Re: cups-base problem
Dear all, Today I saw a security notice: ..snip... cat distinfo MD5 (cups-1.3.3-source.tar.bz2) = d4911e68b6979d16bc7a55f68d16cc53 SHA256 (cups-1.3.3-source.tar.bz2) = 5e9e5670777055293e309cb0cbb2758df9c1275bf648df70478b7389c2d804de SIZE (cups-1.3.3-source.tar.bz2) = 4077262 Update your ports and INDEX file as it seems that you are installing a vulnerable version of cups-base. The VuXML report says: Affects: cups-base <1.3.4 so the cups-1.3.3 still has the vulnerability mentioned in the report. -Rek ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Build Frustrations
===> apache-worker-2.2.6_2 depends on file: /usr/local/bin/autoconf-2.61 - not found ===>Verifying install for /usr/local/bin/autoconf-2.61 in /usr/ports/devel/autoconf261 ===> Returning to build of apache-worker-2.2.6_2 ... buildconf: checking installation... buildconf: autoconf not found. You need autoconf version 2.50 or newer installed to build APR from SVN. ./buildconf failed for apr These messages looks pretty similar I had after ports autotool cleanup (i.e. the new wrapper thingie). Solution for me was removing all the auto* ports and reinstalling only the new wrapper. APR working decent-like: [www] ~> httpd -V Server version: Apache/2.2.6 (FreeBSD) Server built: Oct 2 2007 00:21:11 Server's Module Magic Number: 20051115:5 Server loaded: APR 1.2.11, APR-Util 1.2.10 Compiled using: APR 1.2.11, APR-Util 1.2.10 ... -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: [RFC/P] Port System Re-Engineering (Repost from -ports@)
On Mon, 03 Dec 2007 16:19:15 +0200, Aryeh M. Friedman <[EMAIL PROTECTED]> wrote: 1. What is more important to your personal use of FreeBSD (the ports system, the underlaying OS, some other aspect)? The "form follows function" of the whole FreeBSD kernel/userland and ports. Licensing ;) 2. How frequently do you interact with the ports systems and what is the most common interaction you have with it? At least once weekly, depending on system. After setup it's mostly keeping system up to date and interdependencies between ports in order. 3. What is the single best aspect of the current system? Very good tracking of dependencies, portupgrade etc, ability to make different ports mesh together. 4. What is the single worst aspect of the current system? Installing some stuff like X adds lots of noise into the "main level" of installed ports. Some sort of level system, showing only main port, at least in some cases might make it more manageable. 5. If you where a new FreeBSD user how would your answers above change? If you where brand new to UNIX how whould they change? I started using ports from the beginning and IMHO it's vastly superior compared to almost anything out there - The learning curve isn't that steep... 6. Assuming that there was no additional work on your behalf would you use a new system if it corrected your answer to number 4? If the new system was based on already tested and true concept - effectively the old system with minor tweaks. If it was some graphical horrendosity ported over from the dark side, I'd pass it... 7. If the new system corrected the worst aspect of the current system but broke the best aspect of it would you use the new system? No. 8. How long have you used FreeBSD and/or UNIX in general? Regularly 10 years. Mainly IRIX/FreeBSD/NetBSD with some very short tests of Linux etc. even before that. 9. That is your primary use(s) for your FreeBSD machine(s) (name upto 3)? Servers, firewalls 10. Assuming there is no functional difference what is your preferred installation method for 3rd party software? Ports 11. On a scale from 1 to 10 (10 being the best) please rate the importance of the following aspects of the ports system? a. User Interface 8 (and this doesn't mean a pretty GUI but how the interaction of the user happens with the system - ports as of now are 7ish, 8ish level) b. Consistency of behaviors and interactions 10 c. Accuracy in dependant port installations 10 d. Internal record keeping 10 e. Granularity's of the port management system 6 12. Please rate your personal technical skill level? When in trouble can usually RTFM and solve it, not a c/kernel hacker -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Character 208 acts strangs in console, when moving mouse
When i display character 208 in my console and move my mouse, i see the strangest things. FreeBSD 6.2-RELEASE-p8, with default screenmap and console settings. http://www.xs4all.nl/~whendrik/download/mouse wget and cat that file in a console to see the effect. I tried it on my laptop and desktop PC with same kernel. Anyone else experience this problem/effect? I think it should be a pi character upside down, mostly used to draw tables in combination with other characters... Mouse cursor mapping artifact. In text mode on PC hardware, the mouse pointer has to be mapped to a character in order to show "fancy" pointer. Nothing to worry about. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Firewalls in FreeBSD?
Hi Jack! Right now I have a Windows machine a FreeBSD natd/firewall then a cable modem. This is working for web surfing. But I've been playing a lot of games lately and it doesn't work at all (for multiplayer/internet games). As a fellow gamer, I've found that PF with stateful filtering has been a good firewall for my needs. Usually with stateful ruleset the games work out of the box, just when outgoing traffic is allowed and state is kept. There are some special situations where PF shines though, Asherons Call (or any other game using bidirectional UDP traffic) can be made to work with following configuration: This to nat section: binat on $ext_if from to or IP> -> $ext_if Which should do the trick with some of the silly games out there using standard defined, but really rare kind of traffic. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: CMS
I manage a couple of FreeBSD servers for a friend. He's gotten all excited about content management and thinks that's the way to go. The system he's familiar with is Windows only. I've done a little research, but I'm wondering if anyone reading the list has experience with a CMS on FreeBSD - one that's in ports preferably. Due using Postgres, I've had experience on both Drupal and Serendipity, both installed mostly from ports and seem to be updated pretty regularly - although Serendipity can "self repair" - i.e. load updates for plugins and itself automatically. Both have functioned well enough, although with Drupal if you need more exotic array of plugins, they have to be installed manually as ports seem to miss several. In addition, some of the Drupal plugins need a bit of tweaking (getting rid of mysqlisms) if used under Postgres, although the main application works good enough. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Any chance ZFS becoming default?
under Other Kernel: ZFS as default So anyone running 32bit or under 2Gb of memory don't need to bother with FreeBSD anymore after 9.0 RELEASE? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Tuning make.conf
Should my make.conf be like: MAKEOPTS==-j3 CPUTYPE=core2 CFLAGS= --O2 -pipe -fno-strict-aliasing or just: MAKEOPTS==-j3 CPUTYPE=core2 or maybe: MAKEOPTS==-j3 CPUTYPE=core2 CFLAGS+= --O2 -pipe -fno-strict-aliasing Setting CFLAGS can cause errors while compiling and other undesirable effects, so I recommend leaving CFLAGS undefined. If you want to optimise things use COPTFLAGS instead. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Problems with Apache-2.2.8 & PHP5 (+extensions) ports
Whenever I click these, my browser wants to save a blank php-page, Apache reports this: [notice] child pid 31685 exit signal Illegal instruction (4) I've got signal 4's with PHP earlier, but I can't for now remember the exact cause. Usually my PHP problems have related to having module conflict in PHP, especially recode has been problematic. The solution has been commenting out extensions from /usr/local/etc/php/extensions.ini and then adding them back one by one until the problem returns - the last one added is the one causing the conflict. Of course you have to keep at least some extensions available in order to keep the website you're testing functional - databases etc. Other solution is trying to tweak the extension load order in extensions.ini after you have found the extension causing the crash. Other possible thing is accidentally building PHP against the wrong Apache if I recall right - in your case building Apache2 or Apache1 version when you are running Apache22. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Problems with Apache-2.2.8 & PHP5 (+extensions) ports
How would I do that? I installed Apache22 from ports and after that PHP. It never asked for any apache version. I can't remember if that was at point in time when there wasAPACHE_VER=xxx knob - it was a long while ago. The module loading order difficulties tend to crop up every upgrade of PHP, forgetfulness to turn some extensions off from my part... -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: PHP crashing on FBSD-6.3
I am continuing to have a problem with PHP crashing. It will not even print out its version number without a dump. This is an example of the crash: ~ $ php -v PHP 5.2.6 with Suhosin-Patch 0.9.6.2 (cli) (built: May 24 2008 13:55:49) Copyright (c) 1997-2008 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies Segmentation fault: 11 (core dumped) Disable all the extensions from /usr/local/etc/php/extensions.ini (although the probable culprit is recode)... It might or not be cured by reordering the loading order after the extension causing the fail is found. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Kernel errors after upgrade from 8.1 to 8.2
I updated the ports after the reboot and did a 'portupgrade -af' after the kernel update, restart, etc. I had no issues performing the upgrade according to the handbook and the System State Comparison seems OK... Did you do the whole mergemaster -p make buildworld make buildkernel make installkernel reboot & test make installworld mergemaster sequence? As you tell about ending the process at reboot, I have a gut feeling that your userland is not up to date with kernel and the make installworld step is missing... -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Kernel errors after upgrade from 8.1 to 8.2
mx3# mergemaster -p *** Creating the temporary root environment in /var/tmp/temproot *** /var/tmp/temproot ready for use *** Creating and populating directory structure in /var/tmp/temproot cp: /usr/src/etc/master.passwd: No such file or directory *** FATAL ERROR: Cannot copy files to the temproot environment So, I just need to get all the source and then rebuild as you mentioned? --Robert Yes, grab the whole source tree - kernel upgrades by just compiling the kernel itself are usually okay, if done within same release, when upgrading, the userland needs to be built with the new kernel. The correct process for upgrading from source is described in: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Buildworld Benchmarks
We thought going tmpfs would make things faster, but that resulted in over 13 minutes (huh? you'd think a RAM disk would be smoking compared to even the SSDs that we used to achieve ~9 min; do note that we did make sure to nullfs mount a tmpfs-based directory onto /usr/obj -- though the performance of that nullfs mount might have hurt the test, not sure). I think that doing huge parallel build and using part of memory bus bandwidth for storage is the culprit. DMA offloading the storage operations directly from memory to the disks is giving the advantage to builds using disk IO. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: After freebsd-update....
