Nick wrote:
-Original Message-
From: [EMAIL PROTECTED] [mailto:owner-freebsd-
[EMAIL PROTECTED] On Behalf Of Supote Leelasupphakorn
Sent: Friday, April 09, 2004 7:41 AM
To: [EMAIL PROTECTED]
Subject: How can I remove this file ?
Hi lists
How can I delete file named prefix with "-" ?
TIA
One of the things I really miss from my Linux system, is the /proc
directory structure, where I could easily find out so much about my
system and, in some cases, modify it.
Is there are way I can get such a thing under FreeBSD 5.2.1-RELEASE-p4?
-ste
_
Brian Henning wrote:
is there a bsd tool that gives the domain name of an IP address?
host?
nslookup?
-ste
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL
A client has hired me to do some work, part of which is replacing Red
Hat 9, which is end-of-lifed at the end of this month. I'd convinced him
to let me install FreeBSD, right up until I told him that - to my
knowledge - you cannot trivially set up software raid on FreeBSD, during
install, as y
Greg 'groggy' Lehey wrote:
On Wednesday, 21 April 2004 at 18:28:47 -0400, Bill Moran wrote:
I believe this is still valid:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/vinum-root.html
Thanks. I just read that chapter, and, while it makes some sense, it
didn't tell me anything about
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/vinum-root.html
http://www.vinumvm.org/cfbsd/vinum.pdf
Ok. I've read both documents, which were quite educational. Thanks. :)
It seems that what I want to do is install to the first system disk, as
normally, and then convert that disk to
I just installed and ran the chkrootkit port on my 5.2.1-RELEASE-p5
system. It says my date command is infected. Nothing else, just that.
How can I determine if this is a false positive or if I'm truly hacked?
-ste
___
[EMAIL PROTECTED] mailing
Sunil Sunder Raj wrote:
Just give 777 permissions to /var/log/messages
This is BAD advice, and you should NOT follow it. If you do, you will
give anyone the ability to modify or delete your log entries, which yoou
do NOT want. Find and fix the actual problem; don't bypass the symptom
with someth
Sunil Sunder Raj wrote:
Hi,
I did not mean to change the permissions to 777 permanently. Just to
come to a conclusion on whether it is a permission problem. As 90% unix
problems are related to permissions.
Then you should have said so. But you did not - you simply told an
admitted "noob" to set
You will have to install the
security/sudo port and read up
on the sudoers(5) manual page and the visudo(8)
application used to
edit that file.
What do these numbers (5) and (8) referring to. Page
number?
They refer to the section of the manual. To read them, issue these commands:
man 5 sudoers
ma
Ok. I installed 5.2.1 on a laptop last night, which went quite nicely.
During the install, it detected my wireless card, just fine. It wanted
to dhcp for it, but that (correctly) failed, as my net uses wep. So, it
punted me to the manual interface configuration screen, where I was
easily able t
I'd like to install the OpenSSL port, and stay current with it in the
future. It isn't clear to me what I have to do to have the system use
the port, instead of what's in the base, and what I'll need to rebuild
after installing the port.
-ste
Louis LeBlanc wrote:
Might as well use POP, correct?
Yes and no. POP is fine if you only ever check mail from one system.
Otherwise, imap is more appropriate. Security is a separate issue
altogether when you look at it this way.
Well, you also have to take into consideration where you want you
I installed 5.2 from ISOs, then wanted to keep it up to date with the
latest security fixes and to keep my ports & doc trees up to date as
well. I tried the following cvsupfile, and got two thirds of what I
wanted, so I must not quite understand it yet. My ports & docs are up to
date, but inste
When I login, I get a UNIX tip by Dru, printed on the screen. I'd like
to turn that off, but haven't located where to do that ... TIA.
-ste
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe,
Can someone point me to a good, current ipfw HOW-TO? I'm very good with
linux's ipchains/iptables firewall commands, but am replacing that
server with a FreeBSD server and need to translate my firewall ...
TIA
-ste
___
[EMAIL PROTECTED] mailing list
CHANDANA S wrote:
Hello,
I am trying to configure my Linux machine
I believe you are on the wrong list. This list is for the FreeBSD
operating system, not the Linux operating system. :)
-ste
___
[EMAIL PROTECTED] mailing list
http://lists.freeb
Kevin D. Kinsey, DaleCo, S.P. wrote:
Shaun T. Erickson wrote:
I understand that 'portupgrade -arR' will upgrade everything. Some are
packages and some are ports. Will portupgrade upgrade packages with
packages, and ports with ports, or do packages get replaced with
ports, so th
JJB wrote:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Shaun T.
