Re: graphics tablets
Hello. 2012/01/14 07:22:09 -0600 ajtiM => To freebsd-questions@freebsd.org : a> I like to buy a Wacom Bamboo Capture graphics tablet (USB or serial if I will a> find it. I have FreeBSD 9.0-RELEASE and I use GIMP and Inkscape on KDE 4.7.3. a> Does anyone has expirience with a Bamboo Capture, please? Bamboo Fun is 'just ok' to me but: - pros use to prefer Intuos series. - it's a pretty old releng_7 series freebsd and a deprecated xorg-server-1.6.5 - recently a progress was reported here about wacom driver i didn't try out yet - I experience some non-trivial quirks able to bother someone else with such a setup -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: lighttpd + php + external mssql server
Hello. 2012/03/03 00:32:40 + Graeme Dargie => To 'freebsd-questions@freebsd.org' : GD> I am just looking for some advice or hints if anyone has a clue how to make a FreeBSD server running lighttpd + php5 connect to an instance of MS SQL 2008 R2. GD> GD> I have already installed php-extensions for mssql but when I try and run a connection from the FreeBSD server it gives a http 500 GD> The error log has this GD> 2012-03-02 18:20:09: (mod_fastcgi.c.2699) FastCGI-stderr: PHP Fatal error: Call to undefined function mssql_connect() in /usr/local/www/data/ GD> GD> Php -m shows mssql as installed. 1) Command-line php and fastcgi php are able to have a different set of extensions. Look at the phpinfo() output from your fastcgi if it has an mssql extension. 2) You may want to try an ODBTP extension for mssql connectivity which supports mssql features like 'go' clause batch runs and scroll cursors with fetching from them on the contrast to the 'traditional' dblib-based mssql php extension. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: FreeBSD Security in Multiuser Environments
Hello. 2012/03/30 22:44:16 -0300 schu...@ime.usp.br => To freebsd-questions@freebsd.org : > P.S.: If you want to attain desktop security, matters get even more > complicated. If anyone is interested, I can discuss what I did there > (basically virtual X servers and building ports as regular users). Sure I am interested. I myself try to run Xorg server in a chroot and its clients from a different jail(s) via tcp on lo0. Trouble still is I can't get my VT ttyvXs because of that strange 'console ownership' stuff. > Also, thanks for Capsicum, it sure is useful. Who is that? -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Links the command line browser
Hello. 2012/04/05 09:33:43 -0400 Fbsd8 => To FreeBSD Questions : F> My mouse works as expected for copy and paste function on the xterm F> console. But when I launch the "links" command line browser the mouse F> pointer is OVER active. I move the mouse a hair and the pointer on the F> links browser screen moves 2 inches. Is there some way in "links" to F> control the mouse pointer sensitivity? If you use www/links port from X11 then you may want to use the '-g' switch for it. It makes the links to launch in a separate x11 window without (well... mostly) problems with mouse pointer. Of course you are welcome to try the www/links-hacked port especially if that is your case. Anyway www/elinks port possess far more features for ttyvX/xterm than www/links, it's a rather nice tool, too. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: securing MySQL: easiest/best ways?
Hello. 2012/05/08 06:49:01 -0700 Paul Beard => To FreeBSD-questions : PB> Monkeying with IPv6, I discovered that globally routable addresses are what it says on the tin, so hiding behind a network appliance is not longer viable for me. An nmap scan showed the port 3306 was hanging out for all to see but I couldn't figure out how to close it off. The "--skip-networking" argument seems not to work, either in my.cnf or as an rc argument. The server just fails to start. (For some reason the socket is hard-coded to live in /tmp, regardless of what's in my.cnf but I gave up bothering about that.) How can you know for sure that your my.cnf is being taken into the account by mysqld at all? I remember some issues that made me to put a symlink /etc/my.cnf to ..//usr/local/etc/my.cnf ... PB> What I ended up doing was adding PB> PB> mysql_args="--bind-address=127.0.0.1" PB> PB> to /etc/rc.conf. This seems to work as netstat and sockstat no longer show port 3306 listening and database connections are happening. PB> PB> Is this the preferred/best way? I just think locking mysqld into the jail(4) is better. ;-) PB> Are you trying to win an argument or solve a problem? Whatever I may need. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: securing MySQL: easiest/best ways?
Hello. 2012/05/08 21:51:49 +0100 Matthew Seaman => To freebsd-questions@freebsd.org : MS> data dir shared between two servers. Keeping the configs with the data MS> does have a few advantages. I know yet another reason to do this. In common case this isn't mysql-specific. There may be a 'chroot' feature built into the daemon like mysqld that means that daemon does chroot(2) first when it is running, and the directory to chroot is the its own data directory, say, /var/db/mysql. This way it should be able to re-read its configuration file on receiving, say HUP or USR1 posix signal to chenge its settings on the fly. This is why in this particular case the configuration file must reside within the databse directory. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Address to reach human operator regarding problems with list?
Hello. 2012/05/30 10:29:18 +0100 Matthew Seaman => To Thomas Mueller : MS> On 30/05/2012 10:07, Thomas Mueller wrote: MS> The message you got about "held for moderation" is standard boiler-plate MS> from mailman, and probably not appropriate for your specific circumstances. Anyway that message should mean that there is a closed and hidden mailing list moderat...@freebsd.org and it's the where the TM's message was redirected? -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: How to indicate source directory in other than /usr/src?
Hello. 2012/05/30 07:02:11 -0400 Thomas Mueller => To freebsd-questions@freebsd.org : TM> I installed FreeBSD 9.0-BETA1 to this partition, mounted now as /BETA1, but might want to upgrade this to 10-CURRENT. Shouldn't you just chroot /BETA1? Newer FreeBSD world should be able to do the basic stuff, e. g., buildkernel, even with the kernel from the past branch. Then you can just boot your 10-current kernel and build your ports within that partition mounted as /. TM> There might have been some characters in your name that xterm couldn't understand; I need something better (mlterm?) xterm works for me in my mutt under tmux, ask me if you need to tweak locale ( I see his L char with the '/' over it in place, and the cyrilic letters in my other mail, too ) mlterm is better for asian languages; it's unlikely that European ones should be shown better in mlterm rather than in xterm. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
termcap/terminfo magicians anyone? // colors in vim
Hello. Being new from linux back in time I tried vim. It had pretty colors in linux for me like that: http://www.postimg.com/71000/photo-70938.jpg But in freebsd I have what I have: http://www.postimg.com/71000/photo-70939.jpg It 'just works' for me if I 'vim -T linux' but: - I'd like to know exact reason to be fixed other than just 'use linux' - It shows colors in ttyvX with TERM=cons25 but it has random '25h' showing up in places when I implement the actions from the begin of vimtutor. Nothing to add more yet other than ':set term=linux' doesn't work for colors that way. Thanks in advance. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: termcap/terminfo magicians anyone? // colors in vim
Hello. 2012/05/30 16:15:24 +0200 uki => Cc freebsd-questions@freebsd.org : u> Hi, u> u> things to check: u> * does the color scheme require 256 colors? is your terminal compiled u> with that feature? I think I've just recompiled x11/xterm with 256 colors it but did not check the old xterm with 256color2.pl as I use tmux... With tmux I see 8 colors, 8-colored cubes and a white ramp. Without tmux I see 16 system colors and nothing instead cubes and black ramp too. Why should I need more colors? '-T linux' is just fine with 8 colors... It even works (but badly) in ttyvX I restarted xterm after I rebuilt it, I believe no need to restart Xorg. u> * check your TERM env variable, (also try setting t_Co in vim) some u> info here: http://vim.wikia.com/wiki/256_colors_in_vim TERM is xterm in xterm and screen in tmux. What if vim takes a different colorscheme depending on its -T parameter ? At the least TERM=linux does the needed trick on vim but not on, say. 'ls -G' ... On a second look I see only 3 colors enough (+ black + white) on the what-I-need picture, they are just as bright as they should. u> cheers, u> ??ukasz Gruner u> u> u> 2012/5/30 Peter Vereshagin : u> > Hello. u> > u> > Being new from linux back in time I tried vim. It had pretty colors in linux for me like that: u> > u> > http://www.postimg.com/71000/photo-70938.jpg u> > u> > But in freebsd I have what I have: u> > u> > http://www.postimg.com/71000/photo-70939.jpg u> > u> > It 'just works' for me if I 'vim -T linux' but: u> > u> > - I'd like to know exact reason to be fixed other than just 'use linux' u> > - It shows colors in ttyvX with TERM=cons25 but it has random '25h' u> > showing up in places when I implement the actions from the begin of u> > vimtutor. u> > u> > Nothing to add more yet other than ':set term=linux' doesn't work for colors u> > that way. u> > u> > Thanks in advance. u> > u> > -- u> > Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 u> > ___ u> > freebsd-questions@freebsd.org mailing list u> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions u> > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" u> ___ u> freebsd-questions@freebsd.org mailing list u> http://lists.freebsd.org/mailman/listinfo/freebsd-questions u> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: How to indicate source directory in other than /usr/src?
Hello. 2012/05/30 17:04:42 +0400 Peter Vereshagin => To freebsd-questions@freebsd.org : PV> xterm works for me in my mutt under tmux, ask me if you need to tweak locale ( I see his L char with the '/' over it in place, and the cyrilic letters in my other mail, too ) PV> PV> mlterm is better for asian languages; it's unlikely that European ones should be shown better in mlterm rather than in xterm. I have to correct myself here: xterm-261 'just works' but not xterm-279 that is an up to date port. I have just fixed my cyrillic and pdeudo-graphics by backing off x11/xterm to '261' version. Of course I borrowed with those +/- for 'wc', 'lc', 'u8' stuff and none of them made 279 to behave the same as 261 for non-ascii. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: FreeBSD on the ASUS P8H67-M LGA1155 H67 motherboard
Hello. 2012/06/02 23:40:25 +0700 Victor Sudakov => To freebsd-questions@freebsd.org : VS> What video card would the collective mind of FreeBSD users recommend? VS> I'm not a gamer, this box runs FreeBSD only with a recent xorg, I VS> often watch movies on it. I'd try with nvidia. Any modern one has support of 'xvideo' extension with the 'driver nv' that is 'just enough' for watching movies. I've no modern hardware but the model that works good for years for me is: tnt2 agp 32M. Just the same as out of every TransNeft's trashcan around the corner these days. ;-) -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Making a bootable backup (hard)disk... how?
Hello. 2012/06/09 19:30:53 -0700 "Ronald F. Guilmette" => To Arthur Chance : RFG> Thank you Arthur, and yes, trying to back up a partition that's currently RFG> mounted r/w using dd will almost certainly not produce the desired results. You can make snapshot to back up rw-mounted volume with dd. dump(8)ing rw-mounted ufs makes a snapshot behind the scenes. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: FreeBSD 8.3 + MySQL 5.0.95
Hello. 2012/06/13 14:43:29 -0400 Simon => To Chuck Swiger : S> There is no segfault which is what usually happens when you have memory then there is the daemon's log... -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
`ls -l` shows size of file other than of the folder?
Hello. I have the directory in the file system with 2 regular files each of which is sized as 700M according to 'ls -l'. But the torrent client and 'du -s' and 'ls -l's 'total' show that the directory size is 300M. How can that be? Are there different file sizes stored on a ufs1 in their metadata? ot the least how could I see the 'real' size of each of those files, both ~150M actulally, with a system command? Thank you. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: `ls -l` shows size of file other than of the folder?
Hello. 2012/06/14 00:23:25 +0400 Peter Vereshagin => To freebsd-questions@freebsd.org: PV> ot the least how could I see the 'real' size of each of those files, both ~150M PV> actulally, with a system command? also, 'du' works that way for regular files. But implicitly I wanted about ls's key, thanks a lot guys! Kind of a very humble unadvertised feature but needed for ages in contrast from EA and ACL. Another interesting thing is that it seems to be supported by perl's stat() builtin. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Is there a way to run FreeBSD ports through port 80?
Hello. 2012/07/12 13:19:56 -0400 Lowell Gilbert => To Kaya Saman : LG> URLs as well as FTP. For ones that aren't, (and assuming the rather LG> silly security policies won't allow for an external web-based FTP proxy) LG> you may need to bring them in by offline media. I believe there should be the way of using the passive ftp (and any other protocol) via the HTTP CONNECT method to the ftp (or any other port needed for other protocol/app) port and then handling the both control and data connections through the consequent copmmands and data exhange. As far as I remember this can be done at least via the http://delegate.org software, certainly available in the ports collection. Kaya, if your http proxy handles HTTP CONNECT to the port 21/ftp this can be the workaround for you about the freebsd ports requiring ftp download ability. Most surprise for me is why no one is interested about what kind of a danger the ftp protocol can ever be? i. e. skype is much more vicious in comparison to ftp and s much harder to be restricted by a packet filter if even possoible. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: How can I disable Internet access for programs running in Wine?
Nothing to do oh, freebsd-questions stay in bat! 2011/02/25 01:07:58 -0800 erikmccaskey64 => To freebsd : e> I just can find any solution... I was sure that ipfw can select packets by process name? at least there are pf and ipf options out there... You can always use jail(4) in conjunction with the separate IP address, like tap(4) or lo(4) whic can be aliased. Then you can provide any kind of internet access for your wine-drunk jail environment ;-) Oh, and... you can use the / as a root for your jail. You need to restrict the access of the application(s) to your internet interface(s) only, right? 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
'Fast' fsck -p coredumps on GPT volume?