You have applied the update successfully. You won't see any difference in the output from uname(1) because this update when applied via freebsd-update(8) doesn't touch the kernel. It only affects named(8). This is the patched version in 8.2-STABLE: % /usr/sbin/named -v BIND 9.6.-ESV-R4-P1 Interestingly my system updated from source shows still: /usr/src# /usr/sbin/named -v BIND 9.6.-ESV-R3 ncache.c was updated though, but version number nor any other bind files were touched. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: After freebsd-update....
did you rebuild the world? Ran makeworld and installworld twice to be sure of the version number staying the same :) -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Another PHP5 problem
I have very few uses for sqlite3 but I still have them. And PDO? Never seen anything run it. Some pretty big projects including Drupal CMS are moving to PDO. I reckon that having other options without reinventing the wheel, than one certain Oracle controlled DB-backend is starting to gain momentum. Just as a sidenote, PHP 5.3.6 so far seems to be unaffected by extension loading order, but looks like that any upgrade of apache, apr, php etc. means that every dependent module downstream has to be recompiled as well. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Another PHP5 problem
Now, I wrestling with the apache2 and apr0 issue. The apache port Makefile wants apr0, but it now has vulnablilities. Ports UPDATING says to do this with apr: - remove apache2 and then: portupgrade -f -o devel/apr1 devel/apr ...and then reinstall apache2. That didn't work because the Makefile in apache still wants apr0. I changed the Makefile to apr1 but the build failed after it looked again for that apr0 later in the build. I didn't find another call for apr0. Apache 2, not Apache 2.2? Could you consider upgrade - haven't had any problems with that version in several years now. Of course, everything depending on apache needs recompile afterwards. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Another PHP5 problem
I updated my ports > tree, but a new apr version was not there yet. So, stuck between a rock and a hard place. And the fix for APR 0.x might be long way coming, see http://projects.apache.org/projects/portable_runtime.html, looks like 0.x branch hasn't been updated in ages. Nor any action has been done to fix the issues. Apache 2.2. uses APR 1.x by default so having APR 1.x installed from ports and then installing Apache2.2 etc. does work. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Another PHP5 problem
From: "Michael Powell" pulls in a few more dependencies than I'd really like, especially the apr1 (now named apr-ipv6-devrandom-gdbm-db42-1.4.5.1.3.12) port installing The name depends completely on the knobs you have used with portbuild - my apr is: apr-ipv6-devrandom-db43-pgsql84-sqlite3-1.4.5.1.3.12 At any rate take a gander at /usr/ports/Mk/bsd.apache.mk for more info. But if it were me instead of fighting I'd just go with the apache22 default Yeah - the configuration differences are pretty minimal and even the 2.0 port makefile states now: DEPRECATED= will be unsupported by ASF when 2.4.0 is release, migrate to 2.2.x+ now -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: free sco unix
-- From: "Robert Simmons" thrown out of court. Additionally, the source code is GPL, so even if in the fictional world of Linus taking the trademark elsewhere, you can fork the code and call it Morphtkdlfgjfjdsksjfnmvmdkedkfjgjg, and you would be fine. In that fictional world MySQL needed a fork and some GPL'd programs have been retroactively made completely closed source, forking denied after taking the issue into court... -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Another PHP5 problem
From: "Jack L. Stone" Also, I see the sqlite3 is tacked on the apr you have. I only have: apr-ipv6-devrandom-gdbm-db46-mysql50-1.4.5.1.3.12 Yeah when I ran make config for apr I selected sqlite as I had it already installed for stuff where I might need SQL capabilities, but full blown server is too 'heavy'. What are all of those "conf" files in the apache22/extra directory? Any includes needed there besides perhaps the ssl if used? Check those through, just in case there are some options you might want to include or are already using. I've moved the ones I needed to the Includes subdir and kept extra purely as a storage for originals. But sadly can't help more with the needed extra includes as those are so much dependent on your needs and setup. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Another PHP5 problem
The no-accf.conf under includes is for if you do not desire to use either of the AcceptFilter choices, one for httpd the other for SSL traffic. These can be loaded as kernel modules in /boot/loader.conf as such: accf_http_load="YES" accf_data_load="YES" You can also build the modules into kernel itself with: #Apache kernel modules options ACCEPT_FILTER_HTTP options ACCEPT_FILTER_DATA I reckon that the thing you are missing is kernel rebuild and reinstall. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Since SquirrelMail Looks Like It Will Never Be Supported Again...
SquirrelMail seems to be forever on hold because of an incompatibility with PHP 5. So I am going to have to replace it as our Webmail interface. So, I'm looking for recommendation from the tribe here on what I should use instead: 1) Easy to use. Mostly this gets used by people when they are away from the office and then only occasionally. 2) It would be really nice if the program could import the Thunderbird Address Book. 3) Easy to install and maintain. Probably only real alternative is Imp/Horde. Roundcube is nice, but it's tablet and mobile support is really lacking (and all the mobile skins cost $$$). -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Since SquirrelMail Looks Like It Will Never Be Supported Again...
-Original Message- From: Frank Leonhardt On 30/08/2013 22:20, Tim Daneliuk wrote: SquirrelMail seems to be forever on hold because of an incompatibility with PHP 5. So I am going to have to replace it as our Webmail interface. I'm a bit confused about this - you seem to be saying that Squirrelmail won't work on PHP 5? I've been running it on PHP 5 for years and it's being maintained to support changes for the latest 5.4 and 5.5 releases. My experience with squirrel on PHP 5.x has been that it won't show every message in the webmail users inbox. People complained about lost mails and after checking spam filtering etc. I realised that the mails had arrived into inbox safely. After asking the clients to test another mail client - Thunderbird, Live mail, etc. The "lost" mails were there. That prompted for pretty fast substitution of squirrel with something else. Roundcube with it's snazzy javascript interface is neat, but many mobile/tablet browsers scale the display instead of doubleclicking. Sadly there is no free mobile theme for Roundcube, but every single one of those cost money. That leaves Imp as the only alternative left, especially if you avoid ToySQL like a plague. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Since SquirrelMail Looks Like It Will Never Be Supported Again...
-Original Message- From: Frank Leonhardt FWIW I'm using Dovecote 1 or 2 for the IMAP. In particular, Dovecot 1 with Squirrelmail has been really hammered, but has never broken. I sometimes get time-outs copying thousands of emails in one hit, but that's fair enough and nothing has ever been lost. Could the server be the problem in your case? I found the standard imapd did weird things for a lot of clients, and making the switch after many years of trying to blame the client software was a really good decision. Running Cyrus here for ages, it might be a bit of pain to set up, but it's been a really bulletproof and "zero maintenance" solution. The problems cannot be replicated on any other client, only Squirrel has those problems with mail not showing up. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: KDE - how to?
- Original Message - From: "Sasa Stupar" <[EMAIL PROTECTED]> To: "RW" <[EMAIL PROTECTED]>; Sent: Thursday, December 22, 2005 8:32 PM Subject: Re: KDE - how to? --On 22. december 2005 17:19 + RW <[EMAIL PROTECTED]> wrote: Are you in the wheel group? ___ No, I am not in wheel group. I thought I could su if I am not in the wheel group (well, at least I can do it on linux) but I am learning FreeBSD slowly. You _must_ be in the wheel group to be able to su in any case. Linux people see whole wheel group and root as a bad thing for anarchistic society, BSD folks like the additional layer of security - One has to crack wheel group users password or account in order to get root in a machine using su. BUt why it won't let me log in as root? As I have read if the following line has secure written then root logins are allowed: ttyv8 "/usr/X11R6/bin/kdm" xterm on secure or have I missaunderstood this? Secure means that root can login from these terminals directly (insecure terminals enforce the login as regular user then su:ing). -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Setting up a FreeBSD gateway
- Original Message -
From: "Brian Bobowski" <[EMAIL PROTECTED]>
To: "FreeBSD User Questions List"
Sent: Wednesday, January 04, 2006 7:44 PM
Subject: Setting up a FreeBSD gateway
However, I don't know how to set up DNS. Specifically, I want to
either pass all DNS requests through the gateway, or have the gateway
run a local DNS that queries my ISP's DNS in turn. Can anyone point me
to some steps on how to set that up?
If you're going to use BIND (which I recommend and which is included in
the system) check at least the following parameters in named.conf:
listen-on
- set this to your internal IP
forwarders
- if you dont want to fetch every single record from the official DNS's
and want to utilize your providers DNS cache, set this variable to point
on your ISP's DNS servers.
forward-only
as you're going to have your own domain records set up be sure this is
commented out.