Erickson
Sent: Thursday, February 26, 2004 2:08 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Looking for ipfw info.
JJB wrote:
The problem with all those links is that what
Michael Sharp wrote:
pkgdb is still looking for /usr/local/bin/ruby which after the upgrade
dosent exist. Its now /usr/local/bin/ruby16
ln -s /usr/local/bin/ruby16 /usr/local/bin/ruby
fixes pkgdb and portsdb
I'm setting up a new 5.2.1-RELEASE system and was concerned about this,
as I was about t
I understand that 'portupgrade -arR' will upgrade everything. Some are
packages and some are ports. Will portupgrade upgrade packages with
packages, and ports with ports, or do packages get replaced with ports,
so that all are ports after it's run?
-ste
___
JJB wrote:
The problem with all those links is that what they write about is
outdated and complete mis-directs the reader into using IPFW's
legacy stateless rules when only stateful rules should be used to
get the max level of protection.
The rules she gives in her second article most certainly de
I wrote:
I have read the following 5 excellent articles on ipfw, by Dru Lavigne.
I forgot to include the links. Here they are:
BSD Firewalls: IPFW
http://www.onlamp.com/pub/a/bsd/2001/04/25/FreeBSD_Basics.html
BSD Firewalls: IPFW Rulesets
http://www.onlamp.com/pub/a/bsd/2001/05/09/FreeBSD_Bas
Thanks for the resources.
A couple of questions (because I'm new to FreeBSD):
The ipfw man page in 5.2.1-RELEASE says that ipfw in CURRENT is ipfw2
and that ipfw in STABLE is ipfw1. I still don't understand the
releationship between RELEASE and the other two, so I am not sure which
ipfw I have
I put 'firewall_enable="YES"' in /etc/rc.conf, in anticipation of
rebuilding my kernel with the following options turned on:
options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=100
I rebooted, for unrelated reasons, and now see in the messages fi
Remko Lodder wrote:
kldstat is the program you are looking for (like lsmod)
It can indeed be that the module is loaded with it's default
settings {block all}
Hope this solves your lsmod question, the rest i cannot help you
with since i don't understand ipfw :) {yet}
Thanks! Yes, the ipfw.ko module
In linux, I'd use /etc/modules.conf to list and configure any kernel
modules I want loaded at boot time. How is that done in FreeBSD?
I see that there are a *lot* of kernel modules in /boot/kernel. How do I
find out what each one is for and what their configuration options are?
Sorry for newbie
Warren Block wrote:
On Fri, 27 Feb 2004, Shaun T. Erickson wrote:
Thanks! Yes, the ipfw.ko module is getting loaded. So now I just need to
know how to enable things like divert and logging.
/etc/rc.firewall has examples.
I looked at that. That's not what I mean. :) I mean, if I do not ha
Warren Block wrote:
On Fri, 27 Feb 2004, Shaun T. Erickson wrote:
In linux, I'd use /etc/modules.conf to list and configure any kernel
modules I want loaded at boot time. How is that done in FreeBSD?
It's /boot/loader.conf. See 'man 5 loader.conf'.
Ah. Thank you
Ion-Mihai Tetcu wrote:
hint:
sysctl -a | grep ip.fw
for logging do:
sysctl -w net.inet.ip.fw.verbose: 1
sysctl -w net.inet.ip.fw.verbose_limit: 5
Ah.
see also man ipfw, it will answer your questions.
I'm still wading through it - it's quite a long read. I'll finish before
asking anything else.
I'm trying to port my linux netfilter/iptables firewall to 5.2.1-RESLEASE.
Iptables has the concept of "chains". There are three defined by the
system: INPUT, FORWARD & OUTPUT. Packets coming into the system that are
destined for a local process traverse the INPUT chain only, packet
generated b
Shaun T. Erickson wrote:
Iptables has the concept of "chains".
Please forgive me for following up my own post. I know it's bad form ...
In addition to the system defined chains, iptables lets me create user
defined chains, that I can jump to based on criteria I set, so as to
fu
If I understand correctly, in previous releases there used to be a file
"/usr/src/sys/i386/conf/LINT", that listed all the things one could put
in their kernel conf file. I can't find any such file on 5.2.1-RELEASE.
Can someone please tell me where I can find it or it's replacement
please? TIA
Matt Emmerton wrote:
cd /usr/src/sys/i386/conf
make LINT
Note that the LINT kernel is _strictly_ a list of all the possible things to
put in your kernel config -- there are no explanatory comments anymore.
