FreeBSD Production Release ISO images
Hi there, I'm wondering if the FreeBSD 6.2 Production Release ISO images get updated periodically when there are important patches, or is it better to download the latest snapshot to save the trouble of updating everything after installing? Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Get the cwd of a process?
Is there any way to get the cwd of a process? We had the situation recently where a perl script was called from an infiltrated Wordpress installation, but we weren't able to determine which of the hundreds of Wordpress blogs was the source. The ps listing showed: www 63968 2.4 0.2 26092 5008 ?? Rs5:36PM 93:10.67 ./mrf.pl (perl5.8.8) The procfs entry was no help because it does not seem to provide a cwd. The cmdline entry just showed "/usr/local/bin/perl ./mrf.pl". We had to kill the process, and who ever was responsible did a good job of hiding their tracks. But should this happen again (and we expect it will), we'd like to be able to find the source. Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Get the cwd of a process?
Thanks for the info! It works in my test case, but this spammer popped
again, and unfortunately, I still couldn't reveal the source:
The ps listing shows:
www29488 5.7 0.2 14144 5360 ?? Ss7:47AM 37:24.83
./jug.pl (perl5.8.8)
And the lsof -p 29488 -a -d cwd only shows:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
perl5.8.8 29488 www cwd VDIR 0,83 5122 /
I don't understand how the cwd could be /, as there was no jug.pl
there, and the www user cannot write to the root.
Could there be another trick being employed? I'm actually a little
puzzled by the ps listing. It shows the interpreter at the end in
parentheses, but if I invoke a similarly-named script from the shell,
it lists it as "/usr/bin/perl ./jug.pl".
I also cannot find any traces of these perl scripts anywhere on the
machine, though my tests show that you can safely delete the script
after it is loaded by the interpreter.
*trying something...*
Okay, so I've written a little script to reproduce what I'm seeing:
#!/usr/bin/perl
$pid = fork();
if ($pid)
{
unlink("test.pl");
exit(0);
}
else
{
chdir "/";
print "Hello world\n";
sleep 300;
}
This must be what is happening. When I do an lsof, I get:
COMMAND PIDUSER FD TYPE DEVICE SIZE/OFF NODE NAME
perl5.8.8 95492 patrick cwd VDIR 0,83 5122 /
And there's no trace left of my script because I unlink()ed it.
This seems like it's going to be awfully hard to track down. I've gone
through every access_log to see if I can see anything suspicious. So
far, nothing yet, but I guess I'll keep plugging away at it.
*sigh*
Patrick
On Thu, Oct 29, 2009 at 8:48 PM, Dan Nelson wrote:
> In the last episode (Oct 29), patrick said:
>> Is there any way to get the cwd of a process? We had the situation
>> recently where a perl script was called from an infiltrated Wordpress
>> installation, but we weren't able to determine which of the hundreds of
>> Wordpress blogs was the source. The ps listing showed:
>>
>> www 63968 2.4 0.2 26092 5008 ?? Rs 5:36PM 93:10.67
>> ./mrf.pl (perl5.8.8)
>>
>> The procfs entry was no help because it does not seem to provide a cwd.
>> The cmdline entry just showed "/usr/local/bin/perl ./mrf.pl".
>>
>> We had to kill the process, and who ever was responsible did a good job of
>> hiding their tracks. But should this happen again (and we expect it
>> will), we'd like to be able to find the source.
>
> /usr/bin/fstat will tell you the inode of the cwd, and you can use "find
> -inum" to locate it. You can also install lsof from ports, which will dig
> into the kernel and try and fetch the name itself:
>
> (d...@dan.21) /home/dan> fstat -p $$ | grep wd
> dan zsh 77611 wd / 474264 drwxr-xr-x 533 r
> (d...@dan.21) /home/dan> lsof -p $$ -a -d cwd
> COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
> zsh 77611 dan cwd VDIR 60,504234031 533 474264 /usr/home/dan
>
>
> --
> Dan Nelson
> dnel...@allantgroup.com
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Get the cwd of a process?
I've made some headway... perl supports "sitecustomize.pl" which can
be used to execute code when any perl script is run. It doesn't seem
to be enabled by default, so I had to add the following line to
/usr/ports/lang/perl5.8/Makefile's CONFIGURE_ARGS:
-Dusesitecustomize \
As a temporary measure, my sitecustomize.pl has:
system "echo $$ $ENV{'PWD'} $0 ". (localtime) . " >>/tmp/scripts_used.lst";
(found this in another thread somewhere)
So, hopefully the next time this spammer comes back, I will see the
original working directory, etc. before the process forks itself.
Fingers crossed!
Patrick
On Sat, Oct 31, 2009 at 9:13 AM, patrick wrote:
> Thanks for the info! It works in my test case, but this spammer popped
> again, and unfortunately, I still couldn't reveal the source:
>
> The ps listing shows:
>
> www 29488 5.7 0.2 14144 5360 ?? Ss 7:47AM 37:24.83
> ./jug.pl (perl5.8.8)
>
> And the lsof -p 29488 -a -d cwd only shows:
>
> COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
> perl5.8.8 29488 www cwd VDIR 0,83 512 2 /
>
> I don't understand how the cwd could be /, as there was no jug.pl
> there, and the www user cannot write to the root.
>
> Could there be another trick being employed? I'm actually a little
> puzzled by the ps listing. It shows the interpreter at the end in
> parentheses, but if I invoke a similarly-named script from the shell,
> it lists it as "/usr/bin/perl ./jug.pl".
>
> I also cannot find any traces of these perl scripts anywhere on the
> machine, though my tests show that you can safely delete the script
> after it is loaded by the interpreter.
>
> *trying something...*
>
> Okay, so I've written a little script to reproduce what I'm seeing:
>
> #!/usr/bin/perl
>
> $pid = fork();
>
> if ($pid)
> {
> unlink("test.pl");
> exit(0);
> }
> else
> {
> chdir "/";
> print "Hello world\n";
> sleep 300;
> }
>
> This must be what is happening. When I do an lsof, I get:
>
> COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
> perl5.8.8 95492 patrick cwd VDIR 0,83 512 2 /
>
> And there's no trace left of my script because I unlink()ed it.
>
> This seems like it's going to be awfully hard to track down. I've gone
> through every access_log to see if I can see anything suspicious. So
> far, nothing yet, but I guess I'll keep plugging away at it.
>
> *sigh*
>
> Patrick
>
>
> On Thu, Oct 29, 2009 at 8:48 PM, Dan Nelson wrote:
>> In the last episode (Oct 29), patrick said:
>>> Is there any way to get the cwd of a process? We had the situation
>>> recently where a perl script was called from an infiltrated Wordpress
>>> installation, but we weren't able to determine which of the hundreds of
>>> Wordpress blogs was the source. The ps listing showed:
>>>
>>> www 63968 2.4 0.2 26092 5008 ?? Rs 5:36PM 93:10.67
>>> ./mrf.pl (perl5.8.8)
>>>
>>> The procfs entry was no help because it does not seem to provide a cwd.
>>> The cmdline entry just showed "/usr/local/bin/perl ./mrf.pl".
>>>
>>> We had to kill the process, and who ever was responsible did a good job of
>>> hiding their tracks. But should this happen again (and we expect it
>>> will), we'd like to be able to find the source.
>>
>> /usr/bin/fstat will tell you the inode of the cwd, and you can use "find
>> -inum" to locate it. You can also install lsof from ports, which will dig
>> into the kernel and try and fetch the name itself:
>>
>> (d...@dan.21) /home/dan> fstat -p $$ | grep wd
>> dan zsh 77611 wd / 474264 drwxr-xr-x 533 r
>> (d...@dan.21) /home/dan> lsof -p $$ -a -d cwd
>> COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
>> zsh 77611 dan cwd VDIR 60,504234031 533 474264 /usr/home/dan
>>
>>
>> --
>> Dan Nelson
>> dnel...@allantgroup.com
>>
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: vim Keybindings
Try creating /usr/local/share/vim/vimrc with the following: set nomodeline set nocompatible Patrick On Sat, Oct 31, 2009 at 12:22 PM, Drew Tomlinson wrote: > I'm experiencing an annoying problem with vim on FBSD 8 that I don't have on > FBSD 7. Whenever I start vim, if I press the down arrow as the first key, > it deletes the first line of my file and enters insert mode. All the other > keys work fine and even the down arrow works fine after the first press. > > I've searched for help but haven't turned up anything relevant. Any ideas > on what I can check? > > Thanks, > > Drew > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: dhcpd related issue
What happens if you disable pf temporarily?
2009/10/31 Dánielisz László :
> Hello,
>
> I just configured my dhcpd but it gives no IP-s.
> What had I done until now:
>
> 1. Installed isc-dhcp via ports
>
> 2. edited the /usr/local/etc/dhcpd.conf
>
> option domain-name "bsd";
> option domain-name-servers ;
> option subnet-mask 255.255.255.0;
> authoritative;
>
> default-lease-time 3600;
> max-lease-time 86400;
> ddns-update-style none;
>
> subnet 192.168.1.0 netmask 255.255.255.0 {
> range 192.168.1.129 192.168.1.250;
> option routers 192.168.1.1;
> }
>
> 3. Added the following ones to /etc/rc.conf
> ifconfig_rl1="inet 192.168.1.1 netmask 255.255.255.0"
> dhcpd_enable="YES"
> dhcpd_conf="/usr/local/etc/dhcpd.conf"
> dhcpd_ifaces="rl1"
>
>
> 4. Opened the adequate port in pf
> pass in log on rl1 inet proto tcp from 192.168.1.0/24 to 192.168.1.1 port =
> bootps flags S/SA keep state
> pass in log on rl1 inet proto udp from 192.168.1.0/24 to 192.168.1.1 port =
> bootps keep state
>
> 5.. When I start de daemon:
> # /usr/local/etc/rc.d/isc-dhcpd start
> Starting dhcpd.
> Internet Systems Consortium DHCP Server V3.0.7
> Copyright 2004-2008 Internet Systems Consortium.
> All rights reserved.
> For info, please visit http://www.isc.org/sw/dhcp/
> Wrote 0 leases to leases file.
> Listening on Socket/rl1/192.168.1/24
> Sending on Socket/rl1/192.168.1/24
>
> Everythings looks to be ok there but on the client (I tried OS-X and Nokia
> symbian) I can not obtain the IP address, do you have any idea what should I
> check?
>
>
> Thanks!
> Laci
>
>
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Remote ssh tunnel in background or script?
Check out /usr/ports/security/autossh
autossh is a program to start a copy of ssh and monitor it, restarting
it as necessary should it die or stop passing traffic.
The original idea and the mechanism were from rstunnel (Reliable SSH
Tunnel). With this version the method changes: autossh uses ssh to
construct a loop of ssh forwardings (one from local to remote, one
from remote to local), and then sends test data that it expects to
get back. (The idea is thanks to Terrence Martin.)
WWW: http://www.harding.motd.ca/autossh/
Patrick
On Mon, Nov 9, 2009 at 10:30 AM, Kevin Kinsey wrote:
> Greetings!
>
> I have a client who recently dropped static IP service in
> favor of a "cheaper" solution, so they're now on a DHCP network
> blocking port 25, etc.
>
> In order to continue to allow them to connect to an outbound
> SMTP box on the LAN, I've done this on their server:
>
> sudo ssh -L thisbox:24:remotebox:52525 m...@remotebox
>
> I've got Sendmail listening there on 52525, and it works
> fine; the local clients are told to connect to "thisbox"
> port 24. The only issue is that I have to run it from
> a terminal session. When I tried to bg the process ("cmdstring &")
> it doesn't work, exactly. I've gotten an error message
> at times*, and at other times I apparently get "thisbox"
> listening on port 24 but it's not an SMTP daemon that's
> listening.
>
> I have a feeling it's cause I'm in csh, which is notorious
> for backgrounding issues. At any rate, what I'd
> like to do is have a script set up the connection, or
> write some daemon that would monitor the connection and
> fix it if it gets reset. At any rate, if I could get this
> SSH process to detach from a terminal, it'd be great.
>
> Any suggestions?
>
> Kevin Kinsey
>
> * I'm sorry, but I can't reproduce the error message
> this morning. IIRC, something to the effect of
> "I can't do nothing, give me a command please?"