Basically BIND with this kind of configuration will forward queries to
master or forwarder servers unless it has the master record itself or
there is cached record, which is still valid.
defining the localhost:
If the machine names are set up right in your fbsd installation,
easiest is to use the make-localhost in the /etc/namedb directory.
Then you forward zone file for your "domain" as well as reverse zones
for the ip-ranges in use. My files are:
master/mydomain.org file:
$TTL 3600
@ IN SOA xxx.xxx.org. root.xxx.org. (
; we define authority as well as the base domain (first xxx.org and
; the administrative contact - as bind has other uses for "." the mail
; address is notes with dot between domain and username.
2005111301 ;serial
; good idea is to use the shown date notation, and ALWAYS bump the
serial whatever
;you do to the zone files)
86400 ;refresh 24h
7200;retry 2h
192200 ;expire 2d
86400) ;minimum 24h
IN NS moria.endor.swagman.org.
; we define name servers for the zone only one is usually needed for
"private" dns use.
IN MX 5 moria.endor.swagman.org.
; I define mail handler server just in case...
moria IN A 192.168.10.1
rivendell IN A 192.168.10.10
lorien IN A 192.168.10.11
muppet IN A 192.168.10.20
;and then add my workstations
As the main forward zone is now set up, we need the reverse zones as
well.
My reverse zone for above setup is (master/rev.mydomain.org):
$TTL 1d
@ IN SOA xxx.xxx.org. root.swagman.org. (
2005111301 ;serial
1d ;refresh
2h ;retry
20d ;expire
2h );neg cache
IN NS moria.endor.swagman.org.
1 IN PTR moria.endor.swagman.org.
10 IN PTR rivendell.endor.swagman.org.
11 IN PTR lorien.endor.swagman.org.
20 IN PTR muppet.endor.swagman.org.
With BIND the dots after the names are important, otherwise the names
end up as name.my.domain.my.domain which usually isn't what you want :)
After the zones are set up you can add them to named.conf as follows:
zone "xxx.xxx.org" {
type master;
file "master/mydomain.org";
};
zone "10.168.192.in-addr.arpa" {
type master;
file "master/rev.mydomain.org";
};
In the above note the naming of reverse zone. To get correct resolution
of reverse names you need to name your zone with similar formatting.
Hope this helps a bit (although I recommend getting Bind handbook
8available from ISC as pdf, or some of the "basic" BSD books like Greg
Lehey's, Or Michael Lucas's books on Freebsd - both have a good chapter
on DNS setup with BIND. Of course nothing beats the O'Reilly Cricket
book.)
-Reko
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Setting up a FreeBSD gateway
- Original Message -
From: "Brian Bobowski" <[EMAIL PROTECTED]>
To: "FreeBSD User Questions List"
Sent: Wednesday, January 04, 2006 7:44 PM
Subject: Setting up a FreeBSD gateway
However, I don't know how to set up DNS. Specifically, I want to
either pass all DNS requests through the gateway, or have the gateway
run a local DNS that queries my ISP's DNS in turn. Can anyone point me
to some steps on how to set that up?
If you're going to use BIND (which I recommend and which is included in
the system) check at least the following parameters in named.conf:
listen-on
- set this to your internal IP
forwarders
- if you dont want to fetch every single record from the official DNS's
and want to utilize your providers DNS cache, set this variable to point
on your ISP's DNS servers.
forward-only
as you're going to have your own domain records set up be sure this is
commented out.
Basically BIND with this kind of configuration will forward queries to
master or forwarder servers unless it has the master record itself or
there is cached record, which is still valid.
defining the localhost:
If the machine names are set up right in your fbsd installation,
easiest is to use the make-localhost in the /etc/namedb directory.
Then you forward zone file for your "domain" as well as reverse zones
for the ip-ranges in use. My files are:
master/mydomain.org file:
$TTL 3600
@ IN SOA xxx.xxx.org. root.xxx.org. (
; we define authority as well as the base domain (first xxx.org and
; the administrative contact - as bind has other uses for "." the mail
; address is notes with dot between domain and username.
2005111301 ;serial
; good idea is to use the shown date notation, and ALWAYS bump the
serial whatever
;you do to the zone files)
86400 ;refresh 24h
7200;retry 2h
192200 ;expire 2d
86400) ;minimum 24h
IN NS moria.endor.swagman.org.
; we define name servers for the zone only one is usually needed for
"private" dns use.
IN MX 5 moria.endor.swagman.org.
; I define mail handler server just in case...
moria IN A 192.168.10.1
rivendell IN A 192.168.10.10
lorien IN A 192.168.10.11
muppet IN A 192.168.10.20
;and then add my workstations
As the main forward zone is now set up, we need the reverse zones as
well.
My reverse zone for above setup is (master/rev.mydomain.org):
$TTL 1d
@ IN SOA xxx.xxx.org. root.swagman.org. (
2005111301 ;serial
1d ;refresh
2h ;retry
20d ;expire
2h );neg cache
IN NS moria.endor.swagman.org.
1 IN PTR moria.endor.swagman.org.
10 IN PTR rivendell.endor.swagman.org.
11 IN PTR lorien.endor.swagman.org.
20 IN PTR muppet.endor.swagman.org.
With BIND the dots after the names are important, otherwise the names
end up as name.my.domain.my.domain which usually isn't what you want :)
After the zones are set up you can add them to named.conf as follows:
zone "xxx.xxx.org" {
type master;
file "master/mydomain.org";
};
zone "10.168.192.in-addr.arpa" {
type master;
file "master/rev.mydomain.org";
};
In the above note the naming of reverse zone. To get correct resolution
of reverse names you need to name your zone with similar formatting.
Hope this helps a bit (although I recommend getting Bind handbook
8available from ISC as pdf, or some of the "basic" BSD books like Greg
Lehey's, Or Michael Lucas's books on Freebsd - both have a good chapter
on DNS setup with BIND. Of course nothing beats the O'Reilly Cricket
book.)
-Reko
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Sparc dual boot problems
- Original Message - From: "jasonharback" <[EMAIL PROTECTED]> To: Sent: Saturday, January 07, 2006 5:47 AM Subject: Sparc dual boot problems During the partition process it says I will have the option to configure the boot loader latter. Right now I can't boot FreeBSD and I have no idea how to configure this machine to make it dual boot? I would like to have Solaris 10 as the primary O/S, FreeBSD as the secondary and Sparc Linux on the third hd. I don't know if theres a possibility of using a boot loader, but I have multibooted my sparc boxes from the OFW prompt by writing the primary OS into OFW config and booting into other OS's using the ofw prompt (stop-a) and then giving boot command with the disk/cdrom name I want to boot from. I think neither NetBSD or FreeBSD supports a boot loader on Sparc but I'm not 100% sure about that. After trying Slowlaris I'm running all my boxes with BSD's only though. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: good blogging port?
