lighttpd does 26 req/s on a static file
I'm getting 26 req/s on a static file. Not sure why it's so slow, I could really use some help. Running lighty 1.4.10 on FreeBSD 6.0. Server is a basically unused AMD Barton 3000+ with a gig of RAM, hosted at a data center. -bash-2.05b$ ab -c 9 -n 500 http://72.21.52.134/hello.html Benchmarking 72.21.52.134 (be patient) ... Finished 500 requests Server Software:lighttpd Server Hostname:72.21.52.134 Server Port:80 Document Path: /hello.html Document Length:13 bytes Concurrency Level: 9 Time taken for tests: 19.78523 seconds Complete requests: 500 Failed requests:0 Write errors: 0 Total transferred: 119500 bytes HTML transferred: 6500 bytes Requests per second:26.21 [#/sec] (mean) Time per request: 343.413 [ms] (mean) Time per request: 38.157 [ms] (mean, across all concurrent requests) Transfer rate: 6.08 [Kbytes/sec] received Here's the lighty config: server.modules = ( "mod_access", "mod_accesslog" ) server.document-root = "/usr/local/www/data" server.port= 80 server.username= "www" server.groupname = "clients" server.pid-file= "/var/run/lighttpd.pid" server.tag = "lighttpd" accesslog.filename = "/var/log/lighttpd.access.log" server.errorlog= "/var/log/lighttpd.error.log" server.indexfiles = ( "index.php", "index.html", "index.htm", "default.htm" ) url.access-deny= ( "~", ".inc" ) mimetype.assign = ( ".html" => "text/html", ".htm" => "text/html", ) weigon_ on #lighttpd had me run ktrace, and here's the part he found relevant 22.577040 CALL accept(0x4,0xbfbfea40,0xbfbfea3c) 22.577583 CALL close(0x8) 75740 lighttpd 22.577632 CALL poll(0x806ec00,0x2,0x3e8) 75740 lighttpd 22.614031 RET poll 1 So it's .5ms to handle a request, but 40ms waiting for the next request. I'm not entirely sure what any of this means. Thanks for any help, Pat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
A question on permissions
I want to make a directory writable by one user, and readable by another. It should be owned by the web server UID, and the group should be the gid of my normal login user. %ls -ld /home/pergesu/logs drwxr-x--- 6 www pergesu 512 Feb 23 13:05 /home/pergesu/logs However, the www user apparently can't read/write to that dir. I gave 'www' a real shell just to try it out: %sudo su www %ls -ld /home/pergesu/logs ls: /home/pergesu/logs: Permission denied I don't get why it's doing Permission denied there. www has r/w/x access to that dir. It doesn't, however, have read access to /home/pergesu, so that's my only guess. I don't want to make /home/pergesu readable by everyone though of course. Isn't that what permissions are all about? I'd appreciate any help. Pat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: mail backup solution?
On 3/13/06, Chuck Swiger <[EMAIL PROTECTED]> wrote: > Carlos Silva, yourdot-internet.com wrote: > > I have my email stored at a reseller account (via imap) on a server. > > My intention is that my server at home, download all the emails via imap > > to backup automatically everyday. > > But, I dont want that my server download repeated messages (because i > > have thousands of emails...). > > Someone has a solution? > > Your mail hosting provider should have working backups, although it is worth > checking. I have a server running postfix/courier-imap, and I'd like to know how to make those working backups. I've asked a couple places but haven't found anything useful. Pat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: mail backup solution?
On 3/13/06, Chuck Swiger <[EMAIL PROTECTED]> wrote: > Pat Maddox wrote: > > On 3/13/06, Chuck Swiger <[EMAIL PROTECTED]> wrote: > [ ... ] > >> Your mail hosting provider should have working backups, although it is > >> worth > >> checking. > > > > I have a server running postfix/courier-imap, and I'd like to know how > > to make those working backups. I've asked a couple places but haven't > > found anything useful. > > The two most common styles of mailboxes are mbox and maildir, and both of > those > can be backed up at the filesystem level using dump, tar, or anything else. I've got it set up using maildir. In the past to back up the mail I just copied the files. At one point I had to restore from the backup, so I just copied the files back into the original location. Logging in via imap though, there were no emails to be found. I've gotten vague "I think you just copy the files" responses, but that didn't work in my case, and I'm not sure what I need to do. Pat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Updating ports
Hi Lisa, The supfile just upgrades the sources. You actually have to build and install it for it to make any changes. Using the standard supfile, you can just do portupgrade -arR and it will only upgrade your ports, it won't touch the base system at all. Then when you want to upgrade the base system, you have the sources available and can do that. But don't worry, there's nothing wrong with having the most up to date base source, even if you haven't upgraded in a couple months. I use portsnap for updating my ports tree. I wish I could tell you the advantages, but I've been using it for over a year now and don't really remember to be perfectly honest :) Anyway, I run portsnap nightly, and then do a weekly update of my base system source using cvsup. I wrote a simple article that shows you how to install and configure portsnap, if you're interested. http://www.flpr.org/articles/2005/08/24/configuring-freebsd Pat On 3/14/06, Lisa Casey <[EMAIL PROTECTED]> wrote: > Hi Folks, > > I might be a bit confused here. If so, I'm sure you'll tell me about it ;-) > > I'm running FreeBSD 5.3. I want to update my ports. So I went to the FreeBSD > handbook and started reading up on how to do that. According to what I read, > I need to install cvsup then create a supfile. OK, so far so good. I just > now installed cvsup-without-gui (I'm not running any kind of gui - this is > a server). > > I don't want to update my entire system from FreeBSD 5.3 to something else > then do all the make world stuff (although it would be a good idea for me to > learn how to do that someday - I just want to update my ports). I got > started on this because I wanted to install webmin but I noticed that, in my > ports collection the version of webmin is 1.150 whereas the current webmin > port at Freshports is version 1.260_2. I figured it would be a good idea > just to go ahead and update my ports first before installing webmin so I > could install the latest version from ports rather than downloading the > tar.gz and installing it that way. > > Next I need the supfile. I took a look at > /usr/share/examples/cvsup/standard-supfile (I think that's what I want) but > that looks like something that is going to upgrade the entire system (as I > said - probably a good idea but I just don't want to do that now, I just > want to update my ports). > > Can't I just update the ports without updating the entire system? If so, am > I going about it the right way or am I just plain confused? If I am going > about it the right way then I think there's something about the supfile that > I obviously don't understand. > > I'ld appreciate it if someone on this list could straighten out my thinking. > > Thanks, > > Lisa Casey > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Updating ports
Nope, you're good to go On 3/14/06, Lisa Casey <[EMAIL PROTECTED]> wrote: > Hi again, > > One last question and I think I'll be good to go: > > In my ports-supfile, I've changed the host to one that is local to me in the > USA. Do I need to make any changes to > *default release=cvs tag=. > *default delete use-rel-suffix > Or can I just leave these as the defaults? I understand everything else in > ports-supfile. > > Thanks again, > > Lisa Casey > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: How to Stop Bruit Force ssh Attempts?
The best thing you can do is move SSH to another port and disable password authentication, and use keys instead. Pat On 3/18/06, Chris Maness <[EMAIL PROTECTED]> wrote: > In my auth log I see alot of bruit force attempts to login via ssh. Is > there a way I can have the box automatically kill any tcp/ip > connectivity to hosts that try and fail a given number of times? Is > there a port or something that I can install to give this kind of > protection. I'm still kind of a FreeBSD newbie. > > Thanks, > Chris Maness > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Daily chksetuid script - how to ignore certain dirs/filesystems?
I have a backup script that runs every night, backing up everything to a backup drive. When the security script runs, it finds a bunch of setuid files at /backup - I'd like to ignore those files, so I don't have to wade through them every day. I also back up to a remote server and it results in the same thing. How can I make it skip over the backup dir, or at least ignore it in the output? The cron file in question is /etc/periodic/security/100.chksetuid Pat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Daily chksetuid script - how to ignore certain dirs/filesystems?
On 3/19/06, Ceri Davies <[EMAIL PROTECTED]> wrote: > On 19/3/06 10:58, "Pat Maddox" <[EMAIL PROTECTED]> wrote: > > > I have a backup script that runs every night, backing up everything to > > a backup drive. When the security script runs, it finds a bunch of > > setuid files at /backup - I'd like to ignore those files, so I don't > > have to wade through them every day. I also back up to a remote > > server and it results in the same thing. How can I make it skip over > > the backup dir, or at least ignore it in the output? The cron file in > > question is /etc/periodic/security/100.chksetuid > > The best way to be to mount /backup nosuid. How about on the other server? The files go to the /home partition (and that's where they have to go). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
rsync script not excluding dirs
I have a backup script that runs nightly, and I want it to exclude
certain dirs (ports, obj, etc). However when I run the script it
doesn't exclude anything, leaving me with pretty massive backups.
Here's the entire script.
/, /var, /usr, and /backup are all on different partitions. The key
part is at the bottom where it calls rsync and excludes dirs. Can
someone tell me what's wrong with the script?
Pat
#!/bin/sh
HOME=/
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
export HOME PATH STAGE DAY MONTH YEAR DAY2 DAY1 PERMS SVR PRE ARG
PERMS=`date +%Y%m%d`
SVR="cantona"
# forward dating
DAY1=`date +%Y/${SVR}/%m/%d`
# reverse dating for removal of old backup
DAY2=`date -j -v-1w +%Y/${SVR}/%m/%d`
PRE="/usr/local/bin/rsync"
ARG=`ps -ax | grep ${PRE} | grep -v grep | wc -l | awk '{ print $1 }'`
if [ $ARG -gt 0 ]; then
echo "$PRE is running"
return $?
fi
# Remount the filesystem for writing
mount -u -o rw /backup
# snapshot of the perms
ls -lRafh /* > /backup/perms_snaps/${PERMS}.${SVR}.perms.snap
tar -czf /backup/perms_snaps/${PERMS}.${SVR}.perms.snap.tar.gz
/backup/perms_snaps/${PERMS}.${SVR}.perms.snap
rm /backup/perms_snaps/${PERMS}.${SVR}.perms.snap
chmod 400 /backup/perms_snaps/*
# create the backup dirs for the day/week/year
mkdir -p /backup/${DAY1}/
# rm the old backups
rm -rf /backup/${DAY2}
${PRE} -bapoguLxSRC --exclude=*.core --exclude=*~* / --exclude=/dev
--exclude=/backup /backup/${DAY1}/
${PRE} -bapoguLxSRC --exclude=*.core --exclude=*~* /var /backup/${DAY1}/
${PRE} -bapoguLxSRC --exclude=*.core --exclude=*~* --exclude=/usr/src
--exclude=/usr/ports --exclude=/usr/obj /usr /backup/${DAY1}/
# Make the file system read only again
mount -u -o ro /backup
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
/home is symlinked to /usr/home - question about backups
I got a dedicated server a while ago, and it came with /home symlinked to /usr/home. I'm not entirely sure why, to tell you the truth, but it's never posed a problem. However if I run rsync -avz to back up my server, it creates something like this: /backup/march/19/home -> /usr/home So if I were to go to /backup/march/19 and rm -rf * wouldn't it go and delete everything in /usr/home? That's obviously not my intended result. I've read all the symlink options in man rsync but honestly am not sure what it is that I need to do. Ideally I'd like to have symlinks reference the relative file..so something like /backup/march/19/home -> /backup/march/19/usr/home That way I don't lose all my stuff if I remove the file from backup. Right now I'm just ignoring /home when I rsync, but it makes me kind of worried that if I ever backup without ignoring /home and then delete my backup I might lose my live data...I could really use some info. Pat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: repeated ssh login attempts/failure/break-in attempts from kiddy script
Disable password-based logins (use keys instead), move SSH to another port, or install some kind of brute force monitor. First two options are the best, but if for some reason you need to keep it on 22 and password-based logins then look to a BF monitor. Just make sure you actually need it..and do some googling, as this gets talked about a lot (I know, because I asked the same question a few months ago! :) Pat On 3/31/06, Nathan Vidican <[EMAIL PROTECTED]> wrote: > Noted recently in auth.log, a string of connection attempts repeated/failed > over > and over from one host - looks like a script someone's running, tries all > kinds > of various usernames, etc... attempts like 100-200 logins, fails and goes > away. > > Few hours go by, and another such attempt, from a different IP comes in. If > I'm > here and just happen to notice them - simple ipfw add deny... does the trick, > but is there not a way to limit the login attempts for a certain period of > time? > > ie: after 4 failed attempts from IP _BLANK_ in less than _BLANK_ minutes, deny > all attempts and drop connection from said IP... possible? > > Any suggestions/ideas? Thus far, no one has managed to login (there are only > three accounts which even have a shell or can login via ssh... but still not > the > point). I'd just like to get rid of the problem and save my auth.log file for > perhaps something more useful ;) > > > -- > Nathan Vidican > [EMAIL PROTECTED] > Windsor Match Plate & Tool Ltd. > http://www.wmptl.com/ > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Received mail timestamp is off by 7 hours
I've been having a weird problem lately...when I download an email from my mailserver, the time is off by 7 hours. For example, if I receive an email at 9:30pm, it lists the time as 2:30pm in my mail client. I've determined that it's just a problem on received messages, because if I use my client with a different mail server, the time is fine, and if I send mail to another server, the time is fine. It's annoying to me because messages will show up somewhere in the middle of my 300+ message inbox, and users have been complaining about it. What's going on, and how do I fix it? I'm using postfix and courier-imap. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Received mail timestamp is off by 7 hours
I forgot to give a bit of info. My local machine has the correct time of 10:05PM, and the server has the correct time of 11:05PM. If I send an email from a mail account on the server to gmail, it has the correct time. If I send an email from gmail back to the server, that's when it has the weird time offset. On Sat, 26 Feb 2005 21:00:49 -0800, Kent Stewart <[EMAIL PROTECTED]> wrote: > On Saturday 26 February 2005 08:38 pm, Pat Maddox wrote: > > I've been having a weird problem lately...when I download an email > > from my mailserver, the time is off by 7 hours. For example, if I > > receive an email at 9:30pm, it lists the time as 2:30pm in my mail > > client. I've determined that it's just a problem on received > > messages, because if I use my client with a different mail server, > > the time is fine, and if I send mail to another server, the time is > > fine. It's annoying to me because messages will show up somewhere in > > the middle of my 300+ message inbox, and users have been complaining > > about it. What's going on, and how do I fix it? I'm using postfix > > and courier-imap. > > > > For starters, it looks like you are running PDT. You have a -0700 offset > and it should be -800. It could be on gmail.com but you can test your > end :). So, I don't have any idea other than type "date" and see if you > have the right date and timezone. > > Kent > > -- > Kent Stewart > Richland, WA > > http://users.owt.com/kstewart/index.html > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Received mail timestamp is off by 7 hours