Hey freebsd-questions don't wanna cause you pain but the big boys feel no sorrow! I have fsck -p -y coredump on every cold reboot. The only unusual things to cause this are: it's a GPT volume and the nullfs is used extensively. I think this is because of the the GPT because I can't geom_label on that UFS1+J volume, but I can use geom_label on an 'unjournalled' ad1p4 partition. Of course I use geom_label for / and it has no journal. The setup is: $ uname -a FreeBSD screwed.box 7.4-PRERELEASE FreeBSD 7.4-PRERELEASE #8: Thu Feb 17 13:03:24 MSK 2011 t...@screwed.box:/usr/local/obj/usr/local/src/sys/JUICY i386 # fdisk /dev/ad1 *** Working on device /dev/ad1 *** parameters extracted from in-core disklabel are: cylinders=155061 heads=16 sectors/track=63 (1008 blks/cyl) Figures below won't work with BIOS for partitions not in cyl 1 parameters to be used for BIOS calculations are: cylinders=155061 heads=16 sectors/track=63 (1008 blks/cyl) Media sector size is 512 Warning: BIOS sector numbering starts with sector 1 Information from DOS bootblock is: The data for partition 1 is: sysid 238 (0xee),(EFI GPT) start 1, size 156301487 (76319 Meg), flag 80 (active) beg: cyl 0/ head 1/ sector 1; end: cyl 1023/ head 255/ sector 63 The data for partition 2 is: The data for partition 3 is: The data for partition 4 is: # gpart show ad1 => 34 156301421 ad1 GPT (75G) 341281 freebsd-boot (64K) 16229997292 freebsd-ufs (1.4G) 29998917003 freebsd-swap (3.3G) 891 1463015644 freebsd-ufs (70G) # gjournal list Geom name: gjournal 1645160533 ID: 1645160533 Providers: 1. Name: ad1p4.journal Mediasize: 73832658432 (69G) Sectorsize: 512 Mode: r1w1e1 Consumers: 1. Name: ad1p4 Mediasize: 74906400768 (70G) Sectorsize: 512 Mode: r1w1e1 Jend: 74906400256 Jstart: 73832658432 Role: Data,Journal # dumpfs -m /usr/local # newfs command for /usr/local (/dev/ad1p4.journal) newfs -L mess00 -O 1 -a 16 -b 8192 -d 8192 -e 1024 -f 1024 -g 16384 -h 128 -m 8 -o time -s 144168960 /dev/ad1p4.journal # df -hi /usr/local FilesystemSizeUsed Avail Capacity iused ifree %iused Mounted on /dev/ad1p4.journal 67G 58G3.1G95%2.0M 16M 11% /usr/local # wc -l < /etc/fstab 242 so it's enough to know that ad1p4.journal is an /usr/local. Should I place /tmp on a different volume for 'fast' fsck -p feature? It's a symlink by now: tmp -> var/tmp and var -> /usr/local/var I see nothing I can use for a guess about a fsck_ufs segfault. The dumps and a core are there: http://119out.smtp.ru/kdump.out http://119out.smtp.ru/ktrace.out http://119out.smtp.ru/truss.out http://119out.smtp.ru/_fsck_ufs.core.gz The cold reboot is caused by cpu overheating and I'm absolutely sure of other parts of hardware, especially the HDD. I just made a cpu more silent ( and sometimes hot ). But typically it happens when sound outputs from the c-media built-in. fsck -y has no problems and lost+founds are typically only a few inodes, may be 5. I tried with unionfs on a volume in a past but I believe I wiped the whiteouts out since then. The only fsck -p passed I saw after cold reboot were when I believe all of the files open on that volume were open read-only. Many thanks for any hints, clues and ideas on all of that. Should I file a PR better? 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
install pc-bsd into a jail?
We can live forever looking to my eyes, freebsd-questions! I can install world into a jail as it is spelled in jail(2). I can install freebsd as a binary from dvd as I can use its install.sh How could I install a binary pcbsd from dvd into a jail? Thank you. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Gui CD soft recommend
I know St. Peter won't call your name, freebsd-questions! 2011/03/30 22:00:14 +0100 Graham Bentley => To freebsd-questions@freebsd.org : GB> Which GUI CD writing software can you recommend [less dependencies = better] tkdvd should use it patched for -joliet-long ever. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: graphical representation of `du`
Nobody knows that you're in for that, freebsd-questions!
2011/04/05 04:12:40 +0400 Австин Ким => To
freebsd-questions@freebsd.org :
> Sun, 3 Apr 2011 20:57:24 +0100 письмо от Chris Rees :
>
> > On 3 April 2011 20:26, Австин Ким wrote:
> > > Sun, 03 Apr 2011 12:01:24 +0200 письмо от David Demelier
> > :
> > >
> > >> On 02/04/2011 19:30, Chris Rees wrote:
> > >> > On 2 April 2011 18:22, Chris Rees wrote:
> > >> >> On 2 April 2011 18:07, Mike Jeays wrote:
> > >> >>> On Sat, 2 Apr 2011 17:15:04 +0100
> > >> >>> Chris Rees wrote:
> > >> >>>
> > >> du -h . | awk '{a[i++]=$0} END {for (j=i-1; j>=0;) print a[j--] }' |
> > >> awk '{print($2" ["$1"]");}' | sed -e 's,[^-][^/]*/,--,g' -e 's,^,|,'
> > >> >>>
> > >> >>>
> > >> >>> I confess to being impressed...
> > >> >>>
> > >> >>
> > >> >> Yeah, but perhaps I should have used sed instead of the second awk;
> > >> >> fewer processes:
> > >> >>
> > >> >> du -h | awk '{a[i++]=$0} END {for (j=i-1; j>=0;) print a[j--] }' | sed
> > >> >> -e
> > >> >> 's,^[^1-9]*\([^___CTRL-V+TAB__]*\)CTRL-V+TAB_*\(.*\)$,\2
> > >> >> \[\1\],;s,[^-][^/]*/,--,g;s,^,|,'
> > >> >>
> > >> >> That does exactly the same -- where I've put CTRL-V+TAB__ you
> > >> >> have to type Ctrl-V, then a literal [::tab::] key; BSD sed doesn't do
> > >> >> \t.
> > >> >>
> > >> >> Chris
> > >> >>
> > >> >
> > >> > Final version:
> > >> >
> > >> > http://www.bayofrum.net/~crees/graphical_du.sh
> > >> >
> > >> > Maybe I should port it...
> > >> >
> > >>
> > >> Thanks! This rocks! :-)
> > >>
> > >
> > > What a fun thread :)
> > >
> > > Here's my two cents, written as an sh(1) function that you can tack on to
> > the end of your .profile or .shrc:
> > > (Caveats: I'm writing this on a Mac OS X machine, not on a FreeBSD
> > > machine,
> > at the moment, but hopefully this'll still work.
> > > Also, the following will mess up if you have directories whose names begin
> > with "|".)
> > >
> > > # dg: `du--graphical'
> > > # Usage: dg [dir ...]
> > > # Based on script by Chris Rees
> > > # 1459 Sunday, 3 April 2011
> > >
> > > dg ( ) {
> > > du -h "$@" |
> > > awk '{FS="\t"; print $2"\t["$1"]"}' |
> > > sort |
> > > sed -e 's:[^/]*/:| :g' -e 's:\(^\(| \)*\)| \([^|].*\):\1+-\3:'
> > > return
> > > }
> >
> > I used the awk a[i++]=$0} END {for (j=i-1; j>=0;) print a[j--] etc to
> > reverse the order, rather than alphabetise it because it's quicker:
> >
> > $ du -h . | time sort >/dev/null 2>time
> > $ cat time
> > 8.17 real 0.03 user 0.00 sys
> > $ du -h . | time awk '{a[i++]=$2} END { for (j=i-1; j>=0;) print
> > a[j--] }' >/dev/null 2>time2
> > $ cat time2
> > 7.77 real 0.14 user 0.00 sys
> >
> > YMMV of course!
> >
> > Chris
>
> I can't argue with that. If you're a sysadmin and are managing a large
> system,
> the sort could take some time. On the other hand, there are times when a sort
> might be useful. Then again, you could always just comment that line out :)
>
> Which reminds me, my sort line above may not sort intuitively in the case
> where
> directory names contain characters that precede / in the ASCII character set;
> for example, "mydir-old" sorts before "mydir/" in ASCII. A quick kludge is to
> translate slashes into, oh I don't know, say carriage returns before the sort,
> and then translate them back after the sort, as is done below. An inelegant
> and inefficient solution, but it works. However, I'm going out on a limb by
> assuming users won't be running this script under MS-DOS, where this kludge
> wouldn't work.
>
> Another problem with my script above is that in some cases, if you run it on
> multiple arguments, e. g., "dg dir1/subdir dir2/subdir," you can't tell from
> the output to which parent directory the subdirectory refers; to deal with
> this problem, the revised version below runs du on each argument one at a
> time.
> However, I ended up having to duplicate the main command in the script (once
> for "dg" with arguments, and once without), 'cause I'm not clever enough to
> figure out a way to combine the two cases into one in time to post this.
>
> I also had a redundant [^|] in the sed expression which I took out; it
> shouldn't be necessary, although the script will still mess up if any
> directory
> names start with "| ".
>
> Finally, the revised version is repackaged as a proper sh(1) script like your
> original script rather than as a function, to make it independent of a user's
> particular shell. Obviously further variations and improvements could be
> made.
>
> Again I'm away from my FreeBSD machine and am writing this on a Mac OS X
> machine; hopefully I didn't break anything.
>
> #!/bin/sh
> #
> # dg: `du--graphical'
> # Usage: dg [dir ...]
> #
> # Based on script by Chris Rees
> # 1459 Sunday, 3 April 2011
> #
> # Modified: 1900 Monday, 4 April 2011
>
> if [ "$1" ]
>then for i in "$@"
> do if [ "$2" ]
> then echo
>
Re: graphical representation of `du`
Nobody knows that you're in for that, freebsd-questions! 2011/04/06 20:34:42 +0100 Chris Rees => To Peter Vereshagin : CR> > Again, why don't you guys just use perl to provide a graphical du? I believe CR> > perl is just present on every freebsd machine where graphical du is needed. CR> Why on Earth would you use Perl when a simple awk script will do??? Me? I personally find Perl more usable. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Piping find into tar...
Wake me up when September ends, freebsd-questions! 2011/05/04 01:25:39 -0600 Modulok => To FreeBSD Questions : M> find -E . '.*\.txt$' -print | tar -cjf result.tgz xargs(1) ? 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Limitting SSH access
Wake me up when September ends, freebsd-questions! 2011/05/04 16:47:33 +0100 Chris Rees => To krad : CR> > > > > Is it possible to limit the SSH access? CR> > > Regarding ssh login, I usually use "rbash" from the ports, that CR> restricts CR> Or you could have a special /bin-restricted that you nullfs mount into CR> ~userN/bin. I personally should like to have a quick recipe on how to create such a limited set of binaries ( libraries, mans, etc., each mounted with nullfs read-only to every such a user's home ) from the 'world' build. Some options like the rsync I consider to be a must in some cases so this should include the ports availability, isn't it? 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: restricted ssh shell for ruby on rails hosting ? (rake, git, etc.)
Nobody knows that you're in for that, freebsd-questions! 2011/05/09 17:02:06 +0200 Olivier Mueller => To FreeBSD Questions : OM> but one of the thing I would like to prevent is for example accessing OM> some files like /etc/passwd (= listing all other customers domains in OM> this specific case). I learned about the chroot option for some new flavor of sshd recently, probably the chroot dir is capable to be assigned per user. With proper nullfs plugging software features like binaries, libs and cron variables into every such a directory for every such a user this should do the trick. OM> Other things would be: OM> - prevent the launch of daemons (-> screen, irssi, bots, etc.) -> ? This particular should be achieved by mean of time-related ulimit capabilities in login.conf(5)? If for ports to listen, the restrictions should be made via mac(3) to restrict the certain system call, e. g., listen() for particular system instances, e. g., users? 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: start X in background without it taking over the console?
