G processes and therefore not as
bit a hit as it seems.
That output should allow you to narrow down which process is allocating
so much RAM.
--
Bill Moran
Collaborative Fusion Inc.
http://people.collaborativefusion.com/~wmoran/
wmo...@collaborativefusion.com
Phone: 412-422-3463x4023
k PostgreSQL systems and did not have to tweak any other values.
Note that we're running 6.x on these systems, so YMMV.
> Sorry for cross-posting, I was not sure which list was more adequate.
Probably [EMAIL PROTECTED] Although I would have started with -questions@
--
Bill Moran
Col
tement.
>
>
> --
>
> Michel TALON
>
> ___
> freebsd-hackers@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
>
>
>
ta these days? IPMI? Do
> we have IPMI support in base or ports?
Not sure about the base, but we've been using ipmitool from ports for
a while with success, and we're investigating FreeIPMI.
--
Bill Moran
Collaborative Fusion Inc.
http:/
ou compiled is impossible? Something like NetBSD's veriexec?
Also, the situation can be actively _detected_ using something like
tripwire or samhain. It'd be up to the admin to step in and stop things
when a problem is detected, but at least you'd k
27;ve done what Julian suggests, you
can get text output by doing tcpdump -r capture.out)
Overall, based on your vague symptoms, I'd guess you got cracked and
someone's running a spambot or other bot on that box. They may even
have it rooted.
--
Bill Moran
Collaborative Fusion Inc.
[E
dfjoin'' :)
You could print the desired pages to .ps files, use ps2pdf to convert
them and then pdfjam to combine them.
It's enough of a roundabout that I don't know if it's worth it or not.
--
Bill Moran
Collaborative Fusion Inc.
http://people.collaborativefusion.com/~w
inted that they took the tack of calling this a "software"
problem and investigating so many different softwares. They should have
identified it as a limitation of the hardware and tested different
hardware.
--
Bill Moran
Collaborative Fusion Inc.
[EMAIL PROTECTED]
Phone: 412-422-34
"Igor Mozolevsky" <[EMAIL PROTECTED]> wrote:
>
> On 24/02/2008, Bill Moran <[EMAIL PROTECTED]> wrote:
> > "Igor Mozolevsky" <[EMAIL PROTECTED]> wrote:
> > >
> > > On 23/02/2008, Brooks Davis <[EMAIL PROTECTED]> w
Christopher Arnold <[EMAIL PROTECTED]> wrote:
>
>
>
> On Sun, 24 Feb 2008, Bill Moran wrote:
>
> > Or laptop vendors could make "secure" laptops that always lose memory
> > on shutdown.
> >
> That dosn't really change anything, just don
In response to "Igor Mozolevsky" <[EMAIL PROTECTED]>:
> On 24/02/2008, Bill Moran <[EMAIL PROTECTED]> wrote:
> > "Igor Mozolevsky" <[EMAIL PROTECTED]> wrote:
[snip]
> > Fact is, data is "sensitive" to different degrees. It's
f" you want.
However, here are some links that may provide some help. All of these
are FreeBSD ports, and I'm fairly sure they'll work on Gentoo and
OSX as well:
http://www.webmin.com/
http://www.cfengine.org/
http://reductivelabs.com/trac/puppet/
--
Bill Moran
x specific.
>
> What do you BSD guys use for this purpose?
>
> If this belongs on -security let me know and I'll ask over there.
http://potentialtech.com/cms/node/16
--
Bill Moran
___
freebsd-hackers@freebsd.org mailing list
http:/
spoofed/more difficult to spoofe/ ;-)
On a modern OS (like FreeBSD) where ISNs are random, the possibility of
blindly spoofing an IP during a 3-way handshake is so low as to be
effectively impossible.
Yes, it _can_ be done, but the effort required makes it not an effective
method of attack.
--
Bi
predates me.
It's that way because the original Sun spec for the API said so.