It doesn't only happen when I receive mail from my gmail account - it's with all email that passes through this server. On Sun, 27 Feb 2005 17:54:56 +1000, Timothy Smith <[EMAIL PROTECTED]> wrote: > check your gmail account > it's set to the wrong time zone or something. if "date" gives the > correct time then thats what your server is using. > > Pat Maddox wrote: > > >I forgot to give a bit of info. My local machine has the correct time > >of 10:05PM, and the server has the correct time of 11:05PM. If I send > >an email from a mail account on the server to gmail, it has the > >correct time. If I send an email from gmail back to the server, > >that's when it has the weird time offset. > > > > > >On Sat, 26 Feb 2005 21:00:49 -0800, Kent Stewart <[EMAIL PROTECTED]> wrote: > > > > > >>On Saturday 26 February 2005 08:38 pm, Pat Maddox wrote: > >> > >> > >>>I've been having a weird problem lately...when I download an email > >>>from my mailserver, the time is off by 7 hours. For example, if I > >>>receive an email at 9:30pm, it lists the time as 2:30pm in my mail > >>>client. I've determined that it's just a problem on received > >>>messages, because if I use my client with a different mail server, > >>>the time is fine, and if I send mail to another server, the time is > >>>fine. It's annoying to me because messages will show up somewhere in > >>>the middle of my 300+ message inbox, and users have been complaining > >>>about it. What's going on, and how do I fix it? I'm using postfix > >>>and courier-imap. > >>> > >>> > >>> > >>For starters, it looks like you are running PDT. You have a -0700 offset > >>and it should be -800. It could be on gmail.com but you can test your > >>end :). So, I don't have any idea other than type "date" and see if you > >>have the right date and timezone. > >> > >>Kent > >> > >>-- > >>Kent Stewart > >>Richland, WA > >> > >>http://users.owt.com/kstewart/index.html > >> > >> > >> > >___ > >freebsd-questions@freebsd.org mailing list > >http://lists.freebsd.org/mailman/listinfo/freebsd-questions > >To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > > > > > > > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Rebooting removes libauthmysql.so
Whenever I reboot my machine, libauthmysql.so gets deleted, so I can't use courier-imap anymore. I can't figure out why it's doing it, and it's bugging the hell out of me. Anyone familiar with this? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Received mail timestamp is off by 7 hours
I've included the headers of messages from both Gmail and Hotmail, to show that it's not on Gmail's end. Also, here's the output from date: %date Sun Feb 27 02:42:21 CET 2005 They should show up in my inbox as being received at 1:40am or so, but they show up as 6:40pm instead. >From Gmail: Return-Path: <[EMAIL PROTECTED]> X-Original-To: [EMAIL PROTECTED] Delivered-To: [EMAIL PROTECTED] Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.198]) by cantona.dnswatchdog.com (Postfix) with ESMTP id 3161733C1B for <[EMAIL PROTECTED]>; Sun, 27 Feb 2005 02:38:52 +0100 (CET) Received: by wproxy.gmail.com with SMTP id 67so1650347wri for <[EMAIL PROTECTED]>; Sun, 27 Feb 2005 00:37:53 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding; b=hjLLSBpqixF9ZtT/yR/J0KR8cULmdWnOLmaYIsYKg99SQKXa7dEdESLtnPeg2N+mOL9Pf9PWdu6tQMDHpg97lKTqEJuoBNNeYb6oqh55yJglvxbCSHCKf+pJ6uKBdDlBXbK70uk9AKXugjD2VXjpYJN9jXploX3xgtWtU06wgVE= Received: by 10.54.57.1 with SMTP id f1mr19787wra; Sun, 27 Feb 2005 00:37:53 -0800 (PST) Received: by 10.54.42.28 with HTTP; Sun, 27 Feb 2005 00:37:53 -0800 (PST) Message-ID: <[EMAIL PROTECTED]> Date: Sun, 27 Feb 2005 01:37:53 -0700 From: Pat Maddox <[EMAIL PROTECTED]> Reply-To: Pat Maddox <[EMAIL PROTECTED]> To: Pat Maddox <[EMAIL PROTECTED]> Subject: test Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit >From Hotmail: Return-Path: <[EMAIL PROTECTED]> X-Original-To: [EMAIL PROTECTED] Delivered-To: [EMAIL PROTECTED] Received: from hotmail.com (bay103-f18.bay103.hotmail.com [65.54.174.28]) by cantona.dnswatchdog.com (Postfix) with ESMTP id A660C33C1B for <[EMAIL PROTECTED]>; Sun, 27 Feb 2005 02:39:59 +0100 (CET) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Sun, 27 Feb 2005 00:39:00 -0800 Message-ID: <[EMAIL PROTECTED]> Received: from 65.54.174.205 by by103fd.bay103.hotmail.msn.com with HTTP; Sun, 27 Feb 2005 08:38:25 GMT X-Originating-IP: [65.54.174.205] X-Originating-Email: [EMAIL PROTECTED] X-Sender: [EMAIL PROTECTED] From: "Patrick Maddox" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: test from hotmail Date: Sun, 27 Feb 2005 08:38:25 + Mime-Version: 1.0 Content-Type: text/plain; format=flowed X-OriginalArrivalTime: 27 Feb 2005 08:39:00.0233 (UTC) FILETIME=[C8B4B790:01C51CA7] On Sun, 27 Feb 2005 09:34:17 +0100, Anthony Atkielski <[EMAIL PROTECTED]> wrote: > Pat Maddox writes: > > > I forgot to give a bit of info. My local machine has the correct time > > of 10:05PM, and the server has the correct time of 11:05PM. If I send > > an email from a mail account on the server to gmail, it has the > > correct time. If I send an email from gmail back to the server, > > that's when it has the weird time offset. > > Can you post the complete headers of one of the messages that has the > incorrect time? > > -- > Anthony > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Received mail timestamp is off by 7 hours
Alright, I got it all working now. Not sure how to change the time zone with config files, so I just used sysinstall to change it to MST (time zone is arbitrary, but since this is the zone I live in, it's convenient for me). Then I used ntpdate to sync it, and it's working well now. Thanks for pointing that out to me. I just thought that CET was central time :) On Sun, 27 Feb 2005 10:36:35 +0100, Anthony Atkielski <[EMAIL PROTECTED]> wrote: > Pat Maddox writes: > > > I've included the headers of messages from both Gmail and Hotmail, to > > show that it's not on Gmail's end. Also, here's the output from date: > > %date > > Sun Feb 27 02:42:21 CET 2005 > > That can't be right. You sent your message in reply to a message I sent > at 9:34 CET. The time on your local machine is incorrect by seven > hours. It should be one hour ahead of UTC right now. > > > They should show up in my inbox as being received at 1:40am or so, but > > they show up as 6:40pm instead. > > And 1:40 is exactly seven hours later than 18:40. > > The disparity is visible in the timestamps, too: > > >>From Gmail: > > > > Return-Path: <[EMAIL PROTECTED]> > > X-Original-To: [EMAIL PROTECTED] > > Delivered-To: [EMAIL PROTECTED] > > Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.198]) > > by cantona.dnswatchdog.com (Postfix) with ESMTP id 3161733C1B > > for <[EMAIL PROTECTED]>; Sun, 27 Feb 2005 02:38:52 +0100 (CET) > > Notice that the timestamp on your local e-mail server corresponds to > 1:38:52 UTC, but the timestamp on Gmail's server ... > > > Received: by wproxy.gmail.com with SMTP id 67so1650347wri > > for <[EMAIL PROTECTED]>; Sun, 27 Feb 2005 00:37:53 -0800 (PST) > > ... corresponds to 8:37:53 UTC, which is correct. The other timestamps > for intermediate servers are also correct, but the timestamp generated > by your machine on the original message is not ... > > > Date: Sun, 27 Feb 2005 01:37:53 -0700 > > -0700 corresponds to MST (Mountain Standard Time in the U.S.), not CET > (Central European Time). > > So the solution is to set the time and time _zone_ correctly on your > machine. For a UNIX machine, the CMOS real-time clock should be set to > UTC (what many people still call GMT), and then your time zone should be > set to whatever is appropriate for your location (CET would correspond > to most of Europe outside of the UK--here in France we are on CET). > > Are you by any chance running a dual-boot configuration? Windows > expects the CMOS RTC to be set to local time. UNIX expects it to be set > to UTC. If you are running only FreeBSD, you can just reset the CMOS to > UTC and fix your time zone to match your location. If you are also > running a boot of Windows or something like that, you'll have to leave > the CMOS clock set to local time, and make appropriate adjustments. > > Unfortunately, I'm not sure which variables to change in FreeBSD, as > I've always just set the time at installation time (when I'm asked if > the local clock is UTC and what time zone I'm in). > > Maybe someone else can explain what needs to change in your FreeBSD > configuration to set it to the correct time. > > In general, setting the time incorrectly on a local client machine in > the SMTP protocol will produce seemingly random errors in the time on > received messages, depending on the path they follow on their way to you > (this is true even for messages you send to yourself). The local > machine is almost always the one with the time set incorrectly > (incorrect time on mail servers tends to be noticed by users very > quickly, especially if more than one time zone is involved). > > -- > Anthony > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Documentation Error?
I don't know what the difference is between passing inet and alias, but all my configs have inet, and it works fine. On Mon, 28 Feb 2005 15:07:26 -0500, Jason D. Montgomery <[EMAIL PROTECTED]> wrote: > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/configtuning-v > irtual-hosts.html > > states that adding a virtual address is done in rc.conf like this: > > ifconfig_fxp0="inet 10.1.1.1 netmask 255.255.255.0" > ifconfig_fxp0_alias0="inet 10.1.1.2 netmask 255.255.255.255" > > Shouldn't it be this instead? > > ifconfig_fxp0="inet 10.1.1.1 netmask 255.255.255.0" > ifconfig_fxp0_alias0="alias 10.1.1.2 netmask 255.255.255.255" > > (keyword passed to ifconfig is alias instead of inet) > > later, > > jason > > -=-=-=-=-=-=-=-=-=-=- > > jason d. montgomery > > ATGi > > -=-=-=-=-=-=-=-=-=-=- > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
ICMP in Java
I'm writing an app that needs to send out ICMP packets. ICMP isn't supported in Java until 1.5, and it looks like 1.5 is alpha and shouldn't be used for production. Is that correct? >From what I've read, I'll need to use a JNI implementation. Does anybody know of any preexisting ones for FreeBSD 5.3? Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Moving a directory hierarchy - best practice?
What's wrong with a %mv /home/user/level1 / %mv /level1 /root On Fri, 4 Mar 2005 22:13:05 +0100, Joachim Dagerot <[EMAIL PROTECTED]> wrote: > > Thanks for your suggestion. > > Unfortunately your commands will not affect the root folder of the hierarchy. > I must create a directory in the destination path with the same name of the > folder where my data is in. example: > > /home/user/level1/l2/l3/l4 > > I would like to move level1 to a new location: > > mvdir /home/user/level1 /root/ > > That would be awsome! > > > >> The best suggestion was from > >> http://badgertronics.com/knowledge/one.adp?parent=25: > >> > >> To move /tmp/blarg to /var: > >> % cd /tmp > >> % tar cvf - blarg | (cd /var; tar xf -) > >> > >> I bet there must be atleast one utils like a binary named "mvdir" or > >> similar that simply taked two directory names as argument. But I can't > >> find any. > >> > >> How do you guys move around your directory structures from prompt? > > > >I have used the following many times, with very good results: > > > > # cd /source/path > > # find . | cpio -p -dmvu /destination/dir > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Moving a directory hierarchy - best practice?
Or even in one command... % mv /home/user/level1 /root/ On Fri, 4 Mar 2005 14:29:57 -0700, Pat Maddox <[EMAIL PROTECTED]> wrote: > What's wrong with a > %mv /home/user/level1 / > %mv /level1 /root > > > On Fri, 4 Mar 2005 22:13:05 +0100, Joachim Dagerot <[EMAIL PROTECTED]> wrote: > > > > Thanks for your suggestion. > > > > Unfortunately your commands will not affect the root folder of the > > hierarchy. I must create a directory in the destination path with the same > > name of the folder where my data is in. example: > > > > /home/user/level1/l2/l3/l4 > > > > I would like to move level1 to a new location: > > > > mvdir /home/user/level1 /root/ > > > > That would be awsome! > > > > > > >> The best suggestion was from > > >> http://badgertronics.com/knowledge/one.adp?parent=25: > > >> > > >> To move /tmp/blarg to /var: > > >> % cd /tmp > > >> % tar cvf - blarg | (cd /var; tar xf -) > > >> > > >> I bet there must be atleast one utils like a binary named "mvdir" or > > >> similar that simply taked two directory names as argument. But I can't > > >> find any. > > >> > > >> How do you guys move around your directory structures from prompt? > > > > > >I have used the following many times, with very good results: > > > > > > # cd /source/path > > > # find . | cpio -p -dmvu /destination/dir > > > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Running vsftpd standalone vs inetd
Is it better to run vsftpd standalone or using inetd? A friend of mine told me that it's more secure to do it standalone, and apparently that's the recommended method now. If that's the case, how do I go about getting vsftpd to run when the machine boots up? It doesn't look like there's a vsftpd_enable that I can use, like I can with other services. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Using portupgrade
What are some considerations to make before upgrading the ports? Does upgrading them overwrite the existing config files? I've got a number of ports that aren't up-to-date, but this is running on a server, so I don't want to muck up the software and configs that are currently running. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
cvsup, portupgrade, installing ports, and firewalls
I've got the pf firewall installed, and every time I run cvsup, portupgrade or try to install ports, I have to disable it. What outgoing and incoming ports do I need to allow in order to run these without disabling the firewall? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Problem with PF
I'm trying to set up PF on a server, and when I run pfctl -nf /etc/pf.conf, I get the following error: pfctl: ifa_load: pfi_get_ifaces: Bad file descriptor Google doesn't come up with anything, I've got no clue what that is. Any help? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Problem with PF
FreeBSD 5.3-RELEASE-p5. I'm not sure how to check the pf version.
I just started getting this error a couple days ago, and I've got
absolutely no clue why. I don't recall making any significant changes
to the box. Anyway, here's pf.conf:
# --- pf.conf skeleton for server
#
# --- MACRO Section -
EXT_IF="fxp0"
PING = "echoreq"
# --- allowed incoming services initiated by clients
TCP_IN = "{ ssh, smtp, ftp, imap, http, 5001, 5002, 5003, 5004, 5005 }"
UDP_IN = "{ domain }"
# --- allowed services initiated by server
TCP_OUT = "{ ssh, smtp, ftp, http, ntp, 5999 }"
UDP_OUT = "{ domain, ntp }"
# -- TABLE Section --
# -- OPTIONS Section
set loginterface $EXT_IF
# - TRAFFIC NORMALIZATION
scrub in all
# -- TRANSLATION Section (NAT/RDR)
# -- FILTER section
# --- DEFAULT POLICY
block log all
# --- LOOPBACK
pass quick on lo0 all
# === INCOMING
# --- EXTERNAL INTERFACE
# --- TCP
pass in quick on $EXT_IF inet proto tcp from any to $EXT_IF port
$TCP_IN flags S/SA keep state
# --- UDP
pass in quick on $EXT_IF inet proto udp from any to $EXT_IF port
$UDP_IN keep state
# --- ICMP
pass in quick on $EXT_IF inet proto icmp from any to $EXT_IF icmp-type
$PING keep state
# === OUTGOING
# --- EXTERNAL INTERFACE
# --- TCP
pass out quick on $EXT_IF inet proto tcp from $EXT_IF to any port
$TCP_OUT flags S/SA keep state
# --- UDP
pass out quick on $EXT_IF inet proto udp from $EXT_IF to any port
$UDP_OUT keep state
# --- ICMP
pass out quick on $EXT_IF inet proto icmp from $EXT_IF to any
icmp-type $PING keep state
# - end of pf.conf
On Thu, 31 Mar 2005 12:31:13 +0200, Peter N. M. Hansteen
<[EMAIL PROTECTED]> wrote:
> Pat Maddox <[EMAIL PROTECTED]> writes:
>
> > I'm trying to set up PF on a server, and when I run pfctl -nf
> > /etc/pf.conf, I get the following error:
> > pfctl: ifa_load: pfi_get_ifaces: Bad file descriptor
>
> More info is required.