God love is hard to find. You got lucky freebsd-questions! 2011/05/11 05:37:56 -0700 Bill Tillman => To freebsd-questions@freebsd.org : BT> > I already do... I'm want to automate it. Every other virtual screen BT> I'm watching this thread with interest. Me too. But I have another kind of interest. I use to run X like this: https://gist.github.com/651700 This means fork process, wait X server to start and then run client(s). In certain situations the terminal processes start to consume all the CPU while doing nothing. I'd like to have a way to start X without respawn from a line on a /etc/ttys in a background fork and then start its clients from another jail(s). I can do this currently only without ttys to start, blocking /etc/rc to proceed before ttys to start. But I'd like to have Alt+Fn functionality among with my X11, too. I can get that only by means of switching to ttyv0 and then interrupting that perl script by ^C. And losing my X session thereafter. CPU consumption situation in question can happen here and there, and not always can be solved by mean of 'script -qt0 dev/null cmd' hack. This includes tmux/screen first of all. Of course I use this script(1) feature on both ssh client and ssh server side. ( ssh is not about X11 forwarding but about to set DISPLAY and run X client app ). Thanks much for any clue. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Install ImageMagick configured with Autotrace switch
Concrete jungle, oh freebsd-questions, you've got to do your best... 2011/05/22 10:43:52 -0700 Angelo => To freebsd-questions@freebsd.org : A> I am trying to install ImageMagick and Autotrace ports but I need to A> configure Imagemagick to work with Autotrace so it processes raster images A> to the vector svg format properly. A> A> This is what is recommended from the imagemagick website to do, but I don't A> know the commands to type in freebsd to accomplish: Quote: "For this to work A> however the 'development' "AutoTrace" library must be installed, and IM A> configured with a "--with-autotrace" switch. You'd better tweak the graphics/ImageMagick port for this. Its Makefile should have the 'CONFIGURE_ARGS =+' -like strings you can use as a sample for the WITH_* option you can easily add. Be sure to include the DEPENDS variable update for your library, too. Feel free to submit patch for that port then. The dependence library port should be already present on the ports tree, too. A> So do I install with "make --with-autotrace" then "make A> install --with-autotrace" and lastly "make clean"? This is about ImageMagick's ./configure I think. A> I already have ImageMagick and Autotrace installed but not configured A> together so I'm assuming I will have to uninstall imagemagick first then A> reinstall it with the autotrace switch? uninstall and compile anew, 'make clean' is the best to ensure this before 'make'. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: perl5.12 -> perl5.14 upgrade problem
You're face to face with man who sold the world, freebsd-questions! 2011/06/01 17:31:13 +0200 n dhert => To freebsd-questions@freebsd.org : nd> # portupgrade -fr perl nd> make: don't know how to make nd> /usr/local/lib/perl5/5.14.0/mach/CORE/cc_runtime.h. nd> Stop nd> checking for XML::Parser... configure: error: XML::Parser perl module is nd> required for intltool nd> I DO NOT have a file /usr/local/lib/perl5/5.14.0/mach/CORE/cc_runtime.h nd> in the /usr/local/lib/perl5/5.14.0/mach/CORE directory perl-after-upgrade(1) ? 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: hmph, one lesson self-caught...
You can't take no for an answer, freebsd-questions! 2011/06/11 19:47:43 -0700 Gary Kline => To FreeBSD Mailing List : GK> About a minute ago I learned that you cannot have a ### comment GK> _following_ the LoadModule lines in /usr/local/etc/apache22/httpd.conf in the upcoming release of www/p5-FCGI-Spawn I will have mod_perl simulation feature enabled by default... 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Extract particular date snapshot from /var/db/portsnap?
You can't take no for an answer, freebsd-questions! How can I extract an 'old' snapshot from portsnap database? Does it keep them? Does portsnap keep snapshots fetched previously? Suppose I need the particular port or the whole tree as of the specified date and time? Or, if I need the particular version of the specified port and optionally the ports tree that corresponds it? Thank you. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Extract particular date snapshot from /var/db/portsnap?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 You can't take no for an answer, freebsd-questions! 2011/06/14 17:17:39 -0700 Chuck Swiger => To Peter Vereshagin : CS> > Does it keep them? Does portsnap keep snapshots fetched previously? CS> As far as I can tell, you can't. But on every 'portsnap fetch' it tells it downloads a new stuff and doesn't tell it deletes the old? - From what I see in /var/db/portsnap/files/ it keeps every file it had ever downloaded: they all have different times. So it's just a feature that is missing yet from portsnap? or it's never possible by a portsnap's (storage) design which I believe is rather simple? Should it be possible to delete every file newer than the date of my preference and just (something like) 'portsnap extract' then from that storage? CS> > Suppose I need the particular port or the whole tree as of the specified date CS> > and time? Or, if I need the particular version of the specified port and optionally the CS> > ports tree that corresponds it? CS> CS> Update the ports tree using cvs/csup, which do support updating to a particular date. I'd prefer svn/p4 for this if I did. Not a big deal though. ;-) 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) - -- http://vereshagin.org -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.16 (FreeBSD) iEYEARECAAYFAk33/hgACgkQDOFKrKDiZifOZQCfR0IsHSFXML60Pwj7UFhEVWCD E5EAoPglLDjpG72UfSIwIdyWKQ74HGlc =wxV+ -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Extract particular date snapshot from /var/db/portsnap?
You can't take no for an answer, freebsd-questions! 2011/06/14 20:59:33 -0400 Greg Larkin => To Peter Vereshagin : GL> > How can I extract an 'old' snapshot from portsnap database? GL> > Does it keep them? Does portsnap keep snapshots fetched previously? GL> > GL> > Suppose I need the particular port or the whole tree as of the specified date GL> > and time? GL> > Or, if I need the particular version of the specified port and optionally the GL> > ports tree that corresponds it? GL> > GL> > Thank you. GL> GL> Hi Peter, GL> GL> You can fetch a ports tree as of specific date like so: GL> GL> cvs -d :ext:anon...@anoncvs1.freebsd.org:/home/ncvs export -D 2010-10-01 GL> -d ports-2010-10-01 ports GL> GL> In this example, I am exporting (no CVS metadata dirs) a full ports tree GL> as of Oct 1st, 2010 into the directory "ports-2010-10-01". Sure, I know I can do it with (x)VCS. I'd like an offline solution as it can be faster for me than to go and turn my big internet switch on ;-) Looking at the portsnap storage I see no mission impossible about it. It was an empirical part of my question. Having a port for the distfile I have from half a year ago and knowledge it is stored somewhere in /var/db/portsnap is a practical part of my question. I just need no internet connection to get the port from VCS if I can have the new distfile instead, so it's no much useful to use VCS for this case ;-) GL> You can keep many different dated copies of the ports tree, and you can GL> also fetch portions of it as of a specific date if you specify a more GL> complete module name, e.g. ports/lang/gcc45. But hell yes, having VCS before such a situation to happen is good. "Just if we knew before ..." From the first glance at the what the portsnap is it looks promising it's certainly a natural matter for it: ports snapshots management. For example, the file system snapshots are very useful for that same purpose I describe here, why ports snapshots should not? 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Extract particular date snapshot from /var/db/portsnap?
You can't take no for an answer, freebsd-questions! 2011/06/15 08:51:22 +0100 RW => To freebsd-questions@freebsd.org : R> > - From what I see in /var/db/portsnap/files/ it keeps every file it R> > had ever downloaded: they all have different times. R> R> It doesn't, it's a snapshot. The timestamps just reflect the last time R> each particular object was updated. Hmm... looks like only a current ports state is kept in those tars: $ tar -ztf /var/db/portsnap/files/12312e0e54a707a22613b0394a976c9d2044e98728b51c592d6e9a42c989300c.gz Makefile distinfo pkg-descr pkg-plist such a single '.gz' extension was a false hint to me those are diffs. Thanks all. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: free sco unix
You can't take no for an answer, freebsd-questions! 2011/06/15 17:08:31 -0400 Chris Brennan => To Thomas Hansen : CB> FreeBSD is a UNIX-like clone, which is indeed free, whereas UNIX is CB> still the proprietary property of AT&T/Bell Labs. unix is a trademark of novell.com. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: free sco unix
You can't take no for an answer, freebsd-questions! 2011/06/16 14:22:43 +0100 Matthew Seaman => To freebsd-questions@freebsd.org : MS> > CB> FreeBSD is a UNIX-like clone, which is indeed free, whereas UNIX is MS> > CB> still the proprietary property of AT&T/Bell Labs. MS> > MS> > unix is a trademark of novell.com. MS> MS> Unix (note capitalization) is actually a trademark of the Open Group: MS> http://www.unix.org/ But not of AT&T/Bell Labs. MS> It's been owned by them for more than ten years, but it was passed MS> around between various owners quite a bit before that. There should be a difference recognized between "own a Unix trademark" by http://www.unix.org/trademark.html and "ownership of the Unix copyrights" by http://www.groklaw.net/article.php?story=20100330152829622 where I'm pass. Lawyers are so lawyers ;-) 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: free sco unix
You can't take no for an answer, freebsd-questions! 2011/06/16 10:06:42 -0400 Robert Simmons => To freebsd-questions@freebsd.org : RS> I think the confusion that you all are having is between the idea of RS> "copyright" and "trademark". They are different. Copyright applies to the As I suspected ;-) RS> So, if you wanted to call your software "UNIX" you would need to contact Open RS> Group and make sure that your software licences the trademark, and complies This will require some efforts from Open Group. Does FreeBSD Foundation pay for that? RS> with the standard. If you want to use the source code of UNIX itself, you RS> would license that from Attachmate. So nobody knows if Lunus will once upon a time split Linux code from himself de jure as he did de facto nowadays and just have an income from such a regular trademark sales from, say, Linux Foundation, Attachmate, etc.? 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: free sco unix
You can't take no for an answer, freebsd-questions! 2011/06/16 11:54:05 -0400 Robert Simmons => To freebsd-questions@freebsd.org : RS> http://en.wikipedia.org/wiki/Copyright RS> http://en.wikipedia.org/wiki/Trademark I'll surely will when I'll have some to trade ;-) RS> Copyright pertains to the source code. Trademark pertains to the use of RS> signs, symbols, names, logos, etc. Source code itself can have 'signs, symbols, names, logos, etc.' and consist in terms of its usability of them, doesn't it just use to? 'signs, symbols, names, logos, etc.' same way can have their source code and consist in terms of their usability of it, doesn't they just use to? Such a relationships system will just ruin into ashes droven by such a kinds of the internal controversions. Murphy's rule for that case is: all of that will happen just in time I'll be ready to use it. Don't just make this moment come sooner with my understanding. ;-) 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: free sco unix
You can't take no for an answer, freebsd-questions! 2011/06/16 13:36:32 -0400 Daniel Staal => To freebsd-questions@freebsd.org : DS> > RS> Copyright pertains to the source code. Trademark pertains to the use DS> > of DS> > RS> signs, symbols, names, logos, etc. DS> > DS> > Source code itself can have 'signs, symbols, names, logos, etc.' and DS> > consist in terms of its usability of them, doesn't it just use to? DS> > 'signs, symbols, names, logos, etc.' same way can have their source code DS> > and consist in terms of their usability of it, doesn't they just use to? DS> DS> Trademark is for 'this is made by me. I put my name on it.' Copyright is DS> for the content of a book/speech/whatever. But both are just words/phrases, right? How one can be sure the trademark is allowed to copy? It is a thing to be created. How one can be sure the copyrighted work itself is not a trademark? It can be that strange word the one suggested to rebrand Linux in this thread. Of course it doesn't sound to be a trademark yet so right now I can restrict its copyright. But years later it may happen to be a recognized brand and to be a trademark, right? ;-) There should be a threshold of "up to N bytes/characters it is a trademark, but more than it it is a work to be copyrighted', right? DS> 'Trademark' is a _maker's mark._ The point is not encouraging the DS> creation of works (like copyright): The point is so that a maker/seller so 'Trademark' is ought to be nothing creative? But companies use to spend a lots to invent them... DS> can build a reputation with their customers. DS> DS> They are very different in terms, uses, and requirements. In theory it is DS> possible to hold both a trademark and a copyright on the same thing, but DS> it is hard. (You will likely fail applicability tests for one or the DS> other.) It is of course possible to put a trademark on something you've DS> copyrighted, so people know who created it. DS> DS> Daniel T. Staal DS> DS> --- DS> This email copyright the author. Unless otherwise noted, you DS> are expressly allowed to retransmit, quote, or otherwise use DS> the contents for non-commercial purposes. This copyright will DS> expire 5 years after the author's death, or in 30 years, DS> whichever is longer, unless such a period is in excess of DS> local copyright law. DS> --- DS> DS> ___ DS> freebsd-questions@freebsd.org mailing list DS> http://lists.freebsd.org/mailman/listinfo/freebsd-questions DS> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: free sco unix
You can't take no for an answer, freebsd-questions! 2011/06/16 12:46:20 -0600 Chad Perrin => To freebsd-questions@freebsd.org : CP> > But both are just words/phrases, right? CP> CP> Here's an example of the difference: Good example, it's on-topic ;-) CP> UNIX, the name, is a trademark. We can use it all we like here, speaking Do we need a license to use it? ;-) CP> about the UNIX trademark, its applicability, who owns the trademark, and CP> so on. We just can't claim *we* own it, misapply it to things to which So it's just enough to reserve a copyright on this word usage and we will have just another reason why we can't claim we own it ;-) Sorry my confusion, it's just a new thing to me and it seems as absurd as those ideas. CP> it does not legally apply, and so on (subject to some fair use CP> exceptions, such as parodies). CP> CP> The source code of a closed source UNIX operating system such as HP-UX is CP> not trademarked, because it is not an identifying mark. Because it is CP> subject to copyright, if one of us has legally gained access to it, we CP> cannot just post it all in its entirety to the mailing list (assuming CP> that posting that much source to the list wasn't a problem in and of CP> itself) without violating copyright laws of most industrialized CP> countries -- regardless of what we said about it. CP> CP> The difference is that trademarks are used to identify some entity and CP> its creations, while copyrights are used to censor the redistribution of CP> creations themselves. CP> CP> -- CP> Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: free sco unix