- Original Message - From: "Derek Musselmann" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: Sent: Saturday, January 07, 2006 8:47 PM Subject: Re: good blogging port? The best blogging software for php/pgsql in my opinion is Serendipity. It has a great plugin architecture and works very well. Serendipidy seconded. Additional bonus is keeping the system completely Stallman-free ;) -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: slowness on 6.0 with apache2.2 (from src)
From: "J.D. Bronson" <[EMAIL PROTECTED]> To: Sent: Saturday, January 21, 2006 2:56 PM Subject: slowness on 6.0 with apache2.2 (from src) What I am seeing is that each image comes down 1 by 1 SLOWLY and apache2.2 spawns tons of child processes! Under OpenBSD/Solaris, I see a completely different thing...the image comes up instantly and apache only spawned 1 extra child. I used the SAME config files on all 3 OSs and the same hardware/drives/etc. This by the way is all over my internal LAN...so it never hits the internet. With all the variables being equal - but the OS. Hardware arch? Since things work excellent on OpenBSD/Solaris, what is it that freebsd is not doing (or doing differently)? Any thoughts on this? Had some problems myself on Ultra10 before dumping libc_r completely and changing to other threading libraries. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: BIND zone transfers
- Original Message - From: <[EMAIL PROTECTED]> To: Sent: Wednesday, February 08, 2006 2:45 PM Subject: BIND zone transfers Any suggestions as to how to proceed would be greatly appreciated. Thanks in advance for your assistance. Do you have the Win2k IP address defined as a NS to which zone transfer is allowed? (Can't get the BIND documentation atm so cannot tell the exact setting name... -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: cue images
- Original Message - From: "Vulpes Velox" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, June 29, 2004 10:33 PM Subject: Re: cue images Commonly used, but not a standard. Still odd, though, I've found ISO to rather more common myself, even in areas dealing with windows. Cue files are usual in cases where ISO-images can't be used - backing up copy protected CD's and such. Every Windows burner I've used supports ISO-images in addition of their own formats. -Reko ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Running top on system console without being logged on
I'd like to run top on the system console to keep an eye on the system, but I'd prefer not to have the console logged on to do so. Is there an elegant way to do this? How about creating a user like this with vipw: topper::userno:groupno::0:0:Topper Harley:/nonexistent:/usr/bin/top and then just logging in on spare console screen as topper? I'm not sure if there are security implications though, even if the user is not member of the wheel group etc. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Running top on system console without being logged on
- Original Message - From: "Anthony Atkielski" <[EMAIL PROTECTED]> To: Sent: Thursday, January 06, 2005 3:48 AM Subject: Re: Running top on system console without being logged on How about creating a user like this with vipw: topper::userno:groupno::0:0:Topper Harley:/nonexistent:/usr/bin/top and then just logging in on spare console screen as topper? I'm not sure if there are security implications though, even if the user is not member of the wheel group etc. I've considered this, but like you, I'm not sure of the security implications, so I haven't actually done it. And is it possible to include command-line options in the login shell command for a user? Actually not command line options as such, but you can make a login class for the top user in /etc/login.conf and feed the options via TOP environment variable from there. You cant shell out from top and renicing from non root account is impossible (except dropping the niceness of your own process). I think the approach is secure enough and if you give "topper" good enough password or deny logon from anywhere except from console, everything should be ok. Of course if the terminal is accessible to others than administrative staff, giving out the usernames can be a risk, but you can use the usernumbers option to avoid giving out the usernames. Did myself something very similar with a IPless firewall between a while back but I ran vmstat in the console instead. Good one glance monitoring without the need of logging on the machine itself. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: upgrading from 5.3 to current
This is rather a nubee question.. I am used to OBSD and how to update my sources...but seem to be missing something with FREEBSD. I installed 5.3 release and all I want to do now is update the source files on the disk to current. Very easy, all explained in the handbook. If on Intel, cvsup is your friend. Are you sure you'll want to install CURRENT, by the way? - In the FreeBSD context CURRENT is more like development alpha version, STABLE branch is more like beta, and RELENG branches are the bug and security fix branches of the original release. All explained in the handbook. Does someone have a web page that can show these steps? http://www.freebsd.org/handbook, See chapter 19 and appendix A. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: help logging a crash
last week I had a panic which caused the machine to halt and I posted it here. No dump file though and no reply. All I did was telnet into the machine and it panicked. So...before I give up on 5.3, I wanted to see if there was anything I could do to help the developers track down this reboot_at_random troubles. See the developers hanbook from the FreeBSD website: http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/ Section III chapter 11. FreBSD is quite well documented once you know where to find the information - and most of it can be found in the FreeBSD website. By the way did you only update the kernel, or did you do buildworld/installworld as well? -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: help logging a crash
for the moment, I only did the kernel. I dont want to spend alot of time on this if its still unstable. Looks like as long as I add DDB to the kernel and make it, I should get some crash dump ? Yes, but you'll need to define the dump device and place to save the dump from the swap in the next reboot. In addition makeoptions DEBUG=-g is needed in the kernel config as well (symbols!) and options DDB_UNATTENDED can be a good idea. I think that separate kernel and userland is a bad idea, especially now, when you have 5.3_STABLE kernel, and 5.3_RELENG userland. There are small and subtle changes in both which make the correct userland/kernel combination vital and following the correct procedure of compiling/installing them. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Question about Postfix + Cyrus-IMAPD
- Original Message - From: "Jason Williams" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> > I've been able to get Postfix and Cyrus to gel correctly with my recent > testing. However, I have a question about one thing that continues to pop > up my my message logs. > > Jan 26 09:48:19 obsidian postfix/smtpd[6562]: OTP unavailable because can't > read/write key database /etc/opiekeys: Permission denied > > Anyone care to shed a little light as to why this was initially showing up? Cyrus (os SASL to be exact) tries to use OPIE as the loginmethod of choice. (It's more secure plaintext method as sending the "real" password over the net. Of course if you use TLS sending plaintext password is small concern. If you are not using/going to use OPIE there are several methods how to get rid of these messages. a) Just delete everything wchich name contains OPIE in usr/local/lib/sasl2/ b) Build SASL using the "WITHOUT_OTP=yes" knob In fact its a good idea to read through the main Makefile on the SASL directory in the ports and disable the unneeded athorisation methods using the port knobs. -Reko ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: help me make a Mail Server choice
It turned out to be a public mail server as well! The choice for the MTA on fell on postfix :) Now I have to chose POP/IMAP and Virus/Spam. I would appreciate if you can give me some input on your experience with Cyrus or Courier, since they are my choices for pop/imap. Also I'd like I've been using cyrus for couple of years now and it's quite robust & fast. In addition it merges nicely with postfix, so there are no problems on that front either. The biggest drawback with Cyrus is the learning curve - The documentation is a bit lacking, but the mailinglists help there. ( I have to admit that when choosing my IMAP-server back then the license was one of the main factors...) In addition many of the webmail systems like Squirrel or Horde work nicely on Cyrus. -Reko ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: help me make a Mail Server choice
It turned out to be a public mail server as well! The choice for the MTA on fell on postfix :) Now I have to chose POP/IMAP and Virus/Spam. I would appreciate if you can give me some input on your experience with Cyrus or Courier, since they are my choices for pop/imap. Also I'd like I've been using cyrus for couple of years now and it's quite robust & fast. In addition it merges nicely with postfix, so there are no problems on that front either. The biggest drawback with Cyrus is the learning curve - The documentation is a bit lacking, but the mailinglists help there. ( I have to admit that when choosing my IMAP-server back then the license was one of the main factors...) In addition many of the webmail systems like Squirrel or Horde work nicely on Cyrus. -Reko ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Trying to use FreeBSD as a home router, how to setup VOIP to pass through?
computers) behind the freebsd machine (computer 4). The problem is that i'd like to move the voip router behind the freebsd machine. I'm assuming i need to do some sort of port forwarding to pull this I'm using FreeBSD 5.4 stable (week or two old), ipfw and natd with a divert rule in place and practically no other configuration. Does anyone have any resources on forwarding voip traffic? I once had done a bit similar setup for our company. Due some quick & dirty solutions in our network nodes the VoIP and networked machines used same switches but were in two separate network segments with one gateway for each in the end of the mother company. As routing two different IP address ranges via same firewall proved to be impossible due gateway issues, FreeBSD bridging firewall came to the rescue (with added bonus of getting "invisible" packet filter in the route). There is IIRC quite good documentation on the FreeBSD site concerning setting up bridging firewall, so you could check that and use those instructions. To be honest I can't remember the VoIP stuff and the FW setup I made anymore, but some poking around in web should be able to recover those details. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Buildworld fails for 6.0-RC1
- Original Message - From: "Doug Poland" <[EMAIL PROTECTED]> To: "Eric F Crist" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]>; "Eric Schuele" <[EMAIL PROTECTED]> Unless someone has another idea, I'll try installworld via NFS from a working RC1 machine. How about trying the compile/build in "unpolluted" environment, i.e. running the command like: env -i make buildworld How is your /etc/make.conf btw? -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Problems on start of my system
- Original Message - From: "alicornio" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; Sent: Saturday, November 05, 2005 6:07 PM Subject: Re: Problems on start of my system Hi Alex I try every combination of fsck and fsck_ffs, somes: #mkdir /teste #mount -f /dev/ad0s1 /teste #fsck -t ffs -Fy /teste Do not run the fsck on mounted filesystem; boot in singleuser mode and run fsck -y /dev/ad0s1 from there - before mounting the faulting slice. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: CYRUS IMAP cyradm core dump problem
Am Thu, Sep 23, 2010 at 03:05:30PM +0300 Reko Turja schrieb: > I applied the patch as suggested by Reko, but it seemed to make > no > difference After the patch recompiling and linking at least SASL is needed after buildworld and inatallation of new world. > removing libgssapiv2 libs however, solved my cyradm problem > > will this cause issues into the future for any other ports I may > need ti > install ? Unless you need kerberos authentication at some point, removing the libs is non-issue. I'm running in the same situation as you (see http://www.freebsd.org/cgi/getmsg.cgi?fetch=846230+852662+/usr/local/www/db/text/2010/freebsd-stable/20101003.freebsd-stable). I did tried a lot but end up in a broken make buildworld. Any ideas waht I'm doing wrong? I sadly don't have any idea if the patch applies cleanly anymore to recent 8.STABLE - I did my testing on 8.1_PRERELEASE, where the patch applied cleanly. There was some talk about updating the patch when the problem was discussed more widely, but nothing has been realised this far. I might be able to test the patch against 8.STABLE on my home system sometime this week - as of myself I just did some testing and troubleshooting back when the problem was discussed, as for myself having working Kerberos is still non-issue. Of course if Kerberos functionality is critical for you, you could try removing Kerberos from base system using /etc.src.conf and then install either kerberos from ports and then linking sasl/cyrus against that. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Ports building automatically with default options?
I just installed new 9.0 machine from scratch, cvsupped ports, fetched index and started building portupgrade. Both perl and ruby built with default options, without running config. No changes in port building steps nor workaround for this POLA violation anywhere in the UPDATING etc. as far as I could see. Is there workarounds or information how to get ports building the old way with asking options? -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Ports building automatically with default options?
-Original Message- From: Lowell Gilbert The defaults haven't changed, so something must have happened locally. Check whether you've got BATCH defined in make.conf, and whether /var/db/ports contains configurations for those ports. That's the strange thing... Virgin system, just updated ports tree and index & started building. No knobs in make.conf and /var/db/ports is empty... I wonder if there's some kind of hickup going on at cvsup.se.freebsd.org... -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Ports building automatically with default options?