>
> Which FreeBSD and PF versions (not all permutations of pf and FreeBSD
> will work, see the handbook), pf relevant rc.conf lines, your pf.conf,
> ifconfig output
>
> > Google doesn't come up with anything, I've got no clue what that is. Any
> > help?
>
> Check your ruleset for obvious errors, such as trying to address a
> non-existent interface. Then again, this is guesswork based on very
> little information.
>
> --
> Peter N. M. Hansteen, member of the first RFC 1149 implementation team
> http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/
> "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales"
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Problem with PF
Sorry, I grabbed pf.conf from the wrong machine. I basically just
copied the previous one, made the couple changes I needed. The real
difference is that there's no UDP in, and not as many TCP ins are
allowed:
# --- pf.conf skeleton for server
#
# --- MACRO Section -
EXT_IF="rl0"
PING = "echoreq"
# --- allowed incoming services initiated by clients
TCP_IN = "{ ssh }"
#UDP_IN = "{ }"
# --- allowed services initiated by server
TCP_OUT = "{ ssh, ftp, http, ntp, 5999 }"
UDP_OUT = "{ domain, ntp }"
# -- TABLE Section --
# -- OPTIONS Section
set loginterface $EXT_IF
# - TRAFFIC NORMALIZATION
scrub in all
# -- TRANSLATION Section (NAT/RDR)
# -- FILTER section
# --- DEFAULT POLICY
block log all
# --- LOOPBACK
pass quick on lo0 all
# === INCOMING
# --- EXTERNAL INTERFACE
# --- TCP
pass in quick on $EXT_IF inet proto tcp from any to $EXT_IF port
$TCP_IN flags S/SA keep state
# --- UDP
#pass in quick on $EXT_IF inet proto udp from any to $EXT_IF port
$UDP_IN keep state
# --- ICMP
pass in quick on $EXT_IF inet proto icmp from any to $EXT_IF icmp-type
$PING keep state
# === OUTGOING
# --- EXTERNAL INTERFACE
# --- TCP
pass out quick on $EXT_IF inet proto tcp from $EXT_IF to any port
$TCP_OUT flags S/SA keep state
# --- UDP
pass out quick on $EXT_IF inet proto udp from $EXT_IF to any port
$UDP_OUT keep state
# --- ICMP
pass out quick on $EXT_IF inet proto icmp from $EXT_IF to any
icmp-type $PING keep state
# --------- end of pf.conf
On Thu, 31 Mar 2005 10:30:53 -0700, Pat Maddox <[EMAIL PROTECTED]> wrote:
> FreeBSD 5.3-RELEASE-p5. I'm not sure how to check the pf version.
>
> I just started getting this error a couple days ago, and I've got
> absolutely no clue why. I don't recall making any significant changes
> to the box. Anyway, here's pf.conf:
>
> # --- pf.conf skeleton for server
> #
> # --- MACRO Section -
>
> EXT_IF="fxp0"
>
> PING = "echoreq"
>
> # --- allowed incoming services initiated by clients
>
> TCP_IN = "{ ssh, smtp, ftp, imap, http, 5001, 5002, 5003, 5004, 5005 }"
> UDP_IN = "{ domain }"
>
> # --- allowed services initiated by server
>
> TCP_OUT = "{ ssh, smtp, ftp, http, ntp, 5999 }"
> UDP_OUT = "{ domain, ntp }"
>
> # -- TABLE Section --
>
> # -- OPTIONS Section
> set loginterface $EXT_IF
>
> # - TRAFFIC NORMALIZATION
> scrub in all
> # -- TRANSLATION Section (NAT/RDR)
>
> # -- FILTER section
>
> # --- DEFAULT POLICY
> block log all
>
> # --- LOOPBACK
> pass quick on lo0 all
>
> # === INCOMING
> # --- EXTERNAL INTERFACE
>
> # --- TCP
> pass in quick on $EXT_IF inet proto tcp from any to $EXT_IF port
> $TCP_IN flags S/SA keep state
>
> # --- UDP
> pass in quick on $EXT_IF inet proto udp from any to $EXT_IF port
> $UDP_IN keep state
>
> # --- ICMP
> pass in quick on $EXT_IF inet proto icmp from any to $EXT_IF icmp-type
> $PING keep state
>
> # === OUTGOING
> # --- EXTERNAL INTERFACE
>
> # --- TCP
> pass out quick on $EXT_IF inet proto tcp from $EXT_IF to any port
> $TCP_OUT flags S/SA keep state
>
> # --- UDP
> pass out quick on $EXT_IF inet proto udp from $EXT_IF to any port
> $UDP_OUT keep state
>
> # --- ICMP
> pass out quick on $EXT_IF inet proto icmp from $EXT_IF to any
> icmp-type $PING keep state
>
> # - end of pf.conf
>
>
> On Thu, 31 Mar 2005 12:31:13 +0200, Peter N. M. Hansteen
> <[EMAIL PROTECTED]> wrote:
> > Pat Maddox <[EMAIL PROTECTED]> writes:
> >
> > > I'm trying to set up PF on a server, and when I run pfctl -nf
> > > /etc/pf.conf, I get the following error:
> > > pfctl: ifa_load: pfi_get_ifaces: Bad file descriptor
> >
> > More info is required.
> >
> > Which FreeBSD and PF versions (not all permutations of pf and FreeBSD
> > will work, see the handbook), pf relevant rc.conf lines, your pf.conf,
> > ifconfig output
> >
> > > Google doesn't come up with anything, I've got no clue what that is. Any
> > > help?
> >
> > Check your ruleset for obvious errors, such as trying to address a
> > non-existent interface. Then again,
How to find needed modules for rebuilding kernel
In rebuilding a kernel, how do you know exactly what modules you need? The Handbook is a good start, and a lot of them are obvious (i.e. if I have no SCSI disks, disable all SCSI modules). Others aren't so easy, particularly serial devices, and the pseudo devices. How can I find out exactly what I need to enable, so I can make the kernel as tight as possible? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: How to find needed modules for rebuilding kernel
Thanks for the info. My terminology is off...apparently what I really meant is I'm wondering what drivers I need to compile into the kernel. I've done what you've suggested - removed SCSI support, all of the NIC drivers besides the one I need, etc. I'm just wondering how I can find out EXACTLY what I need in there, so I can have as little as possible. It's a server, so it has a pretty narrow purpose, and I'd like to keep the kernel as small and fast as I can. On Fri, 1 Apr 2005 00:31:36 +0200, Danny Pansters <[EMAIL PROTECTED]> wrote: > On Thursday 31 March 2005 19:43, Pat Maddox wrote: > > In rebuilding a kernel, how do you know exactly what modules you need? > > The Handbook is a good start, and a lot of them are obvious (i.e. if > > I have no SCSI disks, disable all SCSI modules). Others aren't so > > easy, particularly serial devices, and the pseudo devices. How can I > > find out exactly what I need to enable, so I can make the kernel as > > tight as possible? > > Modules are not your concern, they get built anyway (or mostly .. not sure but > probably not each and every possible module gets built). The idea is that if > you for example need support for a new soundcard, you can just load the > module (loader.conf) without needing to recompile the kernel. On an IDE/ATA > system I generally turn down the scsi delay (I always do) and remove: > > - all scsi raid cards and support > - all ethernet cards, both pci/isa and usb except the one(s) I have (most can > be loaded as a module also); beware whether it needs mii too > - from the pseudo devices ppp/tun/slip as I'm connected via ethernet (cable) > sometimes I disable ipv6 and gif/faith, sometimes I don't > - all CPUs except the one you actually have (performance!) > > I also remove most scsi support but beware that cdrecord (atapicam) requires > the basic scsi devices, as does umass (camera's, cf fards, usb scanners, ..). > > Generally unless you need to _add_ something to your kernel you don't really > need to stray from GENERIC at all. If you want to have a kernel at least > tuned for your CPU and without a lot of stuff you don't have anyway, do the > above). But depending on the purpose of the box you can strip out quite a > lot. Check NOTES, both in /usr/src/sys/conf and /usr/src/sys//conf. > (on FreeBSD4 that is LINT). > > Also most if not all drivers and devices have manual pages and from the > synopsis you can see which other devices or options come with them. > > HTH, > > Dan > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Problem with PF
I found it out, just didn't have pf.ko loaded up. On Mar 31, 2005 11:50 PM, Peter N. M. Hansteen <[EMAIL PROTECTED]> wrote: > Pat Maddox <[EMAIL PROTECTED]> writes: > > > FreeBSD 5.3-RELEASE-p5. I'm not sure how to check the pf version. > > One possible source of trouble is running pf from ports on 5.3-release > or newer. That could happen if you were running, say, 5.2.something with > the port, upgraded your system to 5.3 but left the port in place. > > > I just started getting this error a couple days ago, and I've got > > absolutely no clue why. I don't recall making any significant changes > > to the box. > > That probably takes care of the incompatible port theory, then. > Strange. The error message looks like the network interface has not > been properly configured. > > -- > Peter N. M. Hansteen, member of the first RFC 1149 implementation team > http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ > "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Which mail server is the best for me?
I think it'd be worth it to check out postfix. sendmail is insecure, and qmail is just too much of a pain in the ass to get working. postfix can take a bit of time, but it runs well once you've got it working. The only thing I've found is that whenever I upgrade ports, it breaks. It's actually something things it depends on (authlibmysql, authdaemon) that break, because certain config files get overwritten. Never figured that out, and it always causes me a headache when I upgrade. On Apr 2, 2005 2:09 AM, Kiffin Gish <[EMAIL PROTECTED]> wrote: > I would like to setup a mail server but am a little confused about whether > to use sendmail, qmail, postfix or whatever. Basically my web server is a > simple one to be used for personal use with maybe no more than a 10-20 mail > accounts. > > What are the advantages and/or disadvantages of each choice, and where can I > find more information comparing them? > > -- > > Kiffin Rex Gish > Gouda, The Netherlands > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Which mail server is the best for me?
