Linux-Noob Forums - CentOS

cmake 2.8

Tue, 22 Jul 2014 10:58:00 +0200

Hi

I installed Cmake successfully .and now I want to work with it but i dont know how??

please help me?!

does it have any visual interface or i have to use it with terminal??

help meeee[img]<___base_url___>//public/style_emoticons/default/sad.png[/img]

Cmake 2.8

Thu, 03 May 2012 11:00:11 +0200

Hi,

I currently have cmake 2.6

However, the script I am trying to use with cmake requires 2.8

How do I install / upgrade to 2.8? Any help would be greatly appreciated.

SL ssh port problem

Tue, 01 Nov 2011 21:17:46 +0100

Here a topic to continue what started out here. It's more appropriate as a separate topic.

I changed the default ssh port in SL, and before it works you have to edited the iptables/firewall. I edited the firewall using system-config-firewall-tui

on Hybrid's advice and restarted the service. When connecting:

ssh -p 1234 user@ip

I still get connection refused. I did check the vi /etc/sysconfig/iptables

And it nicely made a new entry under port 22 mentioning my custom ssh port.

CentOS vs SL

Tue, 01 Nov 2011 14:48:44 +0100

I went to look on the web to see what I would find as in CentOS vs SL. I find this article and I come across alot of other discussions. That SL security updates are faster and that CentOS is rumored to be a dying project.SL is used by Fermilab and CERN and therefore they got a team working on it alot.. Having searched different forums I still came across where SL and Centos are both advised and no discussions that I have mentioned above. And also have someone who advised me to switch to SL because of the same reasons. So I'm kind of confused and just wanted

to know your opinions about the matter since this is my home forum or say to say. And to help me think things through to decide what to do.

p.s this topic is not intended to make a distro war, just trying to understand so it can help me make a decision.

Starting the GUI (Gnome)

Thu, 27 Oct 2011 07:30:26 +0200

I installed Cent OS 5.7-i386 server

and from the text console I start the GUI (Gnome if i understand correctly[img]<___base_url___>//public/style_emoticons/default/blink.png[/img] ) by typing "startx".

If this is the correct way of starting the GUI, If so I have two dumb Qs.

1 Is there a way to get it 2 start straight

into the GUI ?

2 Where the hell is the shut down or restart in the GUI?

All can find is a suspend button.

Thanks 2 all

5.7 -i386 won't work after update

Tue, 25 Oct 2011 08:16:32 +0200

Hi there,

In case you can’t tell I’m new to Linux.

I am trying to setup my own web server with Kloxo

(A cpanel alternative).

I installed Cent OS 5.7-i386 server, and ran the GUI

(startx) and all went well.

But when I ran the updates and restarted the PC and go to

Start the GUI I just get a blank screen. [img]<___base_url___>//public/style_emoticons/default/wacko.png[/img]

I have done some reading on all the forums out there, but far

I have had no luck.

Can still use the Command Prompt (if you call it that in the Linux’s

World?) But would like to use the GUI. (Bit like using DOS instead of windows

And I’m over those days lol). [img]<___base_url___>//public/style_emoticons/default/tongue.png[/img]

The hardware I am using to test this on is

Dell Optiplex 745 2.0GHz core 2 duo

1 GB Ram

40 GB hard drive

DVD Rom

Intel Graphics Media Accelerator 3000

Thanks to all.

CentOS 6 minimal + Apache+MySQL+latest PHP with eAccelerator, Suhosin

Sun, 21 Aug 2011 19:28:30 +0200

I'm working on recreating (and enhancing) my minimal LAMP server configuration on CentOS 6 for my web server.

I use Apache and MySQL from the CentOS repos, but prefer to compile my own PHP to stay up-to-date with each new stable release of PHP as soon as it is available. I also like to add support for eAccelerator (a memory cache and bytecode cache for PHP, speeds up execution of PHP scripts considerably) and will add support for the Suhosin security patch and extension for PHP.

I'm also moving towards using SELinux in enforcing mode with this new CentOS 6 server for enhanced security.

I hope in this post to document my setup for this -- Apache, MySQL and the latest PHP from source, as well as eAcceleration and Suhosin, all SELinux compliant. This setup is not yet finished and this post should not therefore be used 'blindly' as a guide for a production server. I'm still testing this setup in a private, closed environment!

I have also not gone through this guide start-to-finish to test that it is complete. Since this is an adaptation of my personal guide, which contains specific details of my setup that aren't relevant to a general audience, I have not verified that this particular write-up actually works.

Filenames for download links may change as new versions are released. Check all software versions to make sure outdated versions are not being installed.

Bear in mind, therefore, that this guide is a work in progress. [img]<___base_url___>//public/style_emoticons/default/wink.png[/img]

Install Pre-requisite Packages

Begin by ensuring the Development Tools are installed, to faciliate compiling our own PHP and extensions.

Code:
# yum groupinstall 'Development Tools'

Now install the prerequisites:

Code:
# yum install httpd mysql-server httpd-devel libxml2-devel libcurl-devel libjpeg-devel ImageMagick-devel libpng-devel gmp-devel mysql-devel libtool-ltdl-devel

MCrypt must be installed manually (I don't want to use third-party yum repos). Download latest from http://mcrypt.sourceforge.net/.

Code:
$ tar xjvf libmcrypt-2.5.8.tar.bz2

$ cd libmcrypt-2.5.8

$ ./configure

$ make

$ su -c "make install"

MySQL desperately needs a root password set.

Code:
$ mysqladmin -u root password newrootpassword

Also configure Apache to your specifications. I will omit that configuration here, as much of it is specific to my setup and not relevant to a general audience.

Download Suhosin Patch

Assumes the Suhosin GPG key has already been securely imported, for verifying the integrity of the patch and extension.

Code:
$ wget http://download.suhosin.org/suhosin-patch-5.3.7-0.9.10.patch.gz

$ wget http://download.suhosin.org/suhosin-patch-5.3.7-0.9.10.patch.gz.sig

$ gpg --verify suhosin-patch-5.3.7-0.9.10.patch.gz.sig

$ gunzip suhosin-patch-5.3.7-0.9.10.patch.gz

PHP 5.3.7 with Suhosin Patch

Download latest PHP from http://www.php.net.

Code:
$ tar xjvf php-5.3.7.tar.bz2

$ cd php-5.3.7

$ patch -p 1 -i ../suhosin-patch-5.3.7-0.9.10.patch

$ './configure' '--with-mysqli' '--with-mysql' '--enable-bcmath' '--enable-mbstring' '--with-gmp' '--with-curl' '--with-gd' '--with-freetype' '--with-apxs2=/usr/sbin/apxs' '--with-zlib' '--with-mcrypt' '--with-jpeg-dir' '--with-png-dir' '--with-gif-dir'

$ make

$ make test

$ su -c "make install"

$ su -c "chcon -t textrel_shlib_t '/usr/lib/httpd/modules/libphp5.so'"

$ su -c "/sbin/service httpd restart"

PHP configuration to /usr/local/lib/php.ini.