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: NFS- SAN - FreeBSD
Hi Grant, I'm in a similar situation to where you were in July, and I was wondering what route you ended up going? Patrick On Tue, Jul 21, 2009 at 4:42 PM, Grant Peel wrote: > Chris, > > Again, thanks for the info. > > I only have one server with a PERC (raid) card installed, and I beleive it > is an older PERC 3 DCI, and doubt it would do the job. I would not be able > to add more PERC cards to the other machines. > > I am looking to have the connections all done via Ethernet. Again, the > connections would be local (device to my switch, switch to the individual > servers). > > Does this mean I should be considering iSCSI, or, since the connections will > all be on a local network, that I can continue to consider NFS? > > Any takers? > > -Grant > > - Original Message - From: "Christopher J. Umina" > > To: "Grant Peel" > Cc: > Sent: Tuesday, July 21, 2009 8:01 PM > Subject: Re: NFS- SAN - FreeBSD > > >> Grant, >> >> DAS = Direct-Attached Storage, sorry to be confusing. >> >> I cannot personally speak to the performance of FreeBSD's NFS, but I >> wouldn't expect it to be the bottleneck in the situation described. Maybe >> others with more experience could chime in on this topic. >> >> The way to use a DAS is to connect the DAS to a server with an external >> SAS cable (or two). The PERC6/E controller you would need inside the server >> is very well supported in FreeBSD. The DAS system would basically act the >> same as internal disks would act (in the case of the MD1000). Of course >> you'll want to check with Dell before you make any purchases to be positive >> that your hardware will all communicate nicely, as I'm no Dell salesperson. >> >> Depending on how large of an array you plan to make (if larger than 2TB) >> you may have to investigate gpart/gpt to partition correctly, but that's >> quite simple in my experience. >> >> Chris >> >> Grant Peel wrote: >>> >>> Chris, >>> >>> Thanks for the insight! >>> >>> I will defineately investigate that DAS ... although I am not (yet) sure >>> what the acronym means, I am sure it is something akin to "Direct Access >>> SCSI". >>> >>> You are quite right, I would like to use NFS to connect the device to the >>> 6 servers I have, again, it would be only hosting the /home partition for >>> each of them. Do you know if there would be any NFS I/O slowdowns using it >>> in that fassion? Would freebsd support (on the storage device) that many >>> connections? >>> >>> Also, do the Dell DAS machines run with FreeBSD? >>> >>> Also, from you you explained, I doubt I really need the versatility of >>> the SAN at this point, or in the near future. I simply want a mass /home >>> storage unit. >>> >>> -Grant >>> >>> - Original Message - From: "Christopher J. Umina" >>> >>> To: "Grant Peel" >>> Cc: >>> Sent: Tuesday, July 21, 2009 5:43 PM >>> Subject: Re: NFS- SAN - FreeBSD >>> >>> >>>> Grant, >>>> >>>> I mean to say that often times external SCSI solutions (direct attached) >>>> are cheaper and perform better (in terms of I/O) than iSCSI SANs. >>>> Especially >>>> if you're using many disks. SANs are generally chosen for the ability to >>>> be >>>> split into LUNs for different servers. Think of it as a disk which you can >>>> partition and serve out to servers on a per-partition basis, over Ethernet. >>>> That's essentially what an iSCSI SAN does. While DAS systems allow the >>>> same sort of configuration, they don't serve out over Ethernet, only >>>> SCSI/SAS. >>>> >>>> Since you plan to use NFS to share the files to the other servers, I >>>> think it may make more sense for you to use a SCSI solution if yo don't >>>> need >>>> the versatility of a SAN. >>>> >>>> Of course I know nothing of how you plan to expand this system, but from >>>> what I understand, with Dell DAS hardware it is possible to connect up to 4 >>>> different servers to the DAS and expand to up to 6 15 disk enclosures. The >>>> MD3000i (iSCSI) expands only to 3. >>>> >>>> Another issue is that without compiling in special versions of the iSCSI >>>> initiator, even in 8.0-BETA2 (which is not pr
Re: Questions about Jail
While it may work in some cases, it can be a bad idea because jails use the kernel of the host, and it's probably safest if your userland matches the rest. If you want to play with different versions of FreeBSD, you should do so in a virtualized environment. If jails are a good fit for you and you want to easily keep things up to date across jails, I'd take a look at ezjail: http://erdgeist.org/arts/software/ezjail/ Patrick On Mon, Apr 2, 2012 at 11:20 PM, James Y Chen wrote: > Hi > > I think Jail on FreeBSD 8.2 can generate 2 jailed machine using the same > version of FreeBSD, for example, on a 8.2 AMD64 Jailer, I can create 2 > or more FreeBSD 8.2 amd64 Jailed machine. > > My question is: can I install other version of FreeBSD on the Jailed > environment? If yes, which steps shall I do? Still using make world or > other easier way? > > thanks > > > James Y Chen > IT Engineering > Juniper Networks > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: question about milter software
I think you'll find Postfix to be much more modern and easy to work with for that kind of message rewriting. But what you're looking for is pretty complicated when you start having to deal with multipart messages; the messages have to be completely processed and separated into respective parts, and then once the rich part is found, you've got to parse the HTML and insert the footer into the right spot, and then recompile the message. And if the message is plain text only, you can't insert HTML and have it be displayed as such. In short, I doubt you'll have much success in doing this well. It would be better to configure this in the email client and lock that down somehow. Patrick On Fri, May 25, 2012 at 6:21 AM, Wojciech Puchar wrote: > Does anyone know milter software (or maybe anything else) to add to sendmail > that can rewrite outgoing mail and add HTML footer automatically? > > Please do not tell me about how stupid HTML mail is at all - i know it, it > is not my idea. > > thanks > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: question about milter software
On Fri, May 25, 2012 at 1:21 PM, Wojciech Puchar wrote: >> I think you'll find Postfix to be much more modern and easy to work >> with for that kind of message rewriting. > > > you are actually wrong in that statement. In spite of hype that postscript > started with, i am still using sendmail because it is actually easiest if > you learn it. I guess it's pretty subjective, which is how I should have originally prefaced my statement. I used sendmail for a long time, and always hated working with m4 or direct sendmail configuration files. For me, Postfix is so much easier, but to each his own. For your immediate need, I'd look at http://www.ledge.co.za/software/disclaimermilter/ or MIMEDefang (http://www.mimedefang.org/) which appears to be able to add disclaimers. Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Firewall, blocking POP3
See /usr/ports/security/py-fail2ban (http://www.fail2ban.org/). Used in conjunction with FreeBSD's ipfw or pf firewall facility, you can ban an attacking IP address for a set period of time after a configurable amount of failed attempts. Fail2ban watches your log files for you and then triggers some sort of action -- which can really be anything you can conceive of. Patrick On Wed, May 30, 2012 at 11:47 AM, Jorge Biquez wrote: > Hello. > > Thanks a lot!. Simple an elegant solution. > > I just did that and of course it worked I just was wondering... what if > I need to have the service working BUT want to block those break attemps? IN > this and other services. ? > My guess is that it is a never ending process? I mean, block one, block > another, another, etc? > > What the people who has big servers running for hosting services are doing? > Or you just have a policy of strng passworrds, server up-todate and let the > attemps to try forever? > > Thanks for the solution Mr Robert. > > Jorge Biquez > > > > > At 01:32 p.m. 30/05/2012, Robert Bonomi wrote: >> >> > From owner-freebsd-questi...@freebsd.org Wed May 30 13:16:37 2012 >> > Date: Wed, 30 May 2012 13:08:30 -0500 >> > To: freebsd-questions@freebsd.org >> > From: Jorge Biquez >> > Cc: >> > Subject: Firewall, blocking POP3 >> > >> > Hello all. >> > >> > I am sorry if the question is too basic. >> > >> > I have a personal small machine running >> > >> > FreeBSD 7.3-PRERELEASE #0: >> > >> > It runs as my web and email server for a cuple of domains. NO clients >> > no other users have access to it. >> > >> > Is there any , easy/faster way to stop POP3 from being working. I am >> > running qpopper to be able to download emailes. >> > I decided to use sendmail since only a few accounts are there and I >> > do not need more but in the last days the server has been under a big >> > attack where people is trying to guess users and passwords. I am >> > using a strong schema of passwords so no problem on that but I rather >> > to be sure . >> >> The mail -server- you use is irrelevant to how users retrieve mail. >> you can use sendmail and qpopper, or sendmail and an IMAP server, or >> sendmail and webmail app, or postix and qpopper, or exim and qpopper, >> etc. >> >> >> All you have to do to disable qpopper is edit comment out the line in >> /etc/inetd.conf, and SIGHUP inetd. >> >> To re-enable when you need it, uncomment the line, and SIGHUP inetd again. > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Whats the difference between password+RSA, and password-protected RSA ?
In the case of a passphrase-protected RSA key, the server knowsnothing about it, so you would never be able to enforce that. It's onthe client side that the key is decrypted with the passphrase beforesubmitting it to the server. Patrick On Mon, Nov 21, 2011 at 1:19 PM, Mm Bsd wrote: > Let's say I'd like to add a small amount of extra security to my SSH login > process. > > Let's say I decide the way I want to do this is by requiring BOTH a password > and an RSA key. There appear to be patches, or procedures, that allow me to > do this. So to log in, I would be required to enter a normal unix password, > but I would ALSO be required to hold a proper RSA public key. > > My question is this: > > In terms of security (and correctness ?) what's the difference between this > (unix password + SSH RSA key) and simply generating my RSA key *with* a > password ? Both ways require me to "have something" and "know something", > but they are obviously different, technically. > > Comments on the difference, and relative security of the two methods ? > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Upgrading from 8.0 to 8.4 with freebsd-update?
Is it possible to skip point releases using freebsd-update so that I can go from 8.0 to 8.4, or do I need to go 8.0 -> 8.1 -> 8.2 -> 8.3 -> 8.4? Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Fatal trap 12 after upgrading from 8.2 to 8.4
I've got a system running on a VPS that I'm trying to upgrade from 8.2 to 8.4. It has a ZFS root. After booting the new kernel, I get: Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0x40 fault code = supervisor read data, page not present instruction pointer = 0x20:0x810d7691 stack pointer = 0x28:0xff81ba60 frame pointer = 0x28:0xff81ba90 code segment= base 0x0, limit 0xf, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags= interrupt enabled, resume, IOPL = 0 current process = 1 (kernel) trap number = 12 panic: page fault cpuid = 0 KDB: stack backtrace: #0 0x8066cb96 at kdb_backtrace+0x66 #1 0x8063925e at panic+0x1ce #2 0x809c21d0 at trap_fatal+0x290 #3 0x809c255e at trap_pfault+0x23e #4 0x809c2a2e at trap+0x3ce #5 0x809a9624 at calltrap+0x8 #6 0x810df517 at vdev_mirror_child_select+0x67 #7 0x810dfacc at vdev_mirror_io_start+0x24c #8 0x810f7c52 at zio_vdev_io_start+0x232 #9 0x810f76f3 at zio_execute+0xc3 #10 0x810f77ad at zio_wait+0x2d #11 0x8108991e at arc_read+0x6ce #12 0x8109d9d4 at dmu_objset_open_impl+0xd4 #13 0x810b4014 at dsl_pool_init+0x34 #14 0x810c7eea at spa_load+0x6aa #15 0x810c90b2 at spa_load_best+0x52 #16 0x810cb0ca at spa_open_common+0x14a #17 0x810a892d at dsl_dir_open_spa+0x2cd Uptime: 3s Cannot dump. Device not defined or unavailable. I've booted back into the 8.2 kernel without any problems, but I'm wondering if anyone can suggest what I should try to get this working? I used freebsd-update to upgrade, and this was after the first "freebsd-update install" where it installs the kernel. My /boot/loader.conf has: zfs_load="YES" vfs.root.mountfrom="zfs:zroot" Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Jail with public IP alias
That's not the behaviour I see. My jail has a private and public IP. $ ifconfig bce1 bce1: flags=8843 metric 0 mtu 1500 options=c01bb ether a4:ba:db:29:7a:1b inet 192.168.42.23 netmask 0x broadcast 192.168.42.23 media: Ethernet autoselect (1000baseT ) status: active If I ssh into another host on the 192.168.42.0 network, I see: $ who patrick ttyp1Aug 27 15:21 (192.168.42.23) The host of the jail has multiple IPs on that private subnet: $ ifconfig bce1 bce1: flags=8843 metric 0 mtu 1500 options=c01bb ether a4:ba:db:29:7a:1b inet 192.168.42.17 netmask 0xff00 broadcast 192.168.42.255 inet 192.168.42.18 netmask 0x broadcast 192.168.42.18 inet 192.168.42.19 netmask 0x broadcast 192.168.42.19 inet 192.168.42.20 netmask 0x broadcast 192.168.42.20 inet 192.168.42.21 netmask 0x broadcast 192.168.42.21 inet 192.168.42.23 netmask 0x broadcast 192.168.42.23 inet 192.168.42.24 netmask 0x broadcast 192.168.42.24 media: Ethernet autoselect (1000baseT ) status: active Are you using NAT from your jail to the outside world? Patrick On Tue, Aug 27, 2013 at 2:21 PM, Alejandro Imass wrote: > On Tue, Aug 27, 2013 at 4:59 PM, Alejandro Imass wrote: >> Hi, >> >> I have a machine with several public IPs on the same NIC and I bound >> one of those IPs to a jail created with EzJail. Suppose the scenario >> is something like this: >> >> em0 >> 190.100.100.1 >> 190.100.100.2 >> 190.100.100.3 >> 190.100.100.4 >> >> In the jail we are bound only to 190.100.100.4 >> >> The default router is correctly set on the jail, etc. >> >> But when we ssh out of that jail, or send an email, the receiving end >> always sees 190.100.100.1 not 190.100.100.4 which is the IP the jail >> is bound to. > > > I think my problem is actually more basic than this. The problem > actually occurs on the base system as well and I think it's because > all the IPs are on the same subnet, then the kernel assumes to use the > primary IP as the source address. For the sake and usefulness of the > mail archives I will end this thread here and start another one with a > more appropriate title, not before researching to see if this can be > done with the routing table or if I need to use ipfw to re-write the > source address. > > Thanks, > > -- > Alejandro Imass > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Jail with public IP alias
Hi Alejandro, That's how I've got things setup, too, but I'm not seeing the same behaviour. So I was wondering if there was something different about your setup such as using NAT to allow a jail with a private IP to access the internet at large. Patrick On Tue, Aug 27, 2013 at 3:42 PM, Alejandro Imass wrote: > On Tue, Aug 27, 2013 at 6:28 PM, Patrick wrote: >> That's not the behaviour I see. My jail has a private and public IP. >> > > Hi Patrick, thanks for your reply. > > The issue is actually more basic and it's because the same network > card has multiple IPs on the same subnet so the routing table always > chooses the primary IP assigned to that interface. > > I'm trying to figure out if I can fix it in the routing table or will > need IPFW to re-write the source address. > > Thanks, > > -- > Alejandro Imass ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Jail with public IP alias
On Wed, Aug 28, 2013 at 7:25 AM, Alejandro Imass wrote: > On Wed, Aug 28, 2013 at 5:42 AM, Frank Leonhardt wrote: >> On28/08/2013 00:19, Patrick wrote: >>> >>> On Tue, Aug 27, 2013 at 3:42 PM, Alejandro Imass >>> wrote: >>>> > > [...] > >> >> (Tidied up so all now bottom posted) >> >> I can confirm that you shouldn't be seeing this behaviour because I don't. I >> don't use EzJail - i prefer "vi". Seriously, setting up a jail is very >> straightforward anyway, and when I tried ezjail I found it was doing stuff I >> didn't like, so dropped it early on. It was a long time ago and I've >> forgotten the specifics. >> >> I guess if you're using it your new to this particular game, so please >> excuse me pointing out a few basics here. >> > > We use Ezjail not because it's easy or because we're new to jails, I > think you might be confused on what EzJail actually is and why people > use it. We use it because we manage a private cloud exclusively based > on FBSD with about a dozen servers with a couple dozen jails each. I > use EzJail because it allows us to manage just shy of 300 separate > environments with only a couple of sysadmins, and with optimized > system resources. We use it because IT ROCKS. > >> Although I can't exactly see how this would cause a problem, remember that >> many service will bind to ALL IP addresses when they start up, and if they > > [...] > >> I can't see a mechanism that would get the results you're seeing, but I >> don't know what ezjail might be doing. I suspect your problem is with ezjail >> or something bizzare on your network config; can you try it manually? > > After my OP I immediately sent out second mail stating that the > problem is not with Jails or EzJail and it's related to the way that > aliases behave on a network interface card. When you have aliases that > are on the same subnet, the source IP is the primary IP , that is the > first IP set on that network device. You can test this with out jails > with a simple ssh connection to another server and then typing who. > Even if you force ssh to bind to a particular IP using -b it will > still show the primary IP. If you have aliases on different subnets > this will not happen. I don't think that's true though in the case of jails. On the host system, yes, but when a jail is bound to a particular IP, outbound connections originate from that bound IP. At least they do for me in all of my experience. Still wondering if you're using NAT with your jails, as that could change things. (FWIW, we use ezjail as well. It doesn't do anything special except make having lots of jails easy and lightweight.) Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Jail with public IP alias
On Thu, Aug 29, 2013 at 12:07 PM, Alejandro Imass wrote: > On Thu, Aug 29, 2013 at 5:03 AM, Frank Leonhardt wrote: >> On 29/08/2013 09:52, Frank Leonhardt wrote: >>> > > Hi Frank thanks for taking the time to try to replicate this. Here is > all the detailed info > > 8.1-RELEASE > > em0: flags=8843 metric 0 mtu 1500 > > options=209b > ether 00:31:88:bd:b9:3a > inet xxx.yyy.52.74 netmask 0xff80 broadcast xxx.yyy.52.127 > inet xxx.yyy.52.70 netmask 0xff80 broadcast xxx.yyy.52.127 > inet xxx.yyy.52.71 netmask 0xff80 broadcast xxx.yyy.52.127 > inet xxx.yyy.52.73 netmask 0xff80 broadcast xxx.yyy.52.127 > media: Ethernet autoselect (1000baseT ) > status: active > > I use rc.conf standard practice for aliases: > > ifconfig_em0="inet xxx.yyy.52.74 netmask 255.255.255.128 -tso" > ifconfig_em0_alias0="inet xxx.yyy.52.70 netmask 255.255.255.128 -tso" > ifconfig_em0_alias1="inet xxx.yyy.52.71 netmask 255.255.255.128 -tso" > ifconfig_em0_alias2="inet xxx.yyy.52.73 netmask 255.255.255.128 -tso" > > nune# netstat -rn > Routing tables > > Internet: > DestinationGatewayFlagsRefs Use Netif Expire > defaultxxx.yyy.52.1 UGS 168 182183463em0 > 127.0.0.1 link#4 UH 00lo0 > [... internal aliases to lo0 here...] > xxx.yyy.52.0/25link#1 U 068581em0 > xxx.yyy.52.70 link#1 UHS 014363lo0 > xxx.yyy.52.71 link#1 UHS 064765lo0 > xxx.yyy.52.73 link#1 UHS 00lo0 > xxx.yyy.52.74 link#1 UHS 029170lo0 > > Note the Netif Expire on 71,73,74 are showing lo0 could this be the problem? > > nune# ssh -b xxx.yyy.52.71 foo@bar > Password: > >> w -n > 3:15PM up 130 days, 22:30, 3 users, load averages: 0.00, 0.02, 0.00 > USER TTY FROM LOGIN@ IDLE WHAT > [...] > foo pts/24 xxx.yyy.52.74 3:14PM - w -n > > I don't know why mine is showing 74 and from your example it should be > showing 71. Did you see the article below? > > http://serverfault.com/questions/12285/when-ip-aliasing-how-does-the-os-determine-which-ip-address-will-be-used-as-sour > > This seems to be a pretty common issue or it's just a > miss-configuration problem? > > Thanks! > > Alejandro Imass > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" Aliases should have a netmask of 255.255.255.255. What you seeing is not typical behaviour on FreeBSD. http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/configtuning-virtual-hosts.html Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Device needed to manage several FreeBSD servers
I have a bunch of FreeBSD servers to manage, and I'm wanting to find a device that lets you SSH/telnet in, and access the servers connected to it via serial cables. I know such a device exists, but it was a long time ago since I last saw one, and I'm not really sure what one of these would be called. Has anyone had any experience with such a device? Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
ipfw divert with exception?