My main complaint with qmail is that it's not very standard. The core of qmail hasn't been updated in a couple years (I think that's right, correct me if I'm wrong), so in order to update it or add functionality, you have to apply a bunch of patches from a bunch of sources. I like the fact that postfix is all centralized. On Apr 2, 2005 3:01 AM, Orb <[EMAIL PROTECTED]> wrote: > On Sat, 2005-04-02 at 02:57 -0700, Pat Maddox wrote: > > I think it'd be worth it to check out postfix. sendmail is insecure, > > and qmail is just too much of a pain in the ass to get working. > > postfix can take a bit of time, but it runs well once you've got it > > working. > > > > The only thing I've found is that whenever I upgrade ports, it breaks. > > It's actually something things it depends on (authlibmysql, > > authdaemon) that break, because certain config files get overwritten. > > Never figured that out, and it always causes me a headache when I > > upgrade. > > > > On Apr 2, 2005 2:09 AM, Kiffin Gish <[EMAIL PROTECTED]> wrote: > > > I would like to setup a mail server but am a little confused about whether > > > to use sendmail, qmail, postfix or whatever. Basically my web server is a > > > simple one to be used for personal use with maybe no more than a 10-20 > > > mail > > > accounts. > > > > > > What are the advantages and/or disadvantages of each choice, and where > > > can I > > > find more information comparing them? > > > > > > -- > > > > > > Kiffin Rex Gish > > > Gouda, The Netherlands > > > > > > > > Hey, > > All i can say is http://www.qmailrocks.org it has very simple guide for > freebsd and linux distro's. its very easy to follow and there is a very > helpful mailing list if you get stuck... > > So for my vote its Qmail :) > > See ya. > Grant. > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
arplookup failed
I've got a system running 5.3-p6, and am getting this error every 20 minutes or so: kernel: arplookup 69.61.54.33 failed: host is not on local network I get that the host isn't on the network, but I don't have any idea where the message is coming from. It's in /var/log/messages, shows up about every 20 minutes. Any ideas? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: arplookup failed
Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire default69.61.54.161 UGS 0 838rl0 69.61.54.160/29link#1 UC 00rl0 69.61.54.161 00:02:85:0d:7c:80 UHLW10rl0156 127.0.0.1 127.0.0.1 UH 00lo0 Internet6: Destination Gateway Flags Netif Expire ::1 ::1 UH lo0 fe80::%rl0/64 link#1UC rl0 fe80::20c:6eff:fe44:4391%rl0 00:0c:6e:44:43:91 UHL lo0 fe80::%lo0/64 fe80::1%lo0 U lo0 fe80::1%lo0 link#2UHL lo0 ff01::/32 ::1 U lo0 ff02::%rl0/32 link#1UC rl0 ff02::%lo0/32 ::1 UC lo0 On Apr 4, 2005 5:48 AM, Andrew P. <[EMAIL PROTECTED]> wrote: > Pat Maddox wrote: > > I've got a system running 5.3-p6, and am getting this error every 20 > > minutes or so: > > kernel: arplookup 69.61.54.33 failed: host is not on local network > > > > I get that the host isn't on the network, but I don't have any idea > > where the message is coming from. It's in /var/log/messages, shows up > > about every 20 minutes. Any ideas? > > Maybe a direct route to that host is specified > in your routing table. Provide the output of > `netstat -rn` please. > > Best wishes, > Andrew P. > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Permission denied in make installworld
I'm upgrading to 5.3-p7, and the buildworld, buildkernel, and installkernel all went fine. Now when I try installworld, I get this error: lalas# make installworld mkdir -p /tmp/install.Zzqwwvov for prog in [ awk cap_mkdb cat chflags chmod chown date echo egrep find grep ln make mkdir mtree mv pwd_mkdb rm sed sh sysctl test true uname wc zic; do cp `which $prog` /tmp/install.Zzqwwvov; done cd /usr/src; MAKEOBJDIRPREFIX=/usr/obj MACHINE_ARCH=i386 MACHINE=i386 CPUTYPE= GROFF_BIN_PATH=/usr/obj/usr/src/i386/legacy/usr/bin GROFF_FONT_PATH=/usr/obj/usr/src/i386/legacy/usr/share/groff_font GROFF_TMAC_PATH=/usr/obj/usr/src/i386/legacy/usr/share/tmac PATH=/usr/obj/usr/src/i386/legacy/usr/sbin:/usr/obj/usr/src/i386/legacy/usr/bin:/usr/obj/usr/src/i386/legacy/usr/games:/usr/obj/usr/src/i386/usr/sbin:/usr/obj/usr/src/i386/usr/bin:/usr/obj/usr/src/i386/usr/games:/tmp/install.Zzqwwvov make -f Makefile.inc1 reinstall make: Permission denied *** Error code 126 Stop in /usr/src. *** Error code 1 Stop in /usr/src. That error shows up on two different machines I use, using the same upgrade procedure. Any ideas on what to do? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Permission denied in make installworld
Btw, I had already googled and saw that I needed to umount /tmp. I just kept getting Device Busy errors when I tried. After a while I was able to. Kinda freaked out, cause I've been told that if you don't do it quickly, then it really screws up your machine. Is that true? On Apr 5, 2005 12:03 AM, Pat Maddox <[EMAIL PROTECTED]> wrote: > I'm upgrading to 5.3-p7, and the buildworld, buildkernel, and > installkernel all went fine. Now when I try installworld, I get this > error: > > lalas# make installworld > mkdir -p /tmp/install.Zzqwwvov > for prog in [ awk cap_mkdb cat chflags chmod chown date echo egrep > find grep ln make mkdir mtree mv pwd_mkdb rm sed sh sysctl test true > uname wc zic; do cp `which $prog` /tmp/install.Zzqwwvov; done > cd /usr/src; MAKEOBJDIRPREFIX=/usr/obj MACHINE_ARCH=i386 > MACHINE=i386 CPUTYPE= > GROFF_BIN_PATH=/usr/obj/usr/src/i386/legacy/usr/bin > GROFF_FONT_PATH=/usr/obj/usr/src/i386/legacy/usr/share/groff_font > GROFF_TMAC_PATH=/usr/obj/usr/src/i386/legacy/usr/share/tmac > PATH=/usr/obj/usr/src/i386/legacy/usr/sbin:/usr/obj/usr/src/i386/legacy/usr/bin:/usr/obj/usr/src/i386/legacy/usr/games:/usr/obj/usr/src/i386/usr/sbin:/usr/obj/usr/src/i386/usr/bin:/usr/obj/usr/src/i386/usr/games:/tmp/install.Zzqwwvov > make -f Makefile.inc1 reinstall > make: Permission denied > *** Error code 126 > > Stop in /usr/src. > *** Error code 1 > > Stop in /usr/src. > > That error shows up on two different machines I use, using the same > upgrade procedure. Any ideas on what to do? > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Maintaining a Minimal Installation for a Small HDD
Yep, that's pretty much right. Use one of the systems to build everything as packages, and then install all those packages onto your other machines. You'll still need to compile the kernel and source on each individual machine. On Apr 6, 2005 4:18 PM, Iain Dooley <[EMAIL PROTECTED]> wrote: > hi lowell, > > >The recommended path is to do a binary upgrade. 5.4 will be out in a > >few weeks, and release candidate builds are available now. > > to what extent does building the sources on my machine affect the resulting > binaries? to be more specific: > > i read the freebsd handbook section on maintaining multiple systems from one > 'build machine'. if i were to allocate one of the machines on my network to > build sources into binaries, say my HP PII, would those binaries be > appropriate to install on my thinkpad? my understanding is that i could take > a subset of those binaries and install them on my laptop, and then build the > kernel from the thinkpad and this would work (assuming i got all the > binaries right). is that correct? > > cheers > > iain > > _ > Express yourself instantly with MSN Messenger! Download today it's FREE! > http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Can't control PostgreSQL with RC scripts
I installed PostgreSQL 8.0.1 from ports, and now I'd like to control it with the RC scripts. I wasn't able to run initdb with the scripts, I had to do that manually with the regular initdb command. Now I've got the db dir as /usr/local/pgsql/data, which is what it looks like pgsql expects, but the scripts still won't start it or stop it. They don't produce any output either. Any ideas on what to do? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Build kernel vs build world
You're right, building the world is building all the base binaries. It should be done while you're building the kernel: # make buildworld # make buildkernel kernconf=CONF # make installkernel kernconf=CONF # make installworld # mergemaster Here's a good guide on everything you need to do to update your machine: http://layer0.layeredtech.com/showthread.php?t=2 On Apr 8, 2005 10:00 AM, Joshua Lewis <[EMAIL PROTECTED]> wrote: > Is there a difference between building a world and building a kernel? > > Common sence is telling me building world rebuilds all the execuables and > config files or something a little more intense then just the kernel. > > However I have not been able to find any instructions on how to "build > world" not even in the handbook. I found building a kernel and was able to > do that with no problems. But I would like to update my system with any > security updates that have occured since 5.3 has come out. > > Thanks for any tips. > > Thank you, > Joshua Lewis > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Build kernel vs build world
Are you sure you've never installed world? You generally have problems when the kernel and world are out of synch, and I've heard that mixing a 5.4/5.3 kernel and world causes real havoc. In any case, yeah, you should just cvsup, build the kernel and world. Pat On Apr 8, 2005 10:25 AM, Joshua Lewis <[EMAIL PROTECTED]> wrote: > I was getting ready to build world and I noticed (to my utmost suprise) > that my system is running 5.4-PRERELEASE. I must have had the wrong tag in > my supfile and downloaded the src for 5.4. > > So I am already running 5.4 I guess I will upgrade totaly. Are there any > gotcha's I should now about. At this point I think I am running 5.4 kernel > with 5.3 binaries. So should I just to a CVSup with the 5.4 tag and then > use the instructions below from Pat? > > Thank you, > Joshua Lewis > > Pat Maddox > > You're right, building the world is building all the base binaries. > > It should be done while you're building the kernel: > > # make buildworld > > # make buildkernel kernconf=CONF > > # make installkernel kernconf=CONF > > # make installworld > > # mergemaster > > > > Here's a good guide on everything you need to do to update your machine: > > http://layer0.layeredtech.com/showthread.php?t=2 > > > > > > > > On Apr 8, 2005 10:00 AM, Joshua Lewis <[EMAIL PROTECTED]> wrote: > >> Is there a difference between building a world and building a kernel? > >> > >> Common sence is telling me building world rebuilds all the execuables > >> and > >> config files or something a little more intense then just the kernel. > >> > >> However I have not been able to find any instructions on how to "build > >> world" not even in the handbook. I found building a kernel and was able > >> to > >> do that with no problems. But I would like to update my system with any > >> security updates that have occured since 5.3 has come out. > >> > >> Thanks for any tips. > >> > >> Thank you, > >> Joshua Lewis > >> ___ > >> freebsd-questions@freebsd.org mailing list > >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions > >> To unsubscribe, send any mail to > >> "[EMAIL PROTECTED]" > >> > > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Installing portupgrade without X.org
The only thing that matters is that WITHOUT_X11 is defined. The value itself doesn't matter. On Apr 9, 2005 2:37 PM, Sergei Gnezdov <[EMAIL PROTECTED]> wrote: > On 2005-04-09, Lewis Thompson <[EMAIL PROTECTED]> wrote: > > On Sat, Apr 09, 2005 at 12:26:48PM +0100, Paul Waring wrote: > >> I'm currently trying to get portupgrade onto my new FreeBSD system by > >> running make install clean from /usr/ports/sysutils/portupgrade (after > >> doing a recent cvsup). Everything seems to go along fine, it starts > >> fetching all the packages it requires and then suddenly I see a > >> download for X.org. > > > > It is not portupgrade that needs X but a dependent port. Which specific > > port? In general just with WITHOUT_X11=1 to /etc/make.conf. > > I think it is > > WITHOUT_X11="YES" > > Does it make any difference? > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Installing the JDK without Xorg
I've installed the native jdk14 successfully, but noticed that it installed Xorg along with it. I imagine that's a dependency for the Java plugin or something. I'm using this machine just as a test server, I won't be using X at all, so I'd like to build jdk14 without having to build and install Xorg as well. Is it possible to do that? Thanks, Pat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Login
You should have created a user for yourself during the install. If not, don't worry. You set the root password at some point. Your username is root, and the password is whatever you set it as. Login as root and then type "adduser" to add another user to the system for day-to-day use. On Fri, 28 Jan 2005 14:25:01 -1000, Pete Dela Cruz <[EMAIL PROTECTED]> wrote: > I tried to boot FreeBsd for the first time and I get this "Login" prompt. > What to do? I don't know what my login is. I don't remember being prompted > or assigned a login during the installation process. Please help. Thanks > > > Pete Dela Cruz > [EMAIL PROTECTED] > Why Wait? Move to EarthLink. > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
I only want stable software
I used CVSUP to keep my system up to date. How do I know that it's not installing unstable software? I want to keep my software stable, but not in the version branching sense. I just don't want it crashing my server at all. Is there any way to ensure that I only install high quality stable software? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Installing the JDK without Xorg
Thanks for the help. I got a suggestion on a forum to build it as a package..."make MINIMAL=yes package" I haven't created a package from a port, so I'm not entirely sure what that'll do. It installed Java fine and left me with a bzip2 file. Does this mean I can just copy that file to any other machine I'm using and install Java as a package, so I don't have to wait the long time for it to build? Or would it be better just to build it all on each machine anyway? On 29 Jan 2005 09:56:11 -0500, Lowell Gilbert <[EMAIL PROTECTED]> wrote: > Pat Maddox <[EMAIL PROTECTED]> writes: > > > I've installed the native jdk14 successfully, but noticed that it > > installed Xorg along with it. I imagine that's a dependency for the > > Java plugin or something. I'm using this machine just as a test > > server, I won't be using X at all, so I'd like to build jdk14 without > > having to build and install Xorg as well. Is it possible to do that? > > The actual dependency in the jdk14 port seems to be Open Motif, and > there are no knobs to turn it off. I'm not sure why that is; you may > need to talk to the port authors (or try changing it yourself) to > understand why it's required. > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: I need a cuppa...
I'm not sure if you've seen the below link or not, but it worked perfectly for me as I was trying to get Java working. http://www.brettsbsd.net/~estrabd/blog/index.php?/archives/21_Java_1.4_on_FreeBSD_4.10_in_8_steps.html Hope that helps some. On Sat, 29 Jan 2005 10:10:00 -0600, John <[EMAIL PROTECTED]> wrote: > On Sat, Jan 15, 2005 at 09:05:22PM -0800, Tabor Kelly wrote: > > Jonathan Chen wrote: > > > On Sat, Jan 15, 2005 at 09:06:17PM -0600, John wrote: > > > > > >>OK, I must be dumb as a rock, because this has to have been discussed > > >>and documented 16 ways from Sunday, but I've looked in the FAQ, > > >>and looked in the Handbook, and I've gone through my copy of the > > >>latest edition of _The Complete FreeBSD_, but I simply do NOT get > > >>how to get Java support for FreeBSD. I don't need the JDK, unless > > >>that's the only way to get a viable JRE. > > > > > > > > > You can't get a separate 1.4+ JRE for FreeBSD, you need to install the > > > JDK; the JDK is available as a port in java/jdk14. > > > > > > Cheers. > > > > But make sure you have linprocfs mounted before you try to build it (and > > obviously linux emulation). > > > > PS- Linux emulation is for bootstrapping purposes. java/jdk14 requires > > java/linux-sun-jdk14 to compile, afterwards java/linux-sun-jdk14 can be > > safely removed. > > This whole process if VERY arcane and confusing for me! > > I have tried to follow the instructions, but of course, some parts > have moved forward during the interim. > > I have just done a cvsup of ports-all, because I couldn't find > the parts on Sun that were old enough to match 5.3-RELEASE (!!), > but having done all that, and signing all the license agreements, > and downloading the various files, it is STILL grabbing and > downloading stuff. > > I have linux.ko loaded, and I mounted linprocfs, but it is saying > things like: > == > Warning: This JDK may be unstable. You are advised to use the native > FreeBSD JDK, in ports/java/jdk14. > > This Java VM will attempt to obtain some system information by > accessing files in linux's procfs. You must install the Linux > emulation procfs filesystem for this to work correctly. The JVM > will exhibit various problems otherwise. This can be accomplished > by adding the following line to your /etc/fstab file: > > linprocfs /compat/linux/proc linprocfs rw 0 0 > > and then, as root, executing the commands: > > kldload linprocfs > mount /compat/linux/proc > > == > > Should I be concerned? I thought I'd already done all the prereq's, > but it is still complianing. I AM DOING exactly what it says - I > got this output as a result of a "make" in /ports/java/jdk14. > > Right now, it is grabbing all SORTS of linux distributions. > > basesystem, libelf, libacl, filesystem - it's as if I'm trying > to build all of Linux in my FreeBSD tree. > > This just doesn't seem right! > -- > > John Lind > [EMAIL PROTECTED] > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: I need a cuppa...