It makes little sense to change it just to unsigned. The additional 2G
it would give doesn't really solve the tuning problem on a 64G system.
This is simply a spec that has become outdated by modern hardware.
In response to "Peter Steele" :
> Is it possible to determine the number of open files per process? We
> want to monitor this via a separate process and issue an alarm if some
> threshold is crossed.
The fstat command will do this for you.
--
Bill Moran
Collaborati
no trouble.
Why is this discussion on hack...@?
--
Bill Moran
Collaborative Fusion Inc.
http://people.collaborativefusion.com/~wmoran/
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any
s, and I sure would like to allocate more than 2G for PostgreSQL
to use ...
--
Bill Moran
Collaborative Fusion Inc.
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
In response to Bill Moran <[EMAIL PROTECTED]>:
>
> [I sent this to questions@ yesterday and have yet to get a response. I
> suspect it may be a little more technical than [EMAIL PROTECTED]
>
> uname -a
> FreeBSD db00.lab00 6.2-BETA3 FreeBSD 6.2-BETA3 #1: Fri Dec
[Kris -- are you interested in this or should I trim you from the CC?]
In response to Peter Jeremy <[EMAIL PROTECTED]>:
> On Wed, 2006-Dec-13 10:50:21 -0500, Bill Moran wrote:
> >In response to Bill Moran <[EMAIL PROTECTED]>:
> >> sysctl kern.ipc.shmmax=2
help with this problem.
Missed the original post on this.
Kerberos does this reliably and securely. Part of the point of Kerberos
is that machines must authenticate themselves to each other.
Another option is SSL certificates.
Although, since you don't de
http://people.collaborativefusion.com/~wmoran/code/jailme.html
Feedback is appreciated.
--
Bill Moran
Collaborative Fusion Inc.
[EMAIL PROTECTED]
Phone: 412-422-3463x4023
IMPORTANT: This message contains confidential
In response to Colin Percival <[EMAIL PROTECTED]>:
> Bill Moran wrote:
> > http://people.collaborativefusion.com/~wmoran/code/jailme.html
> >
> > Feedback is appreciated.
>
> Be very very careful. Both chroot(2) and jail(2) can only be called by
> root, and
"Christoph P. Kukulies" <[EMAIL PROTECTED]> wrote:
>
> Hi,
>
> does FreeBSD provide the ability to run VMWARE-Player for Linux and
> run VMs in it?
No. To the best of my knowledge it's not possible to run any VMWare
product under FreeBSD.
Qemu will run VMWare virtual machines under some conditi
I'm working on a quick little programming project for a client and ran
across this in the man page for access(2)
"Access() is a potential security hole and should never be used."
Obviously, I could use stat() instead, but use of access() will make
this project so simple it's not even funny.
Since
Rick Bradley wrote:
>
> * Bill Moran ([EMAIL PROTECTED]) [010331 10:48]:
> [...]
> > Does anyone have a pointer to more detailed information on the potential
> > security hole in access()? I've got a bit more research to do on this,
> > but I'd appreciate any
etter in the man page. The
current message is a little harsher than needed (I think)
-Bill
Robert Watson wrote:
>
> On Sat, 31 Mar 2001, Paul Herman wrote:
>
> > On Sat, 31 Mar 2001, Warner Losh wrote:
> >
> > > In message <[EMAIL PROTECTED]> Bill Moran write
Greg Black wrote:
>
> Bill Moran wrote:
>
> | Thanks for the additional explanation. It has done a number of things
> | for me, one of which is convince me that (for my application) the use of
> | access() is not a security problem.
>
> You're almost certainly
Mike Smith wrote:
> This is actually an interesting case.
I have some interesting clients. The reality of the matter is that their
filesystem organization on the server is terrible. This could all be
solved with a properly reorganized directory hierarchy - and that was my
first suggestion when th
Robert Watson wrote:
>
> On Sun, 15 Apr 2001, Julian Elischer wrote:
>
> > > http://www.microsoft.com/backstage/column_T2_1.htm
> >
> > this gives a blank screen... maybe they removed it.