I have a FreeBSD 6.0 machine acting as a router for our office. We use
natd for address translation, and I have rule like so:
ipfw add divert natd all from any to any via ${ext_if}
To allow incoming SSH access, I have a redirect_port line setup in my
/etc/natd.conf file, and while it works just fine, I don't like that
natd has to be running in order for me to SSH into the server.
(Because, if -- hypothetically of course -- one were to *cough*
accidentally kill the natd process without realizing this, then
*ahem*, one would be locked out remotely without any means of fixing
it. And I'd like to stress that this situation is indeed, uh,
hypothetical. ;) )
So, I'm sure there is a way for me to create some ipfw rules above the
divert line to accept incoming SSH traffic and not having it get
diverted, but I'm at a bit of a loss as to how I can achieve this. The
current rule I have above this does not do anything to stop the
traffic from being diverted:
ipfw add accept tcp from any to any 22 in via ${ext_if}
Any help or insight would be greatly appreciated.
Thanks,
Patrick
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ipfw divert with exception?
That's what I thought too, but it doesn't seem to be the case. Here's
what I have:
ipfw -f flush
ipfw add 70 allow tcp from 10.0.1.254 to any
ipfw add accept tcp from any to any 22 in via ${ext_if}
ipfw add 6000 allow all from any to any via lo0
ipfw add 6100 allow all from any to any via ${int_if}
ipfw add 7000 divert natd all from any to any via ${ext_if}
ipfw add 7100 check-state
ipfw add pass all from any to any via ${ext_if}
ipfw add pass all from any to any via ${int_if}
ipfw add 65534 allow ip from any to any
Patrick
On 1/2/06, Foo Ji-Haw <[EMAIL PROTECTED]> wrote:
> I've not tried it myself, but putting the exception rules before the
> 'divert' rule should help, since ipfw exits the rule matching upon first
> match.
>
> - Original Message -
> From: "patrick" <[EMAIL PROTECTED]>
> To:
> Sent: Tuesday, January 03, 2006 4:56 AM
> Subject: ipfw divert with exception?
>
>
> > I have a FreeBSD 6.0 machine acting as a router for our office. We use
> > natd for address translation, and I have rule like so:
> >
> > ipfw add divert natd all from any to any via ${ext_if}
> >
> > To allow incoming SSH access, I have a redirect_port line setup in my
> > /etc/natd.conf file, and while it works just fine, I don't like that
> > natd has to be running in order for me to SSH into the server.
> > (Because, if -- hypothetically of course -- one were to *cough*
> > accidentally kill the natd process without realizing this, then
> > *ahem*, one would be locked out remotely without any means of fixing
> > it. And I'd like to stress that this situation is indeed, uh,
> > hypothetical. ;) )
> >
> > So, I'm sure there is a way for me to create some ipfw rules above the
> > divert line to accept incoming SSH traffic and not having it get
> > diverted, but I'm at a bit of a loss as to how I can achieve this. The
> > current rule I have above this does not do anything to stop the
> > traffic from being diverted:
> >
> > ipfw add accept tcp from any to any 22 in via ${ext_if}
> >
> > Any help or insight would be greatly appreciated.
> >
> > Thanks,
> >
> > Patrick
> > ___
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
>
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
"ipfw count" equivalent for pf
Hi there, Now that FreeBSD 5.x has pf from OpenBSD, I'm wondering if some of the pf experts can help me with porting a simple ipfw configuration from FreeBSD 4.x to pf in FreeBSD 5.x. On our 4.x servers, we have several rules like: ipfw add count ip from any to x.x.x.x ipfw add count ip from x.x.x.x to any ... to keep track of how much traffic is going through a particular IP address. Every night, I capture the data and zero the counters. Using pf, I'm having a difficult time how to establish a similar ruleset so that I can gather the same sort of data. Someone on the openbsd-misc list told me to "add labels to those rules you want to account traffic on and use `pdfctl -sl` to read their counters." The problem is that I'm not sure how to describe the rules using pf. I suppose the rules should just pass all traffic to and from my external interface, but from all the pf documentation I've read, I can't find an example that seems to do this for me. Can any experts lend a hand here? It seems like this should be dead-easy to do, but like many things from the OpenBSD world, it does not seem to straight-forward to me. Thanks, Patrick ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: "ipfw count" equivalent for pf
So, are there any pf users who can help me write two simple rules to pass through traffic in and out on an interface such that I'll be able to gather statistics? I've read through all the man pages and help on OpenBSD's pf pages, but I am not clear on how to achieve what I want. Patrick On Thu, 16 Dec 2004 11:57:29 -0800, patrick <[EMAIL PROTECTED]> wrote: > Hi there, > > Now that FreeBSD 5.x has pf from OpenBSD, I'm wondering if some of the > pf experts can help me with porting a simple ipfw configuration from > FreeBSD 4.x to pf in FreeBSD 5.x. > > On our 4.x servers, we have several rules like: > > ipfw add count ip from any to x.x.x.x > ipfw add count ip from x.x.x.x to any > > ... to keep track of how much traffic is going through a particular IP > address. Every night, I capture the data and zero the counters. > > Using pf, I'm having a difficult time how to establish a similar > ruleset so that I can gather the same sort of data. Someone on the > openbsd-misc list told me to "add labels to those rules you want to > account traffic on and use `pdfctl -sl` to read their counters." The > problem is that I'm not sure how to describe the rules using pf. I > suppose the rules should just pass all traffic to and from my external > interface, but from all the pf documentation I've read, I can't find > an example that seems to do this for me. > > Can any experts lend a hand here? It seems like this should be > dead-easy to do, but like many things from the OpenBSD world, it does > not seem to straight-forward to me. > > Thanks, > > Patrick > ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: "ipfw count" equivalent for pf
I didn't receive any advice relevant to solving my problem, but I did manage to figure it out in the end. I thought I'd share my solution in case anyone else wants to do the same thing: My /etc/pf.conf has the following lines: ext_if="rl0" external_addr="x.x.x.x" pass in on $ext_if from any to $external_addr label "$dstaddr in" pass out on $ext_if from $external_addr to any label "$srcaddr out" Activate the rules with "pfctl -f /etc/pf.conf", and then you can display the counters by doing a "pfctl -sl" which outputs something like: x.x.x.x in 14363 7448 734450 x.x.x.x out 13810 6362 683319 To zero the counters, I've just been calling "pfctl -f /etc/pf.conf" again, though there may be a more "proper" way. Patrick On Thu, 16 Dec 2004 11:57:29 -0800, patrick <[EMAIL PROTECTED]> wrote: > Hi there, > > Now that FreeBSD 5.x has pf from OpenBSD, I'm wondering if some of the > pf experts can help me with porting a simple ipfw configuration from > FreeBSD 4.x to pf in FreeBSD 5.x. > > On our 4.x servers, we have several rules like: > > ipfw add count ip from any to x.x.x.x > ipfw add count ip from x.x.x.x to any > > ... to keep track of how much traffic is going through a particular IP > address. Every night, I capture the data and zero the counters. > > Using pf, I'm having a difficult time how to establish a similar > ruleset so that I can gather the same sort of data. Someone on the > openbsd-misc list told me to "add labels to those rules you want to > account traffic on and use `pdfctl -sl` to read their counters." The > problem is that I'm not sure how to describe the rules using pf. I > suppose the rules should just pass all traffic to and from my external > interface, but from all the pf documentation I've read, I can't find > an example that seems to do this for me. > > Can any experts lend a hand here? It seems like this should be > dead-easy to do, but like many things from the OpenBSD world, it does > not seem to straight-forward to me. > > Thanks, > > Patrick > ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
edquota -p question
I notice that in FreeBSD 4.x, if you apply a disk quota to one user using another as a proto-username (edquota -p ), it also copies the proto-user's current usage statistic. Could this be seen as a bug? If the proto-user happens to be over quota, their usage should not be applied to the new user. Patrick ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
IP aliases and forcing outbound IP
I have a FreeBSD 4.11 box whose ethernet card has several IP address. inet 10.0.1.254 netmask 0xff00 broadcast 10.0.1.255 inet 10.0.1.111 netmask 0x broadcast 10.0.1.111 Is there a way I can cause outbound connections to certain hosts to be from 10.0.1.111 instead of the default 10.0.1.254? I used to be able to do this fairly easy in Linux because each alias is actually a separate ethernet device (eg. eth0:0, eth0:1, etc.), but I haven't figured out how to do this in FreeBSD. Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: IP aliases and forcing outbound IP
Should I assume by the lack of replies that this just isn't possible under FreeBSD? Seems like it should be doable. Any help would be greatly appreciated, Patrick On Thu, 3 Mar 2005 13:04:37 -0800, patrick <[EMAIL PROTECTED]> wrote: > I have a FreeBSD 4.11 box whose ethernet card has several IP address. > > inet 10.0.1.254 netmask 0xff00 broadcast 10.0.1.255 > inet 10.0.1.111 netmask 0x broadcast 10.0.1.111 > > Is there a way I can cause outbound connections to certain hosts to be > from 10.0.1.111 instead of the default 10.0.1.254? I used to be able > to do this fairly easy in Linux because each alias is actually a > separate ethernet device (eg. eth0:0, eth0:1, etc.), but I haven't > figured out how to do this in FreeBSD. > > Patrick > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Source-upgrading from FreeBSD 4.9 to 4.11
I'm trying to do a source upgrade from FreeBSD 4.9 to 4.11, but during the "make buildworld", I get the following: ===> gnu/usr.bin/cvs/cvs make: don't know how to make stack.c. Stop *** Error code 2 Stop in /usr/src/gnu/usr.bin/cvs. *** Error code 1 ... I didn't see any mention of this in the handbook, but do I have to upgrade to 4.10 first, and then go up to 4.11? Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Building /stand from /usr/src
How does one build all of the goodies in /stand from /usr/src? I have a FreeBSD system that was originally installed with FreeBSD 4.7. I've upgraded the system to 4.11 using cvsup and "make world", but /stand/sysinstall still seems to think it's on a 4.7 system, and tries to find files on remote FTP server in the 4.7 trees. Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Adding a default route for a specific NIC
I have a FreeBSD 4.11 server with two NICs -- one has a real IP (bge0) and the other has an internal IP (bge1, 192.168.42.6). The default route for the server (defaultrouter= in rc.conf) is the gateway for the real IP. How can I set a route such that traffic going out on bge1 goes through a different router, even if it's to the outside world? Basically, I have a jailed setup running with a private IP address. On the private network, there is a gateway machine that's setup to NAT the traffic out to the internet. Currently, I cannot get out to the internet from the jail unless I set the default route of the entire server to be my internal NAT gateway. Any ideas? Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Adding a default route for a specific NIC
To follow-up, I basically want to say: if traffic originals from 192.168.42.6, use 192.168.42.3 as the default gatway else use default gateway for bge0... Patrick On Apr 3, 2005 4:17 PM, patrick <[EMAIL PROTECTED]> wrote: > I have a FreeBSD 4.11 server with two NICs -- one has a real IP (bge0) > and the other has an internal IP (bge1, 192.168.42.6). > > The default route for the server (defaultrouter= in rc.conf) is the > gateway for the real IP. How can I set a route such that traffic going > out on bge1 goes through a different router, even if it's to the > outside world? > > Basically, I have a jailed setup running with a private IP address. On > the private network, there is a gateway machine that's setup to NAT > the traffic out to the internet. Currently, I cannot get out to the > internet from the jail unless I set the default route of the entire > server to be my internal NAT gateway. > > Any ideas? > > Thanks, > > Patrick > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Adding a default route for a specific NIC