I don't think I ever saw that message you got, but I remember that it did download a ton of Xorg stuff because there was a motif dependency or something. As far as linux goes...you need to have linux emulation enabled, because you use a linux JDK to build the native one. So make sure you've got linux emulation working, install the linux-sun jdk, and then build the native JDK. It's all detailed in that link I gave you. On Sat, 29 Jan 2005 10:21:47 -0600, John <[EMAIL PROTECTED]> wrote: > On Sat, Jan 29, 2005 at 09:19:01AM -0700, Pat Maddox wrote: > > I'm not sure if you've seen the below link or not, but it worked > > perfectly for me as I was trying to get Java working. > > http://www.brettsbsd.net/~estrabd/blog/index.php?/archives/21_Java_1.4_on_FreeBSD_4.10_in_8_steps.html > > > > Hope that helps some. > > I'll check it out. > > Did you get the same message and did it fetch huge chunks of linux > in the process? > -- > > John Lind > [EMAIL PROTECTED] > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: 2 quick firewall questions for FreBSD
Having a firewall prevents rogue programs from opening up other ports on your machine. You have to worry about services you don't install and configure just as much (maybe even more so) as the services you do install. On Sat, 29 Jan 2005 12:50:51 -0900, Andy Firman <[EMAIL PROTECTED]> wrote: > > First, if one were to deploy FreeBSD 5.3 as a standard > web and email server, would it need a firewall? > I don't see the point because only ports like 25 for > smtp, 110 for pop, 80 for http, etc... will be listening > and open for connections with or without a firewall. > > Second, I would like to replace my Linux gateway running > Shorewall. Shorewall is a nice package for managing the > netfilter firewall capabilities of the Linux kernel. > Is there something similar for FreeBSD? > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Installing the JDK without Xorg
I built it on an Athlon XP, couple years old, and I'm going to install the jdk on a Barton machine. So it should work if I install it as a package... On the other hand, it's a production server, so I imagine I should probably just build it from scratch, just to be safe. On Sun, 30 Jan 2005 09:08:47 +1030, Ian Moore <[EMAIL PROTECTED]> wrote: > On Sun, 30 Jan 2005 01:29, Pat Maddox wrote: > > Thanks for the help. I got a suggestion on a forum to build it as a > > package..."make MINIMAL=yes package" I haven't created a package from > > a port, so I'm not entirely sure what that'll do. It installed Java > > fine and left me with a bzip2 file. Does this mean I can just copy > > that file to any other machine I'm using and install Java as a > > package, so I don't have to wait the long time for it to build? Or > > would it be better just to build it all on each machine anyway? > > > Yes, making a package means you can install that on other machines using > pkg_add. This is a great idea, since you don't have to go through the agony > of building the linux jdk again to bootstrap the compile on the other > machine(s). > One caveat - if you have make options that optimise the build for a particular > processor, you may run into trouble running it on other processors. > > Cheers, > Ian > > > > > On 29 Jan 2005 09:56:11 -0500, Lowell Gilbert > > > > <[EMAIL PROTECTED]> wrote: > > > Pat Maddox <[EMAIL PROTECTED]> writes: > > > > I've installed the native jdk14 successfully, but noticed that it > > > > installed Xorg along with it. I imagine that's a dependency for the > > > > Java plugin or something. I'm using this machine just as a test > > > > server, I won't be using X at all, so I'd like to build jdk14 without > > > > having to build and install Xorg as well. Is it possible to do that? > > > > > > The actual dependency in the jdk14 port seems to be Open Motif, and > > > there are no knobs to turn it off. I'm not sure why that is; you may > > > need to talk to the port authors (or try changing it yourself) to > > > understand why it's required. > > > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > > "[EMAIL PROTECTED]" > > -- > Ian > GPG Key: http://homepages.picknowl.com.au/imoore/imoore.asc > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Installing the JDK without Xorg
On Sun, 30 Jan 2005 09:22:19 +1030, Ian Moore <[EMAIL PROTECTED]> wrote: > On Sun, 30 Jan 2005 09:13, Pat Maddox wrote: > > I built it on an Athlon XP, couple years old, and I'm going to install > > the jdk on a Barton machine. So it should work if I install it as a > > package... > Pardon my ignorance, but what is a "Barton machine"? I've never heard of such > a beast. It's just a particular core for the Athlon. http://www.anandtech.com/cpuchipsets/showdoc.aspx?i=1783&p=2 > > > On the other hand, it's a production server, so I imagine I should > > probably just build it from scratch, just to be safe. > > > You can always try the package & see if it runs without errors. It should work, they're both Athlons. I just wonder if there'd be any benefit at all to building it from scratch on the production machine. I'm not sure, really. It's not a big deal for me to build it, time isn't of the essence or anything. Thanks for the thoughts. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
BIND9 doesn't seem to do anything
I installed BIND9 from the ports earlier, edited the config files a bit, but I can't get it to run at all. When I type named, or /etc/rc.d/named start, there's no output at all, and then I find that named isn't running. I've tried this again with the default install as well, without touching and files, but same thing. There also isn't anything in the logs folder, so I guess it's not creating an error log of anything. Any ideas? Thanks, Pat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: BIND9 doesn't seem to do anything
I followed that tutorial, there's no difference. When I run top I see that there is a named process that's owned by the bind user, but it doesn't open a port and I then obviously can't query the server. On Sat, 29 Jan 2005 15:59:46 -0800, Thomas Foster <[EMAIL PROTECTED]> wrote: > you might want to add named_enable="YES" in your /etc/rc.conf > > check out the following tutorial on setting up Bind9 > > http://www.section6.net/help/bind.php > > Hope this helps.. > > T > - Original Message - > From: "Pat Maddox" <[EMAIL PROTECTED]> > To: > Sent: Saturday, January 29, 2005 3:54 PM > Subject: BIND9 doesn't seem to do anything > > >I installed BIND9 from the ports earlier, edited the config files a > > bit, but I can't get it to run at all. When I type named, or > > /etc/rc.d/named start, there's no output at all, and then I find that > > named isn't running. I've tried this again with the default install > > as well, without touching and files, but same thing. There also isn't > > anything in the logs folder, so I guess it's not creating an error log > > of anything. Any ideas? > > > > Thanks, > > Pat > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > > "[EMAIL PROTECTED]" > > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: BIND9 doesn't seem to do anything
The named process is always in the kserel state. I've got no idea what that is, and all I can find on Google is that programs hang in that state. So I don't know what to do. There's no output, I can't find any logs, there's just no way for me to tell what's wrong. On Sat, 29 Jan 2005 15:59:46 -0800, Thomas Foster <[EMAIL PROTECTED]> wrote: > you might want to add named_enable="YES" in your /etc/rc.conf > > check out the following tutorial on setting up Bind9 > > http://www.section6.net/help/bind.php > > Hope this helps.. > > T > - Original Message - > From: "Pat Maddox" <[EMAIL PROTECTED]> > To: > Sent: Saturday, January 29, 2005 3:54 PM > Subject: BIND9 doesn't seem to do anything > > >I installed BIND9 from the ports earlier, edited the config files a > > bit, but I can't get it to run at all. When I type named, or > > /etc/rc.d/named start, there's no output at all, and then I find that > > named isn't running. I've tried this again with the default install > > as well, without touching and files, but same thing. There also isn't > > anything in the logs folder, so I guess it's not creating an error log > > of anything. Any ideas? > > > > Thanks, > > Pat > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > > "[EMAIL PROTECTED]" > > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: I only want stable software
Thanks for the help there. I just followed the example in the Handbook, though to be honest I'm not quite sure what everything means. Here's my ports-upfile: *default host=cvsup2.FreeBSD.org *default base=/var/db *default prefix=/usr *default release=cvs tag=. *default delete use-rel-suffix *default compress ports-all What updates will I be getting with this? I want to be able to keep my system up to date, and I want to have a lot of the new software, but I don't want to be introducing unstable software into my system. I want to be able to keep up with PHP and Apache2 as fixes come out, but I don't want any experimental stuff running, if that makes sense. Hope you guys can lend a hand. On Sat, 29 Jan 2005 13:33:41 +0300, Andrew P. <[EMAIL PROTECTED]> wrote: > Pat Maddox wrote: > > I used CVSUP to keep my system up to date. How do I know that it's > > not installing unstable software? I want to keep my software stable, > > but not in the version branching sense. I just don't want it crashing > > my server at all. Is there any way to ensure that I only install high > > quality stable software? > > > > You should use RELENG_4_11 or RELENG_5_3 tags to have cvsup download > security patches only. It's probably the most reliable way to keep your > system as stable as it gets. Just use the following line in your cvsup > supfile: > > src-all tag=RELENG_5_3 > > You could use tag=. for doc-all, and you should use it for ports-all. > > Best wishes, > Andrew P. > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: BIND9 doesn't seem to do anything
I got everything working. Not quite sure why, really...but I did. Thanks for the help guys On Sun, 30 Jan 2005 20:08:14 -0800, Thomas Foster <[EMAIL PROTECTED]> wrote: > Which version of FreeBSD are you running..? > > How many named binaries do you find on your system? > > When you run sockstat |grep named, what are your results? > > Paste your conf and your zone files, or read the article again, along with > the DNS section in the handbook. > > T > ----- Original Message - > From: "Pat Maddox" <[EMAIL PROTECTED]> > To: > > Sent: Saturday, January 29, 2005 4:57 PM > Subject: Re: BIND9 doesn't seem to do anything > > > The named process is always in the kserel state. I've got no idea > > what that is, and all I can find on Google is that programs hang in > > that state. So I don't know what to do. There's no output, I can't > > find any logs, there's just no way for me to tell what's wrong. > > > > > > On Sat, 29 Jan 2005 15:59:46 -0800, Thomas Foster <[EMAIL PROTECTED]> > > wrote: > >> you might want to add named_enable="YES" in your /etc/rc.conf > >> > >> check out the following tutorial on setting up Bind9 > >> > >> http://www.section6.net/help/bind.php > >> > >> Hope this helps.. > >> > >> T > >> - Original Message - > >> From: "Pat Maddox" <[EMAIL PROTECTED]> > >> To: > >> Sent: Saturday, January 29, 2005 3:54 PM > >> Subject: BIND9 doesn't seem to do anything > >> > >> >I installed BIND9 from the ports earlier, edited the config files a > >> > bit, but I can't get it to run at all. When I type named, or > >> > /etc/rc.d/named start, there's no output at all, and then I find that > >> > named isn't running. I've tried this again with the default install > >> > as well, without touching and files, but same thing. There also isn't > >> > anything in the logs folder, so I guess it's not creating an error log > >> > of anything. Any ideas? > >> > > >> > Thanks, > >> > Pat > >> > ___ > >> > freebsd-questions@freebsd.org mailing list > >> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > >> > To unsubscribe, send any mail to > >> > "[EMAIL PROTECTED]" > >> > > >> > >> > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > > "[EMAIL PROTECTED]" > > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: I only want stable software
Does this look like a reasonable supfile then? *default host=cvsup5.FreeBSD.org *default base=/var/db *default prefix=/usr *default release=cvs delete use-rel-suffix compress src-all tag=RELENG_5_3 ports-all tag=. doc-all tag=. It only gets the security patches for the OS, but gets the latest ports and docs. Is that correct? On Sat, 29 Jan 2005 13:33:41 +0300, Andrew P. <[EMAIL PROTECTED]> wrote: > Pat Maddox wrote: > > I used CVSUP to keep my system up to date. How do I know that it's > > not installing unstable software? I want to keep my software stable, > > but not in the version branching sense. I just don't want it crashing > > my server at all. Is there any way to ensure that I only install high > > quality stable software? > > > > You should use RELENG_4_11 or RELENG_5_3 tags to have cvsup download > security patches only. It's probably the most reliable way to keep your > system as stable as it gets. Just use the following line in your cvsup > supfile: > > src-all tag=RELENG_5_3 > > You could use tag=. for doc-all, and you should use it for ports-all. > > Best wishes, > Andrew P. > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Do I need to make /var bigger?
I just got a new dedicated server setup with FreeBSD, and noticed that the /var partition is only 260MB. That seems like it could be a big problem, considering all the logs will go in there, as well as mail. What should I do about this? Do I need to do an OS reload and have a bigger /var partition made up? I've got an 80 gig hard drive, so space isn't really an issue. Doesn't make sense to me that I've got a 77 gig /usr partition, and only 260MB allocated to /var. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Do I need to make /var bigger?
Actually, it turns out it was just a mistake on the DC's part. I submitted a ticket for an OS reload, saying I needed bigger partitions, because the layout they installed it with didn't make any sense. Got an email back in two minutes saying they messed up, and that they'd install it with real partitions right away, free of charge. Apparently they just used the defaults when they installed it. Despite the fact that the initial install was messed up, I really like how they're handling it. Lovin my host so far. On Mon, 31 Jan 2005 18:24:25 -0500 (EST), Jerry McAllister <[EMAIL PROTECTED]> wrote: > > > > I just got a new dedicated server setup with FreeBSD, and noticed that > > the /var partition is only 260MB. That seems like it could be a big > > problem, considering all the logs will go in there, as well as mail. > > What should I do about this? Do I need to do an OS reload and have a > > bigger /var partition made up? I've got an 80 gig hard drive, so > > space isn't really an issue. Doesn't make sense to me that I've got a > > 77 gig /usr partition, and only 260MB allocated to /var. > > Probably it would be best. > > Another or additional thing to do is to have a large 'rest of the disk' > partition where you move such things as /var/log and /var/spool and > other things that grow in a less than planned pattern and make links > to them. > > I think someone needs to rethink the default sizes that FreeBSD > install makes the / (root), /tmp, /usr and /var partitions. > The world has moved on. On the other hand, I have never taken > the default sizes from the first install I tried, so... > > jerry > > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Cleaning Out Ports?
If you try to remove a package that has child dependencies, then it'll let you know. You'll have to use the -f flag to force it to delete the package, despite there being any dependencies. If you want to delete a package along with all its dependencies, you can use the -r flag. Use pkgdb -F to fix any dependencies that might be broken. I think that's about right. I'm a FreeBSD newbie :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Cleaning Out Ports?
