
  • You fix it, then email this analysis to your boss, the contractors, and any other relevant principals, without assigning blame or trying to correct his "ignorance" and without mentioning Linux. Your boss panicked because something changed, then something broke at the same time. Prove that these are not related by finding the actual cause of the failure. This proves your competence, illustrates a failure by the contractors, and maybe teaches your boss a little (in a non-judgemental way)
Telnet over port 25 was their method of testing connectivity to the mail server, that's all I meant. I'm sure we have some telnet going on elsewhere, but.
We have a list of servers in a spreadsheet. Server 17 doesn't exist in it, but my boss found some documentation ~somewhere else~ that refers to this server as a mail server or relay or something. He wasn't clear.
And our DNS is garbage. Not only is aging/scavenging not turned on, but everything that isn't a desktop is using a loving static IP, so everything's pointing at old DNS servers from when the server was originally set up.
I couldn't fix today's issue, because it was some Oracle app which is a black box and managed by one of two third-party contracting firms. We have literally no clue what the support boundaries or expectations are, and I'm the first semi-Linux person this company has seen in several years.
I asked their tech what could have caused this issue, and said it would've been overwritten after some patches they applied yesterday. I haven't heard my boss reply to this yet but literally telling me that 'yum clean' could have overwritten or reverted the configuration directive they're talking about is driving me up the loving wall.

anthonypants
May 6, 2007



Dinosaur Gum

Robo Reagan posted:

I thought Arch was the ricing distro. Either way I'm getting my feet wet with Arch before bothering with giving up halfway through installing gentoo.
https://fun.irq.dk/funroll-loops.org/

anthonypants
May 6, 2007



Dinosaur Gum

evol262 posted:

This whole environment sounds like a badly managed clusterfuck. Your boss's ignorance of what "yum clean" does is the worst of your problems, honestly, and even showing him what it does with strace (or following the code) means he'll freak out at the next unknown command.
You don't even know the half of it.

Turns out the Oracle consulting firm was running some updates that morning, which would account for why we got a disk utilization alarm, and they used a config file updater script that had at least one ancient setting, and it used to point at server 17 for mail, which doesn't exist anymore.

anthonypants
May 6, 2007



Dinosaur Gum

Martytoof posted:

Any sed gurus here?

I need to replace an entire line based on the string it begins with.

Example:

From:
>system.log arg1=xyz arg2=xyz arg3=xyz

To:
>system.log blah7=bla blah8=bla blah9=bla

so if I were looking to just replace arg1='s name I could just s/arg1/arg2/, but I want to change the entire line's contents. Essentially I will be replacing the line with something completely different except for the ">system.log" lead-in. The contents of the line I want to replace will be static so I don't need to do any sub-field replacements.

Essentially I want to tell sed to:

sed "replace any line you find that starts with '>system.log' (I don't care what follows) with '>system.log new=content is=here'"
code:
sed 's/^(\>system\.log).*/$1 new=content is=here/g' file > newfile
e: missed that angle bracket

anthonypants fucked around with this message at Aug 5, 2016 around 15:06

anthonypants
May 6, 2007



Dinosaur Gum

Ur Getting Fatter posted:

FFS, I was doing ok until I got to this:

Some of those aren't even in the loving cheat sheet agggggh

.?.+: = any character (none or once), any character (1 or more times)

.+ = (any character (1 or more times)

[*]+ = ?????? (is this the same as [.+] )

/* = ???????????????? (what the gently caress is that forward slash)
I'd guess it's:
**
//

e: you're gonna love experienced #4

anthonypants fucked around with this message at Aug 5, 2016 around 19:43

anthonypants
May 6, 2007



Dinosaur Gum

My change request to update our Linux servers is finally getting approved, but my boss wants a rollback plan. So, if I wanted to generate a list of pending updates and cross-reference those with the current version, is there a flag I can add to yum check-update to do that or will I have to run yum list installed and compare them by hand?

anthonypants
May 6, 2007



Dinosaur Gum

18 Character Limit posted:

This is a good, strong sign that a process is flawed.
Well, yeah, which is why I was asking if there's like an rpm --that-thing-i-said command instead. It's not like I'm going to get another option.