And one more bit of info that might be helpful to know... The jail I've setup will serve sites on various IP addresses. Since FreeBSD jails by default only allow one IP, I've given the jail an internal IP, and am just forwarding the desired ports on the external IPs into the jail's IP using ipfw. This is all working fine, so the only thing left for me to solve is how to get things in my jail working so that I can make outbound TCP connections. Thanks again, Patrick On Apr 3, 2005 4:17 PM, patrick <[EMAIL PROTECTED]> wrote: > I have a FreeBSD 4.11 server with two NICs -- one has a real IP (bge0) > and the other has an internal IP (bge1, 192.168.42.6). > > The default route for the server (defaultrouter= in rc.conf) is the > gateway for the real IP. How can I set a route such that traffic going > out on bge1 goes through a different router, even if it's to the > outside world? > > Basically, I have a jailed setup running with a private IP address. On > the private network, there is a gateway machine that's setup to NAT > the traffic out to the internet. Currently, I cannot get out to the > internet from the jail unless I set the default route of the entire > server to be my internal NAT gateway. > > Any ideas? > > Thanks, > > Patrick > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
FreeBSD 4.11 + named + sandbox options
I've enabled the commented out named_flags="-u bind -g bind" in my rc.conf to start named in a sandbox, but whenever I do a "named.reload", I get the following message in my logs: Jul 14 14:20:55 pompom named[34352]: couldn't create pid file '/var/run/named.pid' It doesn't really seem to be a big deal because doing a reload doesn't create a new PID anyway, but it is nevertheless annoying to have these messages showing up. Is this a bug in ndc? Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
FreeBSD 4.11 + imap-uw = PAM problems
I'm getting the following errors with imap-uw on FreeBSD 4.11 when I connect to the POP3 or IMAP server: Oct 28 15:57:56 bubs imapd[16913]: unable to resolve symbol: pam_sm_open_session Oct 28 15:57:56 bubs imapd[16913]: unable to resolve symbol: pam_sm_close_session I installed imap-uw from the ports collection, and my pam.conf has: imapauthrequiredpam_unix.so imapaccount requiredpam_unix.so imapsession requiredpam_unix.so pop3authrequiredpam_unix.so pop3account requiredpam_unix.so pop3session requiredpam_unix.so I don't know a lot about PAM, so I'm not even sure where to start to fix this. I have a similar setup going on a FreeBSD 4.62 machine, and it works fine. Any help would be greatly appreciated. Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD 4.11 + imap-uw = PAM problems
Thanks, that did the trick. I wonder why the installation instructions on the port said to add all of those other lines? Patrick On 10/28/05, Gary Hayers <[EMAIL PROTECTED]> wrote: > On my 4.11-STABLE box I dont get this in my logs, I have enclosed my > pam.cof for your consideration. > > # Mail services > imapauthrequiredpam_unix.so try_first_pass > pop3authrequiredpam_unix.so try_first_pass > #imapauthrequiredpam_unix.so > #imapaccount requiredpam_unix.so > #imapsession requiredpam_unix.so > #pop3authrequiredpam_unix.so > #pop3account requiredpam_unix.so > #pop3 session requiredpam_unix.so > > patrick wrote: > > I'm getting the following errors with imap-uw on FreeBSD 4.11 when I > > connect to the POP3 or IMAP server: > > > > Oct 28 15:57:56 bubs imapd[16913]: unable to resolve symbol: > > pam_sm_open_session > > Oct 28 15:57:56 bubs imapd[16913]: unable to resolve symbol: > > pam_sm_close_session > > > > I installed imap-uw from the ports collection, and my pam.conf has: > > > > imapauthrequiredpam_unix.so > > imapaccount requiredpam_unix.so > > imapsession requiredpam_unix.so > > pop3authrequiredpam_unix.so > > pop3account requiredpam_unix.so > > pop3session requiredpam_unix.so > > > > I don't know a lot about PAM, so I'm not even sure where to start to > > fix this. I have a similar setup going on a FreeBSD 4.62 machine, and > > it works fine. > > > > Any help would be greatly appreciated. > > > > Patrick > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Jail cloning problem
I built a jail, and then I tar'd it up after some setup so that I could create new jails quickly. When I start up a cloned jail, everything works except SSH. If I try to ssh outside of the jail, I just get: "Host key verification failed.". I know from past experience that if I rebuild the second jail the "make world" way, everything works fine, so I suspect that there is some permissions or dev issue after untarring. I'm 100% certain that it does not have to do with any actual host key verification. I've rebuilt the dev folder using MAKEDEV jail, and have also tried ensuring that permissions are correct in /tmp and /var, but to no avail. Can anyone think of any reason why SSH wouldn't work in a cloned jail like this? Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Jail cloning problem
So is it a repairable permissions issue, or is it something that I could never fix? The jail wasn't built on its own filesystem, and because I don't have a spare drive to do that, I'm hoping that there is some way possible to make cloning work using tar. Thanks, Patrick On 11/10/05, Glenn's mailing lists <[EMAIL PROTECTED]> wrote: > On Thu, 10 Nov 2005, patrick wrote: > > > I built a jail, and then I tar'd it up after some setup so that I > > could create new jails quickly. When I start up a cloned jail, > > everything works except SSH. If I try to ssh outside of the jail, I > > just get: "Host key verification failed.". I know from past experience > > that if I rebuild the second jail the "make world" way, everything > > works fine, so I suspect that there is some permissions or dev issue > > after untarring. I'm 100% certain that it does not have to do with any > > actual host key verification. I've rebuilt the dev folder using > > MAKEDEV jail, and have also tried ensuring that permissions are > > correct in /tmp and /var, but to no avail. > > > > Can anyone think of any reason why SSH wouldn't work in a cloned jail like > > this? > > Use dump and restore, and things will work as expected. The initial jail > has to be built on it's own file system though. > > -Glenn > > > > > Thanks, > > > > Patrick > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Jail cloning problem
Whoops, that's something I should have mentioned. :) I'm on FreeBSD 4.11. Patrick On 11/10/05, Kirk Strauser <[EMAIL PROTECTED]> wrote: > On Thursday 10 November 2005 13:01, patrick wrote: > > > I've rebuilt the dev folder using MAKEDEV jail, and have also tried > > ensuring that permissions are correct in /tmp and /var, but to no avail. > > Which version of FreeBSD? 5.x and onward use devfs and not MAKEDEV; perhaps > your device nodes aren't being created correctly? > > Also, running "/usr/sbin/sshd -ddd" and trying to connect can give lots of > useful information. > -- > Kirk Strauser > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Can a home LAN server use a jail as a router?
Be sure to check out the ezjail port in /usr/ports/sysutils/ezjail -- it makes deploying and updating multiple jails really fast; exponentially faster than building a jail as per jail(8). http://erdgeist.org/arts/software/ezjail/ Patrick On Tue, Dec 7, 2010 at 10:15 AM, Xn Nooby wrote: >> I hope this helps you in your investigation(s). > > Yes, thank you and the previous poster. It sounds like my "outer" box > needs to be the router, and everything else should be a jail. I will > do some more reading up on jails. Thanks! > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Upgrading from FreeBSD 4.10 to 8.1?
I know this is a bit crazy, but is there any opinion as to whether a binary upgrade using an 8.1 CD would work to upgrade a system running 4.10? Normally I would want to do a fresh install, but it's at a remote client site where it's not going to be easy to do it that way, and I'm going to need to guide someone less experienced through the install/upgrade process. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Run your own portsnap mirror?
Is there any official way to run a private portsnap mirror? ie. Have one, external server fetch from the official portsnap sources, and then internal servers pulling from the private mirror? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: how to add a few hundred ip on one interface?
The standard way is to configure this in your /etc/rc.conf[.local]: ifconfig_re0="inet xxx.xxx.yyy.134 netmask 0xffnn" ifconfig_re0_alias0="inet xxx.xxx.yyy.135 netmask 0x" ifconfig_re0_alias1="inet xxx.xxx.yyy.136 netmask 0x" ... etc. You could make a script to generate the correct configuration lines, and then include it in your rc.conf: /etc/rc.conf: . /path/to/ifconfig_entries.sh /path/to/ifconfig_entries.sh: ifconfig_re0="inet xxx.xxx.yyy.134 netmask 0xffnn" ifconfig_re0_alias0="inet xxx.xxx.yyy.135 netmask 0x" ifconfig_re0_alias1="inet xxx.xxx.yyy.136 netmask 0x" See http://www.freebsd.org/doc/en/books/faq/networking.html#ETHERNET-ALIASES for more info. Note that aliases should have a netmask of 0x (255.255.255.255). Patrick On Thu, Feb 10, 2011 at 3:36 PM, Vladislav V. Prodan wrote: > only a shell script at startup? or there are other standard tools? > Is there a limit on the number of IP on one interface? > > ## make aliases IP > for i in 134 135 136 137 138 139 140 141 142 143 144 145 146 147 > do > ifconfig re0 xxx.xxx.yyy.$i/23 alias > done > > for j in 134 135 136 137 138 139 140 141 142 143 144 145 146 147 > do > ifconfig re0 xxx.xxx.xxx.$i/23 alias > done > > > > -- > Vladislav V. Prodan > VVP24-UANIC > +38[067]4584408 > +38[099]4060508 > vla...@jabber.ru > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: enable modeline in vim
Assuming you've installed vim from the ports tree, /usr/local/share/vim/vimrc is the shared vimrc file amongst all users. Have you tried setting it in there? On Monday, 16 July, 2012 at 09:37 , Victor Sudakov wrote: > Виталий Туровец wrote: > > > > > > Do you know how to enable modelines in vim running from root? Even if > > > I put "set modeline" in /root/.vimrc, the output of ":set modeline?" > > > still shows "nomodeline". At the same time, "set modeline" in ~/.vimrc > > > works for all other accounts except root. > > > > > > Someone has protected the root account so tightly that I cannot even > > > shoot myself in the leg. Do you know how I could override this > > > protection? > > > > > > > In my vimrc i have next: > > set modeline > > set modelines=3 > > > > > As I said, in /root/.vimrc I have: > > set modeline > set modelines=5 > > > And it works, no matter from root or normal user. Hope this helps. > > And it does not work for root. vim-7.3.556_1 > > Surely I am doing something stupid but I cannot figure out what. > > -- > Victor Sudakov, VAS4-RIPE, VAS47-RIPN > sip:suda...@sibptus.tomsk.ru (mailto:suda...@sibptus.tomsk.ru) > ___ > freebsd-questions@freebsd.org (mailto:freebsd-questions@freebsd.org) mailing > list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org > (mailto:freebsd-questions-unsubscr...@freebsd.org)" > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Rewrite redirects
You can probably do something like: RewriteRule ^([^/])\.html /content/$1.html [PT] ^ inside the square brackets means "not", so a pattern matching anything but /. Or you could be go the other way: RewriteRule ^([a-zA-Z0-9_-]+)\.html /content/$1.html [PT] Where you explicitly include the characters that are used in your html filenames... Patrick On Fri, Sep 28, 2012 at 2:27 PM, Jack Stone wrote: > On 9/28/2012 3:08 PM, Jack Stone wrote: >> >> I thought I had this figured out but discovered I have a BIG flaw with my >> .htaccess redirects After days of searching and experimenting, I still can't >> get this to do what I intended. >> >> I have moved all of the content on a web site from the web root to a >> different directory. Now I need toredirect the URL requests from the old >> location to the new one. Instead of issuing a 301 error, I want to first >> redirect to an info page, let's call it "info.htm." Here's what I have now >> in the web root's .htaccess. >> >> Here's the way it was/is: >> >> ~webroot/lots_of.html >> and now changed to this: >> ~webroot/content/lots_of.html >> >> Using the apache mod_rewritein .htaccess >> RewriteEngine on >> RewriteRule /~webroot/(.*\.html) /^info.htm [PT] >> >> which is supposed to redirect any page with the extension ".html" to >> the info.htm page. BUT, alas any "*.html page in any directory will redirect >> back to the info.htm page!! What I wanted is that only the "*.html pages in >> the ~webroot to be redirected to the info page. >> >> I hope this make sense and I hope someone can give me a tip on how to >> limit the redirects to only the webroot pages. >> >> Thanks in advance. >> > For the above, now this works if I use the following: > RewriteBase /~webroot/ > RewriteRule ^radio\.html$ /^info.htm [PT] > RewriteRule ^v20\.html$ /^info.htm [PT] > > So, now if the above are requested: > > http://www.webroot/content/radio.html it doesn't redirect to the info page. > That's what I want, but there are 100s of "html" files in webroot/content > and I figured there MUST be a way to wildcard the syntax, something like > ^.*\.html$ so I don't need to list every specific html file. > > I believe I'll have it if I can figure that out now. > > Any thoughts? > > > -- > -- > All the best, > Jack > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
mysql50-server on FreeBSD 6.2 w/ LINUX_THREADS?