pkgdb -F will tell you of any packages that have broken dependencies, and allow you to fix them if you choose. On Mon, 31 Jan 2005 21:16:56 -0500, Matt LaPlante <[EMAIL PROTECTED]> wrote: > Well what I'm more concerned with is how would you locate orphaned > dependencies after the fact. For a parallel example, in gentoo you would > "emerge --depclean" which searches the tree for any orphaned packages and > removes them. So say I hadn't used the -r flag when removing packages on > BSD, how could I find the leftovers later? > > -- > Matt LaPlante > System Administrator > Center for Automation Technologies > RPI/CAT, CII 8015 > 110 8th Street > Troy, NY 12180 > Phone: (518) 276-2275 > [EMAIL PROTECTED] > www.cat.rpi.edu > > > -Original Message- > > From: Pat Maddox [mailto:[EMAIL PROTECTED] > > Sent: Monday, January 31, 2005 8:55 PM > > To: Matt LaPlante > > Cc: freebsd-questions@freebsd.org > > Subject: Re: Cleaning Out Ports? > > > > If you try to remove a package that has child dependencies, then it'll > > let you know. You'll have to use the -f flag to force it to delete > > the package, despite there being any dependencies. If you want to > > delete a package along with all its dependencies, you can use the -r > > flag. > > > > Use pkgdb -F to fix any dependencies that might be broken. > > > > I think that's about right. I'm a FreeBSD newbie :) > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re:
I don't use HSphere on FreeBSD at all, but you can use Java 1.4 now. http://www.brettsbsd.net/~estrabd/blog/index.php?/archives/21_Java_1.4_on_FreeBSD_4.10_in_8_steps.html Those are some good instructions on installing Java on FreeBSD. I run JBoss and Tomcat with no problems. On Tue, 1 Feb 2005 00:54:17 +0200 (IST), Anton K. N. :: Kyliptix M.E.R.O. <[EMAIL PROTECTED]> wrote: > Dear Sir/Miss, > Good day, > > Thank you for bringing to us FreeBSD.. > > We are forming server hosting comapny and have plans for FreeBSD as our > major OS with other minor OS's but with our partner of Hsphere Contol > Panel said that FreeBSD has a problem with Java and TomCat server as: > > Our Partner's comment: > > FreeBSD 4.8, 4.9, 4.10 and 5.3 > We don't recommend running CP on FreeBSD, because it only works with > Java 1.3.1, which is slow as compared to 1.4.x. It also doesn't close > Windows connections, which can become a problem if your Windows > servers get hung several times. Finally, on FreeBSD Tomcat doesn't > stop correctly. > > complete information is at: > www.psoft.net/HSdocumentation/sysadmin/preparing_servers.html > > Anton K.N. > Director of Managed Services > Kyliptix Solutions, LLC > Middle East Regional Office > P.O.Box: 759, Ramallah, Palestinian N.A.A. > +972 59 202 205 Office > +972 52 4 340 133 Cell > 001-562-366-2994 Fax headquarter > [EMAIL PROTECTED] > http://www.KyliptixSolutions.com > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ssh default security risc
You're right, if they hack your account and change your password, you're stuck. You can't log in and get it back. You CAN call your provider up (who presumably has local access) and ask them to boot into single user mode, or login directly, and change your pass/delete the account. You can recover if a hacker breaks your regular user account. If a hacker gets root on your machine...well you're just screwed. So it makes a lot more sense to make it difficult for a hacker to get root. Having to break two accounts is a good way of doing that. On Fri, 4 Feb 2005 01:04:34 +0100, Gert Cuykens <[EMAIL PROTECTED]> wrote: > On Fri, 04 Feb 2005 00:05:34 +, Chris Hodgins > <[EMAIL PROTECTED]> wrote: > > Gert Cuykens wrote: > > > On Thu, 03 Feb 2005 23:34:42 +, Chris Hodgins > > > <[EMAIL PROTECTED]> wrote: > > > > > >>Gert Cuykens wrote: > > >> > > >>>By default the root ssh is disabled. If a dedicated server x somewhere > > >>>far far away doesn't have root ssh enabled the admin is pretty much > > >>>screwed if they hack his user account and change the user password > > >>>right ? > > >>> > > >>>So is it not better to enable it by default ? > > >>>___ > > >>>freebsd-questions@freebsd.org mailing list > > >>>http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > >>>To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > >>> > > >> > > >>Every unix box has a root account. Not every unix box has a jblogs > > >>account. Lets take the example of a brute-force attempt. The first > > >>thing I would do would be to attack roots password. I know the account > > >>exists. Might as well go for the big prize first. > > >> > > >>So having a root account enabled is definetly a bad thing. > > >> > > >>Chris > > >> > > > > > > > > > Do you agree a user acount is most of the time more vonerable then the > > > root account ? > > > > Assuming you know the username then maybe. It depends on the strength > > of the users password. If they are only using private keys with > > passphrases then you probably won't be getting access that way with any > > account. > > > > > > > > If they can hack the root they can defenatly hack a user account too. > > > So i dont see any meaning of disabeling it. > > > > If they can hack root they own the system and can do what they like. By > > disabling root you remove the option of this happening. Instead they > > have to try and compromise a user account. Once they compromise the > > user account, they then have to gain root access (assuming that is their > > goal). Why bother with the hassle. There are plenty of machines out > > there already with weak root passwords. If a hacker really wants into > > your system he will find a way. > > > > Chris > > True but the point is without the ssh root enabled there is nothing > you can do about it to stop them if they change your user password > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Postfix can't deliver mail to virtual domains - cannot create file exclusively
I'm trying to set up postfix for virtual domains. Apparently the config is mostly correct, because it looks like PostFix is trying to complete delivery of the mail. I get this in my /var/log/maillog file: Feb 4 19:57:59 cantona postfix/virtual[579]: CA35333C1D: to=<[EMAIL PROTECTED]>, relay=virtual, delay=0, status=deferred (mailbox /var/mail/vhosts/javaspot.net/pergesu: cannot create file exclusively: No such file or directory) Shouldn't PostFix create the vhosts/javaspot.net directory and pergesu file automatically when it delivers the mail? Not sure what the problem is here. I can send mail to local users just fine, so I don't think it's a permissions problem. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Postfix can't deliver mail to virtual domains - cannot create file exclusively
I got it working, and managed to get courier-imap working as well. The only problem (big problem?) is that I had to chmod 777 /var/mail to get it all working together. I'm trying to figure out what permissions I can give it to ensure that postfix and courier-imap can work together...but neither one seems to work with regular permissions. I think I've got them in the correct groups and everything, but I'm not sure. It's not a HUGE deal at this point, because I'm the only user on the system, and don't intend to let anyone else have shell access. Still, I'd like to have things set up correctly. I would have figured that the way FreeBSD installed it would have worked...apparently not. On Sat, 05 Feb 2005 09:24:19 +0100, Volker Kindermann <[EMAIL PROTECTED]> wrote: > Hi Pat, > > > > Feb 4 19:57:59 cantona postfix/virtual[579]: CA35333C1D: > > to=<[EMAIL PROTECTED]>, relay=virtual, delay=0, status=deferred > > (mailbox /var/mail/vhosts/javaspot.net/pergesu: cannot create file > > exclusively: No such file or directory) > > > > Shouldn't PostFix create the vhosts/javaspot.net directory and pergesu > > file automatically when it delivers the mail? Not sure what the > > problem is here. I can send mail to local users just fine, so I don't > > think it's a permissions problem. > > please post your main.cf and the files with the virtual entries. > > > -volker > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Postfix can't deliver mail to virtual domains - cannot create file exclusively
By the way, the problem appears to be solely permissions-based. When I've got normal-looking permissions on /var/mail, postfix gives that error, "cannot create file." Courier-IMAP says, "imapd: chdir javaspot.net/pergesu: No such file or directory" chmod 777 /var/mail and they both work fine. But that's of course not the permissions I want on it. On Sat, 5 Feb 2005 01:48:30 -0700, Pat Maddox <[EMAIL PROTECTED]> wrote: > I got it working, and managed to get courier-imap working as well. > > The only problem (big problem?) is that I had to chmod 777 /var/mail > to get it all working together. I'm trying to figure out what > permissions I can give it to ensure that postfix and courier-imap can > work together...but neither one seems to work with regular > permissions. I think I've got them in the correct groups and > everything, but I'm not sure. > > It's not a HUGE deal at this point, because I'm the only user on the > system, and don't intend to let anyone else have shell access. Still, > I'd like to have things set up correctly. I would have figured that > the way FreeBSD installed it would have worked...apparently not. > > > On Sat, 05 Feb 2005 09:24:19 +0100, Volker Kindermann <[EMAIL PROTECTED]> > wrote: > > Hi Pat, > > > > > > > Feb 4 19:57:59 cantona postfix/virtual[579]: CA35333C1D: > > > to=<[EMAIL PROTECTED]>, relay=virtual, delay=0, status=deferred > > > (mailbox /var/mail/vhosts/javaspot.net/pergesu: cannot create file > > > exclusively: No such file or directory) > > > > > > Shouldn't PostFix create the vhosts/javaspot.net directory and pergesu > > > file automatically when it delivers the mail? Not sure what the > > > problem is here. I can send mail to local users just fine, so I don't > > > think it's a permissions problem. > > > > please post your main.cf and the files with the virtual entries. > > > > > > -volker > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
[RESOLVED] Postfix can't deliver mail to virtual domains - cannot create file exclusively
Volker, thanks for all your help. I got everything running smoothly. For courier-imap, I set the uid and gid in the authmysqlrc file. But I needed to set the uid and gid in both postfix and courier...so your instructions helped greatly. Thanks a lot! Pat On Sat, 05 Feb 2005 14:36:19 +0100, Volker Kindermann <[EMAIL PROTECTED]> wrote: > Hi Pat, > > Pat Maddox wrote: > > By the way, the problem appears to be solely permissions-based. When > > I've got normal-looking permissions on /var/mail, postfix gives that > > error, "cannot create file." Courier-IMAP says, "imapd: chdir > > javaspot.net/pergesu: No such file or directory" chmod 777 /var/mail > > and they both work fine. But that's of course not the permissions I > > want on it. > > I have postfix with virtual Maildirs and courier imap set up, too. > > Here's the relevant part of my main.cf: > > virtual_mailbox_base = /home/vmail > virtual_uid_maps = static:600 > virtual_gid_maps = static:600 > > The directory /home/vmail is owned by the vmail user (id 600). With the > virtual_uid_maps setting postfix uses this user for writing to the > directories. > > In courier, you are also able to define this user: > > /usr/local/courier-imap/sbin/userdb "/@" set > home=/home/vmail mail=/home/vmail// uid=600 gid=600 > > With these settings everything works well. > > > -volker > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Where do all the passwd get saved ?
/etc/passwd is a system file that just lists accounts. Having the passwords in there is insecure because it has to be readable by everyone. In linux systems, the actual passwords are in /etc/shadow. I don't know exactly how FreeBSD handles passwords. I don't even think it uses /etc/passwd (only there for compatibility with some linux software?), and instead keeps everything in a hashed database file. My guess is that all the passwords are in spwd.db. But I don't know that for sure :) Hopefully somebody else can clarify this. On Sun, 6 Feb 2005 01:45:09 +0100, Gert Cuykens <[EMAIL PROTECTED]> wrote: > I thought it was /etc/passwd but that seemed not to be where i was > looking for :) > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Enabling authdaemond creates 5 processes
I installed courier-imap and got everything running fine...found out that I need to enable authdaemond on startup. If I put courier_authdaemond_enable="YES" into /etc/rc.conf, then there are five or so authdaemond processes running when it starts up. I don't think that should be happening, and I've got no clue why it is. Any help? Pat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Enabling authdaemond creates 5 processes
I just started up authdaemond manually, and it has 6 processes going. PIDs 670-675. So it doesn't look like anything is different when it's run from the command line than from when it's run on boot. Still, is it normal for there to be 6 processes? On Sat, 5 Feb 2005 19:24:43 -0700, Pat Maddox <[EMAIL PROTECTED]> wrote: > I installed courier-imap and got everything running fine...found out > that I need to enable authdaemond on startup. If I put > courier_authdaemond_enable="YES" > into /etc/rc.conf, then there are five or so authdaemond processes > running when it starts up. I don't think that should be happening, > and I've got no clue why it is. Any help? > > Pat > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Enabling authdaemond creates 5 processes
I was browsing through the authdaemond.rc file, and there's a section about the number of daemons. That was set to 5, so I guess there are supposed to be multiple authdaemond processes running. On Sat, 5 Feb 2005 19:30:30 -0700, Pat Maddox <[EMAIL PROTECTED]> wrote: > I just started up authdaemond manually, and it has 6 processes going. > PIDs 670-675. So it doesn't look like anything is different when it's > run from the command line than from when it's run on boot. Still, is > it normal for there to be 6 processes? > > > On Sat, 5 Feb 2005 19:24:43 -0700, Pat Maddox <[EMAIL PROTECTED]> wrote: > > I installed courier-imap and got everything running fine...found out > > that I need to enable authdaemond on startup. If I put > > courier_authdaemond_enable="YES" > > into /etc/rc.conf, then there are five or so authdaemond processes > > running when it starts up. I don't think that should be happening, > > and I've got no clue why it is. Any help? > > > > Pat > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Unable to get phpMyAdmin working
I just installed phpMyAdmin from ports, and it didn't look like I needed to make any changes to the config file. Initially I set the authorization type as http, but when it wasn't working, I specified the root username and password and tried config instead. I get this error: phpMyAdmin was unable to read your configuration file! This might happen if php finds a parse error in it or php cannot find the file. Please call the configuration file directly using the link below and read the php error message(s) that you receive. In most cases a quote or a semicolon is missing somewhere. If you receive a blank page, everything is fine. So then I click on the link to config.inc.php like it says, and it's a blank page. So everything should be fine...but it's definitely not. Any clue what I need to do? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Unable to get phpMyAdmin working
I managed to get it working by chowning the entire phpMyAdmin dir to www:www. Not sure if that's the best thing, but it works. On Mon, 7 Feb 2005 11:22:41 -0500, Ken Hawkins <[EMAIL PROTECTED]> wrote: > do you have a php.ini file? what version of apache are you running? did > you set up the Ailas in httpd.conf as well as define its access? > > Alias /phpmyadmin/ "/usr/local/www/phpMyAdmin/" > > /phpMyAdmin"> > Options Indexes MultiViews > AllowOverride None > Order allow,deny > Allow from all > > > what is the error in your http error log and/or phperr log file? you > will probably see a undefined error somewhere, at least this is what I > saw and i have a php.ini file in place. > > make sure you have: > > .:/php/includes > > in you include_path and/or move the php.ini file out of /usr/local/etc > dir and restart apache (not graceful as this haas been an issue for > leaving the php ini stuff loaded in the past) to see what happens. > > I am making a stab at your problem here ad might be way, WAY off base > however you will have log info in /var/log(your logging dir default) > for apache and php (phperr) let us know what is in those logs and I can > help out a bit more. recently ran the gauntlet of php installation hell > earlier. > > ken; > > On Feb 7, 2005, at 11:12 AM, Pat Maddox wrote: > > > I just installed phpMyAdmin from ports, and it didn't look like I > > needed to make any changes to the config file. Initially I set the > > authorization type as http, but when it wasn't working, I specified > > the root username and password and tried config instead. I get this > > error: > > > > phpMyAdmin was unable to read your configuration file! > > This might happen if php finds a parse error in it or php cannot find > > the file. > > Please call the configuration file directly using the link below and > > read the php error message(s) that you receive. In most cases a quote > > or a semicolon is missing somewhere. > > If you receive a blank page, everything is fine. > > > > So then I click on the link to config.inc.php like it says, and it's a > > blank page. So everything should be fine...but it's definitely not. > > Any clue what I need to do? > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > > "[EMAIL PROTECTED]" > > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Change Apache version string
I've got mod_php installed as well as mod_jk, so whenever there's a 404 Apache displays Apache/2.0.52 (FreeBSD) PHP/4.3.10 mod_jk/1.2.6 I'm not sure if I'm being overly paranoid, but I don't really like the fact that all that info gets displayed. Is there any way I can change Apache's version string, like I can with any ftp or smtp daemon? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Best JDK for performance?
Hi Chad, I wrestled with this for a while, I didn't find much useful information. I've got a website on FreeBSD and JBoss4, with the native JDK, and it runs really well. No crashes and no memory issues that I can see so far. Pat On Tue, 8 Feb 2005 12:16:11 -0500, Chad Morland <[EMAIL PROTECTED]> wrote: > Which JDK gives the best performance on FreeBSD? I have the following > installed from ports: > > /usr/local/jdk1.4.2 > /usr/local/linux-sun-jdk1.4.2 > > -CM > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Inactive memory
I've always got a lot of inactive memory on my machine, around 520MB or so. While doing a portupgrade, the free memory dropped to around 13MB. I'm just curious what exactly the inactive memory is. Will the OS use the inactive memory before dipping into swap? Or is that memory off limits now? If so, is there any way to free it up? I've got 1GB total on the machine. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Inactive memory
Alright, that lets me know that it's not an entirely bad thing. It does say, however, that it's fine as long as the free memory isn't REALLY low. It did get down to 13MB though, as I said. So now I understand that it's alright for the free memory to be low. I don't understand how the inactive, cache, and buffered memory are used though. When a process uses up all the free memory, does it then use some from inactive, or does it use swap? On Tue, 8 Feb 2005 22:36:12 +0100, Erik Trulsson <[EMAIL PROTECTED]> wrote: > On Tue, Feb 08, 2005 at 02:33:14PM -0700, Pat Maddox wrote: > > I've always got a lot of inactive memory on my machine, around 520MB > > or so. While doing a portupgrade, the free memory dropped to around > > 13MB. I'm just curious what exactly the inactive memory is. Will the > > OS use the inactive memory before dipping into swap? Or is that > > memory off limits now? If so, is there any way to free it up? I've > > got 1GB total on the machine. > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/misc.html#TOP-FREEMEM > > -- > > Erik Trulsson > [EMAIL PROTECTED] > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Inactive memory
Well Chuck, that must be a great answer, because I don't understand any of it :) I guess my only concern is that I have plenty of RAM available (1GB total, 520MB inactive usually), and wanted to make sure that it's not just a big memory leak. It's only been running for a couple days, so I was kind of scared that in a week it'd be something like 900 inactive and suddenly everything is coming out of swap. I'd just like to know that my machine is going to use the memory efficiently. Thanks for the response. (I think) it reassured me of what I need to know. On Tue, 08 Feb 2005 17:13:19 -0500, Chuck Swiger <[EMAIL PROTECTED]> wrote: > Pat Maddox wrote: > > Alright, that lets me know that it's not an entirely bad thing. It > > does say, however, that it's fine as long as the free memory isn't > > REALLY low. It did get down to 13MB though, as I said. > > Really low means less than 1 MB. That would indicate the VM system is under > so much pressure that it can't maintain the minimum amount of free space it > wants to have: > > vm.v_free_min: 378 > vm.v_free_target: 1655 > vm.v_free_reserved: 143 > vm.v_pageout_free_min: 34 > vm.v_free_severe: 260 > > These numbers are likely to be in 4K pages, 260 * 4K = 1040K ~= 1 MB, and will > vary slighty depending on available physical RAM, kernel size, and probably > the phase of the moon. :-) > > > So now I understand that it's alright for the free memory to be low. > > I don't understand how the inactive, cache, and buffered memory are > > used though. When a process uses up all the free memory, does it then > > use some from inactive, or does it use swap? > > A process will start reusing inactive memory, which involves flushing data to > disk and/or using swap, depending, but the VM system may well swap out pages > from other processes instead (especially ones that have been idle for a long > time). > > [ The VM pager uses LRU or actually NFU page selection algorithms with complex > names like "second chance replacement via clock hand sweep, with working set > size and global page-fault frequency modelling". :-) This is a complicated > topic, and it starts becoming better to look at the code than to try to > describe the algorithms in words. ] > > -- > -Chuck > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Inactive memory
Thanks a lot for the explanation. I think I can close top and stop
worrying now :)
On Tue, 8 Feb 2005 23:27:59 +0100, Erik Trulsson <[EMAIL PROTECTED]> wrote:
> On Tue, Feb 08, 2005 at 02:44:39PM -0700, Pat Maddox wrote:
> > Alright, that lets me know that it's not an entirely bad thing. It
> > does say, however, that it's fine as long as the free memory isn't
> > REALLY low. It did get down to 13MB though, as I said.