Code:
# /usr/bin/chcon -t etc_t /usr/local/lib/php.ini

Suhosin Extension

Code:
$ wget http://download.suhosin.org/suhosin-0.9.32.1.tar.gz

$ wget http://download.suhosin.org/suhosin-0.9.32.1.tar.gz.sig

$ gpg --verify suhosin-0.9.32.1.tar.gz.sig

$ tar xzvf suhosin-0.9.32.1.tar.gz

$ cd suhosin-0.9.32.1

$ phpize

$ ./configure

$ make

$ su -c "make install"

$ su -c "cp modules/suhosin.so /usr/local/lib/php/extensions"

$ su -c "chcon -t textrel_shlib_t '/usr/local/lib/php/extensions/suhosin.so'"

Enable extension in PHP.ini:

Code:
extension="suhosin.so"

Restart Apache:

Code:
# service httpd restart

Use a PHPInfo page to verify Suhosin Patch and Suhosin Extension are working.

eAccelerator

Download page appears to be down as of 2011-08-21. [img]<___base_url___>//public/style_emoticons/default/sad.png[/img]

Code:
$ tar xjvf eaccelerator-0.9.6.1.tar.bz2

$ cd eaccelerator-0.9.6.1

$ phpize

$ ./configure

$ make

$ su -c "make install"

$ su -c "cp modules/eaccelerator.so /usr/local/lib/php/extensions"

$ su -c "mkdir /var/cache/eaccelerator"

$ su -c "chown apache /var/cache/eaccelerator"

$ su -c "/etc/init.d/httpd restart"

$ su -c "chcon -t textrel_shlib_t '/usr/local/lib/php/extensions/eaccelerator.so'"

Configure eAccelerator settings in PHP.ini:

Code:
extension="eaccelerator.so"

eaccelerator.shm_size="128"    ; 128 MB of memcaching, lower on low-memory machines

eaccelerator.cache_dir="/var/cache/eaccelerator"

eaccelerator.enable="1"

eaccelerator.optimizer="1"

eaccelerator.check_mtime="1"

eaccelerator.debug="0"

eaccelerator.filter=""

eaccelerator.shm_max="0"

eaccelerator.shm_ttl="0"

eaccelerator.shm_prune_period="0"

eaccelerator.shm_only="0"

eaccelerator.compress="1"

eaccelerator.compress_level="9"

eaccelerator.log_file="/var/log/eaccelerator.log"

Set up dirs:

Code:
# mkdir /var/cache/eaccelerator

# chown apache /var/cache/eaccelerator

# touch /var/log/eaccelerator.log

# chown apache /var/log/eaccelerator.log

TODO: SELinux contexts for /var/cache/eaccelerator and /var/log/eaccelerator.log?

Restart Apache:

Code:
# service httpd restart

Verify eAccelerator with a PHPInfo page.

CentOS 6 x86_64 as a Desktop

Thu, 18 Aug 2011 18:29:53 +0200

I just installed CentOS 6 x86_64 as a desktop will post my experiences here.

No installation problems, no start up problems

Other Screenshot

CentOS/Virtualization

Fri, 05 Aug 2011 10:38:06 +0200

I have a dedicated server and I want to be able to run virtual pc's from the commandline. I know there's virtualbox

and vmware, but is it possible to run and control virtualization software from the command line. Or are there other

options available. I did a bit of searching on google but didn't get further than vmware and virtualbox and openvz.

Anyone have experience with this?

latest glibc update breaks Evolution(CentOS 5.6)

Tue, 19 Apr 2011 17:52:47 +0200

After recently updating to CentOS 5.6 I came across the problem that my evolution wouldn't start up anymore.

I went an searched and found out that more people are having the same problem as me. The problem is that

the latest version of glibc breaks evolution.

here's the bugreport

here's the topic of how to fix the problem

It's recommended that you do as post #3 says. Don't upgrade to 5.6. Do the following first:

add: exclude=glibc*2.5-58.el5_6.2 nscd*2.5-58.el5_6.2 xorg-x11-server-utils-7.1-5.el5_6.1 to /etc/yum.conf

then you can update and evolution works. If you have already updated you need to downgrade first but it's all in the topic

centos/virtualbox problem

Sun, 17 Apr 2011 19:24:33 +0200

I am able to install virtualbox from the website. I am able to make a virtual machine but when I try and start it up I get an error:

Kernel driver not installed (rc=-1908)

The VirtualBox Linux kernel driver (vboxdrv) is either not loaded or there is a permission problem with /dev/vboxdrv. Please reinstall the kernel module by executing

'/etc/init.d/vboxdrv setup'

as root. Users of Ubuntu, Fedora or Mandriva should install the DKMS package first. This package keeps track of Linux kernel changes and recompiles the vboxdrv kernel module if necessary.

I tried executing the command to reinstall the kernel module but then I still get this error message:

[root@localhost maarten]# /etc/init.d/vboxdrv setup

Stopping VirtualBox kernel modules [ OK ]

Uninstalling old VirtualBox DKMS kernel modules [ OK ]

Trying to register the VirtualBox kernel modules using DKMS[FAILED]

(Failed, trying without DKMS)

Recompiling VirtualBox kernel modules [FAILED]

(Look at /var/log/vbox-install.log to find out what went wrong)

I downloaded the rpm file from the website and I also trie dto do it the way they did it in the centos wiki

where they say I should install: yum --enablerepo rpmforge install dkms

for both I get the same results, have searched a while but seem to figure it out.

CentOS

Sun, 23 May 2010 20:14:44 +0200

http://www.virtualmin.com/ and http://www.zarafa.nl/

I have a CentOS 5.5 server installed, on top of that I have virtualmin/webmin installed.

In order to install virtualmin(http://www.virtualmin.com/download.html)I needed to set a FQDN: srv1.virtualmin.com

After I did this setup ran automatically after I ran the script and everything went well. Postfix and server other packages get installed with this package.

When this was finished I created a virtual domain, with the name of vanderrijst.eu. Now I wanted to setup postfix so edited /etc/postfix/main.cfg

I first set these settings in postfix:

http://www.zarafa.com/wiki/index.php/Pos...ntegration

main.cf

mydomain = demo.zarafa.com

myhostname = host

alias_maps = hash:/etc/aliases

alias_database = hash:/etc/aliases

virtual_alias_maps = mysql:/etc/postfix/mysql-aliases.cf

myorigin = /etc/mailname

mydestination = $myhostname, $myhostname.local, localhost, $mydomain

mynetworks = 127.0.0.0/8

mailbox_transport = zarafa:

zarafa_destination_recipient_limit = 1

inet_interfaces = all

One problem here though, when I go to /etc/postfix/ there is no mysql-aliases.cf so I would take that something won't go right here's cuz it's pointing to a location that doesn't exist. I did install the mysql module from the CentOS plus.

If that was working right I should configure the following file

Postfix mysql-aliases.cf

# The user name and password to log into the mysql server.

user = root

password = zarafa

hosts = 127.0.0.1

dbname = zarafa

# For Postfix 2.2 and later The SQL query template.

# See mysql_table(5) for details.

query = select value from objectproperty where objectid=(select objectid from objectproperty where value='%s' limit 1) and propname='loginname';

I still need to add one thing in /etc/postfix/main.cf

mailbox_command = /usr/bin/zarafa-dagent "$USER"

and I need to edit the /etc/postfix/master.cf

added this to the end:

zarafa unix - n n - 10 pipe

flags= user=vmail argv=/usr/bin/zarafa-dagent ${user}

after this I still needed to create the user vmail to unix: adduser vmail, then under /etc/zarafa/server.cfg. I needed to change the config. (http://www.zarafa.com/wiki/index.php/MTA_integration)

from local_admin_users = root to local_admin_users = root vmail

After this I reboot postfix, /etc/init.d/postfix restart, postfix booted without any problems.

now I created two mailbox with the admin-zarafa

man zarafa-admin

zarafa-admin -c feedmebits -p secret -e feedmebits@vanderrijst.eu -f “Feedmebits” -a 1

-c = create user

-p = password

-e = email

-f = full name

-a = administrator 1 or 0 (true of false)

I then created a second account.