You can't take no for an answer, freebsd-questions! 2011/06/16 12:30:07 -0600 Chad Perrin => To freebsd-questions@freebsd.org : CP> * The UNIX source code's copyright is held by . . . damn. It keeps I always told this name is a kind of Black Label. Companies to hold it use to meet fatal troubles, even if it's not a trademark ownership, e. g., in the case of Sun. CP> For any of the above to be called UNIX, it must meet the Open Group's CP> certification standards and (more importantly) have some certification CP> fee paid, as I understand it. I believe Linus, on some stage, wouldn't refuse to certify his 'minix clone' in the case it was for free. In his 'Just for fun' he tells he was following by Solaris specs, so the well-known truth he started it from scratch may appear to be not the all the truth in terms of legacy? Anyway the price of 'unix certification' service from the open group seem to be deeper than I can challenge, is it normal? Meanwhile, the same thing from LMI, the 'sublicensing' of the trademarks, even up to internet domains required in certain cases, seem to be paid in certain cases but there is no price I can find. What a dark forest is all that legal thing... 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: free sco unix
You can't take no for an answer, freebsd-questions! 2011/06/16 18:20:43 -0400 Daniel Staal => To Peter Vereshagin : DS> > CP> UNIX, the name, is a trademark. We can use it all we like here, DS> > speaking DS> > DS> > Do we need a license to use it? ;-) DS> DS> According to what I recall of my 'business law for managers' classes: As DS> long as we don't claim we own it, And does FreeBSD Foundation own its FreeBSD UNIX then? If it does, did it pay for it? Does it certify its FreeBSD as a UNIX and how much does it pay? > and only *referring* to the company who DS> does or it's products, no. It's an identifying mark: You can use it to DS> identify. No, I can't. I use 2 things: paper ID and a face. The difference is those are not the set of the bytes. But both the trademark and a copyrighted mnaterial are. Well, use to be. Is there a way to define what set of bytes can (or not) be the identification and/or copyrighted material? I supposed the length can be such a criteria, no? DS> I don't need a license to talk about Peter Vershagain, as long as I don't DS> claim that *I* am Peter Vershagain. ;) But who knows if you really are. I'm not, for example. ;) If you claim that you are, and I claim that I am not, which of us is presumed to prove the own point? DS> If I wanted to say that something I was selling was something you had made DS> or endorsed, I'd want to pay you for a licence to use your name in that DS> context. How is it possible to sell the what you do not have? And if you have it that means you hold it and it means you own it. For example, you can pass that as an inheritance and change that something according to your needs. Isn't it what the ownership is, by definition? DS> Your name isn't copyrighted: Anyone can copy it. But we can't *claim* it. Or what? Is my name that bad that we can't claim it? Is your name that same bad? what's the matter about my name, anyway? DS> > CP> about the UNIX trademark, its applicability, who owns the trademark, DS> > and CP> so on. We just can't claim *we* own it, misapply it to things to DS> > which DS> > DS> > So it's just enough to reserve a copyright on this word usage and we will DS> > have just another reason why we can't claim we own it ;-) DS> > DS> > Sorry my confusion, it's just a new thing to me and it seems as absurd as DS> > those ideas. DS> DS> It's extremely hard to claim a copyright on a single word: You have to meet DS> an orgininality requirement that a single word is going to have trouble DS> meeting. I believe Unix was such a word in 19[67]0s? How about that same 'Morphtkdlfgjfjdsksjfnmvmdkedkfjgjg' from this thread? is it? How much the trouble must it be? What units it can be measured? For example, no any monkey of those performing typewriters theorem: http://en.wikipedia.org/wiki/Infinite_monkey_theorem no any single monkey of them I believe shall not have any trouble at all with a task? DS> A longer work, a story or a section of code, is much more original, so you DS> can take out a copyright on it. But in scientific world, the cases are known when the whole theorems are being invented simultaneously. 'story or a section of code' is a somewhat less original. How much longer such a work must be? For example redskin Indians may had the one word or at least very few of them to mean the whole speech. There are many modern languages I believe with a very long words. German probably isn't the best instance to showcast but is a good hint. Why me again? I know I can not take out any right like this because it's never implemented in terms of reality for any single regular someone, although it's not a fiction for the big organizations but a nice tool to point and shoot. > This means you have the right to say who DS> can and cannot make copies. (Mostly cannot...) It's just a matter of a freedom to speech to me. And to everyone else I believe. > But if you give someone DS> the right to make a copy, they still can't say that *you* made that copy. Do you mean anyone cares about who exactly handmade everyday cosumerics? I mean why anyone should just care about who made the copy of the bytes from one place to another? This can be a machine, or a network of them, without any human intervention, by themselves. And they even can belong to absolutely nobody. Why not? DS> (But they must say that the words are yours, unless you've given them the DS> right to do otherwise.) Words themselves --- aren't they a national property? Those are my in the exact moment I use them, but it's only the right to use them, not the ownership, right? DS> (And note that a pure list of facts can't be copyrigh
Re: pw buggy behaviour
I feel summer creepin' in and I'm tired of this town again, freebsd-questions! 2011/06/20 13:37:13 +0300 Коньков Евгений => To Коньков Евгений : > КЕ> #cat /etc/master.passwd | grep quagga > КЕ> quagga:*:101:101::0:0:Quagga > КЕ> # pw user show quagga > КЕ> pw: no such user `quagga' > > the command > pwd_mkdb /etc/master.passwd > > resolves the problem, but why this happen is strange... This is because FreeBSD reads its users from /etc/pwddb* database 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: ZFS on root and "find" performance
I feel summer creepin' in and I'm tired of this town again, freebsd-questions! 2011/06/23 03:56:07 -0700 Andrew Moran => To freebsd-questions@freebsd.org : AM> AM> Is anyone else running zfs on root and running into very slow finds? The /etc/periodic/daily/450.status-security can take over a noisy HD thrashing hour to finish, the culprit being the find that crawls the filesystem. I was doing, too. I believe zfs requires 4+ GB RAM and 4+ CPUs (or cores) and 1+ TB of storage space to be useful. AM> I'm hoping there is some I'm not sure if there if some simple zfs tuning I need to do to improve the performance on this. I'm looking for what others use for their ZFS settings. But SGI's XFS requires nothing like that, although it is not fully supported on FreeBSD but on those systems it is being designed fpr it requires no tuning for the performance of the any kind of acceptance. I think UFS is still a rather choice for many old machines for which FreeBSD is a competent option for. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
perl modules included in core perl distribution dupe the portinstalled ones
Concrete jungle, oh freebsd-questions, you've got to do your best... I'm sorry I put this not into the -perl@ list because there are too many robots there. As far as I see the secondary major number change of the perl version can lead the user to the strange situations as more and more modules are being included into the perl distrinution itself. Combined with the previously installed version from ports they don't seem to be taken care of even by perl-after-upgrade(1). I've just struggled with the recurring problem of (dualvar|weaken|etc) 'is only available with the XS version of Scalar::Util' with a kind of a very simple solution of pkg_delete of p5-Scalar-List-Utils for perl5.14. By far there is a lot of such a modules, next aforeknown is CGI.pm. Although it's not an XS module to make such a size of a trouble but I'm pretty sure there are the ones there. Is it a known thing for me to quickly detect those duplicate modules packages and delete tthem and fix the packages dependent on them or it's a stuff to be made yet? Thank you. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Tool to show the recent disk space consumers?
God love is hard to find. You got lucky freebsd-questions! 2011/07/05 12:37:11 -0700 Yuri => To FreeBSD Questions : Y> I hit this problem periodically when a lot of disk space is gone and Y> it's hard to tell where did it go. Once it was thunderbird writing huge I think you can create a file system snapshots periodically and compare states thereafter at the any moment you wish... Y> index file as a consequence of some bug, on another occasion it was the Y> bug in KDE writing some huge index somewhere in ~/.kde4. Y> Y> Is there a tool slowly indexing the file system and showing where Y> exactly did the sudden growth of consumed space occur? Y> Y> I know about du(1) but I am looking for some program that can detect the Y> dynamics and pinpoint the offending files. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Perl Problem After Upgrade to 5.12.4
God love is hard to find. You got lucky freebsd-questions! 2011/07/06 10:01:21 -0500 Tim Daneliuk => To FreeBSD Mailing List : TD> ===> p5-Module-Build-0.3800_1 depends on package: p5-Parse-CPAN-Meta>=1.44.01 - found TD> ! Parse::CPAN::Meta (1.40) is installed, but we need version >= 1.4401 if you use to updatedb(8) try to search for dupes: locate Parse/CPAN/Meta.pm If there is no dupes, look at the $VERSION inside that module 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: What is xz ?
Hey Mr(s) freebsd-questions show some good to me! 2011/07/17 23:08:16 -0400 "ill...@gmail.com" => To freebsd-questions@freebsd.org : igc> (Should be under contrib/xz ) archivers/xz 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Lennart Poettering: BSD Isn't Relevant Anymore
Hey Mr(s) freebsd-questions show some good to me! 2011/07/18 03:49:59 -0500 Adam Vande More => To C. Bergstr?m : AVM> We all wish a lot of things. One of mine would be that people shouldn't AVM> have strong opinions on subjects they know little to nothing about. It's about me too, but I'm interested if this thread is about that too: http://www.daemonology.net/freebsd-on-ec2/ http://www.daemonology.net/blog/2011-07-08-FreeBSD-on-EC2-via-defenestration.html (= 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Lennart Poettering: BSD Isn't Relevant Anymore
Hey Mr(s) freebsd-questions show some good to me! 2011/07/18 07:50:41 -0400 Aryeh Friedman => To FreeBSD : AF> > version number every 18 months +/-. I have two new laptops ion front of AF> > me that I cannot use FBSD on simply because they don't support the AF> > wireless (N class obviously) installed in them. Are there external options like usb wi-fi adapters? About a cost analysis: you may think about 4front guys to be stupid enough to pay that much for their OSS drivers development? 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Lennart Poettering: BSD Isn't Relevant Anymore
Hey Mr(s) freebsd-questions show some good to me! 2011/07/18 12:26:08 -0700 Bill Tillman => To freebsd-questions@freebsd.org : BT> BT> BT> From: "per...@pluto.rain.com" BT> To: jri...@gmail.com; cbergst...@pathscale.com BT> Cc: freebsd-questions@freebsd.org BT> Sent: Mon, July 18, 2011 9:05:47 AM BT> Subject: Re: Lennart Poettering: BSD Isn't Relevant Anymore BT> BT> Joshua Isom wrote: BT> > On 7/17/2011 6:16 PM, Mario Lobo wrote: BT> > > On Sunday 17 July 2011 10:13:13 C. Bergstr??m wrote: BT> > >> I hope gnome does [go Linux-only].. Maybe then more BT> > >> people would forget about it and focus on making KDE better ;) BT> ... BT> > What about enlightenment? BT> BT> For us old-timers :) BT> BT> What's the advantage of any of these "desktop environments" (Gnome, BT> KDE, enlightenment, Xfce) over ordinary X11 with (say) FVWM2 or TWM? BT> Certainly there are some useful apps that, for better or worse, are BT> built with gtk or the KDE toolkit, but what does the full-blown BT> environment really contribute (other than bloat)? BT> BT> I'm with you on this one. My FreeBSD servers are SERVERS and I don't need a gui BT> to be efficient and reliable with them. And when I do occassionally go with a BT> FreeBSD for my desktop I don't need all the bloat of GNOME or KDE. I have used BT> TWM from the beginning and it does just fine by me. BT> BT> Now as for BSD becoming irrelevantI think that's all sour grapes. Linux gets BT> all the hype but I don't see te BSD's going by the wayside because of it. I do BT> wish there was a more richer library of drivers available, like with Linux. That BT> I would not complain about. In the past one of BSDMags was devoted to the FreeBSD's agnosticism on desktop environments. Had known it for years but in early May, 2011 some of the WindowMaker's applets were removed from the ports tree as 'unsupported and a dead download link ressource' several at once. In sight of speculations about dropping FreeBSD support especially wouldn't it be nice if I'd try to re-establish download link source for the applets of my interest and PR about I need them? Not a C coder though to know about to support them in a right way. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Maintenance script/port
Oh freebsd-questions want you buy me a mersedes benz? 2011/07/21 11:37:15 +0300 Ross => To Jos Chrispijn : R> I use security/logcheck which informs me via email about new entries R> in /var/log/messages and also smartd from sysutils/smartmontools which R> will email me when it detects any problems with SMART disks. R> R> And I also interested in something more. R> R> On Thu, Jul 21, 2011 at 11:25 AM, Jos Chrispijn wrote: R> > Can someone recommend me a text driven maintenance (re)port that informs me R> > about the health of my FreeBSD system? R> > I currently use the standard BSD report information, but like to get more R> > information out of my partitions, OS etc. R> > This program should be ran by schedule and send me the outcome by email. There are security tasks built into the periodic(8) to be emailed to an admin. I'd like to know if they can be processed to be the real alarms. There should be the corresponding tools for this as sych a filtering can be done on an MDA stage. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
build ports from not a root user?
Oh freebsd-questions want you buy me a mersedes benz? I'd like to build my ports from not a root user. How can I tell the ports system that it should su ( switch user ) before to build the dependencies? Can portupgrade handle this? Dependencies should be installed from a root user. Thank you. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: build ports from not a root user?