Is it still advisable to build the mysql50-server on FreeBSD 6.2 using the LINUX_THREADS option? I'm using the SMP kernel on an older dual 1.0GHz Pentium III. This page <http://wiki.freebsd.org//MySQL> suggests that the libthr library in FreeBSD 6.x is optimized for MySQL and perhaps better than using linuxthreads. Any thoughts? Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Multiple versions of PHP
I have a FreeBSD 6.2 server with Apache 1.3.x and PHP 4.4.x built from ports. I'd like to install PHP 5 from the ports tree, but target its install location to /usr/local/php5 to keep it separate from the PHP 4 stuff. (I'll be running PHP through fastcgi.) I'm wondering if there's a way to do built a port where the install root is different from the default? If not, I'll hand-build PHP5, but I'd much rather take advantage of ports. Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: no libphp5.so
You should just install it from the ports. As root, type: cd /usr/ports/lang/php5 make all install clean Be sure to check the "APACHE" option to build the Apache module. You'll probably also want to install some of the extensions from /usr/ports/lang/php5-extensions and /usr/ports/www/php-session. Patrick On 4/1/07, jekillen <[EMAIL PROTECTED]> wrote: Hello agian; I have been gripping about php not producing libphp5.so for use as a DSO with Apache on FreeBSD v 6.2 >> good news >> I solved it. By re installing the system and starting all over again. After reading the output of ./configure in the php source dir, it was reporting that it could not find a compatible version of Bison. I cannot say that that is THE cause, but whatever it was re installing solved it. I did not get any responses so there is no one in particular to thank but thanks all, FreeBSD is free software and what works is far greater in volume and value than what does not Now if only we could get to the developers of the human (user level) mind, maybe we could debug that and be better off. Jeff K ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Multiple versions of PHP
Thanks, that worked really well. For those searching the archive for an easy answer, you just need to do: make PREFIX=/path/to/where/you/want all install clean Patrick On 4/2/07, Kimi Ostro <[EMAIL PROTECTED]> wrote: On 02/04/07, patrick <[EMAIL PROTECTED]> wrote: > I have a FreeBSD 6.2 server with Apache 1.3.x and PHP 4.4.x built from > ports. I'd like to install PHP 5 from the ports tree, but target its > install location to /usr/local/php5 to keep it separate from the PHP 4 > stuff. (I'll be running PHP through fastcgi.) I'm wondering if there's > a way to do built a port where the install root is different from the > default? If not, I'll hand-build PHP5, but I'd much rather take > advantage of ports. > > Thanks, > % man 7 ports look for PREFIX HTH, -- Kimi ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD Native JDK/JRE
You could also just install the pre-built, Sun-sanctioned build: http://www.freebsdfoundation.org/downloads/java.shtml On 3/3/07, Chris Bowlby <[EMAIL PROTECTED]> wrote: Hi, As luck would have it, 2 minutes after posting this message, I managed to find this URL: http://lists.freebsd.org/pipermail/freebsd-questions/2006-August/129252.html Which addresses most of my issues, now I just have to work past a compiler error (I think due to sun-jdk-1.4 having been installed).. Thanks. Chris Bowlby wrote: > Hi, > > I've been attempting to install java/jdk15 into a jail under FreeBSD > 6.2 and have been running into some issues. I have appended a trimmed > out version of the output I get during an installation to the end of > the message. > > From what I can tell, it's attempting to install some Linux emulation > components and this is where I get stuck. I've not been able to find > any information that would help me either manually mount the > partitions so they are visible inside a jail (I am not sure if this is > even possible anymore), or to work around this particular issue and > just do a native installation. > > Can anyone offer up any help? > > > mail# portinstall java/jdk15 > ---> Installing 'jdk-1.5.0p4' from a port (java/jdk15) > ---> Building '/usr/ports/java/jdk15' > ===> Cleaning for unzip-5.52_2 > ===> Cleaning for m4-1.4.8_1 > ===> Cleaning for zip-2.32 > ===> Cleaning for open-motif-2.2.3_2 > ===> Cleaning for linux-sun-jdk-1.4.2.13 > ===> Cleaning for gmake-3.81_1 > ===> Cleaning for libiconv-1.9.2_2 > ===> Cleaning for javavmwrapper-2.3 > ===> Cleaning for libtool-1.5.22_3 > ===> Cleaning for xorg-libraries-6.9.0_1 > ===> Cleaning for imake-6.9.0_1 > ===> Cleaning for linux_base-fc-4_9 > ===> Cleaning for linux-xorg-libs-6.8.2_5 > ===> Cleaning for gettext-0.14.5_2 > ===> Cleaning for libdrm-2.0.2 > ===> Cleaning for freetype2-2.2.1_1 > ===> Cleaning for fontconfig-2.3.2_6,1 > ===> Cleaning for perl-5.8.8 > ===> Cleaning for rpm-3.0.6_13 > ===> Cleaning for linux-fontconfig-2.2.3_5 > ===> Cleaning for pkg-config-0.21 > ===> Cleaning for expat-2.0.0_1 > ===> Cleaning for automake-1.4.6_2 > ===> Cleaning for autoconf-2.13.000227_5 > ===> Cleaning for popt-1.7_2 > ===> Cleaning for linux-expat-1.95.8 > ===> Cleaning for jdk-1.5.0p4 > ===> Vulnerability check disabled, database not found > ===> Found saved configuration for jdk-1.5.0p4 > > IMPORTANT: To build JDK 1.5.0 port, you should have at least > 2.5Gb of free disk space in build area! > > IMPORTANT: To build JDK 1.5.0 port, you should have linux emulation > enabled in the kernel and linux procfs (linprocfs) filesystem > mounted. > > ===> Extracting for jdk-1.5.0p4 > => MD5 Checksum OK for jdk-1_5_0-src-scsl.zip. > => SHA256 Checksum OK for jdk-1_5_0-src-scsl.zip. > => MD5 Checksum OK for jdk-1_5_0-bin-scsl.zip. > => SHA256 Checksum OK for jdk-1_5_0-bin-scsl.zip. > => MD5 Checksum OK for bsd-jdk15-patches-4.tar.bz2. > => SHA256 Checksum OK for bsd-jdk15-patches-4.tar.bz2. > ===> jdk-1.5.0p4 depends on executable in : unzip - found > ===> Patching for jdk-1.5.0p4 > Hmm... Looks like a unified diff to me... > The text leading up to this was: > -- > |Index: control/make/Makefile > |=== > |RCS file: /var/jcvs/javasrc_1_5_scsl/control/make/Makefile,v > |retrieving revision 1.1.1.1 > |retrieving revision 1.3 > |diff -u -r1.1.1.1 -r1.3 > |--- control/make/Makefile 8 Nov 2004 22:26:52 - 1.1.1.1 > |+++ control/make/Makefile 23 Dec 2004 19:28:25 - 1.3 > -- > Patching file control/make/Makefile using Plan A... > Hunk #1 succeeded at 12. > Hunk #2 succeeded at 69. > Hmm... The next patch looks like a unified diff to me... > The text leading up to this was: > <... SNIP ...> > done > ===> Applying FreeBSD patches for jdk-1.5.0p4 > /usr/bin/sed -i.bak -e "s:%%PREFIX%%:/usr/local:g" -e > "s:%%JDK_VERSION%%:1.5.0:g" > /usr/ports/java/jdk15/work/control/make/../../deploy/src/plugin/solaris/controlpanel/sun_java.desktop > > ===> jdk-1.5.0p4 depends on executable in : gm4 - found > ===> jdk-1.5.0p4 depends on executable in : zip - found > ===> jdk-1.5.0p4 depends on file: /usr/X11R6/lib/libXm.so - found > ===> jdk-1.5.0p4 depends on file: > /usr/local/linux-sun-jdk1.4.2/bin/javac - found > ===> jdk-1.5.0p4 depends on executable in : gmake - found > ===> jdk-1.5.0p4 depends on shared library: iconv.3 - found > ===> Configuring for jdk-1.5.0p4 > ===> Building for jdk-1.5.0p4 > ERROR: You must have LINPROCFS mounted before > starting to build the native JDK 1.5.0. > > You may do it with the following commands: > > # kldload linprocfs > > and > > # mount -t linprocfs linprocfs /compat/linux/proc > > *** Error code 1 > > Stop in /usr/ports/java/jdk15. > ** Command failed [exit code 1]: /usr/bin/script -qa > /tmp/portinstall.7259.0 env make > ** Fix the problem and try
Any way to tell what the RAM configuration is?
I'm wondering if there's any way in FreeBSD (4.x on i386) to tell what the RAM configuration in the system is? ie. Can it show me if I have four 256MB modules versus two 512MB's? Obviously it would be possible to just open up the computer and see for my self, I'm hoping I can save myself a trip and wrecking an uptime of 670 days. :) Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Re: Any way to tell what the RAM configuration is?
Awesome, that works like a charm! Thanks, Patrick On 12/6/06, Chuck Swiger <[EMAIL PROTECTED]> wrote: On Dec 6, 2006, at 11:00 AM, patrick wrote: > I'm wondering if there's any way in FreeBSD (4.x on i386) to tell what > the RAM configuration in the system is? ie. Can it show me if I have > four 256MB modules versus two 512MB's? Obviously it would be possible > to just open up the computer and see for my self, I'm hoping I can > save myself a trip and wrecking an uptime of 670 days. :) Sure. Install the dmidecode port (from /usr/ports/sysutils/ dmidecode), and run: dmidecode -t memory > # dmidecode 2.8 > SMBIOS 2.3 present. > > Handle 0x1000, DMI type 16, 15 bytes > Physical Memory Array > Location: System Board Or Motherboard > Use: System Memory > Error Correction Type: Single-bit ECC > Maximum Capacity: 4 GB > Error Information Handle: No Error > Number Of Devices: 4 > > Handle 0x1100, DMI type 17, 23 bytes > Memory Device > Array Handle: 0x1000 > Error Information Handle: No Error > Total Width: 72 bits > Data Width: 64 bits > Size: 128 MB > Form Factor: DIMM > Set: 1 > Locator: DIMM_A > Bank Locator: BANK_1 > Type: SDRAM > Type Detail: Synchronous > Speed: 133 MHz (7.5 ns) > [ ... ] -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
BIND 9.3.2 on FreeBSD 6.1-release-p2
I'm running BIND 9.3.2 on FreeBSD 6.1, and am noticing that it gets out of control after running for a while. PIDUID THR PRI NICE SIZERES STATETIME WCPU COMMAND 60480 53 1 1320 195M 194M RUN 41.7H 75.54% named After restarting it, its CPU usage goes back down to what it should be, as does its memory usage. I really don't want to babysit this process, so I'm trying to find the cause of this. I have "max-cache-size" set to "150M", as before I turned this on, this process would just grow and grow until it hit FreeBSD's limit and would stop responding all together, not to mention eating up as much CPU time as it could. I never had this problem at all with BIND 8, and am wondering if there's something I'm doing wrong with BIND 9 to have this problem? Has anyone else experienced this? Any help would be greatly appreciated. Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Which version of BIND to use on FreeBSD 6.1?
I'm trying to figure out which is the best version of BIND to use on FreeBSD 6.1? I've always stuck with FreeBSD's base version, and since upgrading from FreeBSD 4.x to 6.1, that meant moving from BIND 8.3.x to 9.3.2. I've encountered numerous problems since moving to 9.3.2 which primarily revolve around exponential increases in memory and CPU usage. On our BIND 8.3.x setup, we have 750 master domains. Memory usage is just shy of 70MBs. On our new server with BIND 9.3.2, we have currently 140 master domains, and memory usage continually grows until FreeBSD cuts it off. I have discovered the "max-cache-size" option which allows me set an upper limit, but when the named process hits that limit, it starts eating up all available CPU cycles. I've seen some similar reports from other users, but haven't found any real solutions. While browsing the ports tree, I found I have my pick of BIND 8.3.x, 8.4.x, and a ports version of 9.3.x (not sure exactly how this differs from base -- more current?). Our needs are fairly basic -- we have a few DNS servers, and each are masters and slaves, helping one another out. We're not using DNSSEC or anything. I'm wondering what other people are generally using, and which version works best for them? Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Which version of BIND to use on FreeBSD 6.1?
I think I'll rephrase my question. What real advantage is there for me running BIND 9 over BIND 8? Version 9 seems to require a lot more memory and is still giving me this really annoying problem of using all my CPU time when it hits the max_cache_size. I'm not using DNSSEC or IPV6... Patrick On 1/3/07, patrick <[EMAIL PROTECTED]> wrote: I'm trying to figure out which is the best version of BIND to use on FreeBSD 6.1? I've always stuck with FreeBSD's base version, and since upgrading from FreeBSD 4.x to 6.1, that meant moving from BIND 8.3.x to 9.3.2. I've encountered numerous problems since moving to 9.3.2 which primarily revolve around exponential increases in memory and CPU usage. On our BIND 8.3.x setup, we have 750 master domains. Memory usage is just shy of 70MBs. On our new server with BIND 9.3.2, we have currently 140 master domains, and memory usage continually grows until FreeBSD cuts it off. I have discovered the "max-cache-size" option which allows me set an upper limit, but when the named process hits that limit, it starts eating up all available CPU cycles. I've seen some similar reports from other users, but haven't found any real solutions. While browsing the ports tree, I found I have my pick of BIND 8.3.x, 8.4.x, and a ports version of 9.3.x (not sure exactly how this differs from base -- more current?). Our needs are fairly basic -- we have a few DNS servers, and each are masters and slaves, helping one another out. We're not using DNSSEC or anything. I'm wondering what other people are generally using, and which version works best for them? Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: how to know what DNS server is being used
On 10/28/06, Matthew Seaman <[EMAIL PROTECTED]> wrote: On recent FreeBSD, the resolver actually iterates through the listed nameserver lines in order, sending the query out to each in turn until it gets a response. It used to be that the resolver would wait for the full 30s DNS timeout before trying the next server (hence the cry dreaded by sysadmins everywhere that "the Internet is slow today"), but nowadays Is there any way to configure this 30 second delay for older versions of FreeBSD (eg. 4.11)? Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Command to show processor type/speed?
Is there a command to show the processor type and speed of the host system? I'm working on a remote system, and I'd prefer to not have to reboot it to find out. Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Command to show processor type/speed?