That's a shame. I was counting on the comments to educate me. Can you
point me to any other
Rowdy wrote:
You would be looking for the NOTES file in /usr/src/sys//conf?
There is also a NOTES file in, erm, /usr/src/sys/conf IIRC.
Thank you. That's exactly what I was looking for. I should have known to
simply look for it under another name, instead of just giving up early
when the ls for
Having given up on ipfw and switching to ipfilter (much nicer!), I
nearly have my firewall set up. Then I ran into a problem ...
On my Linux box, I can force all fragments to be re-assembled into whole
packets before being presented to the firewall, and that's what I've
done. However, as near a
How do I test that none out of all flags are set? "flags /FSRPAU" isn't
legal, I'm sure. Is "! flags FSRPAU" or "flags ! FSRPAU"?
-ste
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send
Remko Lodder wrote:
i do it like this:
block in log quick proto tcp all flags FUP
block in log quick proto tcp all flags SAFRU/SAFRU
block in log quick proto tcp all flags SF/SF
block in log quick proto tcp all flags SR/SR
I'll have to scratch my head over that one
Tadimeti Keshav wrote:
Hi all
I have problems compiling my kernel.
I have enabled:
device udbp# USB Double Bulk Pipe devices
I get errors at link time with udbp.o. I am not able
to copy from aterm and paste to nedit.
make > /home/abcd/make_log.log only says stop...
But is do
See subject. :)
-ste
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Jerry McAllister wrote:
See subject. :)
A note: That is impolite and unhelpful. You should put your
information including the auestion in the body of the message.
My sincere apologys. I was trying to be helpful by not repeating myself,
and wasting bandwidth when my entire question was fr
How do I test for NO tcp flags being set, in ipfilter?
-ste
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Danny Pansters wrote:
On Tuesday 02 March 2004 18:27, Shaun T. Erickson wrote:
How do I test for NO tcp flags being set, in ipfilter?
You can filter on TCP flags but seems to me what you really mean is how to
check for no TCP options ("nop") rather than no flags:
'with opt n
Are only tcp packets subject to fragmentation, or are udp and icmp, as well?
-ste
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
I've ported my iptables firewall rules to ipfilter. Since I'm new to
firewalling under any *BSD, and because it never hurts to get a review,
I was wondering if some of you, who are good at, would critique my
rules. Rather than include the file here, I give a link to it, below.
Feel free to crit
I wrote:
I was wondering if some of you, who are good at, would critique my
rules.
Here's the file: http://www.ste-land.com/rules.html
So far, I've gotten these suggestions:
Apply the bogon list to the outbound path.
Compress my blocking of netbios junk to one rule.
Move bad options & flags che
In order to be a good netizen, I applied the bogon list to my outbound
traffic, too. I also moved the bad packet checks to the head of the
incoming rules, as they make more sense there - no point in letting them
use any more cpu than needed, if they are junk.
At least 35 people have looked at m
When I run "portsdb -Uu" on my 5.2.1-RELEASE-p1 system, I get:
Updating the ports index ... Generating INDEX.tmp - please wait..
followed by over 10,000 entries similar to this:
make_index: gnomemag-0.10.7: no entry for /usr/ports/textproc/libxml2
followed by:
Warning: Duplicate INDEX entry:
Kent Stewart wrote:
There was a problem like this a couple of days ago but I haven't seen
any problem generating INDEX today. I would re-cvsup and see if it goes
away.
I have been diligently keeping my system cvsup'd every day. It dawned on
me that I haven't been running portsdb -Uu after eve
Kent Stewart wrote:
Did you recvsup ...
Apparently I'm new enough to FreeBSD that I don't understand you. I ran
cvsup on my docs, my system source and my ports, and ran portsdb -Uu
afterwards. When I run them again, there is nothing to download. That
tells me I have everything.
I guess I don'
Kent Stewart wrote:
The mirrors mostly update on the hour. Cvsuping less than an hour apart
may be using the same old data. You need to wait until 15-20 minutes
after the hour for the mirror to be updated. I mirror most of the data
and it takes around 8 minutes for a mirror update to finish.
I
'pkg_delete port' vs 'cd /usr/ports/port;make deinstall'
What's the difference between these?
-ste
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
I was having trouble getting mysql40 running, so I removed the server
and client packages. I then manually cleaned out the files under
/var/db/mysql. Then I rebuilt the server and client.
Sadly, when I try to start the server, it complains that mysql.host -
one of the files I deleted - doesn't
Shaun T. Erickson wrote:
I was having trouble getting mysql40 running, so I removed the server
and client packages. I then manually cleaned out the files under
/var/db/mysql. Then I rebuilt the server and client.