Oh freebsd-questions want you buy me a mersedes benz? 2011/07/21 16:53:58 +0200 Damien Fleuriot => To freebsd-questions@freebsd.org : DF> What the f... ? favorite song lyrics, np. DF> > I'd like to build my ports from not a root user. DF> DF> That is possible but exceedingly highly inconvenient. DF> What is the reason for doing that ? Security. Because of the limitations the non-root user can have. This should decrease the probability of the bad port to ruin the system during the build process. Such a thing can be happening only in a specific conditions due to the particular build environment and can or can not be a subject of a port author's intentions. The good admin practice exclamates that if the task does not need the permission than it should not have it. Building of a a single port is certainly one of those situations. DF> I can not come up with a scenario where one would want to do that. Shall I put here the examples of the distributions those are building their packages from a non-root user? There should certainly be the ones. DF> Rather than the means you'd like to use, tell us the end you're trying DF> to accomplish. You mean about feature enhancement here, the what feature do I need in terms of functionality and how it should make me better immediately after that. The security isn't about ROI but it's business model is insurance. What I need is the more security which is about to keep my things from getting worse. But it's not a bad thing ;-) DF> In other terms: what are you trying to do ? (and don't tell me "building DF> a port as a non root user") DF> DF> DF> > How can I tell the ports system that it should su ( switch user ) before to DF> > build the dependencies? DF> DF> I don't think you can. DF> DF> DF> > Can portupgrade handle this? DF> DF> Nope. But it seem to handle the dependencies in the every separate 'make' command? I suppose it should have a tweak to do the 'make install' on the every port in the dependencies chain in the 'su -' parameter. Think I will dig it out. One day. But I'm pretty sure there's anyone on the list who knows this from portupgrade's sources. DF> > Dependencies should be installed from a root user. DF> And the rest of your ports too. It's not a problem that I'm asking about. If I install the port I know the permissions I want for this. But the ports system may not know that I need the separate environment details for building. I think there should be a tweak for this, either in ports or in portupgrade, that's a question. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: build ports from not a root user?
You'll never silence the voice of the voiceless, freebsd-questions! 2011/07/21 11:04:57 -0400 Daniel Staal => To freebsd-questions@freebsd.org : DS> > I'd like to build my ports from not a root user. DS> > How can I tell the ports system that it should su ( switch user ) before DS> > to DS> > build the dependencies? DS> > Can portupgrade handle this? DS> > Dependencies should be installed from a root user. DS> DS> Install sudo, and (as long as your permissions are set correctly) the DS> ports system can do everything except the install and configure from a DS> user in the 'wheel' group. Heck I know I can use su or sudo and after chown -Rf user00:group00 /usr/ports/ /usr/src/ /usr/obj I can build world or a single port with 'make'. It's easy. But with ports I know the dependencies will not follow my policy to install the every single port as: $ cd /usr/ports/category/port00 $ make $ su - # cd /usr/ports/category/port00 # make install # exit $ cd /usr/ports/category/port01 ... and so on ... In different words, I want the 'make install' from the partivular port's directory to automate /usr/ports/category/ports00 # make install behind its scenes like this: # cd /usr/category/category/dependence-port01 # su user00 -c make # make every_install_target # cd /usr/ports/category/ports00 # su user00 -c make # make every_install_target Think 'dependence-port01' and 'every_install_target' are self-explanatory. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: build ports from not a root user?
Oh freebsd-questions want you buy me a mersedes benz? 2011/07/21 17:35:02 +0200 Damien Fleuriot => To freebsd-questions@freebsd.org : DF> On 7/21/11 5:19 PM, Peter Vereshagin wrote: DF> > Oh freebsd-questions want you buy me a mersedes benz? DF> > 2011/07/21 16:53:58 +0200 Damien Fleuriot => To freebsd-questions@freebsd.org : DF> > DF> > DF> > I'd like to build my ports from not a root user. DF> > DF> DF> > DF> That is possible but exceedingly highly inconvenient. DF> > DF> What is the reason for doing that ? DF> > DF> > Security. Because of the limitations the non-root user can have. DF> > This should decrease the probability of the bad port to ruin the system during DF> > the build process. DF> > Such a thing can be happening only in a specific conditions due to the DF> > particular build environment and can or can not be a subject of a port author's DF> > intentions. DF> > The good admin practice exclamates that if the task does not need the DF> > permission than it should not have it. Building of a a single port is certainly DF> > one of those situations. DF> > DF> DF> While compiling the port itself doesn't require root privileges, DF> installing it does. Yes. DF> This in turn means the whole "make install clean" chain requires root DF> privileges. but 'make all' does not require root privileges under those conditions: 1. all dependencies are already installed 2. write access to the port directory so it's pretty simple to replace 'make all install' from the root into the # su user make # make install the dependencies, every of them, to behave like this is the my question. DF> The purpose of the ports is to be an easily manageable and installable DF> collection of packages. And? DF> If you're not going to use the ports' installation chain, then perhaps DF> you should simply configure, build and install from source instead. No, thanks. ;-) DF> > DF> I can not come up with a scenario where one would want to do that. DF> > DF> > Shall I put here the examples of the distributions those are building their DF> > packages from a non-root user? There should certainly be the ones. DF> > DF> > DF> Rather than the means you'd like to use, tell us the end you're trying DF> > DF> to accomplish. DF> > DF> > You mean about feature enhancement here, the what feature do I need in terms of DF> > functionality and how it should make me better immediately after that. DF> > The security isn't about ROI but it's business model is insurance. DF> > What I need is the more security which is about to keep my things from getting DF> > worse. DF> > But it's not a bad thing ;-) DF> > DF> DF> If you want security, you'll want to make /usr read-only and your How could you know? I made. But it's not only a /usr. DF> problems will go away. If I had them I should want them to go away. I want them not to come. DF> If you're concerned that upgrading a port will break existing ones DF> because of dependencies, then use a port manager (portmanager, DF> portupgrade...) I do, but it's unavoidable. DF> If you're concerned that *compiling* a port will break the system, I DF> can't see how, the ports are built in a temporary directory. And? Can you show please the connection between the two: 1. ports are built in a temporary directory 2. compiling a port can not break the system Thank you. DF> If you're concerned about a port being rogue and causing malicious DF> commands while building it, then you shouldn't build that port at all, DF> even with non-root privileges. I can never know this for sure before I do. Port maintainer and port author may not know this too. The particular example is perl build systems, the Build.PL. It can do everything and I'm more afraid of it than the traditional Makefile-based perl build systems. Another hypothetical example is: Module::Autoinstall-based perl modules. The port maintainer can have their dependencies already installed from ports, so (s)he will never even notice that install automation. But the regulare user who installs them from scratch may end with a coup[le of BSDPAN modules despite many of them had been already ported and should be installed from ports and not via the CPAN.pm. THis can be easily prevented with my proposal. DF> > DF> In other terms: what are you trying to do ? (and don't tell me "building DF> > DF> a port as a non root user") DF> > DF> DF> > DF> DF> > DF> > How can I tell the ports system that it should su ( switch user ) before to
Re: build ports from not a root user?
Oh freebsd-questions want you buy me a mersedes benz?
2011/07/21 18:30:50 +0200 Damien Fleuriot => To
freebsd-questions@freebsd.org :
DF> On 7/21/11 6:11 PM, Peter Vereshagin wrote:
DF> > Oh freebsd-questions want you buy me a mersedes benz?
DF> > 2011/07/21 17:35:02 +0200 Damien Fleuriot => To
freebsd-questions@freebsd.org :
DF> > DF> On 7/21/11 5:19 PM, Peter Vereshagin wrote:
DF> > DF> > Oh freebsd-questions want you buy me a mersedes benz?
DF> > DF> > 2011/07/21 16:53:58 +0200 Damien Fleuriot => To
freebsd-questions@freebsd.org :
DF> > DF> >
DF> > DF> > DF> > I'd like to build my ports from not a root user.
DF> > DF> > DF>
DF> > DF> > DF> That is possible but exceedingly highly inconvenient.
DF> > DF> > DF> What is the reason for doing that ?
DF> > DF> >
DF> > DF> > Security. Because of the limitations the non-root user can have.
DF> > DF> > This should decrease the probability of the bad port to ruin the
system during
DF> > DF> > the build process.
DF> > DF> > Such a thing can be happening only in a specific conditions due to
the
DF> > DF> > particular build environment and can or can not be a subject of a
port author's
DF> > DF> > intentions.
DF> > DF> > The good admin practice exclamates that if the task does not need
the
DF> > DF> > permission than it should not have it. Building of a a single port
is certainly
DF> > DF> > one of those situations.
DF> > DF> >
DF> > DF>
DF> > DF> While compiling the port itself doesn't require root privileges,
DF> > DF> installing it does.
DF> >
DF> > Yes.
DF> >
DF> > DF> This in turn means the whole "make install clean" chain requires root
DF> > DF> privileges.
DF> >
DF> > but 'make all' does not require root privileges under those conditions:
DF> >
DF> > 1. all dependencies are already installed
DF> > 2. write access to the port directory
DF> >
DF> > so it's pretty simple to replace 'make all install' from the root into the
DF> >
DF> > # su user make
DF> > # make install
DF> >
DF> > the dependencies, every of them, to behave like this is the my question.
DF> >
DF>
DF> Well, you could always check a port's dependencies like so:
DF>
DF> cd /usr/ports/editors/texmacs
DF> grep DEPENDS Makefile
DF>
DF> The problem is if there are many dependencies, it won't show all of
DF> them, as per the example below:
DF> BUILD_DEPENDS= tex:${PORTSDIR}/print/teTeX-base
DF> LIB_DEPENDS=guile.20:${PORTSDIR}/lang/guile \
DF> RUN_DEPENDS=tex:${PORTSDIR}/print/teTeX-base
DF>
DF> Notice the \ at the end of LIB_DEPENDS indicating another dependency but
DF> without the "LIB_DEPENDS=" beginning.
DF>
DF> I suppose it can still be dealt with.
I suppose portupgrade deals.
DF> Once you've obtained your list of deps, you can always build each of
DF> them by hand.
DF>
DF> Of course some might also have dependencies in turn so you'll have to
DF> loop around a bit...
DF>
DF> Also, you'll run into trouble running ldconfig as a non-root user,
DF> should that be needed when building a port.
As long as I saw the instructions on building from source they wre generally
all like this:
$ cd /tarball-expanded-0.x.y
$ ./configure
$ make
$ su -
# cd /tarball-expanded-0.x.y
# make install
That important 'su -' is omitted from the ports. And it is about the security.
And... why should I want to change the file /etc/ld.so.cache before the port to
be installed?
DF> > DF> If you're concerned that *compiling* a port will break the system, I
DF> > DF> can't see how, the ports are built in a temporary directory.
DF> >
DF> > And?
DF> > Can you show please the connection between the two:
DF> >
DF> > 1. ports are built in a temporary directory
DF> > 2. compiling a port can not break the system
DF> >
DF> > Thank you.
DF> >
DF>
DF> Seeing the port is built in a temporary directory *and* you have access
DF> to the makefiles used by the port, you can easily ensure no existing
I don't believe every regular system admin will look inside the every makefile
pf a port and the every of its dependencies (there can be thousands of them) in
order to use the port only.
I can't even say the one should.
And it's certainly not easy, at least for me. Ain't it a shame? ;-)
Meanwhile, the build systems are rather far from always to be the
makefile-based. I have mentio
Re: build ports from not a root user?
Oh freebsd-questions want you buy me a mersedes benz? 2011/07/21 19:39:45 +0100 Bruce Cran => To Daniel Staal : BC> to use portmaster (ports-mgmt/portmaster): it has a PM_SU_CMD which is Cool. Tried it but couldn't make it to update the only one port, and not to update its dependencies. Will look. Mucha Gracias. ;-) 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: build ports from not a root user?
Oh freebsd-questions want you buy me a mersedes benz? 2011/07/21 23:07:41 +0200 Damien Fleuriot => To Peter Vereshagin : DF> That's kinda the point of portupgrade, takes care of the deps for you ;) Sounds bad. I meant about such a tool to handle dependencies to keep the 'make install' from to handle the dependencies. That is, to read the output of the 'make list-dependencies' or something like that. Shutting up but for those reading list archives: ports has the built-in 'su' feature for 'make install' to be done right after the 'make all'. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Why does Perl ExtUtils::MakeMaker install hang on FBSD Jail?
God love is hard to find. You got lucky freebsd-questions! 2011/08/04 13:23:04 -0400 Alejandro Imass => To FreeBSD Questions : AI> The MakeMaker build hangs in the test: INSTALL_BASE.t I had that same problem too, AI> the only person using the CPAN shell on an Jail ! ... but had no idea if it happens only in a jail. Looking at the ExtUtils/MakeMaker.pm instances in my $PREFIX/lib/perl5 I concluded that lang/perl5.X ports use to install several of them. That managed me to install the latest and greatest EU::MM from CPAN's .tar.gz (6,57 I think) and the only problem I have now is 'Need the 6.42 but we have an unknown version' warning but thiungs are just ok. You'd better ask in -perl@ list? 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: command to eject cd
Hello. 2011/09/22 10:32:14 -0400 Fbsd8 => To FreeBSD Questions : F> Is there a console command to cause the cd/dvd device to open its drawer? echo -ne "e\nq\n" | cdcontrol -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
www/libxul update distfile?
Hello. A week ago the portaudit alert came for mozilla products. I updated www/firefox36 and mail/thunderbird3 ports but still no www/libxul in the ports. I suppose I need the 1.9.2.23 version: http://portaudit.freebsd.org/1fade8a3-e9e8-11e0-9580-4061862b8c22.html But I can't even find a source package: https://encrypted.google.com/search?hl=en&q=xulrunner-1.9.2.23.source.tar.bz2 I don't think I should get it from fedora's git's 'lookaside cache'. Or should I? Thank you. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
cvs mirror on 8, 5G dvd? Re: Extract particular date snapshot from /var/db/portsnap?