Fun fact: one of these servers hasn't been touched in so long, it still has a RedHat CA cert that expired almost exactly three years ago. I've already argued that 1) these are CentOS/RHEL so it's just backported security fixes and updates won't be introducing any weird compatibility issuesl 2) we haven't patched Linux servers before and there are extremely critical security fixes that need to be applied; and 3) because of #1 and #2 these patches should not be rolled back and if something breaks we should make the environment work instead. We even have a test environment to apply patches to. But, I'm not in charge.

anthonypants
May 6, 2007



Dinosaur Gum

I would like to use postfix as an internal relay to forward unauthenticated SMTP mail to Office 365. Because O365 requires authentication, I'd like to rewrite the sender address from baduser@domain.local to something like relay+baduser@domain.com. Assuming that's even a valid from: address, postfix doesn't seem to be translating it. I've got a map file:
code:
/(.*?)@domain.local/ relay+$1@domain.com
and my main.cf has
code:
smtp_generic_maps = pcre:/etc/postfix/generic
and postmap -q "baduser@domain.local" pcre:/etc/postfix/generic even returns relay+baduser@domain.com. What am I missing?


e: I don't know why, but what I needed to use instead of generic maps was sender_canonical_maps.
main.cf:
code:
sender_canonical_maps = pcre:/etc/postfix/sender_canonical
sender_canonical:
code:
/(.*?)@domain.local/ relay+$1@domain.com
And it works!
ee: But Office 365 doesn't allow plus signs in email addresses! gently caress you, Microsoft!

anthonypants fucked around with this message at Aug 12, 2016 around 18:22

anthonypants
May 6, 2007



Dinosaur Gum

ToxicFrog posted:

With modern VM technology, only as much space as is actually used -- you can tell the VM that it has an 80GB HDD, but if the OS install only takes up 5GB, that's how much space it'll take on disk.
The corollary to this is that you can tell a dozen VMs that they each have 50TB of storage, and put them all on your 180GB SSD, and thin provision those VM disks so that they expand onto your SSD as the VM writes to it, but you should absolutely not do that thing.

anthonypants
May 6, 2007



Dinosaur Gum

Michaellaneous posted:

Okay that is actually quite interesting. Thank you for that writeup.
Which brings me to my actual problem: The OpenStack installiation. I want to seperate the both network (Administrative and Provider). Everything is connect to a switch and put into two seperate VLANs.

I planned for both networks to have their own dns zone and DHCP. But clients in the Admin network (10.0.1.0) recieve get put into the Provider network (192.168.1.0).

Is there a way I can only supply DHCP on a single interface?
Yes, you can bind the DHCP server to respond to any requests that come in to a specific address, or to any requests that come in on a specific interface.

anthonypants
May 6, 2007



Dinosaur Gum

anthonypants posted:

I would like to use postfix as an internal relay to forward unauthenticated SMTP mail to Office 365. Because O365 requires authentication, I'd like to rewrite the sender address from baduser@domain.local to something like relay+baduser@domain.com. Assuming that's even a valid from: address, postfix doesn't seem to be translating it. I've got a map file:
code:
/(.*?)@domain.local/ relay+$1@domain.com
and my main.cf has
code:
smtp_generic_maps = pcre:/etc/postfix/generic
and postmap -q "baduser@domain.local" pcre:/etc/postfix/generic even returns relay+baduser@domain.com. What am I missing?


e: I don't know why, but what I needed to use instead of generic maps was sender_canonical_maps.
main.cf:
code:
sender_canonical_maps = pcre:/etc/postfix/sender_canonical
sender_canonical:
code:
/(.*?)@domain.local/ relay+$1@domain.com
And it works!
ee: But Office 365 doesn't allow plus signs in email addresses! gently caress you, Microsoft!
So I have the sender_canonical file to just be /.*/ relay@domain.com, and that worked for telnet connections, but it wasn't enough for pretty much anything else. So, I had to add header_checks = pcre:/etc/postfix/header_checks to my main.cf, with /From:.*/ REPLACE From: relay@domain.com. If I could still do sub-addressing, I could probably use one of the above regex strings, but I can't, so this is good enough.