Sadly, when I try to start the server, it complains that mysql.host -
one of the
JJB wrote:
WD
My web spider robot found this web site which is not on any of the
search engines yet.
www.a1poweruser.com
Looks like it offers what you want in the way of user-friendly
step-by-step instructions to installing FBSD.
1) Surreptitiously plugging your own site, is crass, at best.
2) Not
I seem to be missing pam_mysql.so on my 5.2.1-RELEASE_p1 system, and
this is causing me problems, as I need pam to authenticate against a
mysql 4.0.18 database.
I have no clue what provides that file. Can anyone help me, please. TIA.
-ste
___
[EMAIL
Shaun T. Erickson wrote:
I seem to be missing pam_mysql.so ...
I guess I'm tired, as I found it in /usr/ports/security/pam_mysql.
Sorry for the noise.
-ste
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/fr
If I set pwcheck_method to auxprop and authenticate against sasldb2
which has a single user of "[EMAIL PROTECTED]" in it, along with it's
password, I can auth just fine from mozilla, where I told it my user
name was "[EMAIL PROTECTED]".
However, if I change it from auxprop to saslauthd, which c
Aaron Peterson wrote:
If you have plain text passwords in your MySQL database, you don't need
PAM to look them up. SASL2 has this ability natively.
I'm going through PAM because I don't want to store passwords in plain text.
I have everything set up right, as near as I can tell. It's just that
I have generated a patch that I want to apply to a port. I don't know
how to tell the port to use it though. Just putting it in the files
directory didn't seem to do the trick.
What else do I need to do to?
-ste
___
[EMAIL PROTECTED] mailing list
ht
Shaun T. Erickson wrote:
I have generated a patch that I want to apply to a port. I don't know
how to tell the port to use it though. Just putting it in the files
directory didn't seem to do the trick.
What else do I need to do to?
I looked at the porter's handbook, and it s
Alexander Haderer wrote:
At 13:04 09.03.2004 -0500, Shaun T. Erickson wrote:
Shaun T. Erickson wrote:
...
I looked at the porter's handbook, and it says that simply dropping
the patch into the files directory should get it automatically
applied, but it's not. The patch is named pa
Alexander Haderer wrote:
Just another guess: Probably it makes a difference if the patchfile
patches ./dir/tobepatched and dir/tobepatched. A brief look into other
ports shows me that the latter is used. I don't know if it have to be
this way or not.
Ok. I'm trying to patch
"/usr/ports/securit
Dancho Penev wrote:
Put the patch in security/cyrus-sasl2/files directory. Take a look in
port's Makefile where ${PATCHDIR} is set to different location.
Aha! That solved it. Thanks.
-ste
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mai
I have pam configured so that when my virtual email users (well, the
*users* aren't virtual, hehe) send email, they have to use smtpauth. I
created a file in /etc/pam.d, called smtp. It has in it:
auth required pam_mysql.so user=postfix passwd=apassword host=localhost
db=postfix table=mailbox u
I run ntpd to keep my server's time in sync with a remote server. In my
"netstat -a" output, I see:
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address(state)
udp4 0 0 localhost.ntp *.*
udp4 0 0 peter
On 5.2.1-RELEASE-p1, in /usr/local/etc/rc.d, I have scripts that start
my MySQL database, and that start my Courier-IMAP daemons. When the
scripts for courier run, one of the first things they do is start
authdaemond, which should fire up several authdaemond.mysql processes
and then they start
Peter Risdon wrote:
From man 8 rc.d:
The scripts within each directory are executed in lexicographical
order. If a specific order is required, numbers may be used as a
prefix to the existing filenames, so for example 100.foo would be
executed before 200.bar; with
Matthew Seaman wrote:
Unfortuately if you're going to run ntpd, you can't get rid of these:
ntpd(8) will automatically bind to all interfaces on the system, and
there are no controls within ntpd to control that.
Darn. Thanks for the suggestions! I was already controlling access to
the port with m
Matthew Seaman wrote:
On Thu, Mar 18, 2004 at 09:15:28AM +, Matthew Seaman wrote:
NB. Verb. Sap. Some applications (*cough* Outlook *cough*) get upset
when the OU in the certificate is the same as the OU of your
certificate authority.
Ahem. The CN or Common Name is what I should have said
Kent Stewart wrote:
How are you going to include the changed libraries in modules you don't
rebuild? The advisory was even more specific, i.e., rebuild all ports
that use OpenSSL.
That's not exactly what it said. It said to rebuild all statically
linked ports and 3rd-party apps:
"Note that any
I went to rebuild the mod_php4 port with openssl support (btw, is the
correct way to do that this: "make -DWITH_OPENSSL" ?).