Figured it out: sysctl -w hw.model On 4/30/07, patrick <[EMAIL PROTECTED]> wrote: Is there a command to show the processor type and speed of the host system? I'm working on a remote system, and I'd prefer to not have to reboot it to find out. Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Forwarding external-bound packets internally with ipfw
I have a few servers, and I'd like to force secondary servers to deliver mail to the primary via a private network (each server is dual-homed). Mail would be deemed "local" (destined for my LAN) by specifying a bunch of CIDRs. I would like to accomplish this using ipfw's forwarding support, but I am having a problem getting the rule right. I first tried using ipfw forward, but after reading the man page in greater detail, it seems like this likely won't work. My next thought is to use ipfw's divert functionality in conjunction with natd, but it is not clear to me how I could tell natd to forward to the correct internal server using the redirect_port option. Ideally, I would like to maintain only one list of IP blocks. Additionally, it seems like natd wants you define a rule per IP, which will get to be rather annoying when dealing with hundreds of IPs that could easily be classified using a mask. An example of what I want to do follows: Server A: public IPs: 1.2.3.0/24, private IP: 192.168.0.1 Server B: public IPs: 2.3.4.0/24, private IP: 192.168.0.2 Server C: public IPs: 3.4.5.0/24, private IP: 192.168.0.3 When Server B accepts mail destined for Server A, I would like it to route through 192.168.0.1 rather than the public IP. The same goes for if Server C accepts mail for Server A or B using the respective internal IP. This isn't really relevant, but I'm using Postfix as my mailer. It does have an option to force a relay_host, but it will not let you differentiate destinations. This works fine with two hosts on the network, but not for three or more. Any ideas of how I could accomplish this? Thanks very much, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Using cvsup + make world, and keeping custom patches
I recently had a need to patch the FreeBSD's jail utility to support multiple IP addresses. On a recent "make update" using cvsup, my patched versions of the jail files were blown away, and now I'll need to reapply the patches. Does anyone have a good strategy for including some custom patches when doing a make update in /usr/src? Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: php/apache/ssl core dumps
Hi Ruben, I have been experiencing the same thing, both by using the ports and by building manually from source. I prefer to build from source, as I find the ports tree to be a bit difficult to use when it comes to the way it handles PHP stuff. At any rate, I solved my problem by not building mod_ssl as a shared module. Statically compiled, I no longer get the crashes. Perhaps the ports tree has an option to build mod_ssl this way... Patrick On 5/16/05, Ruben Bloemgarten <[EMAIL PROTECTED]> wrote: > > > Hi all, > > > > I'm trying to get Apache to work with both ssl and php. However, when ssl > apache and php are installed and the php module is set to be loaded into > apache, apache core dumps (11). I'm using the latest ports tree. Also I've > tried any number of combinations of mod_php, php-extensions, > apache13-mod_ssl, apache13-ssl, apache then openssl etc etc. This problem > has been discussed before but none of the solutions seem to be working. > Could anyone help ? > > > > Thanks, > > > > Ruben > > > -- > No virus found in this outgoing message. > Checked by AVG Anti-Virus. > Version: 7.0.308 / Virus Database: 266.11.10 - Release Date: 05/13/2005 > > > > -- > No virus found in this outgoing message. > Checked by AVG Anti-Virus. > Version: 7.0.308 / Virus Database: 266.11.10 - Release Date: 05/13/2005 > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Limit # of connections per IP using ipfw?
Is there a way to limit the number of TCP connections from a particular IP at a given time using ipfw? We are running Cyrus IMAP on FreeBSD 6.2, and are sometimes subject to POP3 brute force login attacks. I'm not sure if it's Cyrus or the SASL SQL plugin, but these attacks grind the server to halt (the load level goes up beyond 350!). The database against which authentication takes places is on a separate server, so I know it's not MySQL's fault. I'd like to be able to set a firewall rule to set a reasonable limit per IP for these sorts of connections. I know that pf can do it, and I'm in the process of figuring out how to migrate all of our stuff over to pf, but in the meantime, I'd like to try to do this with ipfw. Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Limit # of connections per IP using ipfw?
Perfect, thanks! On Feb 13, 2008 10:14 AM, Christopher Cowart <[EMAIL PROTECTED]> wrote: > > On Wed, Feb 13, 2008 at 09:23:31AM -0800, patrick wrote: > > Is there a way to limit the number of TCP connections from a > > particular IP at a given time using ipfw? We are running Cyrus IMAP on > > FreeBSD 6.2, and are sometimes subject to POP3 brute force login > > attacks. I'm not sure if it's Cyrus or the SASL SQL plugin, but these > > attacks grind the server to halt (the load level goes up beyond 350!). > > The database against which authentication takes places is on a > > separate server, so I know it's not MySQL's fault. I'd like to be able > > to set a firewall rule to set a reasonable limit per IP for these > > sorts of connections. I know that pf can do it, and I'm in the process > > of figuring out how to migrate all of our stuff over to pf, but in the > > meantime, I'd like to try to do this with ipfw. > > You can use limit rules. This should do the trick: > > # ipfw add allow tcp from any to me pop3s limit src-addr 5 > > Check the ipfw man page section on limit for more info (though it's > pretty brief). > > -- > Chris Cowart > Network Technical Lead > Network & Infrastructure Services, RSSP-IT > UC Berkeley > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Multiple versions of PHP
I've got a new problem... While I was able to install PHP 5 into a separate location than PHP 4 (both from ports), I'm now trying to add a PHP 5 extension (/usr/ports/graphics/php5-gd). The built-in version checking is saying: ===> php5-gd-5.2.5 cannot install: doesn't work with PHP version : 4 (Doesn't support PHP 4). *** Error code 1 ... which would be an issue if my PREFIX was the same, but it's not. Is there a way I can trick the ports system into thinking I don't have PHP 4 installed? Patrick On Tue, Apr 3, 2007 at 8:36 AM, patrick <[EMAIL PROTECTED]> wrote: > Thanks, that worked really well. For those searching the archive for > an easy answer, you just need to do: > > make PREFIX=/path/to/where/you/want all install clean > > Patrick > > > > > On 4/2/07, Kimi Ostro <[EMAIL PROTECTED]> wrote: > > On 02/04/07, patrick <[EMAIL PROTECTED]> wrote: > > > I have a FreeBSD 6.2 server with Apache 1.3.x and PHP 4.4.x built from > > > ports. I'd like to install PHP 5 from the ports tree, but target its > > > install location to /usr/local/php5 to keep it separate from the PHP 4 > > > stuff. (I'll be running PHP through fastcgi.) I'm wondering if there's > > > a way to do built a port where the install root is different from the > > > default? If not, I'll hand-build PHP5, but I'd much rather take > > > advantage of ports. > > > > > > Thanks, > > > > > > > % man 7 ports > > > > look for PREFIX > > > > HTH, > > > > -- > > Kimi > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Multiple versions of PHP
Okay, I got it installed, but I had to make temporary changes to
/usr/ports/Mk/bsd.php.mk. My first idea was to build with:
make PREFIX=/usr/local/php5 LOCALBASE=/usr/local/php5
but that didn't work because other things expect LOCALBASE to be
/usr/local (or rather, expect that whatever LOCALBASE is set to will
contain various other supporting build utilities).
It would be nice if bsd.php.mk used ${LOCALPHPBASE} which would by
default be set to ${LOCALBASE}. This would allow for multiple
installations of PHP in different locations.
Patrick
On Thu, Feb 21, 2008 at 7:25 PM, patrick <[EMAIL PROTECTED]> wrote:
> I've got a new problem...
>
> While I was able to install PHP 5 into a separate location than PHP 4
> (both from ports), I'm now trying to add a PHP 5 extension
> (/usr/ports/graphics/php5-gd). The built-in version checking is
> saying:
>
> ===> php5-gd-5.2.5 cannot install: doesn't work with PHP version : 4
> (Doesn't support PHP 4).
> *** Error code 1
>
> ... which would be an issue if my PREFIX was the same, but it's not.
> Is there a way I can trick the ports system into thinking I don't have
> PHP 4 installed?
>
> Patrick
>
>
>
>
>
> On Tue, Apr 3, 2007 at 8:36 AM, patrick <[EMAIL PROTECTED]> wrote:
> > Thanks, that worked really well. For those searching the archive for
> > an easy answer, you just need to do:
> >
> > make PREFIX=/path/to/where/you/want all install clean
> >
> > Patrick
> >
> >
> >
> >
> > On 4/2/07, Kimi Ostro <[EMAIL PROTECTED]> wrote:
> > > On 02/04/07, patrick <[EMAIL PROTECTED]> wrote:
> > > > I have a FreeBSD 6.2 server with Apache 1.3.x and PHP 4.4.x built from
> > > > ports. I'd like to install PHP 5 from the ports tree, but target its
> > > > install location to /usr/local/php5 to keep it separate from the PHP 4
> > > > stuff. (I'll be running PHP through fastcgi.) I'm wondering if there's
> > > > a way to do built a port where the install root is different from the
> > > > default? If not, I'll hand-build PHP5, but I'd much rather take
> > > > advantage of ports.
> > > >
> > > > Thanks,
> > > >
> > >
> > > % man 7 ports
> > >
> > > look for PREFIX
> > >
> > > HTH,
> > >
> > > --
> > > Kimi
> > >
> >
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ionCube PHP Encoder / Loader on FreeBSD 6 / 7
Hi Doug, You may get more help if you provide some more details like log messages or specifics about what is not working. Patrick On Thu, Feb 21, 2008 at 8:57 AM, Doug Poland <[EMAIL PROTECTED]> wrote: > Hello, > > I'm having problems getting ionCube's PHP loader working on either > 6.3-RELEASE or 7.0-RC2 (both i386). I've followed the install > instructions, edited php.ini, installed compat5x and compat6x libraries, > but just cannot get the loader to work. Both boxes are running PHP 5.2.5. > > Have googled and read the ioncube forums. I must be missing something > obvious. > > Thanks in advance... > > -- > Regards, > Doug > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: AFP Client in FreeBSD
Mac OS X supports NFS, so you could always mount your Mac on FreeBSD via NFS. Patrick On Wed, Jun 10, 2009 at 10:45 AM, Chris Maness wrote: > Is there an AFP client for FreeBSD? I have a mac with a gargantuan > hard drive, and I would like to back up my FreeBSD server to it, and > back up my mac to my FreeBSD server. I have seen where FreeBSD can be > an AFP server, but there is little information on the client. Any > suggestions? > > Thanks, > Chris Maness > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: AFP Client in FreeBSD
Oh, I don't know about 10.4. Looks easy enough in 10.5: http://www.macresearch.org/nfs-exports-leopard You could also use sshfs: http://www.freshports.org/sysutils/fusefs-sshfs/ It would be a bit slower, but reliable. Patrick On Wed, Jun 10, 2009 at 5:57 PM, Chris Maness wrote: > I tried mounting a mac box to my FreeBSD server a while back, but I > think I was not able to get it to go RW. > > How do you set up NFS as a service in OSX 10.4? That would be the > best way as my backup scripts are already set up to do an NFS mount. > > Thanks, > Chris > > On Wed, Jun 10, 2009 at 3:22 PM, patrick wrote: >> Mac OS X supports NFS, so you could always mount your Mac on FreeBSD via NFS. >> >> Patrick >> >> On Wed, Jun 10, 2009 at 10:45 AM, Chris Maness wrote: >>> Is there an AFP client for FreeBSD? I have a mac with a gargantuan >>> hard drive, and I would like to back up my FreeBSD server to it, and >>> back up my mac to my FreeBSD server. I have seen where FreeBSD can be >>> an AFP server, but there is little information on the client. Any >>> suggestions? >>> >>> Thanks, >>> Chris Maness >>> ___ >>> freebsd-questions@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >>> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" >>> >> > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Mounting an NFS volume served by Mac OS X
I'm wondering if anyone has had any success in mounting an NFS export from a Mac OS X machine on FreeBSD 7.2? When I try, I get: RPCPROG_MNT: RPC: Authentication error; why = Client credential too weak The man page for exports on Mac OS X has: -sec=mechanism1:mechanism2... This option specifies one or more security mechanisms required for access to the exported directory. The security mechanisms currently supported are krb5p, krb5i, krb5, and sys. Multiple security mechanisms can be spec- ified as a colon separated list, and should be in the order of most preferred to least preferred. In the absence of this option, the security mechanism defaults to sys. My export does not specify this, so "sys" is what is being used. Not exactly sure what that means... I don't see any options in mount_nfs(8) on the FreeBSD side that has anything to do with authentication or security mechanisms... Any suggestions would be greatly appreciated! Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
6.0 and fsck_snapshot
I rebooted out FreeBSD 6.0 server today. I noticed that it froze during the shutdown, so I had to do a hard reset. After it reboot, I did an ls on one of our filesystems (250GB SATA drive). Instead of all of the files that would normally be there, all there was was a .snap folder. When I did an ls in there, the process hung. I rebooted once again, and I can get into the .snap folder just fine. Except that all of my files are still missing, and instead it appears I have one big fsck_snapshot file. Is there any way I can recover from this and restore my files? Looking through my logs, I see a couple errors just before I did the initial reboot: Apr 19 12:12:29 pompom kernel: g_vfs_done():ad8s1d[READ(offset=114688, length=16384)]error = 6 Apr 19 12:12:29 pompom kernel: g_vfs_done():ad8s1d[READ(offset=114688, length=16384)]error = 6 Any help would be greatly appreciated. Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: 6.0 and fsck_snapshot
I used smartctl (part of /usr/ports/sysutils/smartmontools) to run a diagnostic on the disk, and while it does acknowledge an error, it seems to think the drive is okay. However, given that all of my files are still missing, I'm still a bit skeptical. Error 1 occurred at disk power-on lifetime: 2920 hours (121 days + 16 hours) When the command that caused the error occurred, the device was active or idle. After command completion occurred, registers were: ER ST SC SN CL CH DH -- -- -- -- -- -- -- 84 51 0f b0 bc 5d 4f Error: ICRC, ABRT 15 sectors at LBA = 0x0f5dbcb0 = 257801392 Commands leading to the command that caused the error were: CR FR SC SN CL CH DH DC Powered_Up_Time Command/Feature_Name -- -- -- -- -- -- -- -- c8 00 20 9f bc 5d 4f 00 00:02:34.209 READ DMA c8 00 20 7f fe 57 4f 00 00:02:34.202 READ DMA c8 00 20 5f 40 52 4f 00 00:02:34.191 READ DMA c8 00 20 3f 82 4c 4f 00 00:02:30.735 READ DMA c8 00 20 1f c4 46 4f 00 00:02:34.965 READ DMA SMART Self-test log structure revision number 1 Num Test_DescriptionStatus Remaining LifeTime(hours) LBA_of_first_error # 1 Extended offlineCompleted without error 00% 3300 - On 4/19/06, patrick <[EMAIL PROTECTED]> wrote: > I rebooted out FreeBSD 6.0 server today. I noticed that it froze > during the shutdown, so I had to do a hard reset. After it reboot, I > did an ls on one of our filesystems (250GB SATA drive). Instead of all > of the files that would normally be there, all there was was a .snap > folder. When I did an ls in there, the process hung. I rebooted once > again, and I can get into the .snap folder just fine. Except that all > of my files are still missing, and instead it appears I have one big > fsck_snapshot file. > > Is there any way I can recover from this and restore my files? Looking > through my logs, I see a couple errors just before I did the initial > reboot: > > Apr 19 12:12:29 pompom kernel: g_vfs_done():ad8s1d[READ(offset=114688, > length=16384)]error = 6 > Apr 19 12:12:29 pompom kernel: g_vfs_done():ad8s1d[READ(offset=114688, > length=16384)]error = 6 > > Any help would be greatly appreciated. > > Thanks, > > Patrick > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: 6.0 and fsck_snapshot
Does anyone have any knowledge about this fsck_snapshot file? I've Googled it, but haven't found anything useful. I'm somewhat concerned that FreeBSD/fsck could destroy the entire contents of a drive like this. Patrick On 4/19/06, patrick <[EMAIL PROTECTED]> wrote: > I used smartctl (part of /usr/ports/sysutils/smartmontools) to run a > diagnostic on the disk, and while it does acknowledge an error, it > seems to think the drive is okay. However, given that all of my files > are still missing, I'm still a bit skeptical. > > Error 1 occurred at disk power-on lifetime: 2920 hours (121 days + 16 hours) > When the command that caused the error occurred, the device was > active or idle. > > After command completion occurred, registers were: > ER ST SC SN CL CH DH > -- -- -- -- -- -- -- > 84 51 0f b0 bc 5d 4f Error: ICRC, ABRT 15 sectors at LBA = > 0x0f5dbcb0 = 257801392 > > Commands leading to the command that caused the error were: > CR FR SC SN CL CH DH DC Powered_Up_Time Command/Feature_Name > -- -- -- -- -- -- -- -- > c8 00 20 9f bc 5d 4f 00 00:02:34.209 READ DMA > c8 00 20 7f fe 57 4f 00 00:02:34.202 READ DMA > c8 00 20 5f 40 52 4f 00 00:02:34.191 READ DMA > c8 00 20 3f 82 4c 4f 00 00:02:30.735 READ DMA > c8 00 20 1f c4 46 4f 00 00:02:34.965 READ DMA > > SMART Self-test log structure revision number 1 > Num Test_DescriptionStatus Remaining > LifeTime(hours) LBA_of_first_error > # 1 Extended offlineCompleted without error 00% 3300 - > > > > On 4/19/06, patrick <[EMAIL PROTECTED]> wrote: > > I rebooted out FreeBSD 6.0 server today. I noticed that it froze > > during the shutdown, so I had to do a hard reset. After it reboot, I > > did an ls on one of our filesystems (250GB SATA drive). Instead of all > > of the files that would normally be there, all there was was a .snap > > folder. When I did an ls in there, the process hung. I rebooted once > > again, and I can get into the .snap folder just fine. Except that all > > of my files are still missing, and instead it appears I have one big > > fsck_snapshot file. > > > > Is there any way I can recover from this and restore my files? Looking > > through my logs, I see a couple errors just before I did the initial > > reboot: > > > > Apr 19 12:12:29 pompom kernel: g_vfs_done():ad8s1d[READ(offset=114688, > > length=16384)]error = 6 > > Apr 19 12:12:29 pompom kernel: g_vfs_done():ad8s1d[READ(offset=114688, > > length=16384)]error = 6 > > > > Any help would be greatly appreciated. > > > > Thanks, > > > > Patrick > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
BIND inside a jail on FreeBSD 6.0
I'm trying to run BIND inside a jail on FreeBSD 6.0, and I'm
encountering the following problem:
[EMAIL PROTECTED] /var/named]# /etc/rc.d/named start
mount_devfs: Operation not permitted
/etc/rc.d/named: WARNING: devfs_domount(): Unable to mount devfs on
/var/named/dev
devfs rule: ioctl DEVFSIO_RAPPLY: Operation not permitted
devfs rule: ioctl DEVFSIO_RAPPLY: Operation not permitted
Starting named.