>
> Don't worry. 13MB is not what I would consider as "REALLY low" (ok,
> with 1GB RAM maybe it is) but anyway, the only thing to worry about is
> if the system starts to swap very often - that means you need more memory.
>
> >
> > So now I understand that it's alright for the free memory to be low.
> > I don't understand how the inactive, cache, and buffered memory are
> > used though. When a process uses up all the free memory, does it then
> > use some from inactive, or does it use swap?
>
> Memory normally moves along the following path:
>
> Wired -> Active -> Inactive -> Cached -> Free
>
> and then when it gets allocated and used it moves back to Wired.
>
> The difference between the categories is mainly that "Inactive" and
> "Cached" memory still contains data that the system might be able to
> reuse, while "Free" memory is completely free and unused.
> In order to use Cached or Inactive memory it might need to be flushed
> first, with Inactive probably being dirty and Cached probably not.
> ("Active" memory is almost certainly dirty and is therefore somewhat
> more expensive to reuse.
>
> If you didn't understand the preceding paragraph, don't worry. It is
> not really important to understand.
>
> For most purposes you should just consider all of "Free", "Cached", and
> "Inactive" to be free memory that is available for allocation.
>
>
> >
> >
> > On Tue, 8 Feb 2005 22:36:12 +0100, Erik Trulsson <[EMAIL PROTECTED]> wrote:
> > > On Tue, Feb 08, 2005 at 02:33:14PM -0700, Pat Maddox wrote:
> > > > I've always got a lot of inactive memory on my machine, around 520MB
> > > > or so. While doing a portupgrade, the free memory dropped to around
> > > > 13MB. I'm just curious what exactly the inactive memory is. Will the
> > > > OS use the inactive memory before dipping into swap? Or is that
> > > > memory off limits now? If so, is there any way to free it up? I've
> > > > got 1GB total on the machine.
> > >
> > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/misc.html#TOP-FREEMEM
>
> --
>
> Erik Trulsson
> [EMAIL PROTECTED]
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Configuring PF
I want to install a firewall on my system. First of all, is PF the one I should be using? It seems to get the most recommendations. I don't actually seem to have any problems configuring it - I just have some problems testing the configuration. I can ssh to the box, and I can access port 80...but I'd like to be able to just scan it to quickly see what's up. When PF is disabled, I can nmap it in about 9 seconds. When I turn it on, it takes over 3 minutes to do. These machines are on the same network, so the connection is obviously fast. Are there any good, pretty simple guides on setting up PF? I'm having a tough time understanding what the rulesets all mean. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Configuring PF
Is there any place I can find a good default ruleset for a server, and
just change what ports I want open?
Also, I've noticed that some rulesets will have different flags and
keep state on for certain TCP ports, but not others. For example, at
https://www.section6.net/help/pf.php I found:
#WebServer, HTTPS, 8000
pass in on $extif proto tcp from any to any port 80 flags S/SA
pass in on $extif proto tcp from any to any port $tcp_services flags
S/SA synproxy state
tcp_services is {22, 443}
I don't understand why they use synproxy state for 22 and 443, but not 80
On Mon, 14 Feb 2005 23:44:32 -0500, chip <[EMAIL PROTECTED]> wrote:
> > quickly see what's up. When PF is disabled, I can nmap it in about 9
> > seconds. When I turn it on, it takes over 3 minutes to do. These
> > machines are on the same network, so the connection is obviously fast.
>
> I believe this is becuase nmap is having to wait on the connections to
> time out. If you tell PF to 'reject' instead of 'drop' it may go a
> bit faster.
>
> --
> Just my $.02, your mileage may vary, batteries not included, etc
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: installing java on a box?
Hi Ken, The best thing I saw on installing Java is below. It worked flawlessly. http://www.brettsbsd.net/~estrabd/blog/index.php?/archives/21_Java_1.4_on_FreeBSD_4.10_in_8_steps.html Pat On Wed, 16 Feb 2005 11:20:04 -0500, Ken Hawkins <[EMAIL PROTECTED]> wrote: > I have seen a few things on how to do this however I can't find the > java file:j2sdk-1_3_1_14-linux-i586.bin > > on any of sun's servers. > > in lieu of what I have been doing how can i install java on a FreeBSD > box? > > thanks, > > ken; > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Configuring PF
I've managed to come up with something that works so far. I am having
two problems though.
The first is that I can't authenticate for IMAP anymore. No clue why,
it just keeps rejecting my password. maillog shows imapd: LOGIN
FAILED, that's it.
Also, after enabling pf, all my UDP ports show as open. I've got a ruleset of
block in log on $ext_if proto udp all
So all UDP ports should be shown as closed. Doesn't really make any
sense to me. Anyone care to help?
Thanks for the help so far.
Pat
On Wed, 16 Feb 2005 13:26:37 +0100, Volker Kindermann <[EMAIL PROTECTED]> wrote:
> Hi Pat,
>
>
> > Is there any place I can find a good default ruleset for a server, and
> > just change what ports I want open?
>
> pf originates at openbsd. There you'll find lots of documentation, the
> pf-faq, and the (as always in the BSD world) excellent manpages.
>
> In addition there's the pf-repository at: https://solarflux.org/pf/
>
> And there are some books which include examples.
>
>
> > Also, I've noticed that some rulesets will have different flags and
> > keep state on for certain TCP ports, but not others. For example, at
> > https://www.section6.net/help/pf.php I found:
> > #WebServer, HTTPS, 8000
> > pass in on $extif proto tcp from any to any port 80 flags S/SA
> > pass in on $extif proto tcp from any to any port $tcp_services flags
> > S/SA synproxy state
> >
> > tcp_services is {22, 443}
> >
> > I don't understand why they use synproxy state for 22 and 443, but not 80
>
> Because synproxy as a security feature has a drawback: speed. Do you
> understand what synproxy does? It completes the three-way-handshake at
> the firewall first and only if this succeds it forwards the connection
> to the (web)server. This takes some small amount of time.
>
> Acceptable with protocolls like ssh and https but mostly unacceptable
> with http.
>
> -volker
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
IMAP no longer authorizing
I've had Courier-IMAP working great with a MySQL database for over a week now. I just rebooted my machine for the first time, and now I can't auth at all. It just rejects every password, maillog says that the login attempt failed every time. I've got no idea at all why this is happening. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: IMAP no longer authorizing
It turns out that the authlibmysql.so file wasn't there anymore...it doesn't get deleted every time the machine reboots, does it? That wouldn't make any sense. On Wed, 16 Feb 2005 19:35:08 -0700, Pat Maddox <[EMAIL PROTECTED]> wrote: > I've had Courier-IMAP working great with a MySQL database for over a > week now. I just rebooted my machine for the first time, and now I > can't auth at all. It just rejects every password, maillog says that > the login attempt failed every time. I've got no idea at all why this > is happening. > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Configuring PF
Can you guys let me know if this looks like a good conf file? I've
got web, mail, ftp, ssh, and DNS that I need to have open.
# Macros
ext_if="fxp0"
SYN_ONLY="S/FSRA"
tcp_services = "{ 21, 22, 25, 53, 80, 143 }"
icmp_types = "echoreq"
# Default deny
block all
## Filtering rules
# Default TCP policy
block return-rst in log on $ext_if proto TCP all
pass in log quick on $ext_if proto TCP from any to $ext_if port
$tcp_services flags $SYN_ONLY keep state
# Default UDP policy
block in log on $ext_if proto udp all
pass in log quick on $ext_if proto UDP from any to $ext_if port 53 keep state
# Default ICMP policy
block in log on $ext_if proto icmp all
pass in inet proto icmp all icmp-type echoreq keep state
block out log on $ext_if all
pass out log quick on $ext_if from $ext_if to any keep state
# Allow the local interface to talk unrestricted
pass in quick on lo0 all
pass out quick on lo0 all
On Fri, 18 Feb 2005 03:17:30 +0100, J65nko BSD <[EMAIL PROTECTED]> wrote:
> On Wed, 16 Feb 2005 19:18:17 -0700, Pat Maddox <[EMAIL PROTECTED]> wrote:
> > I've managed to come up with something that works so far. I am having
> > two problems though.
> >
> > The first is that I can't authenticate for IMAP anymore. No clue why,
> > it just keeps rejecting my password. maillog shows imapd: LOGIN
> > FAILED, that's it.
> >
> > Also, after enabling pf, all my UDP ports show as open. I've got a ruleset
> > of
> > block in log on $ext_if proto udp all
> >
> > So all UDP ports should be shown as closed. Doesn't really make any
> > sense to me. Anyone care to help?
> >
> > Thanks for the help so far.
> >
> > Pat
>
> Start with a default policy to block and log all traffic
>
> # --- default policy
> block log from any to any
>
> Now you only have to open ports to let traffic in. If you don't know
> which port to open for a certain protocol, you can run "tcpdump -eni
> pfl0g". tcpdump will show which rule blocked, and on which port
> address combination.
>
> =Adriaan=
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Configuring PF
On Sun, 20 Feb 2005 06:23:39 -0800, Loren M. Lang <[EMAIL PROTECTED]> wrote: > On Mon, Feb 14, 2005 at 09:32:25PM -0700, Pat Maddox wrote: > > I want to install a firewall on my system. First of all, is PF the > > one I should be using? It seems to get the most recommendations. > > > > I don't actually seem to have any problems configuring it - I just > > have some problems testing the configuration. I can ssh to the box, > > and I can access port 80...but I'd like to be able to just scan it to > > quickly see what's up. When PF is disabled, I can nmap it in about 9 > > seconds. When I turn it on, it takes over 3 minutes to do. These > > machines are on the same network, so the connection is obviously fast. > > This is a good thing, IMHO. Think about all those script kiddies > sitting out there looking for a nice, juicy server to compromise. If it > takes them 3 minutes to port scan your machine, they'll probably cancel > it before it's finished and move on. That makes sense to me. I'd still like to be able to scan it the first time around to make sure everything's working, then I can just set it to drop packets, so it takes longer. I'd still like to find a good example config file that works well for a web server. > > I believe what's happening is that all ports that aren't open are > configured to drop packets instead of reject them like is default. > Reject means send back an error message saying port is closed where > dropping just ignores it. The port scanner sends out a request and > waits for a response, either "Hello," or "Sorry, I'm closed." It will > wait quite a while before it decides that nothings there. > > > > > Are there any good, pretty simple guides on setting up PF? I'm having > > a tough time understanding what the rulesets all mean. > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > -- > I sense much NT in you. > NT leads to Bluescreen. > Bluescreen leads to downtime. > Downtime leads to suffering. > NT is the path to the darkside. > Powerful Unix is. > > Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc > Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Good rentable servers?
I rent a server from www.layeredtech.com They've been great so far. I'm not sure what exactly you need - it's obviously different if you're hosting a couple sites versus just having a machine to play with. The cheapest server they've got is $65/mo, though you might be able to talk em down a couple more bucks. You could also try getting a VPS from a place like servint, and have them install FreeBSD for you. Check out www.webhostingtalk.comYou can ask some questions there and get great responses as to your various options. On Mon, 21 Feb 2005 10:12:21 +0100, Uwe Doering <[EMAIL PROTECTED]> wrote: > bsdnooby wrote: > > > > Instead of getting a fixed IP address at my house, and having a noisy > > machine running all the time - I think I might want to try renting a > > dedicated FreeBSD server. It would be used for running Apache, phpBB, > > email, listserv, and a few other services. I found several places that > > have dedicated FreeBSD machines to rent, their prices seems to all be > > $99 a month. > > > > Is there a cheaper or better option? Maybe a virtualized server or a jail? > > There are indeed less expensive solutions available. For instance, you > may want to take a look at my signature below. ;-) > > Uwe > -- > Uwe Doering | EscapeBox - Managed On-Demand UNIX Servers > [EMAIL PROTECTED] | http://www.escapebox.net > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: recommended trouble ticketing system
My favorite one is Kayako eSupport - www.kayako.com Another popular one is Cerberus HelpDesk - www.cerberusweb.com On Wed, 23 Feb 2005 01:16:15 -0800 (PST), Mark Jayson Alvarez <[EMAIL PROTECTED]> wrote: > Hi, > I'm looking for a software that we can use for > trouble ticketing system. We are using Open Ticket > Request System(OTRS) before but my superiors, told me > that I can search for another better software for this > purpose. Can you suggest me some of the trouble > ticketing systems you have used before aside from OTRS > and if there's any problem you have encountered using > it or its advantages over OTRS. I did a quick search > on google and freebsd ports and found Request > Tracker(RT), also Trouble Ticket System from > Freshmeat, and lastly WebTTS, but I'm having a hard > time deciding which one to use. Suggestions are very > much welcome. > > Thanks! > > __ > Do you Yahoo!? > Yahoo! Mail - Find what you need with new enhanced search. > http://info.mail.yahoo.com/mail_250 > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Backing up postgresql data
I've got postgresql 8 running on my system, and want to do nightly backups of the database. I took a look at the docs, and there are a few methods of doing backups - pg_dump, file system level, and using WAL. I just want to be able to rsync my data every night, maybe every few hours, so that I can recover it if there are any problems...so what's the best way to do this. Are there any scripts or utilities available to make my life easy? Thanks, Pat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
What packages can I deinstall?
