subversion-1.1 released
by Neal Becker
subversion-1.1 is released. It would be great to include this. It allows
use of subversion without requiring a database. It would be good to
include this capability before many users have migrated to subversion.
19 years, 5 months
RFE: More on mounting + a question about the "console" flag
by Kyrre Ness Sjobak
While there are so much chattering about automounting, security
considerations of the new fstab "console" tag etc., i have as a systems
administrator withnessed one thing - with something as old as floppyes.
People mount up the floppy (acctually, they have no clue that they are
mounting it, they just click the nice little "floppy" icon), get their
files, pull out the floppy (without umounting), and logs out.
Then, 2 minutes later, another user logs in, pulls up his/her floppy,
and... the floppy is mounted. Cant get it umounted, and can't mount
his/her floppy. Grr...
Reason that there is a problem with floppyes and not other removable
storage, is of cource that floppyes is the only removable storage that
the user can pull out without the system gets the message - if you pull
an usb mass storage plug, it gets umounted (and it is mounted "sync" so
you probably won't loose data either). If you try to eject a cd, it wont
come out - untill you umount it (this is really frustrating to new users
as well - the "eject" button should umount the cd and eject it, and if
it is buisy, tell dbus to tell gnome to display that popup we all loved
in fc1)
But what if all volumes that the user mounted when he/she was logged on,
automatically got umounted when the user who mounted it logs out? That
would solve it.
About the "console" flag: would a user sitting on an XDMCP terminal be
considered a console user or not? How is it determined if he/she is a
console user or not? Because someone sitting on an xdmcp terminal
shouldn't be considered "console"...
Kyrre
19 years, 5 months
Problems with yum ?
by Casimiro de Almeida Barreto
Hello,
Lately I've had this:
[root@200-170-106-105 Fedora]# yum --obsoletes update
Setting up Update Process
Setting up Repo: development
repomd.xml 100% |=========================| 1.1 kB 00:00
Reading repository metadata in from local files
developmen: ################################################## 3422/3422
Resolving Dependencies
module-init-tools-3.1-0.p 100% |=========================| 19 kB 00:00
[root@200-170-106-105 Fedora]# yum --obsoletes update
Setting up Update Process
Setting up Repo: development
repomd.xml 100% |=========================| 1.1 kB 00:00
Reading repository metadata in from local files
developmen: ################################################## 3422/3422
Resolving Dependencies
fonts-xorg-base-6.7.99.90 100% |=========================| 54 kB 00:03
[root@200-170-106-105 Fedora]# yum --obsoletes update
Setting up Update Process
Setting up Repo: development
repomd.xml 100% |=========================| 1.1 kB 00:00
Reading repository metadata in from local files
primary.xml.gz 100% |=========================| 925 kB 00:41
repodata/primary.xml.gz: [Errno -1] Metadata file does not match checksum
Error: failure: repodata/primary.xml.gz from development: [Errno 256] No
more mirrors to try.
[root@200-170-106-105 Fedora]#
As this kind of problem has not been reported in this list, am I alone
on this problem or have someone else faced this ?
Regards,
Casimiro
19 years, 5 months
Future of Stateless Linux
by Rudi Chiarito
I was reading the Stateless Linux tutorial last night. I have a few
questions regarding some issues and how the project will tackle them, if
at all.
I haven't actually tried the software yet, but at work we're having a
new cluster shipped today and this means I have an official excuse to
play with stuff later this week. My perspective focuses mostly on the
needs of clusters and similar setups (blade servers, etc.). I understand
that, at least initially, the project will mainly target desktop
clients. I also understand that we're still in the early stages.
On to the issues.
1) IP addresses
There are several sides to this. The basic premise is that some might
prefer static IP addresses and names for boxes. If I have, say, 30
blades, I would like the blade with the sticker "20" on it to actually
be called "node020". And the one next to it to be called "node021". The
tutorial simply avoids the issue, showing how to set up a DHCP setup
with 100% dynamic IPs. You could consider this issue orthogonal to
serving images and root filesystems, but I think an integrated approach
is preferrable.