Hello. I think I should correct myself as what I found that way was unexpected, even after aside from portsnap. 2011/06/15 06:51:32 +0400 Peter Vereshagin => To freebsd-questions@freebsd.org : PV> GL> cvs -d :ext:anon...@anoncvs1.freebsd.org:/home/ncvs export -D 2010-10-01 PV> GL> -d ports-2010-10-01 ports PV> GL> PV> GL> In this example, I am exporting (no CVS metadata dirs) a full ports tree PV> GL> as of Oct 1st, 2010 into the directory "ports-2010-10-01". First of all Thank you very much as it was unobvious to know that from manuals like: http://cvsbook.red-bean.com/cvsbook.htm PV> Sure, I know I can do it with (x)VCS. This one was wrong: ports are available from CVS only. No svn, p4, etc. PV> But hell yes, having VCS before such a situation to happen is good. "Just if we This one seem insufficient now. I checked out ports from 'anoncvs': cvs -d anon...@anoncvs.tw.freebsd.org:/home/ncvs co ports and there is no backup for the deleted ports of my interest. I mean for example I can not get the directory of x11/wmfstatus as it is deleted at this moment. I suppose such a download is not the all what I assume it to be: backup of each and every port's versions till the moment being. So I just rsync rsync://mirrorsite/pub/FreeBSD/development/FreeBSD-CVS/ports ./ and later I can just 'cvs export' any directory for any date from there, right? I suppose I'd put it on a double-layer dvd, is it possible to export from there? It is noted that: http://www.freebsd.org/doc/en/articles/hubs/mirror-requirements.html 5.4G is sufficient. Another question wth cvs is: can I get the particular port in its state of N(=1,2, ...) changes ago? It seems to be possible only to look up particular version for the particular file and checkout it but not for the directory (assuming the port is a directory). At the least how to look up the list of dates when the directory was changed should be great. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Need to Backup Using Dump
Hello. 2011/10/23 21:08:14 +0200 Polytropon => To Bill Tillman : P> The dump + restore mechanism operates on device files P> representing a file system, not a _mounted_ file system, P> as source. dump(8) is able to make a snapshot behind teh scenes, and use that snapshot as a source for dump: -L This option is to notify dump that it is dumping a live file sys tem. To obtain a consistent dump image, dump takes a snapshot of the file system in the .snap directory in the root of the file system being dumped and then does a dump of the snapshot. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
portupgrade -P does not 'su'?
Hello. I'd like to install a port with 'portinstall -P' from a non-root user and it requires an obvious dependency I already have built to be reused. But portinstall doesn't seem to brace it into the 'su root -c': $ portinstall -vpP devel/p5-Test-Class [..] ---> Installing 'p5-Module-Build-0.3800_1' from a package ---> Installation of p5-Module-Build-0.3800_1 started at: Mon, 07 Nov 2011 15:57:56 +0400 ---> Installing the new version via the package lib/perl5/5.14.1/man/man3/inc::latest.3.gz: Can't create 'lib/perl5/5.14.1/man/man3/inc::latest.3.gz': Permission denied [..] ** Command failed [exit code 2]: /usr/bin/script -qa /tmp/portinstall2007-84470-1midf4x-0 /usr/bin/env UPGRADE_TOOL=portupgrade UPGRADE_PORT=p5-Module-Build-0.3800_1 UPGRADE_PORT_VER=0.3800_1 /usr/sbin/pkg_add -f /usr/ports/packages/All/p5-Module-Build-0.3800_1.tbz It does use to be all ok with 'pkg_delete ... make install' sequence though. Any clues? ps. Same goes here about copying the obsoleted shared libraries to /usr/local/lib/compat/pkg -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: What are the technical differences between Linux and BSD?
Hello. 2011/11/12 10:05:19 +0100 "C. P. Ghost" => To Allen : CPG> > Just because it uses System V init doesn't mean it's actually based on it... CPG> CPG> Yes, but I guess that Linus probably used early versions of SunOS 4 CPG> which were not only BSD-based, but also not yet SysV-ied. According to "Just for fun" book, he was taking functions from the SunOS functions reference and implementing them from scratch but according to that specs. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: How to login to my jail from host itself (normal user)
Hello. 2011/11/13 09:23:57 + Matthew Seaman => To masayoshi : MS> On 13/11/2011 02:54, masayoshi wrote: MS> > I would like to keep her in jail because she is reckless. Wow! MS> Now, if you want to support console based logins direct to a jail. As MS> far as I know, this is not possible with the FreeBSD console. It would MS> be a really cool thing to be able to do though. Dedicate one of the MS> console vty's to the jail... Unfortunately I don't think that's going MS> to be impossible without code changes to the OS. The problem is init(8) MS> -- the master process on the system, and the process that controls each MS> of the getty(8) programs that watch for login attempts on the various MS> terminals -- that program would require modification so that it knew how MS> to associate a particular vty with a jail, and then manage the login MS> process to create a new login session within the jail. I'd find it obvious to try to launch getty by mean of jexec by setting the command in /etc/ttys? Something like that: ttyv0 "/usr/sbin/jexec `cat /var/run/some_jail.id` /usr/libexec/getty Pc" cons25 on secure -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Can't access a music CD (or any other media now)
Hello. 2011/11/13 07:41:27 -0500 Jerry => To FreeBSD : J> I often wonder what happened to the premise that computers should make J> man's life easier, not harder. Why should users be force to go to these But probably it's easier to plug the wire from cd drive to a sound card? That way one should get a mixer's separate "CD" volume regulator at no cost... But sure this makes impossible the any processing like this: cdda2wav | tee /some/file > /dev/dsp Either way has its advantages and drawbacks. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
realtime priority for subspawned process
Hello. I want to have a realtime priority for the particular daemon process launched from X11 application. Daemon is: jackd and app is: audio/ardour. Previous ardour version(s) allowed me to go well with sox but no more for now. It tries to execute: jackd -d oss and the error is: cannot use real-time scheduling (FIFO at priority 10) [for thread 169873472, from thread 169873472] (1: Operation not permitted) It's ok though if i run the jack as a root. But I need not it like this for jack started from ardour. I tried to find a thing like 'realtime group': http://jackaudio.org/linux_rt_config but such a thing on a freebsd doesn't seem to exist. Or is it? I grepped for 'nice', 'rt', 'realtime' in login.conf but nothing like that so far. Thus I have to trick 'jackd' command in the path to use the sudo and run jackd with: nice(1), rtprio(1) or the user with the same uid but with nicer initial priority in a login.conf.db. Which of those 3 ways will work and will be the least evil? Am I missing something and there are more ways to get with ardour? Shall I file a gnats PR as the regular desktop user doesn't seem to be able to use the audio/ardour? Thank you. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: I am FreeBSD user.
Hello. 2011/12/14 16:11:27 + Chris Whitehouse => To freebsd-questions@freebsd.org : CW> >> ssuuddoo --VV | --hh | --ll | --LL | --vv | --kk | --KK | --ss | [ --HH CW> > properly as bold. On an ancient teletype that would have been done by CW> > retyping the same character on top of the first one, which is ultimately CW> > where all those doubled characters come from. CW> I know it's trivial but I sent a PR (163149) with a patch (of sorts). I find that kernel log messages about killed processes are doubling the characters just like that (on an SMP machine). Probably thay are getting killed simultaneously and the kernel writes msg about that one-by-one character. Should I file a PR on this? Have no idea how could I reproduce a situation. but it's regularly sent from 'periodic daily' several kernel log messages collected for a day. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: I am FreeBSD user.
Hello. 2011/12/15 16:37:12 + Matthew Seaman => To freebsd-questions@freebsd.org : MS> On 15/12/2011 15:36, Peter Vereshagin wrote: MS> > I find that kernel log messages about killed processes are doubling the MS> > characters just like that (on an SMP machine). Probably thay are getting killed MS> > simultaneously and the kernel writes msg about that one-by-one character. MS> > MS> > Should I file a PR on this? Have no idea how could I reproduce a situation. but MS> > it's regularly sent from 'periodic daily' several kernel log messages collected MS> > for a day. MS> MS> What OS version? There was a similar problem experienced on multi-core MS> machines where some of the boot messages were getting interleaved like MS> that. It was harmless, other than being aesthetically unpleasing -- I MS> believe it has been fixed in 8.2-RELEASE or later. ~ 7.2-release-p3 It was suspicious to me as it's like a someone is trying to turn logs into a mess therefore hiding an intrusion traces. MS> If you can demonstrate the problem on a recent version of the OS, and it I can't at least because I have no SMP machine accesible for such a trial by hand. ;-) MS> is definitely not the another instance of problem I describe above, then MS> yes, that's certainly worth an e-mail to freebsd-stable@... and possibly MS> a PR as well. ok, I see it's a known issue, just wanted to assure. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: ports problem/question
On Tue, 12 Jul 2005 15:28:05 -0500 (CDT) Denny White <[EMAIL PROTECTED]> wrote: > to install cdrdao which is currently version > 1.1.9, I believe, & then failed, with message > saying there's a vulnerability. There's a fixed > my question about the lagtime between fix and > inclusion. Meantime, still using burncd. Danny, it uses to be easy to fix the port yourself --- just correct distinfo and version in Makefile to correspond the upgraded source tarball. You should send a message to the port maintainer and your best should be to supply him/her with the upgraded port as a .tbz ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
use can't open tap
You know St. Peter won't call my name, freebsd-questions!
Recently I upgraded the base system (7.3-stable to 7.4-prerelease) and my qemu
can not open tap device after that:
===
# ifconfig tap4 create
# chmod o+rw /dev/tap4
# ls -l /dev/tap4
crw-rw-rw- 1 root qemu0, 249 Jan 3 18:59 /dev/tap4
# :> /dev/tap4
# su - user
$ id
uid=X(user) gid=X(user) groups=X(user), ,(qemu)
$ :> /dev/tap4
-su: /dev/tap4: Operation not permitted
===
Is anything wrong here with the system?
qemu is traced like this
===
3580 qemu STRU struct stat {dev=117505792, ino=234, mode=crw--w ,
nlink=1, uid=10010, gid=4, rdev=234, atime=1294095695, stime=1294095695,
ctime=1294095695, birthtime=-1, size=0, blksize=4096, blocks=0, flags=0x0 }
3580 qemu RET fstat 0
3580 qemu CALL clock_gettime(0x4,0xbfbfe5c0)
3580 qemu RET clock_gettime 0
3580 qemu CALL sigaction(SIGALRM,0xbfbfe47c,0)
3580 qemu RET sigaction 0
3580 qemu CALL setitimer(0,0xbfbfe494,0)
3580 qemu RET setitimer 0
3580 qemu CALL open(0xbfbfe2ec,O_RDWR,0)
3580 qemu NAMI "/dev/tap4"
3580 qemu RET open -1 errno 1 Operation not permitted
3580 qemu CALL write(0x2,0xbfbfcfc0,0x5a)
3580 qemu GIO fd 2 wrote 90 bytes
"warning: could not open /dev/tap4 (Operation not permitted): no virtual
network emulation
"
===
and qemu runs well as a root user. sysctl looks like this:
===
$ sysctl -a | grep tap
net.link.tap.debug: 1
net.link.tap.devfs_cloning: 1
net.link.tap.up_on_open: 1
net.link.tap.user_open: 1
debug.if_tap_debug: 1
hw.ata.atapi_dma: 1
hw.psm.tap_timeout: 125000
hw.psm.tap_threshold: 25
dev.atapci.0.%desc: VIA 8233A UDMA133 controller
dev.atapci.0.%driver: atapci
dev.atapci.0.%location: slot=17 function=1 handle=\_SB_.PCI0.IDE0
dev.atapci.0.%pnpinfo: vendor=0x1106 device=0x0571 subvendor=0x1043
subdevice=0x808c class=0x01018a
dev.atapci.0.%parent: pci0
dev.ata.0.%parent: atapci0
dev.ata.1.%parent: atapci0
dev.atapicam.0.%desc: ATAPI CAM Attachment
dev.atapicam.0.%driver: atapicam
dev.atapicam.0.%parent: ata0
dev.atapicam.1.%desc: ATAPI CAM Attachment
dev.atapicam.1.%driver: atapicam
dev.atapicam.1.%parent: ata1
===
Should I report this as a bug?
Thank you.
73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627)
--
http://vereshagin.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: randomising tracks: scripting question
You know St. Peter won't call my name, freebsd-questions!
2011/01/03 20:23:38 -0800 Joseph Olatt => To Frank Shute :
JO> On Sun, Dec 26, 2010 at 05:09:30PM +, Frank Shute wrote:
JO> >
JO> > I generally play my tracks of an album like so:
JO> >
JO> > for track in $(cat trombone_shorty-backatown.m3u); do
JO> > mplayer $track
JO> > done
JO> >
JO> > They then play in the correct order.
JO> >
JO> > How would I go about randomising the order of play using
JO> > sh (preferably) or perl?
I have several tens of thousands of MIDI files from 90s. They are too many for
'random play' feature of the Timidity++ which is used with 'eawpats', the GUS
patches.
Here is my bash script to play them in random order:
===
#!/usr/local/bin/bash
IFS='
'
fns=(`find ~/mid/ -iname '*.mid'`)
while :; do
timidity -a -OdS -in -j -t 1251 -E t -p a -R 500 -EFreverb=127 -EFns=4
${fns[$((${#f...@]}*$random/32767))]}
done
===
Of course I miss the 'Previous track' functionality.
