Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us $3,400 per month for bandwidth bills alone, and since we don't believe in shoving popup ads to our registered users, we try to make the money back through forum registrations.
«6 »
  • Post
  • Reply
xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

rhel and derivatives do clean up old kernels, but they didn't always. Don't remember anymore when they fixed it.

These days they keep the kernel the system was installed with, the previous kernel and the most recently installed kernel.

Adbot
ADBOT LOVES YOU

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

My group has been doing monthly kernel updates and reboots on 2700-ish servers for 15 years now over a normal ssh connection and have not lost a single system from a corrupted/failed rpm install due to connection drop. I'd certainly be more careful over a choppy globe crossing network connection but on a robust LAN it's a thing no one should put energy into worrying about.

Just don't run the update and reboot in the same command and you'll be fine. If your connection drops, you ssh back in and make sure the package installed. Problem solved.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

Need a term for "this is hosed beyond my desire to try and fix it even though I admit it certainly is repairable."

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

Containers can't mount disks without privileged mode. Better scheme is to mount volumes outside the container and make them available to the container with -v options.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

Or spin up a clone of the system on a VM outside the protected environment, let yum do all the work, then copy all the packages it installed out of the cache.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

Sarcastic but realistic. Eventually everyone gets to the point of "gently caress it, run as root" because they get tired of trying to figure out how to do it right.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

The issue has never been whether it could be done, it's more that people realized they don't really give a poo poo and the feature dies on the vine.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

You don't need to quote the curly braces or plus.

The reason the xargs form failed is because {} is meaningless to it. If you added the option "-I {}" then it would work.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

Pfft, bash or

yes I opened that can

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

If you have Apache installed, look at the included rotatelogs command.

If not, I guarantee you can find a zillion stdout rotating solutions with some google.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

apropos man posted:

My immediate thought was "well I suppose they can fork", but the Red Hat stream of OS'es is too big a project to fork, isn't it? Is it?


There's nothing to fork, at least not near term. Both centos and scientific linux (not really sure if there's any other live+free rhel clones are out there atm) have shown that as long as the srpms continue to get published a rhel based system is not hard to produce.

(yes, centos is owned by redhat now, but it ran for a long time on its own)

My feeling is IBM influence won't be felt for a couple years.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

I like how the world has changed to the point where we've gone from slashdot style zero irony "M$ GONNA DESTROY LINUX" to preferring them owning a linux distribution than IBM, the company we were all cheering for when SCO was still a thing.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

anaconda defaults to graphical install, even when using a kickstart file. Edit the ks.cfg to get rid of skipx and text options and I'd think that will do it.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

What's the status on DNF? Got symlinks to yum?

edit - scrolled down and actually read, using yum 4. Which is DNF, right? I can't keep this poo poo straight anymore.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

Docjowles posted:

Probably responding to a joke/troll, but what would they reasonably replace systemd with at this point?

docker!

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

code:
# wc -l /proc/mounts
24556 /proc/mounts
Anyone wanna guess what happened.

users with root access and a cron job

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

Yeah, this is exactly what I want to do while visiting family. Will generate no friction whatsoever.



(The story being linked to is basically just a new release announcement with some traditional WINDOZE SUX mixed in)

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

Setting output to a drop policy seems excessive to me, but I I suppose there's good reasons to do it. But my suggestion is to not worry about it.

Be aware that docker also sets up some masquerade rules in the nat table, which aren't printed with 'iptables -l'. If you specify -t nat they'll show up and those rules are the ones that allow containers to talk to the outside world. Delete those rules and the containers will be locked down pretty tight (or configure docker to not modify iptables).

Just don't do it for docker0, as you'll run into problems pulling images. It's good practice to run containers on a bridge you create.


If you stop docker from messing with iptables note it also sets up rules inside containers (again in the nat table) to allow the internal dns to function. I can't remember if that breaks when docker stops messing with iptables.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

Programs use the DISPLAY variable to figure out what x server to connect to. In this day and age 99% of machines only have one display but in the bad old days there could be a lot more than that. The closest you'll get to multiple displays now is with VNC sessions.

At any rate when you log in and X is started the DISPLAY is automatically set and any programs you start will inherit it. crond doesn't have the same environment as your shell which is why you need to give it a hint.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

If vi screws you up, try looking up editing files with 'ed' sometime for a real brainfuck. I've known people that were pros at it but I could never grasp it.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

It's actually pretty hard these days to find any computer that doesn't have some kind of video output.. even all those SBC hobby systems are likely to have an hdmi out. An embedded graphics chip is pretty much standard equipment.

But if you do manage to find one, yes, you can install using a serial port as your primary interface, we still do it regularly at my place of work and life is good. You might have issues tweaking anything in the bios but the actual running an OS installer will work fine.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

99% of all nginx configurations I've ever set up have been reverse proxies to a web app. It's super convenient if you've bought into the containerization world.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

Docker is awesome, but be aware it's just a gateway drug for kubernetes.

But it's real attractive for each app to have its own sandbox that you can demolish and recreate to the exact some point whenever you want.

As long as dockerhub doesn't get compromised anyways.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

We went down a rabbit hole of trying to enforce device names during provisioning via kernel parameters for dracut and it we gave up after wasting a lot of effort.

In EL7 and beyond you gotta let network device names be what they are and live with it.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

The RHEL8 beta has been out for months now, no reason to be surprised.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

What is the exit code when its only copying 80% of what it should?

Rsync is an oddball with how specific its errors are (referring you to a line in the source has always amused me) so if there is a fatal error it seems unlikely you missed it, but if there's some kind of file access error it doesn't always exit so it's possible you're just not seeing it in the verbose output.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

I didn't put any effort into understanding grub2, the usage model appears to be google whatever problem you have and let other people tell you how to fix stuff. Fortunately it doesn't happen too often, 99.9% of the time it does the right thing.

Maybe that makes me bad at my job but like you said the configuration is super opaque now and if that's the world they want, I wash my hands of it.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

Yes, like 20 years ago when that was a sensible thing to do.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

CaptainSarcastic posted:

In the early 2000s HP network printers had a great feature where you could change what the LCD panel said by logging into them. I changed some of the ones at work to say things like "FEED ME A KITTEN."

I set the one in my cubicle farm to OUT OF PICKLES. I wanted something that looked like an error at first glance, but was so absurd that no one would take it seriously.

You didn't even need to log into them as I recall.. it was almost like an snmp trap, you send a packet to a port with a correct header and your text inside and it would blindly put it on the LCD screen. It was like a 10 line perl script.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

That's the linux experience in a nutshell. A second distro will fix one annoyance only to create another.

Ubuntu or Fedora if you want to stay close to the cutting edge. Mint is probably fine but I never used it myself.

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

Yes everyone wants it but it's never gonna happen. Arch comes the closest to solving it but if you can't stomach that distro you're pretty much SOL.

Maybe dockerhub is the solution you want?

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

General_Failure posted:

Oh poo poo. Scientific linux is going bye byes too.

There's no point to it, it's identical to centos except for a couple packages used to brand it. They had the same debate with rhel7 but this time opted to retire the distro.

Adbot
ADBOT LOVES YOU

xzzy
Mar 5, 2009

wakey wakey to
this bowl of tasty


Yams Fan

Our baseline config at work disables ipv6 on install because the networking group is slowly enabling ipv6 on all their equipment and so much poo poo breaks if the host sets up an ipv6 address on an interface.

So when we get the notice that a site/vlan now has ipv6 available we pick a test box so users of that segment can reconfigure all their poo poo to work like they need, and then we turn on ipv6.

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply
«6 »