The obvious solution here is to resort to Ethernet MAC addresses.
Section 5 (Setting up diskless clients) "solves" the issue by just
saying "Determine the MAC address of the client(s)". That's not as
automated as one would wish and, more importantly, still doesn't take
care of IP addresses and names - it just changes the PXE boot image for
that MAC address. My question here is: are there any plans to tackle
this?
There is an approach that I have used in the past. It worked for me, but
it might need to be made more flexible and robust, to support all the
scenarios that Stateless Linux hopes to enable.
You need, of course, to have a list of MAC addresses. Even better,
several lists of MAC addresses - e.g. for several groups/profiles. You
can enter them manually or, if you're lazy enough, you'll want the
clients and the server to register them automatically.
I do this at the time that the kickstart file is served (I don't serve
images yet, but the idea is the same). A simple CGI script looks at the
IP at the remote end, retrieves the MAC address using ARP and appends it
to the list of addresses for that group. This is the common case, where
you add hosts sequentially by booting them in order, one by one. Of
course you can edit the MAC address lists manually if a NIC needs e.g.
to be replaced.
Another script takes care of creating new configuration files for DHCPD
and BIND, starting from the lists of MAC addresses and some parameters
associated to them. E.g., you'll want to specify that Group 1 lives in
the 10.23.45.0/24 subnet and its symbolic names follow the format string
"desktop%03d". You can even tell dhcpd to add/update entries without
restarting the process, using OMAPI - it's a bit funky, but it can be
made to work in a reliable manner.
A consequence of this is that you can now assign "unregistered" hosts to
a special address range, if you need it. A malicious system can still
spoof another MAC address, but you can at least deal with the more
common case of a system that is misconfigured or was never configured.
Or a Windows system.
2) Live updates
With the current design and implementation, updates happen only at a
snapshot level. There's no support for live updates that do not require
a reboot. I am not sure if this is set in stone, but I can understand
the rationale behind it. It makes sense for desktop systems, but a bit
less for servers.
Is there an answer to the inevitable question, "how do we minimise the
downtime associated with switching to a new image?"? One could imagine
using kexec:
http://www-106.ibm.com/developerworks/linux/library/l-kexec.html
Or, if the kernel doesn't change between images, one could envision a
hack that does the equivalent of going to single-user mode and switching
the root filesystem - unless there's some gotcha that makes it
impossible. The fact that / is already read-only should help, I guess.
3) USB drives
This is a minor issue, but I think it's worth starting to address.
Floppies are dead - the sheer size of the 2.6 kernel makes them unfit
for the purpose - and maybe CDs should be next. USB flash drives are
faster, handier, do not necessitate the extra step of creating an ISO
image and do not require a drive that consumes precious space and power
(well, you could use an USB CD drive, if you're that masochistic).
If tools are going to be developed to create caching client boostrap
images and "live" images, it might be worth considering support for
USB/Firewire drives from the start. It should be a subset of the CD
case, since you are avoiding the creation of an ISO image.
This is all for now.
--
Rudi
19 years, 5 months
YasT for Fedora Core
by gopinaths
Since YasT is GPL (well is it? ) , then it would be nice if fedora
has the same or something like it. Yast is the best Installation/Setup
and System Administration Tool available for linux , it combines RCD +
Control Centre( the KDE one) and its very simple for loads of other
administration stuff.
Some discussions took place about it in redhat forums
http://www.redhat.com/archives/fedora-config-list/2004-May/msg00013.html
but it remains to be implemented .
