Don't know if this actually matters to anyone, just found it interesting.

I often build my own rpms for various things. I've run into a common issue where /usr/lib/.build-id/* files cause conflicts or problems, and I've successfully disabled these from being generated and going into my rpm before by adding `%define _build_id_links none` to the top of my spec file. However, at the moment this doesn't seem to be working. I get an error during rpmbuild that a bunch of /usr/lib/.build-id files as Installed (but unpackaged). I'm wondering why that might not be working. This is currently on a Rocky 8.10 installation. I have a feeling it is user-error somewhere, but can't find where.

Hey Everyone,

This morning I got a bunch of errors from our IaC system that dnf installs did not work anymore. I've tried looking into it but I keep getting GPG signature verification errors from the Rocky9 repository.

I've tried re-importing the GPG key as downloaded from the repository directly and I've downloaded repomd.xml and repomd.xml.asc to check verification. But when I do this I get this

"[root@server1]#gpg --verify repomd.xml.asc repomd.xml

gpg: Signature made Mon 27 Jan 2025 02:57:53 PM UTC

gpg: using RSA key 21CB256AE16FC54C6E652949702D426D350D275D

gpg: issuer "releng@rockylinux.org"

gpg: BAD signature from "Rocky Enterprise Software Foundation - Release key 2022 releng@rockylinux.org" [unknown]"

It looks like the repomd.xml was updated on the 28th of January so is there a chance there is a fault in the repo? Are any of you experiencing issues?

Looking forward to your responses. Hope you guys can help me.

Hello Community,

I’m encountering persistent issues setting up a Samba Active Directory Domain Controller (AD DC) in a hybrid environment with a Windows Server-based Primary Domain Controller (DC). Despite multiple troubleshooting steps, the errors persist. Below are the details of the setup, observations, and challenges:

Setup Information:

1. Samba Version: 4.20.2
2. Operating System: Rocky Linux 9.5
3. Server Role: Active Directory Domain Controller (to integrate with Windows-based DC)
4. Windows DC Details:
   • Primary DC Hostname: WIN-GTM1AT6IFMJ
   • DNS Domain: gbpuat.ac.in
   • Primary DC IP Address: 10.7.3.20
5. Current Samba Configuration (/usr/local/samba/etc/smb.conf):[global] dns forwarder = 10.7.3.20 # Windows DC's DNS Server IP log file = /var/log/samba/log.%m max log size = 50 realm = GBPUAT.AC.IN security = ADS server role = active directory domain controller workgroup = SAMBA [netlogon] path = /usr/local/samba/var/locks/sysvol/gbpuat.ac.in/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No
6. Network Configuration:
   • Hostname: ecedc1
   • FQDN: ecedc1.gbpuat.ac.in
   • Static IP Address: 10.7.3.30
   • DNS Forwarder: 10.7.3.20 (Windows DC)

Symptoms:

• The samba-ad-dc.service fails to start with the following error:exit_daemon: daemon failed to start: Samba detected misconfigured 'server role' and exited. Check logs for details, error code 22.
• Using samba-tool commands like domain info or drs showrepl returns:ERROR: Invalid IP address 'localhost' or '10.7.3.30'
• An attempt to validate services using smbclient on the Windows DC resolves shares correctly but outputs:SMB1 disabled -- no workgroup available

Relevant Logs and Snapshots:

• Attached screenshots include:
  1. smb.conf file configuration.
  2. DNS resolution via nslookup.
  3. Windows DC details using PowerShell (Get-ADObject).
  4. Samba service logs (journalctl -xe).
  5. Screenshot of the service's failure output.

Actions Taken:

1. Validated the smb.conf file configuration (included above).
2. Verified hostname and FQDN setup:
   • Hostname: ecedc1
   • FQDN resolves to ecedc1.gbpuat.ac.in using nslookup.
3. Checked and updated permissions for Samba-specific directories:
   • /usr/local/samba/private/msg.sock
   • Ensured correct ownership for /usr/local/samba/var/locks.
4. Confirmed connectivity to Windows DC (shares resolve correctly using smbclient).

