RedHat Enterprise Linux – CentOS8 / RedHat8 – Disable AppStream modules during custom compilation?

This is a general question about AppStream modules in CentOS / RedHat 8. Should we disable the AppStream module for this app when custom compiling apps like Apache or PHP? I don't seem to find any direct reference in the documentation. Is there a benefit and / or need? Thanks a lot!

redhat enterprise linux – how to force yum to remove rpm + rhel 7.5

we want to remove openssl-libs and install diff openssl version

However, the yum remove option has a large dependency list and failed as follows:

yum remove openssl-libs
.
.
.
.
.


---> Package spax.x86_64 0:1.5.2-13.el7 will be erased
---> Package speex.x86_64 0:1.2-0.19.rc1.el7 will be erased
---> Package startup-notification.x86_64 0:0.12-8.el7 will be erased
---> Package taglib.x86_64 0:1.8-7.20130218git.el7 will be erased
---> Package tcp_wrappers.x86_64 0:7.6-77.el7 will be erased
---> Package tcp_wrappers-libs.x86_64 0:7.6-77.el7 will be erased
---> Package telepathy-filesystem.noarch 0:0.0.2-6.el7 will be erased
---> Package telepathy-glib.x86_64 0:0.24.0-1.el7 will be erased
---> Package telepathy-logger.x86_64 0:0.8.0-5.el7 will be erased
---> Package tigervnc-license.noarch 0:1.3.1-3.el7 will be erased
---> Package ttmkfdir.x86_64 0:3.0.9-42.el7 will be erased
---> Package tzdata-java.noarch 0:2015g-1.el7 will be erased
---> Package urw-fonts.noarch 0:2.4-16.el7 will be erased
---> Package usbredir.x86_64 0:0.6-7.el7 will be erased
---> Package vte-profile.x86_64 0:0.38.3-2.el7 will be erased
---> Package wavpack.x86_64 0:4.60.1-9.el7 will be erased
---> Package webrtc-audio-processing.x86_64 0:0.1-5.el7 will be erased
---> Package xcb-util.x86_64 0:0.4.0-2.el7 will be erased
---> Package xkeyboard-config.noarch 0:2.14-1.el7 will be erased
---> Package xml-common.noarch 0:0.6.3-39.el7 will be erased
---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be erased
---> Package xorg-x11-font-utils.x86_64 1:7.5-20.el7 will be erased
---> Package xorg-x11-fonts-Type1.noarch 0:7.5-9.el7 will be erased
---> Package xorg-x11-server-common.x86_64 0:1.17.2-10.el7 will be erased
---> Package xorg-x11-server-utils.x86_64 0:7.7-14.el7 will be erased
---> Package xorg-x11-xkb-utils.x86_64 0:7.7-12.el7 will be erased
---> Package yajl.x86_64 0:2.0.4-4.el7 will be erased
---> Package yelp-xsl.noarch 0:3.14.0-1.el7 will be erased
--> Finished Dependency Resolution
Error: Trying to remove "systemd", which is protected
Error: Trying to remove "yum", which is protected

In the last few lines we see how systemd and yum are removed

Error: Trying to remove "systemd", which is protected
Error: Trying to remove "yum", which is protected

How can we force yum remove to remove openssl-libs rpm?

redhat – OVirt 4.2 Connection to node interrupted

I use the OVirt version 4.2.3.8-1.el7, which is connected to 2 IBM PureFlex servers with a total of 10 nodes (5 + 5).

OVirt suddenly lost connection to all nodes, but the VMs in these nodes are working fine. I get the following error message for all nodes:

VDSM Node6 command GetCapabilitiesAsyncVDS failed: Message timeout which can be caused by communication issues

Nodes can be reached with SSH and I can run SSH with these nodes from the OVirt management computer.

I restarted the OVirt management server once and it was able to connect to nodes for a while, but the problem recurred after a while.