It will be great if it is done , imagine being able to install new
versions of kde or gnome or ftp installation of fedora itself in a
smooth way .. i know it could be done even without it (up2date , yum )
but it seldom works or its not cool, putting up a graphical interface
will surely be one more step towards user friendliness.
so what say you?
regards
gopinaths : <gopinaths(a)iitg.ernet.in>
Linux is Sexy
who | grep -i blonde | date; cd ~; unzip; touch; strip; finger; mount;
gasp; yes; uptime; umount; sleep
19 years, 5 months
Bastille
by Niki Rahimi
Hi Fedora folks,
I have been working on the Bastille-security hardening system for a
while now (www.bastille-linux.org). I am currently interested in the
enhancement of Bastille on Fedora as I see that it is not directly
available on the distribution install media at this time. I have been
working with Jay Beale, the lead developer of Bastille, on seeing that
the software is working properly on Fedora core installations.
I am curious to see what you all would think of the addition of
Bastille to the Fedora install media. If you have any questions on the
quality and/or useability of Bastille feel free to send me a note.
Thanks,
Niki Rahimi
19 years, 6 months
How to make a custom Fedora bootable CD?
by Arangel Angov
I wanted to make one bootable installation cd with the things I want
from fedora. Asked google, but didn't found much.
I also tried some forums of projects that have working custom bootable
fedora based distro's but I can't seem to find proper documentation on
how this is done. Does it involve kickstart configuration files and
where everything goes? Is there a document that somebody could recommend
for this?
Thanks in advance.
Arangel
19 years, 6 months
graphical FTP install
by Chuck Anderson
Why do FTP installs still default to text mode? I noticed that I can
start a graphical FTP install with a boot parameter "graphical".
Considering that the text install can't do LVM, I think it is
important that we default to graphical.
19 years, 6 months
rawhide report: 20041004 changes
by Build System
Updated Packages:
HelixPlayer-1.0.1.gold-1
------------------------
* Sun Oct 03 2004 Colin Walters <walters(a)redhat.com> 1:1.0.1.gold-1
- Update to 1.0.1
- Add epoch since 1.0.1.gold is older than 1.0.gold
- Drop upstreamed HelixPlayer-1.0.beta20040615-mmx-clobber.patch
- Drop HelixPlayer-1.0.beta20040615-desktop.patch per request
- Drop upstreamed HelixPlayer-1.0-filechooser.patch
- Drop upstreamed HelixPlayer-1.0-clobberedx.patch
- Switch to bingo-gold target
authconfig-4.6.5-1
------------------
* Mon Oct 04 2004 Jindrich Novy <jnovy(a)redhat.com> 4.6.5-1
- updated translations from upstream
- autogeneration of build stripts in prep phase
* Thu Sep 30 2004 Jindrich Novy <jnovy(a)redhat.com>
- fixed man page
- added dependency on nscd
* Wed Sep 29 2004 Jindrich Novy <jnovy(a)redhat.com> 4.6.4-6
- regenerated build scripts
gamin-0.0.14-1
--------------
* Sun Oct 03 2004 Daniel Veillard <veillard(a)redhat.com> 0.0.14-1
- Found and fixed the annoying bug where update were not received
should fix bugs ##132429, #133665 and #134413
- new mechanism to debug on-the-fly by sending SIGUSR2 to client or server
- Added documentation about internals
* Fri Oct 01 2004 Daniel Veillard <veillard(a)redhat.com> 0.0.13-1
- applied portability fixes
- hardened the code while chasing a segfault
gettext-0.14.1-11
-----------------
* Sun Oct 03 2004 Leon Ho <llch(a)redhat.com>
- fixed typo on %preun on -devel
howl-0.9.6-6
------------
* Mon Oct 04 2004 Alexander Larsson <alexl(a)redhat.com> - 0.9.6-6
- Use runuser instead of su to change user to make selinux happy (#134456)
mod_perl-1.99_16-3
------------------
* Sun Oct 03 2004 Chip Turner <cturner(a)redhat.com> 1.99_16-3
- update filter-depends.sh for Module::Build and Data::Flow
rpmdb-fedora-2.92-0.20041004
----------------------------
vsftpd-2.0.1-5
--------------
* Fri Oct 01 2004 Radek Vokal <rvokal(a)redhat.com> 2.0.1-5
- vsftpd under xinetd reads its config file (#134314)
19 years, 6 months