73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627)
--
http://vereshagin.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: a perl question
You know St. Peter won't call my name, freebsd-questions! 2011/01/04 02:32:00 -0800 S Mathias => To freebsd-questions@freebsd.org : $ perl -Mstrict -nwe 'print unless m/bla|XYZ/;' < asdf.txt 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: / file system is full, but du does not show that it's full
Concrete jungle, oh freebsd-questions, you've got to do your best... 2011/01/06 15:06:18 +0300 c0re => To FreeBSD : cr> # lsof / why not to restart your httpd and mysqld? This may release your unused filehandles. Another place to look for wasted space is filesystem snapshots, if any. They can be created implicitly, e. g., by fsck. And... why lsof and not fstat(1)? 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: / file system is full, but du does not show that it's full
Concrete jungle, oh freebsd-questions, you've got to do your best... 2011/01/06 16:57:34 +0300 Peter Vereshagin => To freebsd-questions@freebsd.org : PV> This may release your unused filehandles. used but unlinked, really, oops. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: / file system is full, but du does not show that it's full
Concrete jungle, oh freebsd-questions, you've got to do your best... 2011/01/06 17:19:05 +0300 c0re => To FreeBSD : cr> > Another place to look for wasted space is filesystem snapshots, if any. They cr> > can be created implicitly, e. g., by fsck. cr> Yeah, I checked /.snap - nothing there. snapshot is represented as a file of a special type that can be located anywhere oin a file system, not only the /.snap/. Try snainfo -a. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Cannot build openjdk6 on Fbsd 8.1
You'll never silence the voice of the voiceless, freebsd-questions! 2011/01/08 15:34:50 -0500 "John R. Levine" => To Jan Henrik Sylvester : JRL> IcedTeaNPPlugin.h:43:27: error: nsThreadUtils.h: No such file or directory either you have no such file at all, or your compiler can not find it. for first case you sould install the package that contains it. for the second you should add the corresponding -I/path flag for your CFLAGS or the similar variable. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: chrooted ssh user and /dev/tty permission denied
You'll never silence the voice of the voiceless, Ibrahim! 2011/01/20 11:06:30 +0200 Ibrahim Harrani => To freebsd-questions@freebsd.org : IH> "cannot open /dev/tty: permission denied" message. This sounds as a problem of standard handles permissions to me. I'm not expereinced in C library to qualify it more exactly. I use such a hack against this, depending on the situattion: 1. -t parameter for your ssh client 2. /usr/bin/script -qt0 /dev/null before your ssh command or sometimes both of them. Sometimes some of those hack leads to higher CPU consumption, so I omit the one. IH> crw--w 1 root tty0, 88 Jan 20 11:02 /dev/tty IH> I tired to change permission as root from out of the chroot by chmod, IH> the permission never change. Since some version of freebsd the devices are kept in devfs and chmod may not work ( although it did recently for me for some of a directory in /dev, or a symlink, I just don't remember). You should define a 'mode' rule in some of your /etc/devfs.* configs, depending on your particular need. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Burning a DVD
I've seen the future Jens <= it is motto. 2011/01/22 19:47:18 +0100 Jens Jahnke => To freebsd questions : JJ> growisofs -dvd-compat -dry-run -Z /dev/acd0 /path/to/video JJ> :-( unable to CAMGETPASSTHRU for /dev/acd0: Inappropriate ioctl for JJ> device JJ> No matter if I try as regular user or as root the error message stays JJ> the same. JJ> Any ideas? Should you use cd0 but not acd0? cd0 should be detected as a scsi device emulated via the kernel from the acd0. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: missing uwacom.ko
Como esta, FreeBSD? 2011/01/23 13:23:50 -0700 Chad Perrin => To FreeBSD Questions : CP> On a fresh install of FreeBSD 8.1-RELEASE, on a ThinkPad x60 tablet, CP> there is an input-wacom package already installed. Unfortunately, it CP> lacks probably the most important part of the package: the uwacom driver: CP> CP> # /usr/local/rc.d/wacom start CP> Starting wacom. CP> kldload: can't load /boot/modules/uwacom.ko: No such file or CP> directory CP> CP> I brought up this same problem a few months ago on this list, but CP> ultimately got no resolution, and set it aside for a while. It was not CP> very critical at the time. I have more use for the laptop now, though, CP> so I decided to try installing it from scratch again, and the exact same CP> problem has arisen. There is simply no .ko file on the system for Wacom CP> drivers at all. CP> CP> It occurred to me to try reinstalling the input-wacom package from ports, CP> but unfortunately the port is identified as broken. CP> CP> Has anyone else gotten the uwacom.ko driver on their systems? If so, CP> how? Are you using 8.1-RELEASE or something else? Is there a CP> work-around for this problem? Google, thus far, has proven useless to me CP> on this subject. I used to drop my wacom problems here. Last time I've seen no uwacom.ko in /boot/modules was because of /boot was on a read-only mounted volume. Aother kind of my problem is: http://www.FreeBSD.org/cgi/query-pr.cgi?pr=151596 Anyway, my best result for my wacom is with 7.3-release ports.tgz. I have a separate chroot for my Xorg-6.5 server and my X11 clients use TCP to connect to it. Let's see your problem by points: 1. Broken port. Is there any explanation why it's broken? anyway, there should be the way to override this although this may may not be a solution depending on the reason for port to be broken. 2. No uwacom.ko. Are you sure that it doesn't exist in your input-wacom/work directory when you successfully built the port? 3. You may note that ums(4) compiled into GENERIC statically, should not be present in your kernel before you try to kldload uwacom http://lists.freebsd.org/pipermail/freebsd-questions/2009-January/189857.html And... ain't too much expectation from just a web search service ? ;-) 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: missing uwacom.ko
Como esta, FreeBSD? 2011/01/23 14:07:47 -0700 Chad Perrin => To FreeBSD Questions : CP> > read-only mounted volume. CP> The /boot directory is on the / partition, with 755 permissions at It can have any mode and at the same time the volume can be mounted read-only. CP> > 1. Broken port. Is there any explanation why it's broken? anyway, there should CP> > be the way to override this although this may may not be a solution depending CP> > on the reason for port to be broken. CP> I haven't looked into this in too much depth yet. The error message just CP> says it's marked as broken, though. I forgot it's a freebsd-8.x at yours, I tried and could not have a wacom deteced on a 8.x ... The author promises to take a driver upstream in the bas esystem, but it seems to be a long way. At the moment it seems that only Intuos/Graphire series are supported. CP> > 2. No uwacom.ko. Are you sure that it doesn't exist in your input-wacom/work CP> > directory when you successfully built the port? CP> I didn't build the port. It got installed as part of the OS install CP> process, which surprised the heck out of me. I wonder if I accidentally CP> selected something I did not intend to install when I was selecting what CP> sources to include. But somehow you get an error message. And this message is the one word: "Broken". Look, it is explicitly noted in the x11-drivers/inpuit-wacom port option: no uwacom.ko for 8.x. CP> > 3. You may note that ums(4) compiled into GENERIC statically, should not be CP> > present in your kernel before you try to kldload uwacom CP> > http://lists.freebsd.org/pipermail/freebsd-questions/2009-January/189857.html CP> I'm not sure this makes any difference when there's no wacom kernel CP> module at all. There should be a uhid.ko on a 8.x? 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: FreeBSD and SSD drives
Nothing to do oh, freebsd-questions stay in bat! 2011/02/11 09:40:37 + Paul Macdonald => To FreeBSD Mailing List : PM> I'd be interested to here peoples opinions on best uses for SSD, general PM> purpose applications such as databases , webservers etc will benefit PM> obviously, Sun.com before to bankrupt was spamming me about their nice idea on SSD appliance for their servers. It took me a some while though to know out accidentally that they apply solid-state memory devices for... FS journal. This looks wise and reasonable to me because: 1. SSD is known as less reliable storage. 2. SSD has less track-to-track seek average time. ( than usual HDD ) 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Scanner recommendation
Nothing to do oh, freebsd-questions stay in bat! 2011/02/03 18:02:09 -0800 Rem P Roberti => To FreeBSD : RPR> Now that I understand how to get a scanner working, if there are any RPR> photographers out there who are using scanners with FreeBSD for RPR> negatives or slides I would love to hear a recommendation. I have an RPR> Epson V500, but it is unsupported, and the only scanner that I have that RPR> is supported is an old HP Scanjet 3970, which is a poor scanner for RPR> doing negatives or slides. epson perfection 3490 scans my 35mm negatives from xsane. 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Is there a way to run FreeBSD ports through port 80?
Hello. Why don't you use a portsnap? it's over http... 2012/07/12 19:01:15 +0100 Kaya Saman => To Peter Vereshagin : KS> I will check it out however and see if that method is best, however KS> CVSup would be the best way for us and I'm already looking at this: KS> KS> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html 1. cvsup is not about comparison to ftp. cvsup is a way to obtain fresh port for the program distribution, ie set of patches, list of package's files, sample configuration files for the particular program(s) those are not the part of the base system but supplied with taking the OS specs in mind. ftp is a way to obtain a distfile, ie what the 3rd party software developer use to distribute. For FreeBSD ports cvsup and ftp are not competent in the daiy use as they have different purposes. Some 3rd party software is released and published authoritatively on ftp only. And that is the only problem possible for you on ftp usage by freebsd ports. But I believe there is only a few of them you need if any at all. I guess you may want to download the initial ports tree tarball, the ports.tgz, via the ftp. But it's certainly a) available over there via the http and b) is outdated and is needed to be updated via the portsnap and/or cvsup. 2. Use csup from the base system, don't use cvsup from ports if you use its protocol. And, portsnap seems to be even more recommended since some days. KS> which should be enough to get a demo up and running. A Demo? Am I invited for the show? ;-) -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Is there a way to run FreeBSD ports through port 80?
Hello. 2012/07/12 14:44:48 -0400 Lowell Gilbert => To Peter Vereshagin : LG> Peter Vereshagin writes: LG> LG> > 2012/07/12 13:19:56 -0400 Lowell Gilbert => To Kaya Saman : LG> > LG> URLs as well as FTP. For ones that aren't, (and assuming the rather LG> > LG> silly security policies won't allow for an external web-based FTP proxy) LG> > LG> you may need to bring them in by offline media. LG> > LG> > I believe there should be the way of using the passive ftp (and any other LG> > protocol) via the HTTP CONNECT method to the ftp (or any other port needed for LG> > other protocol/app) port and then handling the both control and data LG> > connections through the consequent copmmands and data exhange. LG> LG> You've just described an FTP proxy. That's already been ruled out. But I thought the squid-like http proxy while serving the FTP URLs is what the ftp proxy is? It's a different matter at least because it's a nothing about HTTP's CONNECT method. Can you point me to a definition of 'ftp proxy' please? Wikipedia and Google have nothing on this. What I described is mentioned as 'http tunneling' in delegate's docs and isn't specific for ftp at all. LG> > Most surprise for me is why no one is interested about what kind of a danger LG> > the ftp protocol can ever be? i. e. skype is much more vicious in comparison to LG> > ftp and s much harder to be restricted by a packet filter if even possoible. LG> LG> Unfortunately, it's common. Often it's a reaction to the idea that FTP LG> is an insecure protocol -- which is true, in a sense, because LG> authentication information is passed in the clear, but irrelevant to LG> anonymous use. This is silly, yes, but it's fairly popular among the LG> types of "IT" people who think that NAT is a security service. Or LG> possibly Nothing But HTTP is allowed through the firewall (which is, at LG> least, a rational response to not knowing much about TCP/IP). Management is always the same on both sides of Earth, right. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Is there a way to run FreeBSD ports through port 80?