And then it doesn't start...
(I realize that BIND already runs in a chroot'd environment, but I'm
running a second copy of BIND on an existing development server as a
secondary test environment.)
The problem looks like it originates in /etc/rc.d/named:
# Mount a devfs in the chroot directory if needed
#
umount ${named_chrootdir}/dev 2>/dev/null
devfs_domount ${named_chrootdir}/dev devfsrules_hide_all
devfs -m ${named_chrootdir}/dev rule apply path null unhide
devfs -m ${named_chrootdir}/dev rule apply path random unhide
I tried mounting the devfs outside the jail to the jail's
/var/named/dev, and then commenting out these lines above, but named
will still not start. Does anyone have any suggestions?
Thanks,
Patrick
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: BIND inside a jail on FreeBSD 6.0
Thanks, that did the trick. I'm not running this in a jail because I'm paranoid or anything -- I just need a test environment, and I don't have an extra machine kicking around. :) Patrick On 5/1/06, David Robillard <[EMAIL PROTECTED]> wrote: BIND is trying to setup a chroot(8) before it starts. If you're already inside a jail, then IMHO it is a little overkill (i.e. Running BIND in a chroot inside a jail). Check the BIND related values in rc.conf(5). The chroot(8) startup is triggered via this one: named_chrootdir="/var/named"# Chroot directory (or "" not to auto-chroot it) So try setting it to named_chrootdir="" and it should disable the chroot code from the startup script. Of course, if you still need to chroot(8) your named(8) install inside your jail, then you're at the same point. Consider running another jail perhaps? Or use BIND's view feature. Hope this helps, David > Thanks, > > Patrick > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > [EMAIL PROTECTED]" -- David Robillard UNIX systems administrator, CISSP Montreal: +1 514 966 0122 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: quota and /var/mail
If you want to only have one set of quotas, you might consider switching to a Postfix/Maildir setup where your users' inboxes will be located in their home folder rather than in /var/mail. It's a fairly easy switch: install Postfix from /usr/ports/mail/postfix, and then you just need to configure one line in your Postfix's main.cf to turn on Maildir support: http://www.postfix.org/faq.html#maildir Though, there might be a bit of a learning curve with respect to the differences between Sendmail and Postfix to convert the rest of your configuration over. It all depends on how complicated your current setup is. Patrick On 5/23/06, Marwan Sultan <[EMAIL PROTECTED]> wrote: Hello Mike, Thank you again for your support, this is the output of mount and fstab # DeviceMountpoint FStype Options Dump Pass# /dev/ad0s1b noneswapsw 0 0 /dev/ad0s1a / ufs rw 1 1 /dev/ad0s1e /tmpufs rw 2 2 /dev/ad0s1f /usrufs rw,userquota,groupquota 2 2 /dev/ad0s1g /varufs rw 2 2 /dev/acd0c /cdrom cd9660 ro,noauto 0 0 proc/proc procfs rw 0 0 $ mount /dev/ad0s1a on / (ufs, local) /dev/ad0s1e on /tmp (ufs, local, soft-updates) /dev/ad0s1f on /usr (ufs, local, with quotas, soft-updates) /dev/ad0s1g on /var (ufs, local, soft-updates) procfs on /proc (procfs, local) I just want the quota to read the Shell user (home directory) size plus the INBOX mails which stay in /var/mail/$UserName Currently the quota reads the home directory and ignores the $inbox Thak you mike Marwan >At 07:37 PM 21/05/2006, Marwan Sultan wrote: > > >> No when I enabled quota I did the configuration on /usr >> shall i enable it on /var to? >> then how to make the sendmail or the shell reads the user quota on his >>home directory and >> his /var/mail/$username ? > > >Hi, > It all depends on how you have it mounted. Quotas follow the >partition. So if you have /var/mail as its own partition, you need to do it >there. If you have /var/mail as a subdirectory of /var than do it on /var. > >What is the contents of /etc/fstab on the box ? > >> if webmin can read the home directory quota and add to it the >>/var/mail/$userInbox size >> then for sure I can do it some how? > >I dont use webmin so I am not sure how it calculates things. > > ---Mike > >___ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to >"[EMAIL PROTECTED]" _ Don't just search. Find. Check out the new MSN Search! http://search.msn.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Installing FreeBSD 7.1 on a Dell Inspiron 530s - HELP!
Hi, I just got a new Dell Inspiron 530s, and am having some trouble getting FreeBSD 7.1 installed on it. When I boot up from the CD, after it detects all of the disks, I start getting messages like: acd0: TIMEOUT - READ_BIG retrying (1 retry left) and so on. Google results suggested that I disable ACPI from the boot menu. This works insofar as I get to the installation menu; however, when I go to partition the disk, it says that no disks were found. Is there a way I can disable ACPI, but set some boot-time variables to help the system find the disk controller? I'm in the process of creating a LiveCD to see if acpidump might help isolate just what the problem is, but if anyone has some advice in the meantime, I'd greatly appreciate it. Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Installing FreeBSD 7.1 on a Dell Inspiron 530s - HELP!
Booting in safe-mode doesn't have the TIMEOUT - READ_BIG messages, but instead I get an interrupt storm detected. The LiveCD didn't work because when I boot with ACPI disabled, no disks are detected which means that I cannot mount the LiveCD. :( On Mon, Jan 19, 2009 at 2:19 PM, patrick wrote: > Hi, I just got a new Dell Inspiron 530s, and am having some trouble > getting FreeBSD 7.1 installed on it. When I boot up from the CD, after > it detects all of the disks, I start getting messages like: > > acd0: TIMEOUT - READ_BIG retrying (1 retry left) > > and so on. > > Google results suggested that I disable ACPI from the boot menu. This > works insofar as I get to the installation menu; however, when I go to > partition the disk, it says that no disks were found. Is there a way I > can disable ACPI, but set some boot-time variables to help the system > find the disk controller? > > I'm in the process of creating a LiveCD to see if acpidump might help > isolate just what the problem is, but if anyone has some advice in the > meantime, I'd greatly appreciate it. > > Thanks, > > Patrick > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
FreeBSD 7.1 Install -- acd0: TIMEOUT - READ_BIG retrying (1 retry left)
(Sorry for the repost, but in retrospect, I thought a subject detailing the actual problem would garner more responses.) Hi, I just got a new Dell Inspiron 530s, and am having some trouble getting FreeBSD 7.1 installed on it. When I boot up from the CD, after it detects all of the disks, I start getting messages like: acd0: TIMEOUT - READ_BIG retrying (1 retry left) and so on. Google results suggested that I disable ACPI from the boot menu. This works insofar as I get to the installation menu; however, when I go to partition the disk, it says that no disks were found. Is there a way I can disable ACPI, but set some boot-time variables to help the system find the disk controller? I'm in the process of creating a LiveCD to see if acpidump might help isolate just what the problem is, but if anyone has some advice in the meantime, I'd greatly appreciate it. ... time passes ... Booting in safe-mode doesn't have the TIMEOUT - READ_BIG messages, but instead I get an interrupt storm detected. The LiveCD didn't work because when I boot with ACPI disabled, no disks are detected which means that I cannot mount the LiveCD. :( Has anyone found a way to work around this sort of issue before? Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: FreeBSD 7.1 Install -- acd0: TIMEOUT - READ_BIG retrying (1 retry left)
On a side note, Open Solaris seems to install just fine. Sigh... FreeBSD is obviously my first choice, so hopefully there will be a solution to this problem... On Mon, Jan 19, 2009 at 5:07 PM, patrick wrote: > (Sorry for the repost, but in retrospect, I thought a subject > detailing the actual problem would garner more responses.) > > Hi, I just got a new Dell Inspiron 530s, and am having some trouble > getting FreeBSD 7.1 installed on it. When I boot up from the CD, after > it detects all of the disks, I start getting messages like: > > acd0: TIMEOUT - READ_BIG retrying (1 retry left) > > and so on. > > Google results suggested that I disable ACPI from the boot menu. This > works insofar as I get to the installation menu; however, when I go to > partition the disk, it says that no disks were found. Is there a way I > can disable ACPI, but set some boot-time variables to help the system > find the disk controller? > > I'm in the process of creating a LiveCD to see if acpidump might help > isolate just what the problem is, but if anyone has some advice in the > meantime, I'd greatly appreciate it. > > ... time passes ... > > Booting in safe-mode doesn't have the TIMEOUT - READ_BIG messages, but > instead I get an interrupt storm detected. The LiveCD didn't work > because when I boot with ACPI disabled, no disks are detected which > means that I cannot mount the LiveCD. :( > > Has anyone found a way to work around this sort of issue before? > > Thanks, > > Patrick > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Control IRQ assignment?
I'm running FreeBSD 7.1 on a new Dell Inspiron 530s. I'm having an issue where the same IRQ is being assigned for multiple devices, and I have a device that absolutely needs its own IRQ. The BIOS is very limiting, and won't allow me to disable shared IRQ assignment. Some suggestions I've read about booting FreeBSD with ACPI hasn't been an option, because without it enabled, FreeBSD does not see the SATA controllers/disks, and thus won't boot. Linux has a utility called irqbalance (http://www.irqbalance.org/) that seems like it could be promising, but of course it is Linux-specific. Is there any way in FreeBSD that I can help the system decide which IRQs to assign to what? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
x86 install routines
What's the problem with making this freebsd easy to install from the prompt? I am curious, is writing install routines for the x86 desktop difficult? and what exactly is the difficulty. Let me know, I am more than happy to help the project. Cordially, Patrick Sadler ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: UPnP or NAT-PMP on FreeBSD?
Just stumbled upon MiniUPnP (http://miniupnp.free.fr/) which seems to do what I need -- provided I switch from ipfw to pf. I was planning on exploring this anyway, so I guess I'll do it sooner rather than later. :) Patrick On Wed, Jul 16, 2008 at 6:31 PM, patrick <[EMAIL PROTECTED]> wrote: > I was wondering if there is any support in FreeBSD for Universal Plug > and Play (UPnP) or NAT Port Mapping Protocol NAT-PMP? We have a > FreeBSD 7.x server running natd in my office being used as our NAT > gateway/router, and I would like to use the "Back to My Mac" feature > that Apple's Mobile Me (formerly .Mac) offers. It requires that your > gateway support either one of these two standards, but I can't seem to > find out any information if natd supports anything like this. Anyone > accomplished this before? > > Patrick > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
UPnP or NAT-PMP on FreeBSD?
I was wondering if there is any support in FreeBSD for Universal Plug and Play (UPnP) or NAT Port Mapping Protocol NAT-PMP? We have a FreeBSD 7.x server running natd in my office being used as our NAT gateway/router, and I would like to use the "Back to My Mac" feature that Apple's Mobile Me (formerly .Mac) offers. It requires that your gateway support either one of these two standards, but I can't seem to find out any information if natd supports anything like this. Anyone accomplished this before? Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
syslog question
I've configured my Apache process to send the ErrorLog to the syslog:local5 facility. In my syslog.conf file, I have: !httpd *.* /usr/local/apache/logs/error_log to catch these log messages. This works great, but these messages are also going into my /var/log/messages which has: *.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err /var/log/messag es Apache sends to local5.notice. I have tried add local5.none to this line which according to the man page is suppose to disable all local5 messages, but they still come through. Is there something I'm missing here? Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: syslog question
For some reason, switching Apache to use local3 instead of local5 and updating syslog.conf correspondingly correct this. Weird. Patrick On Wed, Jul 30, 2008 at 3:19 PM, patrick <[EMAIL PROTECTED]> wrote: > I've configured my Apache process to send the ErrorLog to the > syslog:local5 facility. > > In my syslog.conf file, I have: > > !httpd > *.* > /usr/local/apache/logs/error_log > > to catch these log messages. This works great, but these messages are > also going into my /var/log/messages which has: > > *.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err > /var/log/messag > es > > Apache sends to local5.notice. I have tried add local5.none to this > line which according to the man page is suppose to disable all local5 > messages, but they still come through. Is there something I'm missing > here? > > Thanks, > > Patrick > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Kill NFS connection
Is there a way to kill an NFS connection to a server that's stopped responding? When I try to simply unmount it, I get a never-ending stream of "server not responding" messages. (Using FreeBSD 6.2, BTW.) Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: RE: Multiple IP in jail?