Questions:

1. Is the DNS forwarder configuration correct in smb.conf? Should it explicitly point to the Windows DC's DNS, or are additional settings required to integrate properly?
2. What could be causing the misconfiguration of the server role? Could it be an issue with hybrid integration with the existing Windows DC?
3. Are there any known compatibility issues with Samba 4.20.2 in this setup, or specific debugging steps I might have overlooked?

Hello,

We're migrating VPN routers from Centos to Rocky. Mainly it consists of FRR routing software for OSPF and BGP. GRE and VTI tunnels for site-to-site tunnels. And Strongswan IPsec for IPSEC.

I'm wondering if there're any caveats in Rocky networking side we should be careful of? For example Network Manager - i've read some post where people had issues with it and went to the packaged like systemd-networkd. Seems currently in the progress of migration it works fine, but i'm afraid that in near future we can experience some issues. For example when upgrading from Ipsec to Wireguard.

Maybe someone has more experience with Rocky and routing ?

Thanks!

My laptop I am repurposing into a server has a broken integrated Ethernet Device and the WiFi card hardly worked so I took it out and since lost it. That leaves me with my TP-Link UE300 I have I know it works as I’ve tested it on my main PC which is running windows so I assume it’s a driver error or something along those lines problem is I have no internet to upgrade that so what should I do ?

In nmcli it lists both Ethernet adapters and they both have disconnected I’ve tried both with an Ethernet cord.

Most of the work I do is on RHEL type environments. I was hoping there was a resource out there, like a web site, blog, git repo, that specifically talks about Rocky Linux on Raspberry Pi.

I can definitely pivot and go to Raspbian, but I would like to stick with Rocky.

I have seen bits and pieces here and there, but I was looking to control an i2c device (20x4 LCD), buzzer and RGB LED light.

I am also adding an LTE HAT to send (and hopefully receive) SMS messages.

In short, I am building a nagios box, that can stay up as long as possible on UPS (hence the use of a low power pi) and send me notifications and take action. The notifications are in the form of LCD display, audio beeps, email, MQTT publish, SMS messages, and POTS voice messages.

Furthermore, I would like to be able to receive a message via SMS and execute a command like etherwake to wake up machines or govc to start up VMs on an ESXi host. I am aware of possible security implications, it is something I would like to see if I can do it.

Edit: Adding image of what I am trying to build, still drawing it up.

https://preview.redd.it/ii0vohhgkoee1.png?width=982&format=png&auto=webp&s=02f4b581503d0170138ea6d5e1a3688b0a85c197

My server running Rocky 9.3 has started booting with no internet and things not working like ssh, etc. this is legit unusable as I have no internet. It had randomly fixed itself one time during a reboot and I had to restart the server and it’s doing the same thing again now and I cannot replicate the “fix” that happened before as I was just randomly mashing keys as a last hope during the restart I’ve tried everything it boots up into the os I can sign in and what not but it’s not connected to my LAN like it doesn’t assign itself a local ip which is weird idek where to look for errors I’ve tried journalctl and nothing seems to stick out. Does anyone know what this could be or has experienced this before. Thanks

edit: I’m also an idiot so…

edit 2: while perusing journalctl this is the only thing I can see that says anything about network https://imgur.com/a/wFiv99l

I'm coming from using OpenSUSE, a distro that I fell in love with and that has set the bar very high, however I want to try all the possible distribution branches, the branches that I have already tried are:

• Debian

• Arch

• OpenSUSE

However, I still have to try RHEL and I have decided to do it with Rocky Linux, but is it really good for the user? It's just a question, I don't think I'll use it for personal use but I want to at least give it a chance.

So I'm trying to install rocky linux workstation edition to use Houdini and openmoonray but I can't managed to install it. I don't run through any error message while using my boot drive installation I then logging after removing the USB and it's just a black screen nothing no error msg. I have two screens one plug in my Nvidia rtx 3080 the other on my motherboard with an Intel k CPU I tried booting up with only one screen on either GPU but I still run in the same issues. And disabling nouveau through grub didn't help either :((

Anyone have any idea for what I should look for or how I could fix this ?