Hello. 2012/07/12 21:26:22 +0100 Kaya Saman => To freebsd-questions@freebsd.org : KS> > A Demo? Am I invited for the show? ;-) KS> Something like a Linux repo server if you will - though I mention the KS> term very loosely. SHould you try with a ixsystems's pcbsd.org then? http://pcbsd.org If you need to install a program from a freebsd port then pcbsd allows it,too. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Sharing COM ports to Windows hosts
Hello. 2012/09/03 14:29:20 +0700 Victor Sudakov => To freebsd-questions@freebsd.org : VS> > > There is a FreeBSD box with several RS232 ports. Can those ports be VS> > > accessed by Windows hosts over the network? Actually, does anyone VS> > > have a success story for such a scenario? VS> At least it has an example of an RFC 2217 client (COM port to TCP VS> redirector) in its README file. Thanks again, will look at it. >From what I remember the os/2 smb protocol implementation could share COM ports as easily as LPT ports for printers. I can't remind though if this was for 'printer-only' purposes e. g. output-only, supplied with a mandatory queueing facilities, etc., or not. Who knows if modern smb protocol implementations could do this, too. Depending on a task I think the most interactive user-friendly solution here is a minicom(s) each in its own ssh'ed jail(s). -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Sharing COM ports to Windows hosts
Hello. 2012/09/05 09:06:36 +0700 Victor Sudakov => To freebsd-questions@freebsd.org : VS> > Depending on a task I think the most interactive user-friendly solution here is VS> > a minicom(s) each in its own ssh'ed jail(s). VS> VS> There is special Windows software for managing Natex MUXes. It works [..] VS> Solution 2. Using an existing networked FreeBSD box sitting next to VS> the MUX, it already has COM ports. Advantage: cheap, no additional ok. no interactivity. But I'm still optimistic about virtualization. emulators/qemu at the least should be able to run that software and use com-ports from the master freebsd system at the same time. Then you can you can use remote access features for workstation access to the software. VS> doubts ... English is so poor coffee is your friend (c) -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Sysctls and privacy
y Hello. it's a -questions@ here, right? (= 2012/10/12 09:59:15 -0300 schu...@ime.usp.br => To freebsd-questions@freebsd.org : > In my system I use separate user accounts for running untrusted > programs at the moment. While many will probably argue that jails > are a superior solution, in my specific case its the inverse. What's a specific of the case? > I know FreeBSD is not ready by default to have multiple untrusted > users in the system, at least from a security viewpoint. I have > done quite a bit of changes to make the situation better. What changes? > However, there is something bugging me. Some sysctls apparently > expose too much information about the system. Some examples: the > number of context switches, the number of forks, the total used > memory (at the byte level), the total used space for each file > system (at the byte level) and even a graph of how my GEOM devices > are organized! What kind of danger is this? This system info expose seems nothing to do with making the system work unexpectedly. > I know some programs like gkrellm need this information to function, > but on the other hand, I feel pretty uncomfortable with the > information presented by gkrellm being logged. It's at the very least > a loss of privacy. You didn't mention you must have an outside network connection. Should your untrusted software have it? Just unplug it otherwise. > So, I would like to ask for a way to disable user access to all > sysctls that are not needed by basic user programs (shell, terminal, etc). You can make the special chroot/jail environment for the users keeping them away from the access to the binaries exposing sysctls. And permit them the write access only to the volumes mounted as '-o noexec'. There should be the way(s) to bypass this, at the least one of the DSLs e. g. ruby, python, perl, php used in that environment may provide API for sysctls or the modules can be built to use sysctl api from C. Thus you should keep your C compiler and any of the soucres e. g. /usr/src to present on that environment. Even with that who knows if your software doesn't use sysctl(3) functions. But the 'basic user programs' shouldn't. > Also, if possible, I would like to have a group of users to whom > these sysctls are accessible as an exception (to run gkrellm). I don't think it's possible at the moment. Do you think this can be implemented without performance loss? Sysctl is a kind of the kernel stuff... How about emaulators/qemu, virtualbox, etc? > Thanks for your time. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Sysctls and privacy
Hello. 2012/10/13 12:09:39 -0300 schu...@ime.usp.br => To Peter Vereshagin : > > y > > Hello. > > > > it's a -questions@ here, right? (= > > Indeed. :-) Ouch! it's already not... But I Cc: there. Oops? > > What's a specific of the case? > > I need quite a lot of such "jails", with some being able to see others, > including the case where one "jail" may be visible to many. However, a > "jail" being visible does not mean it can be modified by the observing > "jail". Did you specify elsewhere what a 'visible' does mean to you? - if this means network connectivity then you can put jails on the same network, e. g. the same address on a lo(4) interface - if this means a read-only access to the directory located outside of a jail then her4e is the trick: mount_nullfs -o ro /path/to/inject /your/jail/mount/detination > The first implementation I thought of was using users and groups. I imagine > I can do this with jails and read-only mounts, but I would like to avoid > making a clean system per jail since disk space would not be enough. The same trick can be done for every directory the freebsd base system consists of. Excluding those different for each jail, e. g. /var, /etc. Nullfs daesn't consume your disk space except for additional fstab lines, something about a dozen per jail. (= > Also, the configuration of such environment is much, much simpler than > a jails version. I don't think so. It's a task of the configuration of a second system without hardware initialization and so on, and then spreading your configs around other jails. > To be sincere, I have not discarded the possibility of a jails solution > with clever mounts to preserve space, but it did not occur to me yet. > > > What changes? > > Changing the default permissions on devices (e.g sound), jail goes beyond with its jail_devfs_rules > not allowing > any file to be setuid and be visible to ordinary users, What do you mean 'visible' here? Do you just chmod a-rwx on them? Say, to avoid listing the /usr/bin/su you should chmod a-rx /usr/bin which is far from the best idea... > patching some ports to avoid attacks on /tmp > (X server), Sounds interesting but doesn't seem googleable to me. Any URLs for xorg patches and/or for the list of such a ports please? > exercising memory and process limits via rctl, Ouch! a RELENG_9 feature... > changing > some system configurations (see_other_uids, etc), disabling access to > the system log, stopping useless (to me) daemons, setting per user > ZFS quotas and probably a few more I can't remember at the moment. > > > What kind of danger is this? This system info expose seems nothing to do > > with > > making the system work unexpectedly. > > Indeed, but then all users might infer which programs are running and when. How could the one know out that from overall system statistics only? > It's not about consistency loss, it's about privacy loss. ok but that can be the loss of a privacy of some other user? > > You didn't mention you must have an outside network connection. Should your > > untrusted software have it? Just unplug it otherwise. > > The untrusted software runs for a reason, and that is I need its output. > Some outputs are not that amenable to verification (pdf files for instance), > and I can not exclude the possibility I myself might post some of these > outputs online, for instance. They may however, contain the logs. Sure. You can convert PDFs to the set of images, reassemble them into your own PDFs without the logs and post then. So without the need for the outside network connectivity there shouldn't be much care. (= > > You can make the special chroot/jail environment for the users keeping them > > away from the access to the binaries exposing sysctls. And permit them the > > write access only to the volumes mounted as '-o noexec'. > > > > There should be the way(s) to bypass this, at the least one of the > > DSLs e. g. > > ruby, python, perl, php used in that environment may provide API for sysctls > > or the modules can be built to use sysctl api from C. Thus you should keep > > your C compiler and any of the soucres e. g. /usr/src to present on that > > environment. > > > > Even with that who knows if your software doesn't use sysctl(3) > > functions. But > > the 'basic user programs' shouldn't. > > That is a real solution for the problem I have asked. However, for my > use cases not being able to produce executables is too restrictive. > > > I don't think it's possible at the moment. Do you think
Re: Famp Server
Hello. 2012/10/28 22:33:41 -0700 Hamisi Jabe => To freebsd-questions@FreeBSD.org : HJ> I freel freebsd is very good in networking server but it make work hard for compiling the Famp package (Freebsd, apache, mysql, php) i would like to ask the developers to compile a package that its a one select and install which will do everything for the famp server rather than downloading selecting extensions, installing this and that exectra. I think this can be implemented as a 'metaport'. You may try to make it yourself or ask someone else e. g., me. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Famp Server
Hello. 2012/10/29 10:31:31 +0100 Karol Buja??ek => To freebsd-questions@freebsd.org : KBe> On 10/29/2012 7:50 AM, Peter Vereshagin wrote: KBe> > I think this can be implemented as a 'metaport'. You may try to make KBe> > it yourself or ask someone else e. g., me. KBe> KBe> Do you mean something like misc/instant-server in ports? I never use KBe> that port, only noticed some days ago. Maybe this can be used/ajdusted? Probably to copy from an existing portto create a new one isn't a best idea but prehaps it is a good start to get the things done. About the what I know to be exactly a 'metaport' is lang/php5-extensions. Why not just keep a list of ports or packages? I believe the modern management tools (portmaster/portupgrade) can install them smoothly in one command. If the what you want is a binary package then what if the 'pkgng' stuff has or will have such a feature: to bundle a metaport in a package? And, the pc-bsd (http://www.pcbsd.org) seem to have such an AMP package out of the box (or downloaded via its package manager) -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Famp Server
Hello. 2012/10/29 16:28:11 -0400 Michael Powell => To freebsd-questions@freebsd.org : MP> Perhaps by way of example I can illustrate: I run Apache as FastCGI with the MP> event-mpm, mysql, memcached, and PHP in the FPM configuration. It is a MP> highly customized and tuned environment which is easily obtained utilizing MP> the inherent configurability of the FreeBSD ports system. jfmi: Which of them can not be found in a 'gentoo'? MP> When such a meta port comes into play, there are defaults chosen which begin MP> to reflect the same kind of restrictions as I outlined before in my reasons MP> for not migrating my chosen environment to Linux. You can configure separately each port the metaport consists of and then build that metaport. Those "defaults chosen from begin" do not depend on if the 'nested' port is being built as a part of a metaport build process or separately thus no restrictions observed. MP> I suggest, instead of MP> leaning on the meta port approach, that the true power of FreeBSD would be MP> more fully realized by learning to be a proper system admin. You will also What if being a proper sysadm means ability to deploy a package on thousands (tens of thaousands, etc.) of machines? In formal terms this means create a package and install on the every machine. This cannot be a several packages because this makes the whole task less quick and the solution less reliable. And the creation of such a package can be a more trivial task for sysadm than the such of a package installation or upgrade by itself. Such a metaport can be a person-scale/company-wide solution, not a public one so no harm for the general freebsd usage approaches/pphilosophy which is a kind of a public stuff. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Famp Server
Hello.
2012/10/30 15:37:55 -0400 Michael Powell => To
freebsd-questions@freebsd.org :
MP> I do not know. Never ran Gentoo. Never had the time to try every 'distro'.
MP> Some imprecise and poor wording on my part when I said something about
MP> 'all', when I should have said the 3 that I did try. Mistake on my part.
Totally 'portages'-based 'gentoo' with its 'USE flags' feature is a kind of a
freebsd in a linuxes world. Opps, and an offtopic here, too. But... there
seems to be somebody porting the portages to freebsd, no? Something like
'creating a freebsd kernel portage' as I see this task. If so then 'debian'
guys are not alone foloowing that way with their 'kFreebsd' for whiles
already.
MP> [snip]
MP> >
MP> > What if being a proper sysadm means ability to deploy a package on
MP> > thousands (tens of thaousands, etc.) of machines? In formal terms this
MP> > means create a package and install on the every machine. This cannot be a
MP> > several packages because this makes the whole task less quick and the
MP> > solution less reliable. And the creation of such a package can be a more
MP> > trivial task for sysadm than the such of a package installation or upgrade
MP> > by itself.
MP> >
MP> > Such a metaport can be a person-scale/company-wide solution, not a public
MP> > one so no harm for the general freebsd usage approaches/pphilosophy which
MP> > is a kind of a public stuff.
MP>
MP> I completely agree with this. However, noting the most recent email it
looks
MP> as if he still hasn't quite got the hang of installing software on FreeBSD
MP> yet. I believe there is a chapter in the Handbook devoted to it.
I shoudn't ever judge about what the other side did or didn't (read or didn't
read, know or doesn't know). But it's me.
MP> One would still need to learn how to install software on FreeBSD in order
to
MP> make use of a meta port; after all - it is still the same process. I do not
MP> think a meta port is a solution for not learning how to install software.
But metaport build/install process can give a clue about the what it is. Ain't
it a 'learning how to install software'?
MP> My suggestion is centered around the idea that learning to install software
MP> is a prerequisite to using a meta port. I think we should be guiding him
MP> towards acquiring that understanding, then if such a meta port comes into
MP> being he will be able to make use of it as well.
MP>
MP> I do not disagree with the potential utility of a meta port. This is a
MP> 'horse before the cart' situation where one cannot replace the other. We
MP> should be helping him learn how to install software. A meta port should be
a
MP> separate issue of its own, and not be attempting to replace not knowing how
MP> to install software.
I hate methodologies and teaching. But here are my cents:
- Such a metaport creation task can motivate him on learning about the
'porting and installing software for freebsd' topic by himself. Ain't it
great for him and easy for us than learning here about his typically
known beforehand small steps on that way?
- Horse before the cart is a problem when it's a vice-versa only.
--
Peter Vereshagin (http://vereshagin.org) pgp: A0E26627
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: My freebsd partition changed by Windows chkdsk (Leslie Jensen)
Hello. 2012/11/02 14:49:57 +0100 Leslie Jensen => To Manish Jain : LJ> > Right after installation of FreeBSD, I ran : LJ> > dd if=/dev/ad4 of=ad4.512 bs=512 count=1 LJ> > dd if=/dev/ad4s2 of=ad4s2.512 bs=512 count=1 LJ> > dd if=/dev/ad4s2a of=ad4s2a.512 bs=512 count=1 LJ> Will you explain the details, Please? Copy first 512 bytes from every block device to different files. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Moused error in 9.1-RC3
Hello. 2012/11/13 14:55:21 +0100 Leslie Jensen => To FreeBSD Questions : LJ> I've just installed 9.1-RC3 on a machine. LJ> When starting I get the error: LJ> Starting default moused LJ> moused: unable to open /dev/psm0: No such file or directory LJ> I have moused_enable="YES" in rc.conf LJ> Do I need to set some right in devfs for it to go away? Yes, in the case if your kernel detected the 'psm0' device, typically that message found in dmesg for that case. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Old file reappeared by itself
Hello. 2012/11/14 14:25:27 +0400 Artem Kuchin => To Friedrich Locke : AK> > Have you ever call the police ? AK> AK> Ever - yes, in this case - no. Have police ever called you? ;-) AK> > It happened today again! I checked file today and the file was Then it's much easier if it happens again. If it's the zone then BIND may seem to overwrite the file? I can do this in the case it's a primary zone service. I'm informed it's all about the primary not a secondary zone service but hence BIND isn't a piece of cake who knows. Since that you can do this: - chmod file(s) for BIND to read-only it. - monitor certain directories for changes. I have no idea about the tool to handle this task but it's quite possible with inotify() system call and/or the sgi fam protocol, particularly its sysutils/gamin implementation. AK> ? ?, AK> ? ? AK> "?? ?? ??" ... Content-Type: text/plain; charset="us-ascii"; ? -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
sha-1 Re: Security Incident on FreeBSD Infrastructure
Hello. 2012/11/17 10:04:26 + FreeBSD Security Officer => To FreeBSD Security : FSO> -BEGIN PGP SIGNED MESSAGE- FSO> Hash: SHA1 What's the state of the art about 'sha-1' digesting with freebsd security? At the least debian seemed to be migratring since 2009: http://www.debian-administration.org/users/dkg/weblog/48 "We need to be prepared for the eventual deprecation of SHA-1, but we do appear to still have time." How much serious shall this be to us? Thank you. -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