Can someone help me how to fix this?

redhat – chown: groupthatibelongto myfile does not work

Trying to do some basic testing with RedHat 7.7, I was unable to reproduce a simple scenario: changing the group owner of a newly created file to a group I belong to!
I am aware that it will most likely not be easy for most of you, but believe me, I have tried hard and do not know what is going on:

[root@VMT1 etc]# cat /etc/group | grep youcef
wheel:x:10:youcef
youcef:x:1000:
consultants:x:40000:sam,spade,bettyboop,dicktracy,youcef,newuserone
newgroup:x:40001:newuserone,newusertwo,youcef

You can see that I belong to the groups above, but:

[youcef@VMT1 perm]$ ll
total 0
-rwxrwxrwx. 1 youcef youcef 0 Dec 24 06:43 me
drwxrwxrwx. 2 youcef youcef 6 Dec 24 06:35 test
[youcef@VMT1 perm]$ chown -v :newgroup me
chown: changing group of ‘me’: Operation not permitted
failed to change ownership of ‘me’ from youcef:youcef to :newgroup
[youcef@VMT1 perm]$ chown -v :consultants me
chown: changing group of ‘me’: Operation not permitted
failed to change ownership of ‘me’ from youcef:youcef to :consultants
[youcef@VMT1 perm]$ chown -v :consultants test
chown: changing group of ‘test’: Operation not permitted
failed to change ownership of ‘test’ from youcef:youcef to :consultants
[youcef@VMT1 perm]$ chown -v :newgroup test
chown: changing group of ‘test’: Operation not permitted
failed to change ownership of ‘test’ from youcef:youcef to :newgroup
[youcef@VMT1 perm]$ 

Please help me see what I miss.

Thank you in advance.

redhat – RHEL7.7: Version incompatibility between python3 and python3-devel

First of all, I'm not too familiar with the RedHat / rpm distribution system, since I'm more of a private Debian type. After an update from RHEL7.4 to RHEL7.7 on a server that I manage at work, the following message is displayed:

Error: Package: python36-devel-3.6.8-2.el7.ius.x86_64 (@ius)
           Requires: python36-devel-3.6.8-2.el7.ius
           Removing: python36-3.6.8-2.el7.ius.x86_64 (@ius)
               python36 = 3.6.8-2.el7.ius
           Obsoleted By: python3-3.6.8-10.el7.x86_64 (rhel-7-server-rpms)
               python36 = 3.6.8-10.el7

Here's how I read it: I installed python36-devel-3.6.8-2 and it depends on python36-3.6.8-2, which is also installed (both from IUS some time ago). However, Yum wants to upgrade from python36-3.6.8-2 to python3-3.6.8-10 from the current RHEL7.7 distribution, but cannot because the dependency on python36-devel-3.6.8-2 would pick up

I've done

$ sudo yum clean metadata
$ sudo yum install epel-release ius-release
Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager
Package epel-release-7-12.noarch already installed and latest version
Package ius-release-2-1.el7.ius.noarch already installed and latest version
Nothing to do
$ sudo yum update
( ...error message like above... )
Enable all repositories and try again? (y/N): y
( ...error message like above... )

So my question is: How can I synchronize my Python (-devel) packages?

Note: I also use Apache with mod_wsgi. Since I have all my Python3 stuff in one virtual environment, I could reinstall Python3 from scratch and do everything squeaky clean in that environment, including mod_wsgi. However, I fear that this could lead to compatibility problems between Apache and mod_wsgi. And yes, I need python3-devel because I also use C extensions.

redhat – problem starting nginx after upgrading site packages

After a firmware update on the Rhel server

-- Subject: Unit nginx.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit nginx.service has failed.
--
-- The result is failed.
Dec 17 12:14:26 mnmmoweb01p.jkhy.com systemd(1): Unit nginx.service entered failed state.
Dec 17 12:14:26 mnmmoweb01p.jkhy.com systemd(1): nginx.service failed.
Dec 17 12:14:26 mnmmoweb01p.jkhy.com polkitd(13138): Unregistered Authentication Agent for unix-process:15176:292396 (system bus name :1.107, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale e
Dec 17 12:14:26 mnmmoweb01p.jkhy.com sudo(15175): pam_unix(sudo:session): session closed for user root

If you are unsure of how to troubleshoot the polkit, you will be asked for advice

redhat – Strange problem with FreeRadius and Kerberos

Right now, I'm trying to get my FreeRadius server to communicate with my FreeIPA server, and through a Google tool, I've found that I need to let FreeRadius speak Kerberos to perform user lookups. So I create a Krb5 file under / etc / raddb / mods-enabled / Krb5 with the following content:

krb5 {
    keytab = /etc/raddb/radius.keytab
    service_principal = radius/resolute.akr.iol.unh.edu
}

I have created the keytab and this principle exists on FreeIPA.