I dont really know how else to describe it besides there is no internet and my ethernet cable which is plugged in and blinking and working is not found. when I do nmcli device status I get back only pterodactyl (server hosting) lo and docker0. nothing about ethernet at all only way I see something to do with it is with nmcli connection show and only other thing listed is enp5so. when I try using ethtool it says enp5so doesnt exist so im a bit confused. This is a last ditch efford before I just wipe my entire system cause idk what else to do I cannot get an internet connection to even attempt to fix my other problems so. I boot just fine and can login and see all my files and what not. and journalctl doesnt seem to be saying anything too helpfull.

As the titles says I went to install nvidia drivers from this "https://docs.rockylinux.org/desktop/display/installing\_nvidia\_gpu\_drivers/" and I followed it verbatim went to reboot at the end of it now my computer just does not even turn on not even a command line output at all and I've pluged my DP cable into every port on my GPU and motherboard. Not anything and I cannot even get into the bios or connected via SSH.

Rocky Linux doesn't recognize my gamepad. They show up as ‘lsusb’ but can't set keybindings.

New Rocky user here and trying to figure out what I am doing wrong. I can only find about 30 packages listed in it's gnome "store". I am looking for a web server, mysql and php. Do i need to use the "DVD" version or manually add repositories to get typical Linux software? Thanks.

I have never come across this before, when doing a new install with latest ISO usb 9.5 my system freezes. It gets stuck on a nvme error but upon further investigation with trying other OS and graphics cards, it turns out to be the 4060ti. When I remove the 4060ti and install 9.5, no issue at all. I try to then install the Nvidia drivers with no luck. I have it working perfectly with a 3060 GPU and any other OS other than Rocky.Any advise would be greatly appreciated.

https://preview.redd.it/kxbobr3fhwbe1.png?width=1844&format=png&auto=webp&s=015293e25b473d73a24a89a671761980dfef710f

Hi everyone,

I'm struggling to set up a persistent TigerVNC server on Rocky Linux for a specific user (ecdept). While the server works fine when launched manually, the systemd service consistently fails with the following error:

Job for vncserver@:1.service failed because the control process exited with error code.

See "systemctl status vncserver@:1.service" and "journalctl -xe" for details.

Here are the details:

System Environment:

OS: Rocky Linux

VNC Server: TigerVNC 1.13.1

User: ecdept

Group: vncusers

Service File: Here's my /etc/systemd/system/vncserver@.service file:

[Unit]

Description=Start TigerVNC server for user ecdept on display :%i

After=syslog.target network.target

[Service]

Type=forking

User=ecdept

Group=vncusers

WorkingDirectory=/home/ecdept

PAMName=tigervnc

# Explicit environment variables

Environment="XAUTHORITY=/home/ecdept/.Xauthority"

Environment="HOME=/home/ecdept"

Environment="DISPLAY=:%i"

PIDFile=/home/ecdept/.vnc/%H:%i.pid

ExecStart=/usr/bin/vncserver :%i -geometry 1024x768

ExecStartPost=/bin/sleep 2

ExecStop=/usr/bin/vncserver -kill :%i

Restart=on-failure

[Install]

WantedBy=multi-user.target

What I’ve Tried:

• Checked file and directory permissions for /home/ecdept/.vnc and .Xauthority (owned by ecdept:vncusers).
• Confirmed the user ecdept is part of the vncusers group.
• Verified that firewalld has the necessary ports (5901-5910/tcp) open.
• Manually starting the VNC server works perfectly (/usr/bin/vncserver :1).
• Enabled debug logs for PAM and systemd, but they haven’t revealed anything obvious.