Now, what I'd like to do is prepend the sender (or something) to the subject line, based who the sender is (before it gets replaced), and I'm not sure what the best method is. I tried doing something like /From: (.*)/ PREPEND Subject: $1 but that doesn't work that way. I think I could make a unique header, and then have Office 365 deal with the sender/recipient, buuuuut I can only match the From: field once.

anthonypants
May 6, 2007



Dinosaur Gum

Feral Integral posted:

Hey, quick grep in bash question:

if I have a file a.txt:
code:
  school house
  bicycle tile
  school bus
  bicycle
and a file b.txt:
code:
  school bus
  bicycle
I want to do grep -F b.txt a.txt to see if a.txt contains b.txt ..but this doesn't seem to work. Anyone know the right poo poo?
Are you trying to determine if a.txt contains b.txt, or if any line in b.txt matches any line in a.txt?

anthonypants
May 6, 2007



Dinosaur Gum

Feral Integral posted:

The first one


Nah diff wouldn't work because I know the files are not equivilant. I guess I could get the diff and then see if that diff contains b.txt, but that seems kind of out of the way.
There's grep -Ff a.txt b.txt, but that'll match each line the same way a diff would.
code:
$ cat a.txt
school house
bicycle tile
school bus
bicycle
$ cat b.txt
school bus
monster trucks
bicycle
$ grep -Ff a.txt b.txt
school bus
bicycle

anthonypants
May 6, 2007



Dinosaur Gum

Feral Integral posted:

What ended up working for me was:
code:
grep -xFf b.txt a.txt
Thanks everyone
Literally not what you asked for.

anthonypants
May 6, 2007



Dinosaur Gum

I don't suppose there's any way to keep capture groups persistent through multiple sed -e groups? Here's what I've got:
code:
$ cat testmail
To: <recipient@domain.com>
From: <baduser@domain.local>
Subject: this is an email
Message-ID: <this is a message id>
Date: date
$cat testmail | sed -e 's/^From\: <\(.*\)>/From: <gooduser@domain.com>\nReply-To: <noreply@domain.com>/g' -e 's/^Subject:\(.*\)/Subject: \[\1\]\2/g'
sed: -e expression #2, char 37: invalid reference \2 on `s' command's RHS
$ cat testmail | sed -e 's/^From\:.*<\(.*\)>/From: <gooduser@domain.com>\nReply-To: <noreply@domain.com>/g' -e 's/^Subject:\(.*\)/Subject: \[\1\]/g'
To: <recipient@domain.com>
From: <gooduser@domain.com>
Reply-To: <noreply@domain.com>
Subject: [ this is an email]
Message-ID: <this is a message id>
Date: date
$
I don't know if this is a limitation or if there's some other sed command I need to use.

e: I can get that email by itself with sed -n 's/^From:.*<\(.*\)>/\1/p' ...so now I just need a way to get that into the subject line

anthonypants fucked around with this message at Aug 27, 2016 around 20:16

anthonypants
May 6, 2007



Dinosaur Gum

feedmegin posted:

There's also that Ubuntu-on-Windows-10 thing, which is actually pretty neat.
There's also been the SUA/SFU on Windows 7 and below.

anthonypants
May 6, 2007



Dinosaur Gum

Wicaeed posted:

Kind of an open question, but is there any way to override the default relayhost in Postfix only for certain domain names?

Currently have a Postfix server configured to send emails for our company domain that relays to Amazon SES. The problem is that Amazon SES requires a valid external domain name to verify ownership of, which we can't do for an internal non-customer facing domain, and I'm trying to see if it's possible to automatically relay emails sent from something@prod.local directly to our Office 365 environment.
You can use Postfix's rewriting rules to change the sender address from something@prod.local to something.valid@prod.com. Are you using authenticated SMTP to Office 365 or not?

anthonypants
May 6, 2007



Dinosaur Gum

I need to tell proftpd to require glusterfsd when it starts, so it doesn't fail at boot. I can edit the initscript to add glusterd and glusterfsd to the Required-Start line, but what's the method I should be using to do this? CentOS 6.7 btw

anthonypants
May 6, 2007



Dinosaur Gum

The XKCD Larper posted:

[xkcdlarp@localhost ~]$ pkcon install foo
Resolving [=========================] Package not found: foo
Command failed: This tool could not find any available package: No packages were found

Same error with root.
"foo" is a substitute for the name of the package you want to install. Do you know the name of the package you're trying to install, and if not, do you know the name of the program?

anthonypants
May 6, 2007



Dinosaur Gum

code:
(384/384): zip-3.0-1.el6_7.1.x86_64.rpm                                                                                                         | 259 kB     00:00
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                  4.1 MB/s | 403 MB     01:37

anthonypants
May 6, 2007



Dinosaur Gum

Renegret posted:

hi linux thread

I don't actually have a question, I just wanted to say that I'm learning the CLI and I just did a rm -rf / in a VM just to get it out of my system.