Now my problem is that neither account is receiving any mail and not even error mails. here's my /etc/postfix.cfg I spent quite a few hours on getting this setup and trying to figure out what I'm doing wrong but I think I'm just missing something.

Quote:# Global Postfix configuration file. This file lists only a subset# of all parameters. For the syntax, and for a complete parameter

# list, see the postconf(5) manual page (command: "man 5 postconf").

#

# For common configuration examples, see BASIC_CONFIGURATION_README

# and STANDARD_CONFIGURATION_README. To find these documents, use

# the command "postconf html_directory readme_directory", or go to

# http://www.postfix.org/.

#

# For best results, change no more than 2-3 parameters at a time,

# and test if Postfix still works after every change.

# SOFT BOUNCE

#

# The soft_bounce parameter provides a limited safety net for

# testing. When soft_bounce is enabled, mail will remain queued that

# would otherwise bounce. This parameter disables locally-generated

# bounces, and prevents the SMTP server from rejecting mail permanently

# (by changing 5xx replies into 4xx replies). However, soft_bounce

# is no cure for address rewriting mistakes or mail routing mistakes.

#

#soft_bounce = no

# LOCAL PATHNAME INFORMATION

#

# The queue_directory specifies the location of the Postfix queue.

# This is also the root directory of Postfix daemons that run chrooted.

# See the files in examples/chroot-setup for setting up Postfix chroot

# environments on different UNIX systems.

#

queue_directory = /var/spool/postfix

# The command_directory parameter specifies the location of all

# postXXX commands.

#

command_directory = /usr/sbin

# The daemon_directory parameter specifies the location of all Postfix

# daemon programs (i.e. programs listed in the master.cf file). This

# directory must be owned by root.

#

daemon_directory = /usr/libexec/postfix

# QUEUE AND PROCESS OWNERSHIP

#

# The mail_owner parameter specifies the owner of the Postfix queue

# and of most Postfix daemon processes. Specify the name of a user

# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS

# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. In

# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED

# USER.

#

mail_owner = postfix

# The default_privs parameter specifies the default rights used by

# the local delivery agent for delivery to external file or command.

# These rights are used in the absence of a recipient user context.

# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER.

#

#default_privs = nobody

# INTERNET HOST AND DOMAIN NAMES

#

# The myhostname parameter specifies the internet hostname of this

# mail system. The default is to use the fully-qualified domain name

# from gethostname(). $myhostname is used as a default value for many

# other configuration parameters.

#

myhostname = srv1.virtualmin.com

#myhostname = virtual.domain.tld

# The mydomain parameter specifies the local internet domain name.

# The default is to use $myhostname minus the first component.

# $mydomain is used as a default value for many other configuration

# parameters.

#

mydomain = vanderrijst.eu

# SENDING MAIL

#

# The myorigin parameter specifies the domain that locally-posted

# mail appears to come from. The default is to append $myhostname,

# which is fine for small sites. If you run a domain with multiple

# machines, you should (1) change this to $mydomain and (2) set up

# a domain-wide alias database that aliases each user to

# user@that.users.mailhost.

#

# For the sake of consistency between sender and recipient addresses,

# myorigin also specifies the default domain name that is appended

# to recipient addresses that have no @domain part.

#

myorigin = vanderrijst.eu

#myorigin = $mydomain

# RECEIVING MAIL

# The inet_interfaces parameter specifies the network interface

# addresses that this mail system receives mail on. By default,

# the software claims all active interfaces on the machine. The

# parameter also controls delivery of mail to user@[ip.address].

#

# See also the proxy_interfaces parameter, for network addresses that

# are forwarded to us via a proxy or network address translator.

#

# Note: you need to stop/start Postfix when this parameter changes.

#

#inet_interfaces = all

#inet_interfaces = $myhostname

#inet_interfaces = $myhostname, localhost

inet_interfaces = all

# The proxy_interfaces parameter specifies the network interface

# addresses that this mail system receives mail on by way of a

# proxy or network address translation unit. This setting extends

# the address list specified with the inet_interfaces parameter.

#

# You must specify your proxy/NAT addresses when your system is a

# backup MX host for other domains, otherwise mail delivery loops

# will happen when the primary MX host is down.

#

#proxy_interfaces =

#proxy_interfaces = 1.2.3.4

# The mydestination parameter specifies the list of domains that this

# machine considers itself the final destination for.

#

# These domains are routed to the delivery agent specified with the

# local_transport parameter setting. By default, that is the UNIX

# compatible delivery agent that lookups all recipients in /etc/passwd

# and /etc/aliases or their equivalent.

#

# The default is $myhostname + localhost.$mydomain. On a mail domain

# gateway, you should also include $mydomain.

#

# Do not specify the names of virtual domains - those domains are

# specified elsewhere (see VIRTUAL_README).

#

# Do not specify the names of domains that this machine is backup MX

# host for. Specify those names via the relay_domains settings for

# the SMTP server, or use permit_mx_backup if you are lazy (see

# STANDARD_CONFIGURATION_README).

#

# The local machine is always the final destination for mail addressed

# to user@[the.net.work.address] of an interface that the mail system

# receives mail on (see the inet_interfaces parameter).

#

# Specify a list of host or domain names, /file/name or type:table

# patterns, separated by commas and/or whitespace. A /file/name

# pattern is replaced by its contents; a type:table is matched when

# a name matches a lookup key (the right-hand side is ignored).

# Continue long lines by starting the next line with whitespace.

#

# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS".

#

mydestination = $myhostname, localhost.$mydomain, localhost, srv1.virtualmin.co m vanderrijst.eu