Error Messages: From journalctl -u vncserver@1.service, I see errors like:

Failed to start TigerVNC server for user ecdept on display :1.
pam_unix(tigervnc:session): session opened for user ecdept by (uid=0)

Other Notes:

$XDG_RUNTIME_DIR is set to /run/user/823601103 for the ecdept user.

Deleted old files in .vnc/ but no luck.

Standalone VNC confirms the configuration and permissions should be fine, but something in the systemd service is causing the failure.

Does anyone have insights into what could be going wrong or things I should check? This has been a frustrating process, and I feel like I’ve been going in circles.

Any help is greatly appreciated.

I've gotten Rocky Linux to install but I'm failing to get the kernel and other utilities. Has anyone had any success with Rocky Linux? I'm sure I'm just over looking something.

I just booted up a Rocky 9 VM, configured the /etc/sysconfig/network-scripts/ifcfg-eth0 file, only to notice quickly that it doesn't work.

After an hour of debugging I realized that it wasn't because the keyfile was specified (instead of ifcfg). The networking isn't working, because of Network Manager - which sucked way back in the day, and still sucks today.

I used to work at a Networking startup, and the very first task we did on an OS deployment was to disable Network Manager. The only "good purpose" of Network Manager (thing it does well) is radio connection management. For fixed Ethernet connections, it gets in the way and breaks things.

So - in looking into what is going on, I see 3 connections if I run nmtui:

1. Wired Connection 1 - huh? WTF kind of name is this?????

It turns out that this one has the mac matching the hypervisor. So this is the "real interface".

IPv4 Connection is Automatic, but completely unconfigured.

2. System eth0 - This one, I had configured in nmtui the same information as I had put into the ifcfg-eth0 file. Problem is, this interface is NOT the real "wired" interface (eth0) and has a different unrecognized mac address.

On this interface it is set to Manual. I assumed this was the one to configure, BECAUSE it was Manual. But Nope. Apparently not - because the mac address is not legit.

3. ens160 - nothing entered here, and the connection is automatic.

This is a really good example of how Network Manager is a complete clusterfk, and why "real" network managers used iproute2 (read up on why iproute2 was developed). It looks to me like we are moving backwards. Now, this is all based on tried-and-true ipv4 - not ipv6.

I am encountering issues while setting up a VNC server on a Rocky Linux 8 system integrated with Active Directory (AD) using SSSD. Here's the setup and problem details:

Setup:

1. Operating System: Rocky Linux 8
2. VNC Server: TigerVNC
3. AD Integration: AD is on separate machince windows domain controller
   • The system is joined to an AD domain (example.com) using realm join.
   • SSSD is configured as the authentication provider.
   • Users authenticate with their AD credentials.
4. VNC Configuration:
   • A custom systemd service file (/etc/systemd/system/vncserver@.service) is used to start the VNC server for AD users.
   • The User=%i and Group=vncusers directives are used in the service file.
   • The vncusers group was created locally, and the AD user aduser was added to this group using usermod -aG vncusers aduser.

Problem:

1. The VNC service fails to start, with errors like:orInvalid user/group name or numeric ID. Accepting user/group name 'vncusers', which does not match strict user/group name rules.
2. Commands like id aduser and getent group vncusers confirm that the AD user is part of the vncusers group.
3. Despite correct SSSD and AD integration, the service does not recognize the group membership properly.

Steps Tried:

1. Verified that id aduser shows correct group memberships, including vncusers.
2. Ensured the /home/aduser/.vnc directory and its contents have the correct ownership (aduser:vncusers) and permissions.
3. Updated the sssd.conf file with configurations like access_provider=ad and restarted the sssd service.
4. Cleared the SSSD cache with sss_cache -E.
5. Confirmed the service file configuration is valid and consistent.

Request:

What could be causing this issue with the VNC server and group recognition? Do I need to modify any additional SSSD settings, or is this related to the way the vncusers group is handled locally versus in AD? Any guidance or troubleshooting steps would be greatly appreciated.

Important Notes:

• The actual domain and user/group names have been replaced with placeholders for privacy.
• I can provide more logs or details if needed.