I've got a bunch of packages installed on my machine and I'd like to know if I can deinstall any of them. I know what a lot of them do, and know what will happen if I deinstall them. Others, I'm not really sure. For example I've got a package named cclient (http://www.freshports.org/mail/cclient/) installed. If I run pkg_deinstall -n cclient, it says that it'd be removed without any problems. So evidently no other package is depending on this...perhaps it's just an artifact from a package I installed a while back but deinstalled? Basically I'd like to clear out any unused packages. Is it safe to just run on pkg_deinstall -n on any package I don't recognize, and if it isn't required as a dependency for another package go ahead and delete it? Thanks, Pat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
"Out of range" starting Xorg on dual display
I've got a dual display setup, and it had been working fine once I finally got the config done. They're two displays running off one graphics card, one through the DVI output and one through the D-SUB. Today I had to switch the inputs that the monitors use, and it just doesn't work anymore. I get a message on my left display that says "Out of range." This isn't an Xorg or FreeBSD error, it's a message from the displays built-in HUD. This doesn't make any sense because as far as Xorg is concerned, there shouldn't be any difference. The D-SUB display should be on the left, and the DVI one should be on the right. I really don't understand what could be causing a problem, but for what it's worth, the display now connected to the D-SUB has always been more finicky than my other display. They're a ViewSonic vp201 (D-SUB) and Dell 2001fp (DVI). Here's my config: Section "ServerLayout" Identifier "Dual Head" Screen 0 "Screen0" 0 0 Screen 1 "Screen1" RightOf "Screen0" InputDevice"Mouse0" "CorePointer" InputDevice"Keyboard0" "CoreKeyboard" Option "Xinerama" "true" Option "Clone" "off" EndSection Section "Files" RgbPath "/usr/X11R6/lib/X11/rgb" ModulePath "/usr/X11R6/lib/modules" FontPath "/usr/X11R6/lib/X11/fonts/misc/" FontPath "/usr/X11R6/lib/X11/fonts/TTF/" FontPath "/usr/X11R6/lib/X11/fonts/Type1/" FontPath "/usr/X11R6/lib/X11/fonts/CID/" FontPath "/usr/X11R6/lib/X11/fonts/75dpi/" FontPath "/usr/X11R6/lib/X11/fonts/100dpi/" EndSection Section "Module" Load "dbe" #Load "dri" Load "extmod" Load "glx" Load "record" Load "xtrap" Load "freetype" Load "type1" EndSection Section "InputDevice" Identifier "Keyboard0" Driver "kbd" EndSection Section "InputDevice" Identifier "Mouse0" Driver "mouse" Option "Protocol" "auto" Option "Device" "/dev/sysmouse" Option "ZAxisMapping" "4 5" EndSection Section "Monitor" Identifier "Monitor0" VendorName "Vendor Name" ModelName "Model Name" EndSection Section "Device" Identifier "Card0" Driver "nvidia" VendorName "nVidia Corporation" BoardName "NV25 [GeForce4 Ti 4600]" BusID "PCI:1:0:0" Screen 0 Option "RenderAccel" "true" Option "AllowGLXWithComposite" "true" EndSection Section "Device" Identifier "Card1" Driver "nvidia" VendorName "nVidia Corporation" BoardName "NV25 [GeForce4 Ti 4600]" BusID "PCI:1:0:0" Screen 1 Option "RenderAccel" "true" Option "AllowGLXWithComposite" "true" EndSection Section "Screen" Identifier "Screen0" Device "Card0" Monitor"Monitor0" DefaultDepth 24 SubSection "Display" Viewport 0 0 Depth 24 Modes "1600x1200" EndSubSection EndSection Section "Screen" Identifier "Screen1" Device "Card1" Monitor "Monitor0" DefaultDepth 24 SubSection "Display" Viewport 0 0 Depth 24 EndSubSection EndSection ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: "Out of range" starting Xorg on dual display
On 11/10/05, Garrett Cooper <[EMAIL PROTECTED]> wrote: > On Nov 10, 2005, at 3:10 AM, Pat Maddox wrote: > > > I've got a dual display setup, and it had been working fine once I > > finally got the config done. They're two displays running off one > > graphics card, one through the DVI output and one through the D-SUB. > > Today I had to switch the inputs that the monitors use, and it just > > doesn't work anymore. I get a message on my left display that says > > "Out of range." This isn't an Xorg or FreeBSD error, it's a message > > from the displays built-in HUD. This doesn't make any sense because > > as far as Xorg is concerned, there shouldn't be any difference. The > > D-SUB display should be on the left, and the DVI one should be on the > > right. I really don't understand what could be causing a problem, but > > for what it's worth, the display now connected to the D-SUB has always > > been more finicky than my other display. They're a ViewSonic vp201 > > (D-SUB) and Dell 2001fp (DVI). Here's my config: > > > > > > Section "ServerLayout" > > Identifier "Dual Head" > > Screen 0 "Screen0" 0 0 > > Screen 1 "Screen1" RightOf "Screen0" > > InputDevice"Mouse0" "CorePointer" > > InputDevice"Keyboard0" "CoreKeyboard" > > > > Option "Xinerama" "true" > > Option "Clone" "off" > > EndSection > > > > Section "Files" > > RgbPath "/usr/X11R6/lib/X11/rgb" > > ModulePath "/usr/X11R6/lib/modules" > > FontPath "/usr/X11R6/lib/X11/fonts/misc/" > > FontPath "/usr/X11R6/lib/X11/fonts/TTF/" > > FontPath "/usr/X11R6/lib/X11/fonts/Type1/" > > FontPath "/usr/X11R6/lib/X11/fonts/CID/" > > FontPath "/usr/X11R6/lib/X11/fonts/75dpi/" > > FontPath "/usr/X11R6/lib/X11/fonts/100dpi/" > > EndSection > > > > Section "Module" > > Load "dbe" > > #Load "dri" > > Load "extmod" > > Load "glx" > > Load "record" > > Load "xtrap" > > Load "freetype" > > Load "type1" > > EndSection > > > > Section "InputDevice" > > Identifier "Keyboard0" > > Driver "kbd" > > EndSection > > > > Section "InputDevice" > > Identifier "Mouse0" > > Driver "mouse" > > Option "Protocol" "auto" > > Option "Device" "/dev/sysmouse" > > Option "ZAxisMapping" "4 5" > > EndSection > > > > Section "Monitor" > > Identifier "Monitor0" > > VendorName "Vendor Name" > > ModelName "Model Name" > > EndSection > > > > Section "Device" > > Identifier "Card0" > > Driver "nvidia" > > VendorName "nVidia Corporation" > > BoardName "NV25 [GeForce4 Ti 4600]" > > BusID "PCI:1:0:0" > > Screen 0 > > Option "RenderAccel" "true" > > Option "AllowGLXWithComposite" "true" > > EndSection > > > > Section "Device" > > Identifier "Card1" > > Driver "nvidia" > > VendorName "nVidia Corporation" > > BoardName "NV25 [GeForce4 Ti 4600]" > > BusID "PCI:1:0:0" > > Screen 1 > > Option "RenderAccel" "true" > > Option "AllowGLXWithComposite" "true" > > EndSection > > > > Section "Screen" > > Identifier "Screen0" > > Device "Card0" > > Monitor"Monitor0" > > DefaultDepth 24 > > > > SubSection "Display" > > Viewport 0 0 > > Depth 24 > > Modes "1600x1200" > > EndSubSection > > EndSection > > > > Section "Scree
Re: "Out of range" starting Xorg on dual display
On 11/10/05, Garrett Cooper <[EMAIL PROTECTED]> wrote: > > On Nov 10, 2005, at 11:07 AM, Pat Maddox wrote: > > > On 11/10/05, Garrett Cooper <[EMAIL PROTECTED]> wrote: > >> On Nov 10, 2005, at 3:10 AM, Pat Maddox wrote: > >> > >>> I've got a dual display setup, and it had been working fine once I > >>> finally got the config done. They're two displays running off one > >>> graphics card, one through the DVI output and one through the D-SUB. > >>> Today I had to switch the inputs that the monitors use, and it just > >>> doesn't work anymore. I get a message on my left display that says > >>> "Out of range." This isn't an Xorg or FreeBSD error, it's a message > >>> from the displays built-in HUD. This doesn't make any sense because > >>> as far as Xorg is concerned, there shouldn't be any difference. The > >>> D-SUB display should be on the left, and the DVI one should be on > >>> the > >>> right. I really don't understand what could be causing a > >>> problem, but > >>> for what it's worth, the display now connected to the D-SUB has > >>> always > >>> been more finicky than my other display. They're a ViewSonic vp201 > >>> (D-SUB) and Dell 2001fp (DVI). Here's my config: > >>> > >>> > >>> Section "ServerLayout" > >>> Identifier "Dual Head" > >>> Screen 0 "Screen0" 0 0 > >>> Screen 1 "Screen1" RightOf "Screen0" > >>> InputDevice"Mouse0" "CorePointer" > >>> InputDevice"Keyboard0" "CoreKeyboard" > >>> > >>> Option "Xinerama" "true" > >>> Option "Clone" "off" > >>> EndSection > >>> > >>> Section "Files" > >>> RgbPath "/usr/X11R6/lib/X11/rgb" > >>> ModulePath "/usr/X11R6/lib/modules" > >>> FontPath "/usr/X11R6/lib/X11/fonts/misc/" > >>> FontPath "/usr/X11R6/lib/X11/fonts/TTF/" > >>> FontPath "/usr/X11R6/lib/X11/fonts/Type1/" > >>> FontPath "/usr/X11R6/lib/X11/fonts/CID/" > >>> FontPath "/usr/X11R6/lib/X11/fonts/75dpi/" > >>> FontPath "/usr/X11R6/lib/X11/fonts/100dpi/" > >>> EndSection > >>> > >>> Section "Module" > >>> Load "dbe" > >>> #Load "dri" > >>> Load "extmod" > >>> Load "glx" > >>> Load "record" > >>> Load "xtrap" > >>> Load "freetype" > >>> Load "type1" > >>> EndSection > >>> > >>> Section "InputDevice" > >>> Identifier "Keyboard0" > >>> Driver "kbd" > >>> EndSection > >>> > >>> Section "InputDevice" > >>> Identifier "Mouse0" > >>> Driver "mouse" > >>> Option "Protocol" "auto" > >>> Option "Device" "/dev/sysmouse" > >>> Option "ZAxisMapping" "4 5" > >>> EndSection > >>> > >>> Section "Monitor" > >>> Identifier "Monitor0" > >>> VendorName "Vendor Name" > >>> ModelName "Model Name" > >>> EndSection > >>> > >>> Section "Device" > >>> Identifier "Card0" > >>> Driver "nvidia" > >>> VendorName "nVidia Corporation" > >>> BoardName "NV25 [GeForce4 Ti 4600]" > >>> BusID "PCI:1:0:0" > >>> Screen 0 > >>> Option "RenderAccel" "true" > >>> Option "AllowGLXWithComposite" "true" > >>> EndSection > >>> > >>> Section "Device" > >>> Identifier "Card1" > >>> Driver "nvidi
Upgrading to pgsql 8.1 via ports
So PostgreSQL 8.1 was released a few days ago, and I was looking forward to upgrading to it. Figured it might take a day or two before the changes were made in ports, and was surprised to see that my postgresql packages are still up to date. The packages I have installed are postgresql-server and postgresql-client...which according to freshports.org don't exist! Right now I'm running 8.0, but I guess I have some outdated packages that may have been deleted? I don't know, to be honest. So I've got a few questions. First, should I not be using postgresql-server and postgresql-client? They don't seem to be in /usr/ports/databases anymore, and I definitely installed them from ports. Should I use postgresql81-server now instead? What do I need to do in order to upgrade my system to use pgsql 8.1? Thanks, Pat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Install ruby-postgres binding with postgres 8.1
I want to install the ruby-postgres binding (ports/databases/ruby-postgres), and I've got postgres 8.1 installed on my machine. When I do 'make install', it starts to download postgresql-client-7.4.9, and then fails because that conflicts with postgresql-client-8.1.0, which I have installed. I'd like to somehow remove the dependency on 7.4.9 and compile against 8.1.0...how can I do this? Thanks, Pat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Install ruby-postgres binding with postgres 8.1
I managed to get this working. If anyone's interested, I wrote up a short guide to upgrading to 8.1 http://www.flpr.org/articles/2005/11/16/upgrading-to-postgresql-8-1 On 11/16/05, Pat Maddox <[EMAIL PROTECTED]> wrote: > I want to install the ruby-postgres binding > (ports/databases/ruby-postgres), and I've got postgres 8.1 installed > on my machine. When I do 'make install', it starts to download > postgresql-client-7.4.9, and then fails because that conflicts with > postgresql-client-8.1.0, which I have installed. I'd like to somehow > remove the dependency on 7.4.9 and compile against 8.1.0...how can I > do this? > > Thanks, > Pat > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
6.0, lighttpd not starting up on boot
I've got a 6.0 system with lighttpd installed. I have a lighttpd_enable="YES" line in /etc/rc.conf, but lighttpd doesn't start up when the machine boots. I have another machine with the same config (though apparently not exactly the same), and lighttpd starts up with it. There's nothing in the lighttpd error log, and if I use the rc script to start it up it starts fine. How do I find out why it's not starting on boot, and how do I make it start on boot? Thanks, Pat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: 6.0, lighttpd not starting up on boot
On 19 Nov 2005 08:39:19 -0500, Lowell Gilbert <[EMAIL PROTECTED]> wrote: > Pat Maddox <[EMAIL PROTECTED]> writes: > > > I've got a 6.0 system with lighttpd installed. I have a > > lighttpd_enable="YES" line in /etc/rc.conf, but lighttpd doesn't start > > up when the machine boots. I have another machine with the same > > config (though apparently not exactly the same), and lighttpd starts > > up with it. There's nothing in the lighttpd error log, and if I use > > the rc script to start it up it starts fine. How do I find out why > > it's not starting on boot, and how do I make it start on boot? > > Is it executable? > > Try putting an echo or touch command early in the script to see if > it's getting run at boot at all. > It's definitely executable..it's getting run when I run /etc/rc.d/localpkgs, so it really just makes no sense. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: 6.0, lighttpd not starting up on boot
On 19 Nov 2005 08:59:32 -0500, Lowell Gilbert <[EMAIL PROTECTED]> wrote: > Pat Maddox <[EMAIL PROTECTED]> writes: > > > On 19 Nov 2005 08:39:19 -0500, Lowell Gilbert > > <[EMAIL PROTECTED]> wrote: > > > Pat Maddox <[EMAIL PROTECTED]> writes: > > > > > > > I've got a 6.0 system with lighttpd installed. I have a > > > > lighttpd_enable="YES" line in /etc/rc.conf, but lighttpd doesn't start > > > > up when the machine boots. I have another machine with the same > > > > config (though apparently not exactly the same), and lighttpd starts > > > > up with it. There's nothing in the lighttpd error log, and if I use > > > > the rc script to start it up it starts fine. How do I find out why > > > > it's not starting on boot, and how do I make it start on boot? > > > > > > Is it executable? > > > > > > Try putting an echo or touch command early in the script to see if > > > it's getting run at boot at all. > > > > > It's definitely executable..it's getting run when I run > > /etc/rc.d/localpkgs, so it really just makes no sense. > > Well, try my suggestion anyway. > Alright, I put a touch in the rc script, and it touched the file. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