#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,

# mail.$mydomain, www.$mydomain, ftp.$mydomain

# REJECTING MAIL FOR UNKNOWN LOCAL USERS

#

# The local_recipient_maps parameter specifies optional lookup tables

# with all names or addresses of users that are local with respect

# to $mydestination, $inet_interfaces or $proxy_interfaces.

#

# If this parameter is defined, then the SMTP server will reject

# mail for unknown local users. This parameter is defined by default.

#

# To turn off local recipient checking in the SMTP server, specify

# local_recipient_maps = (i.e. empty).

#

# The default setting assumes that you use the default Postfix local

# delivery agent for local delivery. You need to update the

# local_recipient_maps setting if:

#

# - You define $mydestination domain recipients in files other than

# /etc/passwd, /etc/aliases, or the $virtual_alias_maps files.

# For example, you define $mydestination domain recipients in

# the $virtual_mailbox_maps files.

#

# - You redefine the local delivery agent in master.cf.

#

# - You redefine the "local_transport" setting in main.cf.

#

# - You use the "luser_relay", "mailbox_transport", or "fallback_transport"

# feature of the Postfix local delivery agent (see local(8)).

#

# Details are described in the LOCAL_RECIPIENT_README file.

#

# Beware: if the Postfix SMTP server runs chrooted, you probably have

# to access the passwd file via the proxymap service, in order to

# overcome chroot restrictions. The alternative, having a copy of

# the system passwd file in the chroot jail is just not practical.

#

# The right-hand side of the lookup tables is conveniently ignored.

# In the left-hand side, specify a bare username, an @domain.tld

# wild-card, or specify a user@domain.tld address.

#

#local_recipient_maps = unix:passwd.byname $alias_maps

#local_recipient_maps = proxy:unix:passwd.byname $alias_maps

#local_recipient_maps =

# The unknown_local_recipient_reject_code specifies the SMTP server

# response code when a recipient domain matches $mydestination or

# ${proxy,inet}_interfaces, while $local_recipient_maps is non-empty

# and the recipient address or address local-part is not found.

#

# The default setting is 550 (reject mail) but it is safer to start

# with 450 (try again later) until you are certain that your

# local_recipient_maps settings are OK.

#

unknown_local_recipient_reject_code = 550

# TRUST AND RELAY CONTROL

# The mynetworks parameter specifies the list of "trusted" SMTP

# clients that have more privileges than "strangers".

#

# In particular, "trusted" SMTP clients are allowed to relay mail

# through Postfix. See the smtpd_recipient_restrictions parameter

# in postconf(5).

#

# You can specify the list of "trusted" network addresses by hand

# or you can let Postfix do it for you (which is the default).

#

# By default (mynetworks_style = subnet), Postfix "trusts" SMTP

# clients in the same IP subnetworks as the local machine.

# On Linux, this does works correctly only with interfaces specified

# with the "ifconfig" command.

#

# Specify "mynetworks_style = class" when Postfix should "trust" SMTP

# clients in the same IP class A/B/C networks as the local machine.

# Don't do this with a dialup site - it would cause Postfix to "trust"

# your entire provider's network. Instead, specify an explicit

# mynetworks list by hand, as described below.

#

# Specify "mynetworks_style = host" when Postfix should "trust"

# only the local machine.

#

#mynetworks_style = class

#mynetworks_style = subnet

#mynetworks_style = host

# Alternatively, you can specify the mynetworks list by hand, in

# which case Postfix ignores the mynetworks_style setting.

#

# Specify an explicit list of network/netmask patterns, where the

# mask specifies the number of bits in the network part of a host

# address.

#

# You can also specify the absolute pathname of a pattern file instead

# of listing the patterns here. Specify type:table for table-based lookups

# (the value on the table right-hand side is not used).

#

mynetworks = 168.100.189.0/28, 127.0.0.0/8

#mynetworks = $config_directory/mynetworks

#mynetworks = hash:/etc/postfix/network_table

# The relay_domains parameter restricts what destinations this system will

# relay mail to. See the smtpd_recipient_restrictions description in

# postconf(5) for detailed information.

#

# By default, Postfix relays mail

# - from "trusted" clients (IP address matches $mynetworks) to any destination,

# - from "untrusted" clients to destinations that match $relay_domains or

# subdomains thereof, except addresses with sender-specified routing.

# The default relay_domains value is $mydestination.

#

# In addition to the above, the Postfix SMTP server by default accepts mail

# that Postfix is final destination for:

# - destinations that match $inet_interfaces or $proxy_interfaces,

# - destinations that match $mydestination

# - destinations that match $virtual_alias_domains,

# - destinations that match $virtual_mailbox_domains.

# These destinations do not need to be listed in $relay_domains.

#

# Specify a list of hosts or domains, /file/name patterns or type:name

# lookup tables, separated by commas and/or whitespace. Continue

# long lines by starting the next line with whitespace. A file name

# is replaced by its contents; a type:name table is matched when a

# (parent) domain appears as lookup key.

#

# NOTE: Postfix will not automatically forward mail for domains that

# list this system as their primary or backup MX host. See the

# permit_mx_backup restriction description in postconf(5).

#

#relay_domains = $mydestination

# INTERNET OR INTRANET

# The relayhost parameter specifies the default host to send mail to

# when no entry is matched in the optional transport(5) table. When

# no relayhost is given, mail is routed directly to the destination.

#

# On an intranet, specify the organizational domain name. If your

# internal DNS uses no MX records, specify the name of the intranet

# gateway host instead.

#

# In the case of SMTP, specify a domain, host, host:port, [host]:port,

# [address] or [address]:port; the form [host] turns off MX lookups.

#

# If you're connected via UUCP, see also the default_transport parameter.

#

#relayhost = $mydomain

#relayhost = [gateway.my.domain]

#relayhost = [mailserver.isp.tld]

#relayhost = uucphost

#relayhost = [an.ip.add.ress]