The main problem I have now is when I start FreeRadius for testing with this command:

radiusd -X

I get the following error message:

rlm_ldap (ldap): Waiting for bind result...
rlm_ldap (ldap): Bind successful
  # Instantiating module "krb5" from file /etc/raddb/mods-enabled/krb5
Using MIT Kerberos library
rlm_krb5 (krb5): Using service principal "radius/resolute.akr.iol.unh.edu@AKR.IOL.UNH.EDU"
rlm_krb5 (krb5): Using keytab "FILE:/etc/raddb/radius.keytab"
rlm_krb5 (krb5): Initialising connection pool
   pool {
        start = 5
        min = 5
        max = 10
        spare = 3
        uses = 0
        lifetime = 0
        cleanup_interval = 30
        idle_timeout = 60
        retry_delay = 1
        spread = no
   }
rlm_krb5 (krb5): Opening additional connection (0), 1 of 10 pending slots used
rlm_krb5 (krb5): Opening additional connection (1), 1 of 9 pending slots used
rlm_krb5 (krb5): Opening additional connection (2), 1 of 8 pending slots used
rlm_krb5 (krb5): Opening additional connection (3), 1 of 7 pending slots used
rlm_krb5 (krb5): Opening additional connection (4), 1 of 6 pending slots used
 } # modules
radiusd: #### Loading Virtual Servers ####
server { # from file /etc/raddb/radiusd.conf
} # server
server default { # from file /etc/raddb/sites-enabled/default
 # Loading authenticate {...}
/etc/raddb/sites-enabled/default(53): Failed to find "Krb5" as a module or policy.
/etc/raddb/sites-enabled/default(53): Please verify that the configuration exists in /etc/raddb/mods-enabled/Krb5.
/etc/raddb/sites-enabled/default(53): Failed to parse "Krb5" entry.

There's a lot more to this issue, but I've just said what I think is important.

As you can see in the last three lines, the configuration file does not exist, but this is clearly the case. Another strange thing is, if you look at the top few lines that even reads it from the Krb5 file and outputs the content in it. So if I miss nothing, I do not understand what's wrong here and why this error still occurs even though the file exists.

Script for installing Oracle Client 12c2 on Redhat Linux 7.5

Can someone help me provide a script that allows me to install the Oracle client as part of the server build or AMI? The following script was available from the manual on the Oracle site. Nevertheless, I miss something. I have added the main code area. Requirements are given.

This code does not work when run as a script because the user switches to oracle just before running runinstaller. Required permits have already been granted. Someone please help.

[INS-30131] Initial setup required for the execution of installer validations failed.
   CAUSE: Failed to access the temporary location.
   ACTION: Ensure that the current user has required permissions to access the temporary location.
*ADDITIONAL INFORMATION:*
 - PRVG-1901 : failed to setup CVU remote execution framework directory "/tmp/CVU_12.2.0.1.0_oracle/" on nodes "ip-10-81-140-134"
 - Cause:  An operation requiring remote execution could not complete because the attempt to set up the Cluster Verification Utility remote execution framework failed on the indicated nodes at the indicated directory location because the CVU remote execution framework version did not match the CVU java verification framework version. The accompanying message provides detailed failure information.
 - Action:  Ensure that the directory indicated exists or can be created and the user executing the checks has sufficient permission to overwrite the contents of this directory. Also review the accompanying error messages and respond to them.
Summary of the failed nodes
ip-10-81-140-134
groupadd oinstall
groupadd dba
sudo useradd -g oinstall -G dba oracle; echo Nbst@AWS01 | passwd oracle --stdin
cd /opt
mkdir app
mkdir app/oracle
chown oracle:oinstall app
chown oracle:oinstall app/oracle
cd /tmp

wget https://amazonaws.com/linuxx64_12201_client.zip
chown oracle:oinstall linuxx64_12201_client.zip
unzip linuxx64_12201_client.zip
chown oracle:oinstall client
cd /tmp/client/
wget https://amazonaws.com/client_install.rsp
chown oracle:oinstall client_install.rsp 
chmod 775 client_install.rsp
sudo su oracle; echo Nbst@AWS01 | passwd oracle --stdin 
export ORACLE_BASE=/opt/app/oracle
export ORACLE_HOME=/opt/app/oracle/product/12.2.0/client_1
/tmp/client/runInstaller -silent -responseFile /tmp/client/client_install.rsp
exit
cd /opt/app/oraInventory/
./orainstRoot.sh
cd /opt/app/oralinventory/
./orainstRoot.sh

cd /opt/app/oracle/product/12.1.0/client_1/network/admin/
wget https://amazonaws.com/tnsnames.ora
chown oracle:oinstall tnsnames.ora
chmod 775 tnsnames.ora