During the build, it wanted to upgrade expat, but said there was an
older version installed and that if I wanted it upgraded that I should
to a 'make deinstall' and a 'ma
Jorn Argelo wrote:
I guess the best thing to do is to deinstall Apache as well, and
recompile it from the ports tree. (make sure to sync your ports-tree
first) Make sure you backup your website content, since I don't know if
the make deinstall will delete your content as well. Then recompile PHP
a
Kirk Strauser wrote:
From /usr/ports/UPDATING:
20040313:
AFFECTS: users of textproc/expat2
Sigh. I'm still new to FreeBSD. I *really* need to get in the habit of
checking that file. Thanks.
-ste
___
[EMAIL PROTECTED] mailing list
htt
I wanted to install this on my 5.2.1-p3, but it's forbidden. Emailing
the maintainer got no response. Does anyone know what's up with this?
I'm told it will make my life much easier
-ste
___
[EMAIL PROTECTED] mailing list
http://lists.free
> ... both top and bottom ...
All this talk of "top" and "bottom" is making me blush and breathe heavy,
LOL (j/k). :-)
Perhaps this dead horse has been sufficiently beaten, that we can let it
Rest In Peace, and move on? :-)
-ste
___
[EMAIL PROTECTED] m
When I installed my system, it asked if I wanted to enable linux
compatibility, and I said no. Now I think I may need it, and am
wondering if I need to do anything special to enable it, other than setting
linux_enable="YES"
in /etc/rc.conf.
-ste
Steve Ireland wrote:
This is a PS/2 thing, not an operating system thing. You really can
fry your motherboard plugging and unplugging PS/2 devices while the
system is powered up.
I suppose it's possible, but I know I 've never fry'd one. I'm always
unplugging and pluging mine back in. The key to
When I installed my system, it asked if I wanted to enable linux
compatibility, and I said no. Now I think I may need it, and am
wondering if I need to do anything special to enable it, other than
setting
linux_enable="YES"
in /etc/rc.conf.
You will need to install one of the "linux-base" packages
I installed linux_base, which turned on linux emulation:
# kldstat
Id Refs AddressSize Name
17 0xc040 5b570c kernel
21 0xc09b6000 51ac8acpi.ko
31 0xc462 19000linux.ko
#
When I run the file, I get:
ELF binary type "0" not known.
# file filtercmd
filtercmd
Lowell Gilbert wrote:
"Shaun T. Erickson" <[EMAIL PROTECTED]> writes:
I installed linux_base, which turned on linux emulation:
# kldstat
Id Refs AddressSize Name
17 0xc040 5b570c kernel
21 0xc09b6000 51ac8acpi.ko
31 0xc462 19000linux.ko
#
> I'm surprised this hasn't been mentioned, but why not try screen? It's
> made for precisely this reason.
Screen is your friend. Screen is probably the tool I use most, as a
SysAdmin. I couldn't live without it.
-ste
___
[EMAIL PROTECTED] maili
Is there a dircmp command for 5.2.1-RELEASE-p3? I can't find one ...
-ste
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Dan Nelson wrote:
In the last episode (Mar 28), Kris Kennaway said:
On Sun, Mar 28, 2004 at 08:28:31PM -0500, Shaun T. Erickson wrote:
Is there a dircmp command for 5.2.1-RELEASE-p3? I can't find one ...
Not in the base system. Maybe it's available in a port with a
different name. Wh
Doug Poland wrote:
Hello,
I've googled for this but came up empty. I cannot find the fortune
program on this recently installed box. On 4.9-STABLE it lives in
/usr/games/fortune.
/usr/games/fortune on my 5.2.1-RELEASE-p3 box.
-ste
___
[EM
I'm trying to port a program to FreeBSD 5.2.1-RELEASE-p4, from Linux.
First, I haven't tried to do anything like this since college, which was
a looong time ago, so please forgive my ignorance ...
I can't get the program to link. In the output below, the things that
c-client4.a is complaining a
I wrote:
I can't get the program to link. In the output below, the things that
c-client4.a is complaining about are found in the pam and ssl libs
earlier in the line (I grep'd for a number of them, in /usr/lib/*.a, and
they were found in those two libs). I have tried many different ways of
orde
Malcolm Kay wrote:
Maybe it is OK but to me the -static option at the end of the command looks
strange. And I know the documentation says that mostly the command line order
doesn't matter; but try it near the beginning.
Several of us tried and failed to get it to link statically in various
ways
88 matches
Mail list logo