From: Fernando Apesteguía Did you see a message like "Found saved configuration for $port"? On perl, which I configured manually, but on others please see later in the message. Did you try to see what happens if you run "make rmconfig" on those ports? ===> No user-specified options configured for ruby-1.8.7.370,1 From: Lowell Gilbert Strange indeed. What does "make config" do on this system? Opens dialog & saves config as intended Maybe you have something in your environment? Environment seems to be vanilla. Seems like building skips config step altogether, or not echoing about it at least: ---> Reinstalling 'ruby-1.8.7.370,1' (lang/ruby18) ---> Building '/usr/ports/lang/ruby18' ===> Cleaning for ruby-1.8.7.370,1 ===> Extracting for ruby-1.8.7.370,1 => SHA256 Checksum OK for ruby/ruby-1.8.7-p370.tar.bz2. /bin/mv /usr/ports/lang/ruby18/work/ruby-1.8.7-p370/ext/dl/h2rb /usr/ports/lang/ruby18/work/ruby-1.8.7-p370/bin/ ===> Patching for ruby-1.8.7.370,1 ===> Applying FreeBSD patches for ruby-1.8.7.370,1 /bin/rm -rf /usr/ports/lang/ruby18/work/ruby-1.8.7-p370/ext/Win32API /bin/rm -rf /usr/ports/lang/ruby18/work/ruby-1.8.7-p370/ext/win32ole /bin/mv /usr/ports/lang/ruby18/work/ruby-1.8.7-p370/ext/gdbm /usr/ports/lang/ruby18/work/ /bin/mv /usr/ports/lang/ruby18/work/ruby-1.8.7-p370/ext/iconv /usr/ports/lang/ruby18/work/ /bin/mv /usr/ports/lang/ruby18/work/ruby-1.8.7-p370/ext/tk /usr/ports/lang/ruby18/work/ ===> ruby-1.8.7.370,1 depends on file: /usr/local/bin/automake-1.12 - found ===> ruby-1.8.7.370,1 depends on file: /usr/local/bin/autoconf-2.69 - found ===> Configuring for ruby-1.8.7.370,1 /usr/bin/touch /usr/ports/lang/ruby18/work/ruby-1.8.7-p370/configure checking build system type... i386-portbld-freebsd9 portupgrade -afc skips config step as well portupgrade -afC gives the dialogs Ghost in the machine? :D -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Nasty reference loop in login.conf
-Original Message- From: Jakub Lach Moreover I'm afraid to power down machine, as currently I'm logged as wheel group user, and I'm not sure if change from :passwd_format=md5:\ to :passwd_format=sha512:\ didn't complicate it further... Currently all my solutions would require to power down machine, which I'm afraid to do frankly. 1. Hope I can still log in single user mode and correct /etc/login.conf? I'm afraid of md5 -> sha512 change. 2. Use some LiveCD and correct login.conf, then run /usr/bin/cap_mkdb . Killing init - means that you drop to singleuser mode kill -TERM 1 End result may depend on whether or not your singleuser mode is password protected. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Ports building automatically with default options?
-Original Message- From: Lowell Gilbert I just saw on the ports list that it has just been fixed. Looks like a typo in ports/Mk/bsd.port.mk. Sorry for doubting you... No worries, was pretty stumped myself for a while there. Time to subscribe to ports@ too then I reckon. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Nasty reference loop in login.conf
-Original Message- From: Jakub Lach Or vi in place. Really, it always surprises me there's no vi available in single user mode. If machine is mostly sane, why not just "mount -a" upon entering single user? -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: how to speed up port make??
-Original Message- From: Reko Turja Sent: Thursday, July 26, 2012 12:12 PM To: Wojciech Puchar Subject: Re: how to speed up port make?? -Original Message- From: Wojciech Puchar > 2. Try switching to clang, it has lower memory requirements and > compilation this is simply not true. Clang is far faster when compiling code than GCC, which you would know if you tried it, instead of living in your opinionated la-la land. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: fortune in English or Spanish
From: "Matthias Apitz" <[EMAIL PROTECTED]> To: "[LoN]Kamikaze" <[EMAIL PROTECTED]> Cc: > I'm missing somehow the classic 'fortune' command and files in > the Fortune is part of the base system. Maybe I'm stupid, but I don't see it: man fortune FILES /usr/games/fortune /usr/share/games/fortune/*the fortunes databases (those files ending ``-o'' contain the offensive fortunes) Fortune is part of "games" package. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: sshd brute force attempts?
I've looked around and found several linux-centric things designed
to
block brute-force SSH attempts. Anyone out there know of
something a bit
more BSD savvy?
I've found a few things based on openBSD's pf, but that doesn't
seem to be
the default in BSD either.
Any response appreciated.
If using pf, you can write rules like (original is one line):
pass in on $ext_if proto tcp from any to $ext_if port $tcp_login
flags
S/SA keep state (max-src-conn-rate 6/25, overload
flush global)
The rule follows traffic in ssh port (aliased $tcp_login in my config)
and in this case if the connection attempts exceed 6 in 25 seconds,
the offending IP is moved into "bad_hosts" table and ruleset is
flushed to get the blocking effective. The conn attempt/time ratio can
be about anything, I've found the one used good enough.
Then in the top of ruleset I have the following (the filtering rule
from above is further down):
block in quick on $ext_if from
The bad host table is initialised in my ruleset like this:
table persist { }
Just remeber to put it into right section of pf.conf.
pf is neat, thanks for the dev effort of getting it into FreeBSD
kernel!
-Reko
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: CMS ideas and suggestions
Hi! Just a quick review of Content Management Systems from www.freshports.org, I saw and am interested in comments about tikiwiki. However, I saw while looking through Content Management Systems at wikipedia, that there are many open source, freely available CMS programs to be looked at. From this site, I've downloaded and am trying phpWebSite. Anyone with experience with these systems (CMS, not necessarily tikiwiki, WebGUI or phpWebSite), your feedback would be greatly appreciated. Also, recommendations as to computer "horse" power necessary for these systems would also be nice. We're using, what most small churches would probably use, an older system that was replaced by a laptop for the secretary. It's an AMD Duron 700 mHz w/256 mb of RAM. I'm not planning on running X on this system, to conserve resources, but should we look into a beefier system at a later time? I'm in a like situation as you, looking for Postgres/PHP based CMS, and Postgres support is rare in PHP circles... You might want to check Bitweaver (www.bitweaver.org), which is a more CMS-like branching of tikiwiki. It looks quite good for the use I'm planning to put it into, but the burn-in period is still going on. Xaraya might fit the requirements as well, but cannot remember the specifics. THen there is of course Drupal (www.drupal.org). At least Drupal is in the ports. CMS's tend to be quite big and sluggish, and the more content you have, the slower they get. Of course the caching schemes etc. incorporated in several of those help, but even the caches need memory that is free and preferably not in the hard disk. For a bit of additional boost, you might consider one of the PHP-accelerators out there. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Updating Bind & OpenSSL on 6.1-Stable/Release
My bind install that came on the 6.1 installation runs from /usr/bin, whereas both the package and the source want to run from /usr/local/bin... You should have named.conf in /etc/namedb unless there's something funny with the original install. Not sure if you need to run make-localhost script in that directory as I do it as a matter of principle each new system install anyway. If I update SSL/SSH/BIND I set the REPLACE_BASE/OVERWRITE_BASE knob (check the Makefile at ports dir for relevant knob name!) so the updated version will overwrite the older at /usr tree. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Updating Bind & OpenSSL on 6.1-Stable/Release
I did... So I linked it to /etc/named.conf Everything works great now... My question is howver, why are the ports setup different than the original install? I would think that the port build would be set with the same options as the original install that came with the OS... I've seen this Mainly because FreeBSD is a complete system, not a kernel and mishmash of separate utilities like some other OS'es out there. Basically this means that you should upgrade supplied userland programs by using the usual cvsup the latest sources and buildworld procedure, rather than using the ports for upgrading. The versions of BIND/Sendmail/SSL in the ports are mainly in there for users who need new features or something not available in the versions installed with the operating system base. The separate install lets you bail out if something stops working with the replacements installed from ports and of course helps preventing breaking the interdependencies and stuff in the OS supplied userland. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: automatically starting PostgreSQL
For reasons having to do with our particular operation, it is our custom to build many packages from source code no matter the operating system, so I don't want to install from the ports tree. The ports tree is just there for installation from source and putting the software after compile into canonical locations (and adding usually the necessary startup scripts etc. in the process - Ports are not to be mixed with packages. As FreeBSD supports the source centric way from centralised location, there shouldn't really be any need for doing the compile outside the ports tree. You can basically tweak the ports to your hearts content (most of the relevant options can be tweaked from the ports Makefile already) and in addition the port installs into location using a method the rest of FreeBSD users can give you meaningful advice. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Please Help! How to STOP them...
From: "VeeJay" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; "FreeBSD-Questions" Sent: Friday, January 12, 2007 11:43 PM Subject: Please Help! How to STOP them... I am reading many hundred lines similar to below mentioned? Could you please advise me what to do and how can I make my box more secure? Jan 9 17:54:42 localhost sshd[5130]: reverse mapping checking getaddrinfo for bbs-83-179.189.218.on-nets.com [218.189.179.83] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 9 17:54:42 localhost sshd[5130]: Invalid user sysadmin from 218.189.179.83 It's basically just script kiddies trying to get in using some ready made user/password pairs. Lots of info covering this has been posted in these newsgroups previously, but some things you might consider Moving your sshd port somewhere else than 22 - the prepackaged "cracking" programs don't scan ports, just blindly try out the default port - with determined/skilled attacker it's different matter entirely though. Use some kind of portblocker (lots in ports tree) which closes the port after predetermined number of attempts - or as an alternative, use PF to close the port for IP's in question after predetermined number of connection attempts in given time. Use key based authentication and stop using passwords altogether. Remember to keep ssh1 disabled as well as direct root access into ssh from the ssh config file. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: BIND9 Syntax?