>
> I found I had some netscape interop problems. Trying hitting reload a
> couple of times.
If you're us
Hello all,
I've been trying to resolve this for a few weeks now. Previous posts to
-questions have produced no useful info, and I haven't found anything in
the list archives that has helped.
This machine is running 4.3-STABLE cvsupped from May 21. I have
experienced the exact same problem with v
Alexander Langer wrote:
>
> Thus spake Bill Moran ([EMAIL PROTECTED]):
> > So ... I'm looking for any possible help in straightening this out.
> > Advice on how to run gdb more effectively is welcome, as well as anyone
>
> Hi!
>
> In the handbook there is a
[You may get better responses if you send 2 seperate emails with one
question in each]
Len Conrad wrote:
> ad1: 73308MB [148945/16/63] at ata0-slave UDMA100
If it's any help, I'm using that exact same drive currently and it's
sort of working. I'm having trouble with random panics on this system
Len Conrad wrote:
>
> >[You may get better responses if you send 2 seperate emails with one
> >question in each]
>
> I didnĀ“t want to send TWO OT msgs :)))
Tradeoff. I almost didn't read the message because I was confused by the
subject line. Other's might complain if you sent two OT messages.
Alex Zepeda wrote:
>
> On Fri, Jun 22, 2001 at 10:43:44AM -0400, Bill Moran wrote:
>
> > > ad1: 73308MB [148945/16/63] at ata0-slave UDMA100
> >
> > If it's any help, I'm using that exact same drive currently and it's
> > sort of working. I
[EMAIL PROTECTED] wrote:
>
> Both the kernel and kernel.debug files are of exactly the same size -
> about 3.3 Megs . This is inspite of having the DEBUG=-g option being set
> in the MYKERNEL directory. Any other clues, why this could be happening.
> I also tried the other procedure of using 'mak
Mark <[EMAIL PROTECTED]> wrote:
> Mark wrote:
>
> > Bill Moran wrote:
> >
> >> How about using skipto instead of allow? Thus, if it passes the
> >> first one, it can just skipto the next rule to be checked. i.e.:
> >>
> >> ipfw ad
Terry Lambert wrote:
> Historically, you've always held that the CDROM must boot
> to sysinstall. As the software's daddy, I can see why
> you'd want that; but your baby is ugly.
>
> I don't see anyone stepping up to replace it any time
> soon, so long as you insist that they not be able to
> m
Terry Lambert wrote:
> > 2 practical questions:
> > What *exactly* do you see wrong with sysinstall and what
> > *exactly* would you do to improve it.
> >
> > I've been looking for various projects to work on, but
> > sysinstall has never looked (to me) like it needed any
> > serious work. Perhaps
Wes Peters wrote:
> Oh, come now. FreeBSD's disk partitioning has always sucked. It does suck
> somewhat less than many Linux linstallers, and a lot less than the OpenBSD
> installer, but it still shoves way too many details and options at the
> average user. Something akin to PartitionMagic w
Terry Lambert wrote:
> If you pick "default installation" or "full installation", it
> _should_ try to be smart; if you pick "custom installation",
> you chould have to babysit it like you do today.
>
> In the "default" case, it should attempt to obtain a DHCP lease,
> and, failing that, ask the
Wes Peters wrote:
>
> Bill Moran wrote:
> >
> > Wes Peters wrote:
> >
> > > Oh, come now. FreeBSD's disk partitioning has always sucked. It does suck
> > > somewhat less than many Linux linstallers, and a lot less than the OpenBSD
> > >
Jordan Hubbard wrote:
> From: [EMAIL PROTECTED]
> > These mechanisms existed before without BSDi, so there was no "impact".