It feels like a rite of passage, watching this VM destroy itself from the inside.
A good distro would have stopped you and made you type in --no-preserve-root before it broke anything. I think SELinux might also disallow you from killing your system like that but I'm not sure.

anthonypants
May 6, 2007



Dinosaur Gum

apropos man posted:

Isn't it dodgy to 'rm - rf /' on an efi system? Something about how the files in /boot/efi can affect hardware handling and in a rare edge case it could physically damage the compooota?
Trashing the contents of /boot is like the primary reason it's given its own partition and isn't mounted at boot.

anthonypants
May 6, 2007



Dinosaur Gum

Let's say I have a really old, out-of-date CentOS 6 box with a similarly old, out-of-date repo, and it makes yum report errors like this:
code:
http://download.opensuse.org/repositories/home%3A/satya164%3A/fedorautils/Fedora_6/repodata/repomd.xml: [Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 404 Not Found"
Trying other mirror.
To address this issue please refer to the below knowledge base article

[url]https://access.redhat.com/articles/1320623[/url]

If above article doesn't help to resolve this issue please open a ticket with Red Hat Support.
I know that this error is generated from the fedorautils repo. What I would like to do is figure out what packages would have been installed with this repo. There's nothing with @fedorautils under yum list installed, so maybe they were moved into a different repo at some point? Maybe nothing was ever installed from that repo? I'm pretty sure it's ok to remove this from yum.repos.d but I want to make sure I'm not missing anything before that happens.

anthonypants
May 6, 2007



Dinosaur Gum

Googling said I could use repoquery, but that didn't find anything either so I'm just going to remove it and hope for the best. There's a lot of garbage on this VM (bluetooth support? smart card daemon?) so I'm not all that worried about losing Fedora packages.

anthonypants
May 6, 2007



Dinosaur Gum

peepsalot posted:

What if there was a thing that was a cross between synergy and vnc, so cursor can move across monitors between different boxes(basic synergy), but also if you drag a window off the edge of the screen of one computer, it would flow onto the next screen, across different platforms(like vnc but only sending individial window updates instead of full screen). Is something like that even feasible? I don't suppose that software this useful actually exists, or something close?
You mean like VirtualBox's Seamless Mode?
https://www.youtube.com/watch?v=eQr8iI0yZH4

anthonypants
May 6, 2007



Dinosaur Gum

gourdcaptain posted:

Hey, I know this tends torwards a more enterprise/serious Linux thread, but I've got a question on where and if to file a bug.
I'm running Arch Linux (yeah, I know, it does a few things I need that other Linuxes don't do well, I'm used to its issues, and I don't recommend it to other people) and they in an Arch-iest possible way recently pushed a Mesa 13 release canidate to the repositories. I'm not complaining (the extra OpenGL support makes a game I was waiting to run work and it hasn't caused any issues). Anyway, this also means they added a package for the open-source Vulkan implementation for recent Radeon cards (I've got an RX 460 in a machine I just built because the CPU didn't have an integrated one and I needed something and it was cheap). I'd like to mess with this with Dolphin, but anything I try to run for it just crashes immediately with a segfault or says it can't create a Vulkan context.

Should I file a bug against:
A) Arch (even though this is a stock package with no patches)
B) Mesa (even though the driver flat out admits when you run something using it in the terminal it's not yet ready for prime time)
C) Dolphin (just for completeness, this doesn't seem right to me at all, and Vulkan is only available in recent git releases there)
D) Multiple of the above?
E) None of the above?
Depends on what your crash/segfault says.

anthonypants
May 6, 2007



Dinosaur Gum

DrankSinatra posted:

I'm trying to figure out what distro to use for my daily work. I realize, to a certain extent that's a dumb question, but whatever. I'm a grad student/programmer, and I spend a solid 75% of my computer time at the command line or in Emacs. I like farting around in Slackware, because it's a Unix-rear end Linux system, and coming at it from the perspective of a dude who does a ton of command line stuff, I like how every component can basically be configured in their respective text file; it feels simple and predictable to me.