- Original Message -
From: "Nate Peck" <[EMAIL PROTECTED]>
To:
Sent: Sunday, January 14, 2007 6:39 PM
Subject: BIND9 Syntax?
Dear All,
I've been having trouble with BIND(version 9.3.2-P1), and I'm not
sure
where the problem is. When I try to use nslookup, it spits out:
server 127.0.0.1
Default server: 127.0.0.1
Address: 127.0.0.1#53
blue.home.lan
Server: 127.0.0.1
Address:127.0.0.1#53
** server can't find blue.home.lan: SERVFAIL
I have my server(blue.home.lan), set up on a LAN.
These are my config files:
db.home.lan:
$TTL 3h
home.lan. IN SOA blue.home.lan. (
1; Serial
3h ; Refresh after 3 hours
1h ; Retry after 1 hour
1w ; Expire after 1 week
1h ) ; Negative caching TTL of 1 hour
And you can define the SOA to be home.lan.
Missing the email address of responsible administrator - should be
like:
home.lan. IN SOA home.lan. email.blue.home.lan
^^^
Notice that first dot only in email-address is substituted by @
Usually a good idea is naming the serial like 2007011401 - year,
month, day and serial is easier that way in the long run :)
named.conf:
options {
If this was public I would consider adding either a recursion no; or
allow-recursion {}; clauses in options in order to avoid some attack
techniques utilizing nameservers.
zone "." IN {
type hint;
file "named.ca";
};
You have moved the named.root into named.ca?
No need for IN in these either.
zone "localhost" IN {
type master;
file "pri/localhost.zone";
allow-update { none; };
notify no;
};
Again if public, I would add allow-transfer rules to allow the full
dump of domains in questions only at appropriate peering servers.
Maybe allow-query { any; }; for every domain as well.
I might have missed some bugs at cursory glance, but these should help
to get you started.
-Reko
(By the way Greg Leheys nowadays publicly available book about FreeBSD
has pretty good walkthrough about basic nameserver configuration)
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: advice on compiling a new kernel & upgrading to the latest sources
From: "Dino Vliet" <[EMAIL PROTECTED]> To: Sent: Sunday, January 14, 2007 9:56 PM Subject: advice on compiling a new kernel & upgrading to the latest sources Hi folks, from different sources I have written my steps to compile a new kernel & upgrade to the latest sources. Can anyone have a look into them and tell me if I won't run into troubles or if there are better ways to achieve the same? //snip The order how things are done is slightly different, I kept the numbers original though,but the sequence is: 12.cd /usr/src 13.make installkernel KERNCONF=MYKERNEL Reboot after installing the new kernel. New kernel isn't there just after droppping to singleuser, but you need to boot. 11.If the new kernel doesn't boot reboot and hit the space bar at the boot prompt and boot kernel.old If the new kernel boots OK mount -a Check that new kernel acts somewhat sane (some programs might fail though due changed kernel interfaces, like top or ps for example - I do go full multiuser to check this) 14.Go into single user mode 15.cd /usr/src 16.mergemaster -p 17.make installworld 18.mergemaster -i 19.exit and reboot Shouldn't be need for reboot after this, just hit ctrl-D and enjoy the updated system. Updated scripts are executed only after machine goes into full multiuser. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Spamassassin RBL's
I see, I disabled bayes and awl in spamassassin, and updated amavisd-new from ports. I have a different problem. Mail I am sending out is being thrown away because it's being flagged as spam. I'm stumped, it never did this before. From memory, you can tell amavis which are your networks, so it doesnt scan emails on the way out. (or maybe you tell postfix to >only send the email via amavis on the way out, not in... i cant remember nor check atm). If you use SASL authentication and Postfix, you can use the following postfix directive: smtpd_sasl_authenticated_header = yes in main.cf in order to bypass the mail heading outside to be marked as spam. The directive above tells postfix to add information into headers that tell Amavis the mail was sent by someone who was authenticated by the system and thus trusted. I needed the above as the system relays mail from authenticated users from outside the netblock the server resides. In addition Amavis can read the relay_domains database created for Postfix in defining what domains are OK to send and receive mail, using for example something like: read_hash(\%local_domains, '/usr/local/etc/postfix/relay_domains'); in amavisd.conf. Hope these help you! -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Spamassassin RBL's
The directive above tells postfix to add information into headers that tell Amavis the mail was sent by someone who was authenticated by the system and thus trusted. I expect that the above mentionned headers cannot be forged. Else that would be a nice way for spam to avoid filtering. Beside, I am not sure it is a good measure to disable Amavis for any email. First goal of amavis is virus scanning, even a trusted/authenticated sender could have his machine infected and could be spreading viruses. Using the header above of course implies that the machine running postfix will relay to amavis only on loopback, not via regular IP - or using other method that can be counted as secure. And of course for viruses authenticating via SASL using encrypted authentication and real user/password pair isn't usually successful :) IMHO mail gateway isn't the point of checking whether machines inside are virus free or not. There should be other practises used on workstations ensuring that the inside environment is virus free at any given moment. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Rép : Cluster on freeBSD 5.3
- Original Message - From: "BSD" <[EMAIL PROTECTED]> To: "Liste FreeBSD" Sent: Thursday, April 21, 2005 8:19 PM Subject: Rép : Cluster on freeBSD 5.3 One of my clients want a high performance computer with a high level of redundancy. One big question to start with: what kind of servers? Or, what kind of services will they need to provide? - POP3 - POP3s Cyrus murder might be the just the solution for this.It can be found in the ports. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Support for assembler ENTER in FreeBSD kernel
In recent discussion in OpenWatcom lists it was noticed that at least certain addressing modes of assembler ENTER instruction causes a crash when used in Linux. GCC circumnavigates this by not emitting ENTER instructions in assembly code. Linus's comment on the above issue can be found on: http://groups.google.co.nz/groups?selm=7i86ni%24b7n%241%40palladium.transmeta.com What's the status of the above "feature" in FreeBSD, do we support the whole x86 instruction set? -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: OT: www search engines
what search engines, other than Google, do you find useful for general use? I have always, and continue to, used Altavista. I like the ability to quote search terms and narrow the search to only what I'm looking for. I use Google when I need to do "search term site:utdallas.edu" for something, but other than that, I use Altavista. Don't know what tracking they do, though. What Paul says... And I haven't yet seen any "Ads by Altavista" stuff in any of the sites I've visited. For what it's worth Altavista gives quite similar results as Google in general searches - and much more applicable results when using +, - and "foobar" search terms. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: download
Hi, I wish to download FreeBSD but I am unsure which option to choose. 03/21/2010 02:08PM 40,554,496 FreeBSD-7.3-RELEASE-i386-bootonly.iso This is a good option, if the machine is connected into internet and downloading the base system and ports is okay for you. 03/21/2010 02:09PM612,933,632 FreeBSD-7.3-RELEASE-i386-disc1.iso 03/21/2010 02:09PM706,879,488 FreeBSD-7.3-RELEASE-i386-disc2.iso 03/21/2010 02:10PM542,836,736 FreeBSD-7.3-RELEASE-i386-disc3.iso Boot disc with base system packaged and ports added. Best option if you are mostly planning to use prebuild software or the machine is not connected. 03/21/2010 02:12PM324,126,720 FreeBSD-7.3-RELEASE-i386-docs.iso 03/21/2010 02:11PM 2,022,695,069 FreeBSD-7.3-RELEASE-i386-dvd1.iso.gz Basically discs1-3 'merged' in one DVD image, better than the separate discs IMHO if you have DVD drive available. 03/21/2010 02:12PM238,215,168 FreeBSD-7.3-RELEASE-i386-livefs.iso 'Repair disc' that can also be used on manual installations and such - good to have available in case of emergencies, but not really necessary. -Reko PS. And as Frank said in another reply, I'd consider 8.0 instead ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Secure apache with php
I want to secure my Apache/PHP environment... Full suhosin, both patch and mod for the PHP. IIRC suhosin patch is optional in PHP port and the mod can be installed via ports. (http://www.hardened-php.net/suhosin/index.html) Apache environment and binaries set up in a jail. Which Apache version do you advice? I reckon these days 2.2 would be the best in regards of future upgrades and development. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Windows 2008 + AD + PF + bridge = problems?
Has anyone used Windows 2008 and active directory with a bridging, NATing firewall between the domain controller and the 2008 machine? We're in a situation where we're trying to join a domain with a 2008 machine, and no matter what we do to the firewall, joining stalls and fails. Haven't used the combination myself, but in couple of cases MS developer/beta evaluation staff has been quite helpful when Vista beta got all kind of funnies when trying to connect to internet via PF. So giving MS the information of the problems in traffic might (in case you want to help MS to troubleshoot Win2008...) help some. Another idea could be giving 7.x a shot as it has newer version of PF IIRC. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Windows 2008 + AD + PF + bridge = problems?