# REJECTING UNKNOWN RELAY USERS

#

# The relay_recipient_maps parameter specifies optional lookup tables

# with all addresses in the domains that match $relay_domains.

#

# If this parameter is defined, then the SMTP server will reject

# mail for unknown relay users. This feature is off by default.

#

# The right-hand side of the lookup tables is conveniently ignored.

# In the left-hand side, specify an @domain.tld wild-card, or specify

# a user@domain.tld address.

#

#relay_recipient_maps = hash:/etc/postfix/relay_recipients

# INPUT RATE CONTROL

#

# The in_flow_delay configuration parameter implements mail input

# flow control. This feature is turned on by default, although it

# still needs further development (it's disabled on SCO UNIX due

# to an SCO bug).

#

# A Postfix process will pause for $in_flow_delay seconds before

# accepting a new message, when the message arrival rate exceeds the

# message delivery rate. With the default 100 SMTP server process

# limit, this limits the mail inflow to 100 messages a second more

# than the number of messages delivered per second.

#

# Specify 0 to disable the feature. Valid delays are 0..10.

#

#in_flow_delay = 1s

# ADDRESS REWRITING

#

# The ADDRESS_REWRITING_README document gives information about

# address masquerading or other forms of address rewriting including

# username->Firstname.Lastname mapping.

# ADDRESS REDIRECTION (VIRTUAL DOMAIN)

#

# The VIRTUAL_README document gives information about the many forms

# of domain hosting that Postfix supports.

# "USER HAS MOVED" BOUNCE MESSAGES

#

# See the discussion in the ADDRESS_REWRITING_README document.

# TRANSPORT MAP

#

# See the discussion in the ADDRESS_REWRITING_README document.

# ALIAS DATABASE

#

# The alias_maps parameter specifies the list of alias databases used

# by the local delivery agent. The default list is system dependent.

#

# On systems with NIS, the default is to search the local alias

# database, then the NIS alias database. See aliases(5) for syntax

# details.

#

# If you change the alias database, run "postalias /etc/aliases" (or

# wherever your system stores the mail alias file), or simply run

# "newaliases" to build the necessary DBM or DB file.

#

# It will take a minute or so before changes become visible. Use

# "postfix reload" to eliminate the delay.

#

#alias_maps = dbm:/etc/aliases

alias_maps = hash:/etc/aliases

#alias_maps = hash:/etc/aliases, nis:mail.aliases

#alias_maps = netinfo:/aliases

# The alias_database parameter specifies the alias database(s) that

# are built with "newaliases" or "sendmail -bi". This is a separate

# configuration parameter, because alias_maps (see above) may specify

# tables that are not necessarily all under control by Postfix.

#

#alias_database = dbm:/etc/aliases

#alias_database = dbm:/etc/mail/aliases

alias_database = hash:/etc/aliases

#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases

# ADDRESS EXTENSIONS (e.g., user+foo)

#

# The recipient_delimiter parameter specifies the separator between

# user names and address extensions (user+foo). See canonical(5),

# local(8), relocated(5) and virtual(5) for the effects this has on

# aliases, canonical, virtual, relocated and .forward file lookups.

# Basically, the software tries user+foo and .forward+foo before

# trying user and .forward.

#

#recipient_delimiter = +

# DELIVERY TO MAILBOX

#

# The home_mailbox parameter specifies the optional pathname of a

# mailbox file relative to a user's home directory. The default

# mailbox file is /var/spool/mail/user or /var/mail/user. Specify

# "Maildir/" for qmail-style delivery (the / is required).

#

#home_mailbox = Mailbox

home_mailbox = Maildir/

# The mail_spool_directory parameter specifies the directory where

# UNIX-style mailboxes are kept. The default setting depends on the

# system type.

#

#mail_spool_directory = /var/mail

#mail_spool_directory = /var/spool/mail

# The mailbox_command parameter specifies the optional external

# command to use instead of mailbox delivery. The command is run as

# the recipient with proper HOME, SHELL and LOGNAME environment settings.

# Exception: delivery for root is done as $default_user.

#

# Other environment variables of interest: USER (recipient username),

# EXTENSION (address extension), DOMAIN (domain part of address),

# and LOCAL (the address localpart).

#

# Unlike other Postfix configuration parameters, the mailbox_command

# parameter is not subjected to $parameter substitutions. This is to

# make it easier to specify shell syntax (see example below).

#

# Avoid shell meta characters because they will force Postfix to run

# an expensive shell process. Procmail alone is expensive enough.

#

# IF YOU USE THIS TO DELIVER MAIL SYSTEM-WIDE, YOU MUST SET UP AN

# ALIAS THAT FORWARDS MAIL FOR ROOT TO A REAL USER.

#

mailbox_command = /usr/bin/zarafa-dagent "$USER"

#mailbox_command = /some/where/procmail -a "$EXTENSION"

# The mailbox_transport specifies the optional transport in master.cf

# to use after processing aliases and .forward files. This parameter

# has precedence over the mailbox_command, fallback_transport and

# luser_relay parameters.

#

# Specify a string of the form transport:nexthop, where transport is

# the name of a mail delivery transport defined in master.cf. The

# :nexthop part is optional. For more details see the sample transport

# configuration file.

#

# NOTE: if you use this feature for accounts not in the UNIX password

# file, then you must update the "local_recipient_maps" setting in

# the main.cf file, otherwise the SMTP server will reject mail for

# non-UNIX accounts with "User unknown in local recipient table".

#

#mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp

# If using the cyrus-imapd IMAP server deliver local mail to the IMAP

# server using LMTP (Local Mail Transport Protocol), this is prefered

# over the older cyrus deliver program by setting the

# mailbox_transport as below:

#

mailbox_transport = zarafa

zarafa_destination_recipient_limit = 1

#

# The efficiency of LMTP delivery for cyrus-imapd can be enhanced via

# these settings.

#

# local_destination_recipient_limit = 300

# local_destination_concurrency_limit = 5

#

# Of course you should adjust these settings as appropriate for the

# capacity of the hardware you are using. The recipient limit setting

# can be used to take advantage of the single instance message store

# capability of Cyrus. The concurrency limit can be used to control

# how many simultaneous LMTP sessions will be permitted to the Cyrus

# message store.

#

# To use the old cyrus deliver program you have to set:

#mailbox_transport = cyrus

# The fallback_transport specifies the optional transport in master.cf

# to use for recipients that are not found in the UNIX passwd database.

# This parameter has precedence over the luser_relay parameter.

#

# Specify a string of the form transport:nexthop, where transport is

# the name of a mail delivery transport defined in master.cf. The

# :nexthop part is optional. For more details see the sample transport

# configuration file.

#

# NOTE: if you use this feature for accounts not in the UNIX password

# file, then you must update the "local_recipient_maps" setting in

# the main.cf file, otherwise the SMTP server will reject mail for

# non-UNIX accounts with "User unknown in local recipient table".

#

#fallback_transport = lmtp:unix:/var/lib/imap/socket/lmtp

#fallback_transport =

# The luser_relay parameter specifies an optional destination address

# for unknown recipients. By default, mail for unknown@$mydestination,

# unknown@[$inet_interfaces] or unknown@[$proxy_interfaces] is returned

# as undeliverable.

#

# The following expansions are done on luser_relay: $user (recipient

# username), $shell (recipient shell), $home (recipient home directory),

# $recipient (full recipient address), $extension (recipient address

# extension), $domain (recipient domain), $local (entire recipient

# localpart), $recipient_delimiter. Specify ${name?value} or

# ${name:value} to expand value only when $name does (does not) exist.

#

# luser_relay works only for the default Postfix local delivery agent.

#

# NOTE: if you use this feature for accounts not in the UNIX password

# file, then you must specify "local_recipient_maps =" (i.e. empty) in

# the main.cf file, otherwise the SMTP server will reject mail for

# non-UNIX accounts with "User unknown in local recipient table".

#

#luser_relay = $user@other.host

#luser_relay = $local@other.host

#luser_relay = admin+$local

# JUNK MAIL CONTROLS

#

# The controls listed here are only a very small subset. The file

# SMTPD_ACCESS_README provides an overview.

# The header_checks parameter specifies an optional table with patterns

# that each logical message header is matched against, including

# headers that span multiple physical lines.

#

# By default, these patterns also apply to MIME headers and to the

# headers of attached messages. With older Postfix versions, MIME and

# attached message headers were treated as body text.

#

# For details, see "man header_checks".

#

#header_checks = regexp:/etc/postfix/header_checks

# FAST ETRN SERVICE

#

# Postfix maintains per-destination logfiles with information about

# deferred mail, so that mail can be flushed quickly with the SMTP

# "ETRN domain.tld" command, or by executing "sendmail -qRdomain.tld".

# See the ETRN_README document for a detailed description.

#

# The fast_flush_domains parameter controls what destinations are

# eligible for this service. By default, they are all domains that

# this server is willing to relay mail to.

#

#fast_flush_domains = $relay_domains

# SHOW SOFTWARE VERSION OR NOT

#

# The smtpd_banner parameter specifies the text that follows the 220

# code in the SMTP server's greeting banner. Some people like to see

# the mail version advertised. By default, Postfix shows no version.

#

# You MUST specify $myhostname at the start of the text. That is an

# RFC requirement. Postfix itself does not care.

#

#smtpd_banner = $myhostname ESMTP $mail_name

#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)