I originally posted this in the Podman Subreddit but did not have any luck getting it resolved. Hoping someone here can help. Link to original post: https://www.reddit.com/r/podman/comments/1hraswq/creating_user_systemd_jellyfin_podman_container/

I am attempting to create a user systemd service to launch a container for Jellyfin on boot, but it keeps giving the same error and journalctl gives me no details. I believe I followed the documentation for quadlet files correctly and am at my whits-end. I am using Rocky Linux 9.5. I have also tried it on Rocky 8.10.

File location and permissions are at the top and error is below the command.

Here is the my file

I tried with a previously working file and I get the same error. I have enabled lingering already and I believe I have made the necessary adjustments to SELinux. I am open to any suggestions anyone has!I am attempting to create a user systemd service to launch a container for Jellyfin on boot, but it keeps giving the same error and journalctl gives me no details. I believe I followed the documentation for quadlet files correctly and am at my whits-end. I am using Rocky Linux 9.5.I tried with a previously working file and I get the same error. I have enabled lingering already and I believe I have made the necessary adjustments to SELinux. I am open to any suggestions anyone has!

Rocky-9-EC2-LVM-9.5-20241118.0.x86_64.qcow2

Downloaded this one, and it provisioned to vCenter just fine - but once again, as with the other generic cloud images I have tested, no Cloud-Init is initialized at all. I see nothing in the console at all, except a login prompt - which is of no value because the user-data is not getting into the VM.

The deployment, however, appears flawless, including the cloud-init ISO being attached to the VM.

I think I am going to abandon Rocky Cloud images for my platform going forward now.

I will consider a Packer process to generate and upload these images (right now, I use a VMX file and OVFTool). But, if I download an Alma Linux and it comes up perfectly with cloud-init, I am going to punt Rocky to the sidelines, and take it off the menu. Very annoyed. I have spent WAAAY too much time trying to debug this issue.

Any word on a Rocky 10 beta test? Other RHEL based distros have betas out, I was hoping to test my favorite distro soon too.

When I try to provision an new VM using foreman (on vmware 8) the installation fails with Service org.fedoraproject.Anaconda.Modules.Storage has failed to start: Process org.fedoraproject.Anaconda.Modules.Storage exited With status 1

Looking at journalctl -e i can see quite a few arrors when the system tries to load kernel modules like ext4, xfs etc.

modprobe: FATAL: Module ext4 not found in directory /lib/modules/<kernel version>

Interestingly both that string and uname -r tell me I'm at Kernel 5.14.0....el9_4.x86_64 but I'm installing Rocky Linux 9.5, confirmed by /etc/os-release.

Also before stopping, the installer waits roughly 1.5 minutes for /dev/zram0 which also fails.

So my guess would be that there is something wrong with my provisioning setup that pairs the wrong kernel to a newer operating system, which then is unable to load kernel modules properly. But I'm completely lost on how to fix this.

I created a Kickstart file using Rocky 9.5 OS, but after booting, when I try to use the dnf command, I encounter the error: [Errno 30] Read-only file system: '/var/log/dnf.log': '/var/log/dnf.log'. Additionally, when I run the lsblk command, I see that the mount points are not properly set. What could be the issue?

The disk partitioning settings I want are as follows:

• File system: XFS
• Partitions:
  • /boot: 1G
  • /boot/efi: 1G
• LVM provisioning:
  • swap: 8G
  • /data: 200G
  • The rest of the space allocated to /.