Do you happen to have contact information for this team? Sadly no, I just reported the perceived bug via Vista beta bug reporting - can't remember if that was from the OS itself or from the web, and got pretty fast reply and tech savvy responder from there. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: ftps ?
pure-ftpd supports TLS/SSL. I am wondering if it can do this. I was curious about the OP's use of 'ftps" too. Perhaps, he could explain what plain-old-ftp doesn't do and what he wants it to do. Plain old FTP transfers username/password pairs in plaintext over the internet, as well as the actual content, which is a security hole. sftp - the file transfer protocol included in SSH suite has been more than adequate replacement for my needs as the traffic is encrypted and there is no need for firewall trickery in order to get the separate data/control connections going. Said that, I'd just use sftp, there are free text based and graphical clients available and for the end user it handles just like regular ftp, with added bonuses like using keys for authentication etc. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: csh & tcsh history missing after reboot FBSD_8
What can I do to get the history to remain in memory across a reboot? Changing the capicity of set history to greater than 100 does not affect it. How about: shutdown -r +1 logout -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Can anyone reproduce this Samba problem?
Interestingly, if I turn off 'inherit permissions', then 'inherit owner' DOES take effect correctly. However, that means the sticky bit does not get inherited, which will not work for me. I need both to be inherited, and for some reason they are behaving mutually-exclusive (with 'inherit permissions' taking precedence). If I understood your problem correctly, you don't actually want to set sticky bit on the root directory, but suid - so the chmod would be like chmod 4xxx mydir In FreeBSD suid-bitted directory will make all the subdirs to inherit the owner. Sticky bit causes bit different behaviour - see sticky (8) and chmod(1) -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: reporter on deadline seeks comment about reported security bug in FreeBSD
http://www.vimeo.com/6580991 The article says that "Versions 7.1 and and beyond are not vulnerable." That video contradicts that. As someone who has manipulated moving picture for fun and profit, having a video of something is a proof of nothing. For all what it's worth the OS in video might be FreeBSD - or even loonix made to look like FreeBSD, made vulnerable on purpose of tarring the project. Until the security team gives their official response and patches, I read the entire story with a grain of salt, especially as the originator was so keen on getting his discovery into news websites... If the discovery is real, the patch will come when it will come, until then the publicity is just negligible buzz. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: port building & linking
speaking of cyrus, i've recently spotted new entry in my passwd and have been wondering where/when did it get there.. ?? of course i don't know of installing anything called cyrus.. If you have installed CMU sasl, that does add "cyrus" user as well. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Has the port collection become to large to handle.
I do use the ports mechanism on my FreeBSD systems exclusively due the possibility of making the system components meshing and working in unison instead of version and "dll-hell". And now and then I find some obscure port that fits the current needs - And again the ports system makes the whole process painless. As such I see and feel very little need making the ports system smaller or more lightweight as there are other way to make downloading and using the ports in larger setups minor bindwidth or resource eater. However a reoganization could be in order... Currently we have: portbase/category/port/ Some kind of reorganization could be in order, if a good way doing it could be found. At one point I tended to drop the language and some other catergories from cvsup fetch, but it made building the INDEX next to impossible causing me reverting to full ports fetch again. I dont know if indexing in separate categories or some such solution would be feasible, but of course fetchindex target makes the indexing of partial port trees feasible. Then of course there has to be good reasons for creating separate trees for non-english ports, but one thing I've thought is that if those could be put into main port build directory and enabled with a build knob or maybe making them some kind of metaports without needing their own directory hierarchy. All in all the ports sytem, even as it is nowadays, in its present size is one of the reasons which make FreeBSD for me a unixish OS of choice. An all packaging solution would be a major pain to maintain. I'm running Apache, PHP, Postgres etc. in my web server setups these days and there is no way I'd go to MySQL. There are just too many combinations of different "components" used in similar setups to make packages only solution feasible *without* limiting the choice the present system gives us in building the machines to suit our needs. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: dmesg not working on new system
- Original Message - From: "Chris Maness" <[EMAIL PROTECTED]> Yes, it does, but why would it not show anything without the flag right after a reboot? Wierd. I almost suspect hard drive issues. I got the exactly same happen to me with 6.1-RELEASE updated just after 6.1 was released. Didn't think about the weirdness really until now seeing your messages. The symptoms were exactly the same, /var/dmesg file was empty right after the boot and of course dmesg command didn't print the booting messages either. Things seems to be normalized for me with 6.1-STABLE from yesterday, but haven't booted since buildworld process after which I got proper dmesg output. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD vs. Debian Sarge Linux on Pention II 400 Mhz.
I recently stumbled upon FreeBSD and wondered if using the same hardware configuration will yield better (faster and lighter use) performance than Linux Debian sarge. For me one of the main reasons of using FreeBSD is the ease of installation and keeping the system including ports up to date. Building from ports can help a lot with dynamic library hell prevalent on some other OS's. Of course building some ports can take very serious amounts of time with your hardware, most notably OpenOffice or Gnome/KDE+Xorg. If you are not considering using Gnome or KDE (both bloated monstrosities IMHO, but YMMV) I think FreeBSD will perform very nicely - especially it tends to be very responsible and usable even under relatively high load. Benchmarks aren't usually that reliable or should be read with a grain of salt in any case, but I ran the postgres benchmark on my "development" sytem after some guy posted his benchmarks and the parameters from his linux box - And in my case the development machine which is 1 Ghz Dual PIII, 1 Gb ram etc. yielded almost equal performance to Debian on Dual 3Ghz Xeon with 2 Gb of ram (1600 queries/sec vs 1900 queries/sec for what it's worth). And considering security - ftp.debian.org was once compromised for half a year with full root access to the box and all they did say to comment the break-in was like "We believe nothing serious has happened" - BSD developers and users in general tend to take security a bit more seriously. I suggest though that you try FreeBSD and see how it suits you and performs in your case. Read the handbook first and then do a test install on a HD you can spare or into a spare partition and play around a bit with it, installing the same software you're using at linux side. I did that about 6 years ago and never looked back in any other *NIX or clone unless I have to. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Newbie install question about disks
In sysinstall appears: - ad0 => HD 80GB (for FreeBSD OS at complete) - ad12 => oine of the SATA HD I think - ad8 => The other SATA HD I think - ar0 => ??? (I suppose this is the RAID isnt'it?) What must I do? - Make only for ar0? Is the right alternative - ad8 and ad12 do not need to be touched at all, unless you want them to be separate drives. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Snow in my Server
Help, I'm in southern Ontario and I have 20cm of snow on my freebsd 7-release server. IT seems to be causeing some http outages. Great, natural and energy saving form of water cooling! Just disconnect all the fans and overclock to your hearts content! -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: OCR...
so what is the best commercial/shareware that can read a 10pt-font file? (( also, when i have time to get back into actually hacking, this [[turning imaged pdf into OCR'able ascii or 8859-1]] is giong to be a first target. any idea which team i should go with. gOCR looks best so far to me. AABBYY Finereader - Omnipage haven't been able to catch it in several years either feature or qualitywise. No idea if Finereader runs under emulator though. If the file is already a PDF and 72 DPI with text as graphics most of the damage has already been done, and it will be extremely hard to OCR. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: OCR...