# PARALLEL DELIVERY TO THE SAME DESTINATION

#

# How many parallel deliveries to the same user or domain? With local

# delivery, it does not make sense to do massively parallel delivery

# to the same user, because mailbox updates must happen sequentially,

# and expensive pipelines in .forward files can cause disasters when

# too many are run at the same time. With SMTP deliveries, 10

# simultaneous connections to the same domain could be sufficient to

# raise eyebrows.

#

# Each message delivery transport has its XXX_destination_concurrency_limit

# parameter. The default is $default_destination_concurrency_limit for

# most delivery transports. For the local delivery agent the default is 2.

#local_destination_concurrency_limit = 2

#default_destination_concurrency_limit = 20

# DEBUGGING CONTROL

#

# The debug_peer_level parameter specifies the increment in verbose

# logging level when an SMTP client or server host name or address

# matches a pattern in the debug_peer_list parameter.

#

debug_peer_level = 2

# The debug_peer_list parameter specifies an optional list of domain

# or network patterns, /file/name patterns or type:name tables. When

# an SMTP client or server host name or address matches a pattern,

# increase the verbose logging level by the amount specified in the

# debug_peer_level parameter.

#

#debug_peer_list = 127.0.0.1

#debug_peer_list = some.domain

# The debugger_command specifies the external command that is executed

# when a Postfix daemon program is run with the -D option.

#

# Use "command .. & sleep 5" so that the debugger can attach before

# the process marches on. If you use an X-based debugger, be sure to

# set up your XAUTHORITY environment variable before starting Postfix.

#

debugger_command =

PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin

xxgdb $daemon_directory/$process_name $process_id & sleep 5

# If you can't use X, use this to capture the call stack when a

# daemon crashes. The result is in a file in the configuration

# directory, and is named after the process name and the process ID.

#

# debugger_command =

# PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont;

# echo where) | gdb $daemon_directory/$process_name $process_id 2>&1

# >$config_directory/$process_name.$process_id.log & sleep 5

#

# Another possibility is to run gdb under a detached screen session.

# To attach to the screen sesssion, su root and run "screen -r

# " where uniquely matches one of the detached

# sessions (from "screen -list").

#

# debugger_command =

# PATH=/bin:/usr/bin:/sbin:/usr/sbin; export PATH; screen

# -dmS $process_name gdb $daemon_directory/$process_name

# $process_id & sleep 1

# INSTALL-TIME CONFIGURATION INFORMATION

#

# The following parameters are used when installing a new Postfix version.

#

# sendmail_path: The full pathname of the Postfix sendmail command.

# This is the Sendmail-compatible mail posting interface.

#

sendmail_path = /usr/sbin/sendmail.postfix

# newaliases_path: The full pathname of the Postfix newaliases command.

# This is the Sendmail-compatible command to build alias databases.

#

newaliases_path = /usr/bin/newaliases.postfix

# mailq_path: The full pathname of the Postfix mailq command. This

# is the Sendmail-compatible mail queue listing command.

#

mailq_path = /usr/bin/mailq.postfix

# setgid_group: The group for mail submission and queue management

# commands. This must be a group name with a numerical group ID that

# is not shared with other accounts, not even with the Postfix account.

#

setgid_group = postdrop

# html_directory: The location of the Postfix HTML documentation.

#

html_directory = no

# manpage_directory: The location of the Postfix on-line manual pages.

#

manpage_directory = /usr/share/man

# sample_directory: The location of the Postfix sample configuration files.

# This parameter is obsolete as of Postfix 2.1.

#

sample_directory = /usr/share/doc/postfix-2.3.3/samples

# readme_directory: The location of the Postfix README files.

#

readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES

virtual_alias_maps = mysql:/etc/postfix/mysql-aliases.cf

sender_bcc_maps = hash:/etc/postfix/bcc

mailbox_command = /usr/bin/zarafa-dagent "$USER"

home_mailbox = Maildir/

smtpd_sasl_auth_enable = yes

smtpd_sasl_security_options = noanonymous

broken_sasl_auth_clients = yes

smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination

Here's all my sources in a list if that's usefull:

http://wiki.centos.org/HowTos/postfix

http://www.linuxmail.info/

http://www.zarafa.com/wiki/index.php/Pos...ntegration

http://www.zarafa.com/wiki/index.php/MTA_integration

A point in the right direction would be helpfull.

error while trying yum update

Sat, 15 May 2010 12:35:40 +0200

today i was trying to update the centos server when i got this

Quote:Resolving Dependencies--> Running transaction check

---> Package kernel.i686 0:2.6.18-194.3.1.el5 set to be installed

---> Package kernel-devel.i686 0:2.6.18-194.3.1.el5 set to be installed

---> Package kernel-headers.i386 0:2.6.18-194.3.1.el5 set to be updated

---> Package lvm2.i386 0:2.02.56-8.el5_5.1 set to be updated

--> Processing Dependency: device-mapper >= 1.02.39-1 for package: lvm2

---> Package mkinitrd.i386 0:5.1.19.6-61.el5_5.1 set to be updated

---> Package nash.i386 0:5.1.19.6-61.el5_5.1 set to be updated

---> Package nss_db.i386 0:2.2-35.4.el5_5 set to be updated

---> Package sudo.i386 0:1.7.2p1-6.el5_5 set to be updated

---> Package tzdata.i386 0:2010i-1.el5 set to be updated

--> Finished Dependency Resolution

lvm2-2.02.56-8.el5_5.1.i386 from updates has depsolving problems

--> Missing Dependency: device-mapper >= 1.02.39-1 is needed by package lvm2-2.02.56-8.el5_5.1.i386 (updates)

--> Running transaction check

---> Package kernel.i686 0:2.6.18-164.9.1.el5 set to be erased

---> Package kernel-devel.i686 0:2.6.18-164.9.1.el5 set to be erased

---> Package lvm2.i386 0:2.02.56-8.el5_5.1 set to be updated

--> Processing Dependency: device-mapper >= 1.02.39-1 for package: lvm2

--> Finished Dependency Resolution

lvm2-2.02.56-8.el5_5.1.i386 from updates has depsolving problems

--> Missing Dependency: device-mapper >= 1.02.39-1 is needed by package lvm2-2.02.56-8.el5_5.1.i386 (updates)

Error: Missing Dependency: device-mapper >= 1.02.39-1 is needed by package lvm2-2.02.56-8.el5_5.1.i386 (updates)

You could try using --skip-broken to work around the problem

You could try running: package-cleanup --problems

package-cleanup --dupes

rpm -Va --nofiles --nodigest

The program package-cleanup is found in the yum-utils package.

this is the linux-noob.com server so i'm wary of making any mistakes,

Quote:[root@linux-noob ~]# cat /etc/redhat-release CentOS release 5.4 (Final)

any advise as to the best way of resolving the problem above ?

samba server login using windows domain user

Mon, 25 Aug 2008 11:54:34 +0200

Sir

i am using centos 5. i tried to configure samba server login using windows domain user. may be i was worng in any file .

my windows domain server= data-server.central.edu (192.168.100.100)

samba server=telnet (192.168.100.167)

my krb5.conf

[logging]

default = FILE:/var/log/krb5libs.log

kdc = FILE:/var/log/krb5kdc.log

admin_server = FILE:/var/log/kadmind.log

[libdefaults]

default_realm = CENTRAL.EDU

default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc

default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc

[realms]

CENTRAL.EDU = {

kdc = data-server.central.edu

default_domain = central.edu

}

[domain_realm]

.central.edu = CENTRAL.EDU

central.edu = CENTRAL.EDU

[kdc]

profile = /var/kerberos/krb5kdc/kdc.conf

----------------------------------------------------------------------------------

smb.conf

#======================= Global Settings =====================================

[global]

# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH

workgroup = CENTRAL

# server string is the equivalent of the NT Description field

server string = Samba Server

# Security mode. Defines in which mode Samba will operate. Possible

# values are share, user, server, domain and ads. Most people will want

# user level security. See the Samba-HOWTO-Collection for details.

security = ADS

# This option is important for security. It allows you to restrict

# connections to machines which are on your local network. The

# following example restricts access to two C class networks and

# the "loopback" interface. For more examples of the syntax see

# the smb.conf man page

; hosts allow = 192.168.1. 192.168.2. 127.