Please help me resolve this issue.

https://preview.redd.it/egy19vtcyd8e1.png?width=938&format=png&auto=webp&s=e71380580da43840ad5ad65a5e45d7f8e42afe7d

my kickstart file

# /dev/sda 디스크만 사용
ignoredisk --only-use=sda
zerombr

# 디스크 초기화 및 파티셔닝
clearpart --all --initlabel --drives=sda --disklabel=gpt

# 부트로더 설정 (UEFI 지원)
bootloader --location=mbr --boot-drive=sda 

# BIOS와 UEFI 호환 설정
part biosboot --fstype=biosboot --size=1 --ondisk=sda
part /boot/efi --fstype="efi" --ondisk=sda --size=500 --asprimary --fsoptions="defaults,uid=0,gid=0,umask=0077,shortname=winnt"
#part /boot/efi --fstype="vfat" --ondisk=sda --size=500 --asprimary --fsoptions="umask=0077,shortname=winnt"

# /boot 파티션
part /boot --fstype="xfs" --ondisk=sda --size=1024 --asprimary

# LVM 설정
part pv.01 --fstype="lvmpv" --ondisk=sda --size=1 --grow

volgroup vg_root pv.01

# 논리 볼륨 생성
logvol swap --fstype="swap" --vgname=vg_root --name=lv_swap --size=8192
logvol /data --fstype="xfs" --vgname=vg_root --name=lv_data --size=204800
logvol / --fstype="xfs" --vgname=vg_root --name=lv_root --size=1024 --grow

Driver install/OpenGL and associated libraries (glu,glx,etc) were not installed

Driver version: 550.142 OS: Rocky 8.10, Clean install

I installed NVIDIA driver version 550.142 using the directions as specified in the included REAME. After reboot there appears that the OpenGL and associated libraries (glu,glx,etc) were not installed. A thorough search of /use verified this.

Can anyone provide guidance for a solution?

In my CMP, I can see the image being uploaded to vCenter, and I can see the cloud-init ISO being attached to the VM. But when the VM comes up, I cannot log into it. So after testing my image preparation process hundred times, I am now starting to think that the problem isn't my stuff, it's the image.

When I take the 9.3 generic cloud qcow2 file, it works perfectly. No difference in the process, only the image.

Way back in 2014 someone from the Fedora team added the include /etc/nginx/default.d/*.conf directive to Nginx's RPM spec.

This directive remains in Rock Linux 8's nginx 1.14 package today.

Here's a snippet of nginx.conf from that package:

    include /etc/nginx/conf.d/*.conf;

    server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        server_name  _;
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

This config defines the default_server.

If I wanted to define my own default_server in within a conf.d/*.conf config file, is there a directive I could pass in a default.d/*.conf config file to disable the package's default default_server?

Ultimately I'd like to avoid modifying the package's nginx.conf

Why? I'd like to redirect location / with a 301 using my own conf.d/*.conf

We have been working with a vendor who is building out a VM for us to upload into our environment. They build out their VM in Rocky on Virtual Box and when they sent me the ovf, it wont import into our Vcenter. They mentioned this happened with another customer as well last time they tried it and was wondering if anyone else had noticed this:

Details: - 66:7:VALUE_ILLEGAL: Value ''PIIX4'' of ResourceSubType element not found in []. - 75:7:VALUE_ILLEGAL: Value ''PIIX4'' of ResourceSubType element not found in []. - 111:7:VALUE_ILLEGAL: Value ''5'' of Parent element does not refer to a ref of type DiskControllerReference. - 121:7:VALUE_ILLEGAL: Value ''5'' of Parent element does not refer to a ref of type DiskControllerReference. - 131:7:VALUE_ILLEGAL: Value ''5'' of Parent element does not refer to a ref of type DiskControllerReference. - 141:7:VALUE_ILLEGAL: Value ''5'' of Parent element does not refer to a ref of type DiskControllerReference.

This is the error we get when trying to load the ovf. I have tried other ResourceSubTypes and still get similar errors.

Is there any way around this? If not, they will have to build the VM in Ubuntu which they ended up doing for their other customer and it worked fine.

Just updated a VM to Rocky 9.5 and as I was rebooting it I noticed this warning flash up
kernel: Warning: Deprecated Hardware is detected: x86_64-v2:GenuineIntel:Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz will not be maintained in a future major release and may be disabled

The same shows up for the i5-9400 and i5-9600 CPUs

From what I can tell, these should be at least v3 if not v4

What am I missing?

It doesn't appear that this package is installed. I wonder why, if this is a cloud image?