> > Actually, ftp downloads got a LOT slower after BSDi took over, so i consider
> > it a negative impact in that area.
> BSDi had no effect on ftp.freebsd.org's services
Terry Lambert wrote:
> Bill Moran wrote:
> > Now, I've never used partition magic, but I (personally)
> > find the FreeBSD partition program in sysinstall to be the
> > easiest one I've ever used. What should be changed to make
> > it easier?
>
>
Terry Lambert wrote:
> > If anyone is taking a vote, I disagree. I do not want any system
> > ever assuming anything about my network. Even Win checks with the
> > user before enabling DHCP.
>
> FYI: The networking bootstrap process I described above
> is derived from the process used by Windows
*sigh* this has gotten way off track somehow. Looking back, I'm
probably primarily to blame.
The fact is: *I* *AM* interested in replacing or helping out with
an effort to replace/improve sysinstall. However, there are two
critical things I must understand if I am to do anything truely
productive
Mike Smith wrote:
> > If anyone is taking a vote, I disagree. I do not want any system
> > ever assuming anything about my network. Even Win checks with the
> > user before enabling DHCP.
>
> Er, you *are* kidding, right? All modern Windows versions will try to
> get a lease long before the user
Wes Peters wrote:
> Just because you don't see it doesn't make it a bad idea. Network admins
> begged for years for a centralized IP address space management server;
> now that they've been given one (that works, and is FREE) people like you
> bitch about it and won't use it. Feh.
Are you sayin
Wes Peters wrote:
> > Hmmm ... well, I was never upset with the "crufty details" ... I rather
> > like
> > to know what's going on under the hood all the time. Then again, that's
> > me. If you're targeting newbies and other less-educated (or less "I sure
> > would like to figure this out" incline
Joseph Mallett wrote:
>
> > Are you saying you use DHCP for servers? If so, maybe I should shut up
> > and
> > listen for a while because apparently there's something here I can
> > learn.
>
> I did for a long time because I simply couldn't get a static IP from my
> ISP. Hell, I'd love to use it
David Scheidt wrote:
>
> On Wed, 11 Jul 2001, Bill Moran wrote:
>
> :Wes Peters wrote:
> :> Just because you don't see it doesn't make it a bad idea. Network admins
> :> begged for years for a centralized IP address space management server;
> :> now that
Has anyone else tried to contact the postmaster of this domain concerning
this? If not, I'm willing to (but I don't see any need to spam him with
100 messages)
-Bill
[EMAIL PROTECTED] wrote:
>
> |- Message log follows: ---|
> | no valid recipients wer
> > > Sometimes the stick of POLA should be broken.
Off topic, I know, but it's going to bother me.
What's POLA?
-Bill
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
Does anyone have any explanation as to why this is coming through -hackers?
> Peter Pflaum wrote:
>
> I will be on this program Sunday at 10 - 11 AM on BBC - it is a webcast
>
> http://newsvote.bbc.co.uk/hi/english/talking_point/newsid_1444000/1444930.stm
>
> BBC News TALKING POINT Globalis
Are you saying that he didn't even send them?
Matthew Jacob wrote:
>
> No. Peter Pflaum responded when I asked him with a "Quoi???!?!?!?!"
>
> On Fri, 20 Jul 2001, Bill Moran wrote:
>
> > Does anyone have any explanation as to why this is comi
Matthew Jacob wrote:
>
> My guess, fwiw, is that somebody subscribed freebsd-hackers to some eGroup toy
> and this is why this is happening. Joy.
I don't know. If it's coming from some eGroup, why is it originating at what
looks like a dialup address, and running through Earthling?
Looks like SP
g to use is bad.
That "unable to transfer xxx distribution" seems to happen the most often
with bad media (i.e. disks/cds or bad disk/cd drive) I would check there
first.
--
Bill Moran
Potential Technologies
http://www.potentialtech.com
___
[EMAIL P
57 matches
Mail list logo