# If you want to automatically load your printer list rather

# than setting them up individually then you'll need this

; load printers = yes

# you may wish to override the location of the printcap file

; printcap name = /etc/printcap

# on SystemV system setting printcap name to lpstat should allow

# you to automatically obtain a printer list from the SystemV spool

# system

; printcap name = lpstat

# It should not be necessary to specify the print system type unless

# it is non-standard. Currently supported print systems include:

# bsd, cups, sysv, plp, lprng, aix, hpux, qnx

; printing = cups

# This option tells cups that the data has already been rasterized

cups options = raw

# Uncomment this if you want a guest account, you must add this to /etc/passwd

# otherwise the user "nobody" is used

; guest account = pcguest

# this tells Samba to use a separate log file for each machine

# that connects

log file = /var/log/samba/%m.log

# Put a capping on the size of the log files (in Kb).

max log size = 50

# Use password server option only with security = server

# The argument list may include:

# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]

# or to auto-locate the domain controller/s

# password server = *

password server = data-server.central.edu

# Use the realm option only with security = ads

# Specifies the Active Directory realm the host is part of

realm = CENTRAL.EDU

# Backend to store user information in. New installations should

# use either tdbsam or ldapsam. smbpasswd is available for backwards

# compatibility. tdbsam requires no further configuration.

; passdb backend = tdbsam

# Using the following line enables you to customise your configuration

# on a per machine basis. The %m gets replaced with the netbios name

# of the machine that is connecting.

# Note: Consider carefully the location in the configuration file of

# this line. The included file is read at that point.

; include = /usr/local/samba/lib/smb.conf.%m

# Configure Samba to use multiple interfaces

# If you have multiple network interfaces then you must list them

# here. See the man page for details.

; interfaces = 192.168.12.2/24 192.168.13.2/24

# Browser Control Options:

# set local master to no if you don't want Samba to become a master

# browser on your network. Otherwise the normal election rules apply

local master = no

# OS Level determines the precedence of this server in master browser

# elections. The default value should be reasonable

; os level = 33

# Domain Master specifies Samba to be the Domain Master Browser. This

# allows Samba to collate browse lists between subnets. Don't use this

# if you already have a Windows NT domain controller doing this job

; domain master = yes

# Preferred Master causes Samba to force a local browser election on startup

# and gives it a slightly higher chance of winning the election

preferred master = no

# Enable this if you want Samba to be a domain logon server for

# Windows95 workstations.

; domain logons = yes

# if you enable domain logons then you may want a per-machine or

# per user logon script

# run a specific logon batch file per workstation (machine)

; logon script = %m.bat

# run a specific logon batch file per username

; logon script = %U.bat

# Where to store roving profiles (only for Win95 and WinNT)

# %L substitutes for this servers netbios name, %U is username

# You must uncomment the [Profiles] share below

; logon path = \\%L\Profiles\%U

# Windows Internet Name Serving Support Section:

# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server

; wins support = yes

# WINS Server - Tells the NMBD components of Samba to be a WINS Client

# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both

; wins server = w.x.y.z

# WINS Proxy - Tells Samba to answer name resolution queries on

# behalf of a non WINS capable client, for this to work there must be

# at least one WINS Server on the network. The default is NO.

; wins proxy = no

# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names

# via DNS nslookups. The default is NO.

dns proxy = no

# These scripts are used on a domain controller or stand-alone

# machine to add or delete corresponding unix accounts

; add user script = /usr/sbin/useradd %u

; add group script = /usr/sbin/groupadd %g

; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u

; delete user script = /usr/sbin/userdel %u

; delete user from group script = /usr/sbin/deluser %u %g

; delete group script = /usr/sbin/groupdel %g

idmap uid = 10000-20000

idmap gid = 10000-20000

winbind enum users = yes

winbind enum groups = yes

winbind use default domain = yes

template homedir = /home/%U

template shell = /bin/bash

; encrypt passwords = yes

--------------------------------------------------------------------------------------------

nssswitch.conf

passwd: compat winbind

shadow: files

group: compat winbind

-----------------------------------------------------------------------------

login

#%PAM-1.0

auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so

auth include system-auth

account required pam_nologin.so

account include system-auth

password include system-auth

account required pam_winbind.so

# pam_selinux.so close should be the first session rule

session required pam_mkhomedir.so skel=/etc/skel umask=002

session required pam_selinux.so close

session include system-auth

session required pam_loginuid.so

session optional pam_console.so

# pam_selinux.so open should only be followed by sessions to be executed in the user context

session required pam_selinux.so open

session optional pam_keyinit.so force revoke

---------------------------------------------------------------------------

system_auth

#%PAM-1.0

# This file is auto-generated.

# User changes will be destroyed the next time authconfig is run.

auth required pam_env.so

auth sufficient pam_unix.so nullok try_first_pass

auth requisite pam_succeed_if.so uid >= 500 quiet

auth required pam_deny.so

account required pam_unix.so

account sufficient pam_succeed_if.so uid < 500 quiet

account required pam_permit.so

password requisite pam_cracklib.so try_first_pass retry=3

password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok

password required pam_deny.so

session optional pam_keyinit.so revoke

session required pam_limits.so

session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid

session required pam_unix.so

---------------------------------------------------------------------------

wbinfo -u shows all the domain user as

administrator

not

CENTRALadministrator

getent passswd shows all the doamin user.

please help me to solve the prob whrere i am worng so i can log samba server using domain user

thanks in advance.

cant access shared files on centos 5.2

Mon, 18 Aug 2008 12:56:41 +0200

Good Day All

Can any one please help me.

I have installed centos 5. to my workgrouop. I then sreate users in centos and made the usename and passwords same as the windows machines. I then added the users to samba.

Now the tricky part comes in. I create to shared folders 1. backup and 2. test. In the sambe configuration i selected each directory to share and selected every one. (nb:because i can see see the users to select access to it seems that there is a bug in samba) .

On my windows machines i can see the centos machine. When i click on it it asks for a user name and password which i enter. I then can see the two files shared and a printer file. When ever i select on tho shared files i get a error

"windows cannot access \\gonowsa\backup check the spelling of the name. Otherwise, there might be a problem with your network, To try to identify and resolve network problems, click Diagnose" The only file that i can access is the printer one. I have tried every thing and just can come right

This is my smb.conf file

# This is the main Samba configuration file. You should read the

# smb.conf(5) manual page in order to understand the options listed

# here. Samba has a huge number of configurable options (perhaps too

# many!) most of which are not shown in this example

#

# For a step to step guide on installing, configuring and using samba,

# read the Samba-HOWTO-Collection. This may be obtained from:

# http://www.samba.org/samba/docs/Samba-HO...ection.pdf

#

# Many working examples of smb.conf files can be found in the

# Samba-Guide which is generated daily and can be downloaded from:

# http://www.samba.org/samba/docs/Samba-Guide.pdf

#

# Any line which starts with a ; (semi-colon) or a # (hash)

# is a comment and is ignored. In this example we will use a #

# for commentry and a ; for parts of the config file that you

# may wish to enable

#

# NOTE: Whenever you modify this file you should run the command "testparm"

# to check that you have not made any basic syntactic errors.

#

#---------------

# SELINUX NOTES:

#

# If you want to use the useradd/groupadd family of binaries please run:

# setsebool -P samba_domain_controller on

#

# If you want to share home directories via samba please run:

# setsebool -P samba_enable_home_dirs on

#

# If you create a new directory you want to share you should mark it as

# "samba-share_t" so that selinux will let you write into it.

# Make sure not to do that on system directories as they may already have

# been marked with othe SELinux labels.

#

# Use ls -ldZ /path to see which context a directory has

#

# Set labels only on directories you created!

# To set a label use the following: chcon -t samba_share_t /path

#

# If you need to share a system created directory you can use one of the

# following (read-only/read-write):

# setsebool -P samba_export_all_ro on

# or

# setsebool -P samba_export_all_rw on

#

# If you want to run scripts (preexec/root prexec/print command/...) please

# put them into the /var/lib/samba/scripts directory so that smbd will be

# allowed to run them.

# Make sure you COPY them and not MOVE them so that the right SELinux context

# is applied, to check all is ok use restorecon -R -v /var/lib/samba/scripts

#

#--------------

#

#======================= Global Settings =====================================

[global]