On the other hand, dealing with slackbuilds gets old really fast. I have a life to live, and I'd rather not piss it away staring at compiler output.

Is there anything out there with a robust binary package management system that's still that level of dead-simple vanilla text configuration? I thought about just doing a server install of CentOS, and installing the packages I want, but the packages in the default repos are old as hell, and I really don't want to putz with adding a bunch of extra repos. Also it seems like, even at the default setup level, CentOS has a bunch of extra enterprise cruft that I'm not interested in.

Realistically, all I need is the bleeding edge version of my compilers and text editor, a web browser, virtualbox, and Xmonad.
So, like...Gentoo?

anthonypants
May 6, 2007



Dinosaur Gum

apropos man posted:

Is anyone familiar with using postfix to forward mail?

I've got it running on my Ubuntu home sever, set up with my gmail credentials via the /etc/postfix/sasl_passwd and sasl_passwd.db files.

What I'm wondering is this: if postfix is using my Google creds to interact with the Google smtp server on a regular basis then am I sending my password out over clearnet?

I don't mind the body of the emails going out in the clear because it's just boring server stuff like S.M.A.R.T tests and login times, and I don't really understand setting up my own TLS to do it encrypted. Should I learn how to set up basic TLS?
If you're using smtp.gmail.com then I don't think you can connect without SSL/TLS.

anthonypants
May 6, 2007



Dinosaur Gum

Shaocaholica posted:

What's the easiest way to find out if some USB 3.0/3.1 chipset is going to be supported? I need a PCI-E 1x USB 3.0/3.1 card on an IO workbench machine running Parted Magic.
Look it up on the Linux Kernel Driver DataBase

anthonypants
May 6, 2007



Dinosaur Gum

Combat Pretzel posted:

So uh, I gave the Fedora 25 beta live image a spin. Nouveau and the Gnome Wayland session start up fine, however my mouse cursor is not moving. It is registering mouse input, because wildly jockeying the mouse, various controls gain focus and react to clicks, but the visual cursor itself remains stuck in the top left corner. It even changes monitors when I move the invisible pointer between them, but always top left corner. Anyone seen that before and how that can be fixed?
Do you have a joystick or some other input device plugged in?

anthonypants
May 6, 2007



Dinosaur Gum

other people posted:

i have no idea what a spacemouse is but i want one it sounds loving awesome
It's probably disappointing, like a spacebar.

anthonypants
May 6, 2007



Dinosaur Gum

Ur Getting Fatter posted:

I have fail2ban running on my CentOS server. sshd jail is running and I've switched CentOS to use iptables instead of FirewallD

When I purposely input the wrong password a few times fail2ban adds the following rule to iptables:

code:
-A f2b-sshd -s 10.10.10.10/32 -j REJECT --reject-with icmp-port-unreachable
That rule does not work at all, seeing as I can SSH in just fine.

Adding the following rule manually, however does work:

code:
 -I INPUT -s 10.10.10.10 -j DROP
Any ideas on what's going on and how to fix it?

Edit: for what it's worth, the same thing happened with FirewallD.
Your INPUT table isn't reading from the f2b-sshd table?

anthonypants
May 6, 2007



Dinosaur Gum

Ur Getting Fatter posted:

No, it's the only rule for that IP (plus it happens with any IP).

I think it's most likely that like someone else mentioned, iptables is not processing fail2ban chains.

Any ideas on how to trouble shoot that?
Dunno what it is in firewalld but iptables would be iptables -I INPUT -p tcp --dport ssh -j f2b-sshd

anthonypants
May 6, 2007



Dinosaur Gum

Also, use dig instead of nslookup.

anthonypants
May 6, 2007



Dinosaur Gum

icantfindaname posted:

Hi, I have to run a bunch of simulations for reasons, each of which takes a long time, and I thought by running 3 or so in parallel in the background it would speed it up, however looking at the process monitor it seems each is running at 1/3 the speed? Is there no way to run things in parallel to speed them up?
Have you tried using three times as many computers?

anthonypants
May 6, 2007



Dinosaur Gum

Methanar posted:

Sublime text does this and I really like it.
I've only used Sublime Text on Windows but it's extremely good.

Adbot
ADBOT LOVES YOU

anthonypants
May 6, 2007



Dinosaur Gum

Is there any reason I shouldn't be using Continuous Release packages for CentOS 7?

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply
«5 »