-- From: "Gary Kline" Sent: Thursday, January 29, 2009 4:23 AM To: "Andrew Gould" Cc: "Reko Turja" ; "FreeBSD Mailing List" Subject: Re: OCR... On Wed, Jan 28, 2009 at 07:33:41PM -0600, Andrew Gould wrote: On Wed, Jan 28, 2009 at 5:09 PM, Gary Kline wrote: > On Wed, Jan 28, 2009 at 01:32:57PM -0600, Andrew Gould wrote: > > On Wed, Jan 28, 2009 at 1:22 PM, Gary Kline > > wrote: > > >well, damage is probably done. how can i check the > > > resolution? > > >i tried to increase it by creating huge ppm and tif > > > files, but > > >then that's really absurd since there can only be just > > > so much > > >data per image. i _could_ try xv and jpeg and > > > smoothing image Yeah, if the image resolution is already at 72DPI, there's sadly no trick in the world that can reliably return the "lost" information. I've read some horrid scans with low resolution in Finereader, and it can grab much of the information nicely. With low resolution be prepared to manually correcting problem spots though. Only reliable way to quesstimate resolution is the font size when at 100% in the screen. If the text is about 10 pixels high, the information has probably been stored in 72DPI for space saving purposes. Wasn't aware of the FreeBSD/Linux backend, but if that works it'd be great - haven't myself visited their website in ages as the version I have does the job I got it for. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: a "strange" question about OSs
On Mon, Feb 23, 2009 at 9:06 AM, Valentin Bud wrote: Hello Community, The following question may sound very ackward but was OS is suitable from the following list to replace FBSD: Depenguinate the host? http://www.daemonology.net/blog/2008-01-29-depenguinator-2.0.html -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: a "strange" question about OSs
-- From: "Redd Vinylene" Sent: Monday, February 23, 2009 11:55 AM To: "questions" Subject: Re: a "strange" question about OSs On Mon, Feb 23, 2009 at 9:06 AM, Valentin Bud wrote: Hello Community, The following question may sound very ackward but was OS is suitable from the following list to replace FBSD: - OpenSUSE 10.3 - Debian 4.0 - CentOS 5 The company i work for wants to change the provider because of the economical crisis to save some money. The actual provider gave us the chance to install our OS but the one they chose as a replacement doesn't give any other choice besides the above mentioned. I work for 2 years in IT and FBSD is the only OS i have ever used in production. I like it and learned it a little bit. It is going to be a steep learning curve with the new OS which I'm not afraid of but i would like to chose a suitable OS and one that has some similarities with FBSD. thank you, v I doubt you'll find anything suitable after getting accustomed to FreeBSD. -- http://www.home.no/reddvinylene ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: hi
-- From: "Kevin Kinsey" Sent: Sunday, February 22, 2009 9:24 PM I think that one of FBSD's guiding principles is *correctness* ... or, at least, that's one of the higher values of the community. By way of evidence, I present the following terms, used frequently in correspondence on these lists: What I find ironic, is that the talent drifts either to fully commercial projects, or those which are licensed under BSD - and in many cases even both. If I want an unixlike OS that does what I need with minimal fuss and where things are added due their merit in improving usability/speed/stability rather results in artificial tests the OS will be one of the BSD's. The quality of the BSD licensed software added with the quality of documentation (Cyrus might be the exception as the documentation goes...) just far exceeds anything else available for free or "free". FreeBSD might not support every gadget out there, but for the most part, the supported selection has always been good enough for the use I have. For that thanks go to the core team and other coders and documentation writers as well as people testing releases and betas without just shutting up when they hit trouble, but reporting the said problems so they will hopefully get fixed for every user. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
RE: postgresql & client
> I run into something weird. Is it so, that you cannot have both; the > postgresql server, and postgresql client, installed at the same time? AFAIK the PGSQL server port contains the client as well and installs it by default. -Reko ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: 1 processor vs. 2
> RAID-1 will be about 50% faster than RAID-5 doing reads regardless of > size, and will also be *much* faster doing small writes-- by a factor > of 4, perhaps. The abovementioned figures seem more like comparing RAID-0 (striping) to RAID-5 (striping with ECC) than RAID-5 to RAID-1 (mirroring). In my experience mirroring is always the slowest RAID in terms of retrieving data, writes might be quite comparable with RAID-1 and RAID-5 though. -Reko ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Stable Mail Server And Web Mail
Anybody to know a good Stable Mail Server and Web Mail Postfix Cyrus (+possible Postgres if database is needed) Squirrel, IMP... One can build very decent BSD or like licensed mail server, except the webmail part. Every available webmail package I've found are under GPL. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Streaming server
we talked about playing/streaming videos from files. Even streaming from files makes sense in many situations. Please, go back to netbsd or start using linux, at least in linux forums your constant stream of opinion based drivel is most welcome. In here you are poisoning the questions list, especially the archives, for people who really need the info, not uninformed opinions! -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: 7.0-make.conf
Has this been removed or is it still supported? It does not appear in the man page or examples... NO_BIND=true make.conf has been split into two, the actual make.conf which has variables for the make process and generic make environment and src.conf which controls the building of "add-on" software. Check src.conf for details. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: 7.0-make.conf
WITHOUT_SENDMAIL=true I am not sure of the need for the 'true' or not. it seems it is not required but should work either way? From the manpage: The values of variables are ignored regardless of their setting; even if they would be set to ``FALSE'' or ``NO''. Just the existence of an option will cause it to be honoured by make(1). so the plain option is enough. If the machines are in environment where they might be someday administered by someone else, I'd use pure option to avoid confusing someone who hasn't read the manpage and thinks setting variables to false will void them. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: How to best communicate with my users
Pardon me for asking such a simple questions, but what is the best way of 1) messaging offline users on my system? No e-mail please, I want something more concrete, something displayed immediately upon login, no need to go via a third party app. I'd edit /etc/motd and wrote my message in there - If I recall right there was an option of "force feeding" it to every user despite of user environment settings. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Journaling filesystem support in FreeBSD
So, what are the alternatives? Can I run xfs on FreeBSD? Is it zfs on 7 that I need? I have tried tfm and google and not found anything useful. If upgrading to 7.x is acceptable, gjournal on UFS has been working for me a treat. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: New install, rebuilding world
From: "AB" <[EMAIL PROTECTED]> To: Sent: Tuesday, June 27, 2006 5:31 PM Subject: New install, rebuilding world I'm new to FreeBSD, but I've been reading alot in the Handbook about building custom kernels and rebuilding world, and still can't seem to find what I'm looking for. I want to be able to recompile my whole system so that it's optimized for my hardware, but I'd rather not track -Stable and have to rebuild a whole slew of stuff every few days. Track RELEASE security fix branch - the brach you want to cvsup is for example RELENG_6_1 for the bugfix and maintenance release for 6.1 (cvsupping RELENG_6 would get you stable from 6 branch, which is at the moment 6.1 stable). For the hardware etc - just tweak the make.conf and kernel config file to suit your needs. Can someone give me some advice (or point me to some documentation) on recompiling the -Release6.1 and then doing light maintenance (bug fixes, security updates) afterwards? The rest of if goes by the handbook - you can cvsup by hand or just make a script running once a week or so and alerting you if there are changes in release sources. Basically the regular buildworld - buildkernel - installkernel - installworld process is the recommended way to update, but now and then you can do smaller fixes just going to directory and doing a make install from there (but doing that you're on your own). -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: IMAP server alternatives
- Original Message - From: "Nagy László" <[EMAIL PROTECTED]> To: Sent: Tuesday, July 11, 2006 4:29 PM Subject: IMAP server alternatives Hello, I tried cyrus-imapd, but I'm unsatisfied. Their website was down for a day. Now it is up, but the pages were not updated after 2003. They had a majordomo list but it is not functioning. I found another mailing list but nobody answers. I do not see answer to my question in its documentation. I still recommend Cyrus - and you can find the lists at CMU from the following link: http://lists.andrew.cmu.edu/mailman/listinfo The downside of Cyrus is the abysmal documentation, but once you get hang of it, it's one fine IMAP/POP server. And of course there's project wiki at http://cyruswiki.andrew.cmu.edu/ which definitely is updated after 2003 :) -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: freebsd releases?!?!?!(confused)
-- From: "Matthew Seaman" Sent: Sunday, June 06, 2010 2:03 PM To: Subject: Re: freebsd releases?!?!?!(confused) STABLE is a development branch: it's called 'STABLE' because it is expected to run stably. STABLE generally receives continual fixes and updates, but these will previously have been tested in the bleeding edge Isn't STABLE called stable, because the featureset and kernel interface is set, the term has nothing to do with stableness of the OS itself. Running STABLE is equal to running beta, use at your own risk. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Spontaneous Reboots (I thought it was Virtualbox Kernel Modules)
When I looked at the regular level kernel log, it seemed to be out of the clear blue. I've seen once behaviour like this on FreeBSD and it was caused by faulty ECC memory comb. Incorrectable CRC error just caused a diagnosis beep sequence and then machine shut down immediately after. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: openldap-sasl fails after 8.1 upgrade
Sadly the GSSAPI/Kerberos has been broken in 8.x for a good while now. You can either install the heimdal or MIT port, although getting that to work in stead of the base can be messy. kern/147454 PR actually has a working fix, although I'm not sure if it applies cleanly as it's pretty big - I managed to get working GSSAPI with it on 8.1 PRERELEASE. See also discussion at http://lists.freebsd.org/pipermail/freebsd-stable/2010-July/057734.html -Reko -- From: "LeonMeßner" Sent: Wednesday, August 25, 2010 7:04 PM To: Subject: openldap-sasl fails after 8.1 upgrade Hi, after binary upgrading to freebsd8.1 from 7.2 i encounter an error with openldap24, cyrus-sasl2 and kerberos: # ldapsearch uid=whatever SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80) additional info: SASL(-1): generic failure: GSSAPI Error: No credentials were supplied, or the credentials were unavailable or inaccessible. (unknown mech-code 0 for mech unknown) Simple binding to the ldap server does work. The KDC behind this is still on kerberos 0.6.3 (FreeBSD7.3) and there have been reported Problems with such a setup, but as i can login through ssh and kerberos i suppose these [1] don't apply here (also already tested the proposed changes). If anybody got any insight please share. Thanks in Advance, Leon [1] http://lists.freebsd.org/pipermail/freebsd-stable/2009-October/052217.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: openldap-sasl fails after 8.1 upgrade
I'll try that. See also discussion at http://lists.freebsd.org/pipermail/freebsd-stable/2010-July/057734.html Following the link in the other thread to http://lists.freebsd.org/pipermail/freebsd-stable/2010-February/055017.html i made the changes to /usr/bin/krb5-config: # diff /usr/bin/krb5-config /usr/bin/krb5-config.org 96c96 < lib_flags="$lib_flags -lgssapi -lgssapi_spnego -lgssapi_krb5 -lheimntlm" --- lib_flags="$lib_flags -lgssapi -lheimntlm" After that, rebuilding openldap+dependencies makes it work again. I suppose this is quite dirty and i have to see if it introduces other problems. For what it's worth, it seems like the import of GSSAPI/Heimdal was left halfway done, which surprised me quite a bit in FreeBSD - it's more of a Linux way of development... -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