# ----------------------- Network Related Options -------------------------

#

# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH

#

# server string is the equivalent of the NT Description field

#

# netbios name can be used to specify a server name not tied to the hostname

#

# Interfaces lets you configure Samba to use multiple interfaces

# If you have multiple network interfaces then you can list the ones

# you want to listen on (never omit localhost)

#

# Hosts Allow/Hosts Deny lets you restrict who can connect, and you can

# specifiy it as a per share option as well

#

; workgroup = workgroup

server string = gonow sa back up

; netbios name = MYSERVER

; interfaces = lo eth0 192.168.1.2/24 192.168.13.2/24

; hosts allow = 127. 192.168.1.0/24 192.168.1.24/48

# --------------------------- Logging Options -----------------------------

#

# Log File let you specify where to put logs and how to split them up.

#

# Max Log Size let you specify the max size log files should reach

# logs split per machine

; log file = /var/log/samba/%m.log

# max 50KB per log file, then rotate

; max log size = 50

# ----------------------- Standalone Server Options ------------------------

#

# Security can be set to user, share(deprecated) or server(deprecated)

#

# Backend to store user information in. New installations should

# use either tdbsam or ldapsam. smbpasswd is available for backwards

# compatibility. tdbsam requires no further configuration.

; security = user

passdb backend = tdbsam

# ----------------------- Domain Members Options ------------------------

#

# Security must be set to domain or ads

#

# Use the realm option only with security = ads

# Specifies the Active Directory realm the host is part of

#

# Backend to store user information in. New installations should

# use either tdbsam or ldapsam. smbpasswd is available for backwards

# compatibility. tdbsam requires no further configuration.

#

# Use password server option only with security = server or if you can't

# use the DNS to locate Domain Controllers

# The argument list may include:

# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]

# or to auto-locate the domain controller/s

# password server = *

; security = domain

; passdb backend = tdbsam

; realm = MY_REALM

; password server =

# ----------------------- Domain Controller Options ------------------------

#

# Security must be set to user for domain controllers

#

# Backend to store user information in. New installations should

# use either tdbsam or ldapsam. smbpasswd is available for backwards

# compatibility. tdbsam requires no further configuration.

#

# Domain Master specifies Samba to be the Domain Master Browser. This

# allows Samba to collate browse lists between subnets. Don't use this

# if you already have a Windows NT domain controller doing this job

#

# Domain Logons let Samba be a domain logon server for Windows workstations.

#

# Logon Scrpit let yuou specify a script to be run at login time on the client

# You need to provide it in a share called NETLOGON

#

# Logon Path let you specify where user profiles are stored (UNC path)

#

# Various scripts can be used on a domain controller or stand-alone

# machine to add or delete corresponding unix accounts

#

; security = user

; passdb backend = tdbsam

; domain master = yes

; domain logons = yes

# the login script name depends on the machine name

; logon script = %m.bat

# the login script name depends on the unix user used

; logon script = %u.bat

; logon path = \\%L\Profiles\%u

# disables profiles support by specifing an empty path

; logon path =

; add user script = /usr/sbin/useradd "%u" -n -g users

; add group script = /usr/sbin/groupadd "%g"

; add machine script = /usr/sbin/useradd -n -c "Workstation (%u)" -M -d /nohome -s /bin/false "%u"

; delete user script = /usr/sbin/userdel "%u"

; delete user from group script = /usr/sbin/userdel "%u" "%g"

; delete group script = /usr/sbin/groupdel "%g"

# ----------------------- Browser Control Options ----------------------------

#

# set local master to no if you don't want Samba to become a master

# browser on your network. Otherwise the normal election rules apply

#

# OS Level determines the precedence of this server in master browser

# elections. The default value should be reasonable

#

# Preferred Master causes Samba to force a local browser election on startup

# and gives it a slightly higher chance of winning the election

; local master = no

; os level = 33

; preferred master = yes

#----------------------------- Name Resolution -------------------------------

# Windows Internet Name Serving Support Section:

# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both

#

# - WINS Support: Tells the NMBD component of Samba to enable it's WINS Server

#

# - WINS Server: Tells the NMBD components of Samba to be a WINS Client

#

# - WINS Proxy: Tells Samba to answer name resolution queries on

# behalf of a non WINS capable client, for this to work there must be

# at least one WINS Server on the network. The default is NO.

#

# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names

# via DNS nslookups.

; wins support = yes

; wins server = w.x.y.z

; wins proxy = yes

; dns proxy = yes

# --------------------------- Printing Options -----------------------------

#

# Load Printers let you load automatically the list of printers rather

# than setting them up individually

#

# Cups Options let you pass the cups libs custom options, setting it to raw

# for example will let you use drivers on your Windows clients

#

# Printcap Name let you specify an alternative printcap file

#

# You can choose a non default printing system using the Printing option

; load printers = yes

cups options = raw

; workgroup = workgroup

; encrypt passwords = yes

; guest ok = no

; guest account = nobody

; workgroup = WORKGROUP

; security = user

; workgroup = WORKGROUP

; workgroup = workgroup

security = share

; encrypt passwords = yes

; guest ok = no

; guest account = nobody

; workgroup = workgroup

; security = user

; encrypt passwords = yes

; guest ok = no

; guest account = nobody

; encrypt passwords = yes

; guest ok = no

; guest account = nobody

; encrypt passwords = yes

; guest ok = no

; guest account = nobody

; workgroup = workgroup

; security = user

; encrypt passwords = yes

; guest ok = no

; guest account = nobody

; workgroup = workgroup

; security = user

; encrypt passwords = yes

; guest ok = no

; guest account = nobody

; workgroup = workgroup

; security = user

; encrypt passwords = yes

; guest ok = no

; guest account = nobody

; encrypt passwords = yes

; guest ok = no

; guest account = nobody

; printcap name = /etc/printcap

#obtain list of printers automatically on SystemV

; printcap name = lpstat

; printing = cups

# --------------------------- Filesystem Options ---------------------------

#

# The following options can be uncommented if the filesystem supports

# Extended Attributes and they are enabled (usually by the mount option

# user_xattr). Thess options will let the admin store the DOS attributes

# in an EA and make samba not mess with the permission bits.

#

# Note: these options can also be set just per share, setting them in global

# makes them the default for all shares

; map archive = no

; map hidden = no

; map read only = no

; map system = no

; store dos attributes = yes

#============================ Share Definitions ==============================

[homes]

comment = Home Directories

browseable = no

writeable = yes

; valid users = %S

; valid users = MYDOMAIN\%S

[printers]

comment = All Printers

path = /var/spool/samba

browseable = no

; guest ok = no

; writeable = no

printable = yes

# Un-comment the following and create the netlogon directory for Domain Logons

; [netlogon]

; comment = Network Logon Service

; path = /var/lib/samba/netlogon

; guest ok = yes

; writable = no

; share modes = no

# Un-comment the following to provide a specific roving profile share

# the default is to use the user's home directory

; [Profiles]

; path = /var/lib/samba/profiles

; browseable = no

; guest ok = yes

# A publicly accessible directory, but read only, except for people in

# the "staff" group

; [public]

; comment = Public Stuff

; path = /home/samba

; public = yes

; writable = yes

; printable = no

; write list = +staff

[test]

path = /home/michelle/Desktop/test

writeable = yes

; browseable = yes

guest ok = yes

comment = test

; browseable = yes

; browseable = yes

[back up]

path = /home/gonowsa/Desktop

writeable = yes

; browseable = yes

guest ok = no

browseable = yes

as you can see the last two foldes are test and backup, should i add something here to maybe make it accesseble? Please advise

Regards

Riaz Yussub