Hi Ruben, I was was wondering if you had an example of using NAT to support multiple inbound IP's directing into a jail? Patrick On 1/14/06, Ruben Bloemgarten <[EMAIL PROTECTED]> wrote: If you use nat in conjuction with jails there is no need to add multiple ip's to the jails to be able to reach apache on multiple ip's, although I agree that it would be nice to be able to assign multiple ip's to a jail. Anyone ? Regards, Ruben -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Petr Murmak Sent: January 14, 2006 7:11 PM To: freebsd-questions@freebsd.org Subject: Multiple IP in jail? Hi! Is it possible to assign multiple IP to one jail on FreeBSD 6.0-STABLE? I want to use in jail apache for which i really need more than one IP. I found some patches for 5.0 but they are more than 2 years old without maintaining, so I didn't tried them. Petr ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.14.17/229 - Release Date: 01/13/2006 -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.14.17/229 - Release Date: 01/13/2006 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: jail login and replication problems
Hi Dan, Did you ever find a solution to this problem? I've had the exact same problem, and have tried various different things to resolve it... all to no avail. It's really annoying have to remake the jail from scratch every time, as I'd much rather do the configuration once, and use it as a cookie-cutter for future jails. Patrick On 7/26/05, Dan Rue <[EMAIL PROTECTED]> wrote: Greetings, I am setting up multiple jails on a machine. The first jail, everything works fine. If I add a user, that user can log in. If I tar cvzpf the jail, tar xvzpf to create a new one, some people can log into the new jail, and some can not. The user that can log in to the new one was the first user created (me), but any subsequent users can not log into new jails.. The symptom is right after accepting the password via ssh, the connection will just get dropped. I could not find any good error messages using ssh.. But if I enable telnet and try to telnet in, I receive this error in /var/log/messages: Jul 26 16:11:46 jail3 login: _secure_path: cannot stat /home/user3/.login_conf: Permission denied Jul 26 16:11:46 jail3 login: _secure_path: cannot stat /etc/login.conf: Permission denied Jul 26 16:11:46 jail3 login: _secure_path: cannot stat /home/user3/.login_conf: Permission denied Jul 26 16:11:46 jail3 login: _secure_path: cannot stat /etc/login.conf: Permission denied The permissions on those files are fine. So what would cause that error in jails that have been replicated using tar, but only to some users? I'm stumped.. Here's my rc.conf exerpt: jail_enable="YES" jail_list="jail3" jail_socket_unixiproute_only="NO" jail_sysvipc_allow="YES" # allow shared mem on all jails jail_jail3_rootdir="/jails/jail3" jail_jail3_hostname="jail3.example.com" jail_jail3_ip="10.0.0.203" jail_jail3_procfs_enable="YES" jail_jail3_devfs_enable="YES" jail_jail3_devfs_ruleset="devfsrules_jail" tia, Dan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
localhost = ::1
I upgraded BIND on one of our DNS servers (running FreeBSD 4.x) to version 9, and now all of our other machines that use this server for DNS resolution is experiencing a problem where "localhost" seems to be resolving to "::1". For example, if I previously typed: telnet localhost 25 I would get: Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. ... But now, I get: Trying ::1... Which takes forever to timeout. In my /etc/hosts file, I have ::1 localhost 127.0.0.1 localhost We don't use IPV6 at all, and I do have the localhost.rev and localhost-v6.rev added into the new BIND 9 server. Does anyone have an idea of how I can get this to work the way it used to? Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: 8.1: Cron ignoring crontab updates
Yes, it's definitely updating: [r...@juno /var/cron/tabs]# ls -ald /var/cron/tabs drwx-- 2 root wheel 512 Sep 2 12:49 /var/cron/tabs And after editing my crontab: [r...@juno /var/cron/tabs]# ls -ald /var/cron/tabs drwx-- 2 root wheel 512 Sep 3 10:25 /var/cron/tabs I've been using FreeBSD since version 4, and this has never once been an issue, nor is this an issue on a system with a fresh install of 8.1. Patrick On Fri, Sep 3, 2010 at 2:37 AM, Arthur Chance wrote: > On 09/03/10 09:19, per...@pluto.rain.com wrote: >> >> Chris Rees wrote: >> >>> You have to SIGHUP cron, not restart it. >>> >>> # killall -HUP cron >> >> Isn't crontab(1) supposed to do that, without separate intervention? > > From man cron > >> Additionally, cron checks each minute to see if its spool directory's >> modification time (or the modification time on /etc/crontab) has >> changed, >> and if it has, cron will then examine the modification time on all >> crontabs and reload those which have changed. Thus cron need not be >> restarted whenever a crontab file is modified. Note that the >> crontab(1) >> command updates the modification time of the spool directory whenever >> it >> changes a crontab. > > From the original post crontab seems to be working, so all I can suggest > is to "ls -ld /var/cron/tabs" before and after using crontab -e and see > if the modtime is being changed correctly. > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: why is the PHP stuff line "off" by default in ports/lang/php5?
I don't for sure, but I'd say it's off by default because not everyone
runs PHP with Apache, and mod_php5/libphp5.so is strictly for Apache.
Lots of people use PHP with FastCGI or other purposes.
If you always want it to be on, add the option to /etc/make.conf. Or,
if you're using portupgrade or some other port management utility for
upgrades, there are ways to set the default options for the ports you
use.
Hindsight is 20/20, but I'll go out on a limb here and say that it's
generally considered good practice to test software after upgrading --
particularly if it's a web server running websites. Another thing to
consider would be running something like Nagios to monitor your
systems/sites to make sure things are working properly.
Patrick
On Thu, Sep 16, 2010 at 6:45 PM, Gary Kline wrote:
>
> Guys,
>
> Tell me if I'm wrong to be ticked off. I just learned that my website
> has been down for weeks. My KVM switch doesn't work to let me have
> control of the console of my server [ns1|ethic].thought.org. Whether
> it was a cheap KVM switch or whether the '09 Dell 550 is defective is
> unknown. I have a new KVM switch. I do need direct control of the
> console for many reasons, but mostly to portupgrad ports.
>
> In the months since I first got ethic working, everything _but_ X11
> worked. In late August I upgraded apache and php5, rebooted, and
> just-assumed {TM} that apache22 was working. Weeks ago I did read and
> edit my non-blog blog; further reason to assume that everything worked.
>
> A couple hours ago my web server was not running. I traced it to a
> missing libphp5.so. I checked the makefile and found the php stuff
> defaults to "off". ...I am thinking this is a security risk, but most
> of us are reasonably sophisticated about such things
>
> Comments, anybody?
>
> --
> Gary Kline kl...@thought.org http://www.thought.org Public Service Unix
> The 7.83a release of Jottings: http://jottings.thought.org/index.php
> http://journey.thought.org
>
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: FreeBSD 8.1 & Squid suggestions?
Hi Ed,
For my office, I add IPFIREWALL_FORWARD into the kernel so that I can
transparently route all HTTP traffic without any client configuration.
My ipfw rule is:
ipfw add 550 fwd 127.0.0.1,3128 tcp from ${int_net} to any 80 via ${int_if}
Patrick
On Tue, Sep 21, 2010 at 12:41 PM, Ed Flecko wrote:
> Hi folks,
> I have a small group of people in my office (less than 20), and I want
> to set up a FBSD/Squid server, and I'm hoping someone might have some
> suggestions for the install.
>
> It's a clean install of FBSD 8.1, and the sole purpose of the server
> is a Squid server. The server has a 500Gb SATA hard drive, and 8Gb of
> RAM. I've installed Squid before (on an OpenBSD server), so I'm a
> comfortable with Squid.
>
> I'll install from a package (to make my life easy), but I'm not sure
> if there are any FBSD specific changes I should make? Are there any
> kernel customizations you might recommend I need? Are there any
> suggestions you might make to improve performance?
>
> Suggestions?
>
> Thank you,
> Ed
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: CYRUS IMAP cyradm core dump problem
This happens for me if the password is entered incorrectly. I see it happens right away for you, but what if you type: cyradm -u username 192.168.134.171 ? Patrick On Wed, Sep 22, 2010 at 12:25 AM, Tim Kerr wrote: > Hi guys, > > > > I have successfully used Cyrus IMAP in the past on versions 5.x, 6.x and 7.x > > > > but am having a problem with a fresh installed ver 8.0 server when running > the cyradm command > > > > I upgraded to ver 8.1, performed a portupgrade and still get the same result > as follows > > > > root# cyradm 192.168.134.171 > > Segmentation fault: 11 (core dumped) > > root# > > > > > > does anyone have any ideas as to what I should be looking at to fix this ? > > > > regards, > > Tim Kerr > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Use boot2 to boot kernel
Hi, I am wondering if kernel can be boot from boot2 instead of loader as I read the boot(8) man page that it can. However when I tried boot: ad(0,a)/boot/kernel/kernel FreeBSD halted with BTX halted and the register values are displayed on screen. Does anyone know how to boot kernel by boot2? Thx Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: SCHED_4BSD in RELENG_7 disturbs workflow
Le Tue, 16 Oct 2007 21:14:15 +0200, "[LoN]Kamikaze" <[EMAIL PROTECTED]> : > Quite the contrary on RELENG_7. During a portupgrade or even worse > 'pkgdb -L' (recovering lost dependencies) audio players (both > graphical and mplayer) scatter, either because they don't get the > hard-disk or CPU-cycles (which one, I don't know) and the focused > application also often hangs. It just looks like occasionally (under > load) everything freezes for a second and then goes on relatively > normal. I've got the same problem on 7.0-PRERELEASE/i386. Audio players scatter when the machine is loaded. On 6.2 it worked fine (with Xorg 7.3 too). With SCHED_ULE it is a lot better. I put a full dmesg here : http://user.lamaiziere.net/patrick/dmesg.txt Regards. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Fw: Best way for a gmirrored gjournal?
Dear all, I'm forwarding this message to this lists, as current@ obviously was the wrong recipient. I kindly ask you for your ideas and proposals on my questions below. Regards, Patrick Begin forwarded message: Date: Mon, 22 Oct 2007 19:08:35 +0200 From: Patrick Hurrelmann <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Best way for a gmirrored gjournal? Hi all, Currently I'm trying to install a new server and need some hints on how to best configure filesystems using gmirror and gjournal. The server in question is a amd64 with 512mb of ram and 2x 80gb sata hdds. So I was thinking of a mount-point layout like the following: ad0s1 / (1gb) swap(1gb) /var(8gb) /tmp(1gb) /home (4gb) /usr (13gb) /jails (39gb) ad0s2 10gb for journaling Which would leave a space of 10gb for journaling. I digged through the mailinglist-archives and man-pages of gmirror and gjournal but all I ended up with are questions and doubts :) Now I wanted to create 2 mirrors (gm0s1 and gm0s2). Gmirror gm0s1 containing the slices ad0s1 and ad2s1, while gm0s2 should contain ad0s2 and ad2s2. I created 2 slices, as with the above shown partitioning I was running out of mount-points for this slice. Is such a layout reasonable? Or is it stupid to use a dedicated slice just for journaling and better skip e.g /tmp partition to leave space for a dedicated journaling partition on this slice? Btw. are 10gb enough for journaling of 6 partitions? Or do I need one dedicated partition for journaling each? If I skip using a separate partition for journaling data, gjournal keeps telling me that e.g. the root partion of 1gb is too small for jorunaling. Would it be save to decrease journal size altough man-page discourages? What do you people out there suggest? How do you handle systems with gmirror and gjournal combined? Or even use ZFS although ram is limited (as the machine will serve up several jails with e.g. postgres)? I'm really looking forward to suggestions from you. I intentionally directed this mail to current@ as I think that here are the most people around with experience on gjournal. But if I better should direct this mail to questions@ I'm happy to do so, too. Best regards, Patrick -- ======== Patrick Hurrelmann | "Programming today is a race between software Mannheim, Germany| engineers striving to build bigger and better | idiot-proof programs, and the Universe trying [EMAIL PROTECTED] | to produce bigger and better idiots. So far, www.bytephobia.de| the Universe is winning." - Rich Cook /"\ \ /ASCII Ribbon Campaign X against HTML email & vCards / \ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Support of Macbook Pro under FreeBSD 7 ?
Hello, Could you tell me what is the state of the support of Macbook Pro under 7.0 ? (experimental, bad, good, very good ?) I've found http://wiki.freebsd.org/AppleMacbook (so it seems good) but the new Macbook Pro is shipped with a NVIDIA GeForce 8600M GT. Thanks in advance, regards. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
question about floating point calcuation with shell script / bc
Hi I have a file with numbers in each line. Each number is a decimal number. My task is to add them up and get the final answer. I have searched with the search engine. I found bash cannot handle floating point calculation. I tried to use 'bc' and found if the final answer is < 1 (eg. 0.2) It display .2 instead of 0.2 (no leading zero). Any suggestion or other methods? I know ksh could do floating point calculation but I am now familiar with ksh. Regards Patrick __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: question about floating point calcuation with shell script / bc
Hello Peter
Thanks, it work.
Regards
Patrick
--- Peter Boosten <[EMAIL PROTECTED]> wrote:
> On Mon, November 12, 2007 14:01, Patrick Dung wrote:
> > Hi
> >
> >
> > I have a file with numbers in each line.
> > Each number is a decimal number.
> > My task is to add them up and get the final answer.
> >
> >
> > I have searched with the search engine.
> > I found bash cannot handle floating point calculation.
> >
> >
> > I tried to use 'bc' and found if the final answer is < 1 (eg. 0.2)
> > It display .2 instead of 0.2 (no leading zero).
> >
> >
> > Any suggestion or other methods?
> > I know ksh could do floating point calculation
> > but I am now familiar with ksh.
> >
>
> Try awk
>
> awk '{sum += $1} END {printf "%.2f\n", sum}' file
>
> assuming the file consists only of numbers in the first column.
>
> Peter
>
>
> --
> http://www.boosten.org
>
>
>
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Determining kernel?
I was reading through the handbook section on updating, as I'd like to update a FreeBSD 6.2 system. One of the things I noticed is that you need to specify what kernel you want in the KERNCONF line. Is there any way to get a running FreeBSD system to tell me what kernel is being used? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
