Re: How-to erase a DVD-RW
On Thu, Feb 12, 2009 at 09:44:03AM +0200, Manolis Kiagias wrote: Gary Kline wrote: iS there an easy way (by cmd-line) to erase a used DVD-RW? I tried K3B and can't figure out where to click! tia, gary Try something like dvd+rw-format /dev/cd0 -blank dvd+rw-format comes with sysutils/dvd+rw-tools (you probably have it installed already). Super! (I just tried and the flag is ``-force'', but it works:) gary -- Gary Kline kl...@thought.org http://www.thought.org Public Service Unix http://jottings.thought.org http://transfinite.thought.org The 2.23a release of Jottings: http://jottings.thought.org/index.php ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How-to erase a DVD-RW
iS there an easy way (by cmd-line) to erase a used DVD-RW? I tried K3B and can't figure out where to click! simply don't use easy to use GUI just use actual program which is growisofs and dvd+rw-format recording 0 bytes DVD will do the trick, i don't see explicit cleaning option in growisofs now. dvd+rw-format will clear DVD+RW disk. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: USB Hard disk with LUKS AES encryption regarding.
i don't know what's LUKS AES but it sound like something proprietary, so unless LUKS AES software for FreeBSD exist you can't do it On Thu, 12 Feb 2009, Garimella Srinivas wrote: Hi All, Iam new to FreeBSD coming from Debian. I have installed 7.0 and then upgraded base and ports to 7.1. While i am slowly able to come to terms with FreeBSD I have one issue unable to understand how to go about. I have lot of data in a usb hard disk of 80GB capacity. The disk is encrypted using LUKS AES . Can somebody give any pointers or guide to use the disk without reformatting. Thanks Garimella Srinivas ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Restricting users to their own home directories / not letting users view other users files...?
On Thursday 12 February 2009 03:07:42 Paul Schmehl wrote: Sorry if I wasn't clear. I wasn't suggesting that the *users* chgrp the files. Keith would do that as root. Then he sets the setgid bit to www (or whatever the web user is), and from that point going forward any files created by the user would be user:www instead of user:user. Set the umask to 027, and world has no readability. This is exactly how I used to handle some files on a webserver that I maintain that other people needed to be able to edit, add and delete files from. Once the sgid bit is set, the group membership of the files remains www no matter what user creates/touches a file. Erm, isn't this only true for Linux and other SysV-type systems? Unless I'm remembering wrong, in FreeBSD files are always created with group ownership the same as the directory they're created in - so all you need to do is change the group ownership of the directory (which has to be done by root). Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: USB Hard disk with LUKS AES encryption regarding.
On Thu, 12 Feb 2009 10:17:38 +0100 (CET) Wojciech Puchar woj...@wojtek.tensor.gdynia.pl wrote: i don't know what's LUKS AES but it sound like something proprietary, so unless LUKS AES software for FreeBSD exist you can't do it I'd not heard of it either but apparently LUKS is the Linux Unified Key Setup (http://code.google.com/p/cryptsetup/) but it appears nobody's done the work to port it to FreeBSD. -- Bruce ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How-to erase a DVD-RW
On Thu, 12 Feb 2009 10:16:26 +0100 (CET), Wojciech Puchar woj...@wojtek.tensor.gdynia.pl wrote: recording 0 bytes DVD will do the trick, i don't see explicit cleaning option in growisofs now. The manpage of growisofs suggests this: Note that DVD+RW re-formatting procedure does not substitute for blank- ing. If you want to nullify the media, e.g. for privacy reasons, do it explicitly with 'growisofs -Z /dev/dvd=/dev/zero'. dvd+rw-format will clear DVD+RW disk. Definitely much easier. -- Polytropon From Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
sysinstall
I'm automating a freebsd 7 installation with an install.cfg file for sysinstall. I would like to know if there is any possibility to let the user choose the device where he wants to install, and then automatically create the partitions an the labels without asking for it to the user. The problem I'm facing, is that I can't see how to autodetect which device the user selected. Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Apache/php
I have php code on home page to count how many times it is accessed from the internet. Problem is pages deeper in website can jump back direct to home page and this again gets counted. Is there any way to give the php counter routine intelligent so it will bypass bumping the counter on accesses coming from pages in the site? I looked at the php variables but nothing jumped up that looked usable. Am I wanting to do something that is imposable? ?php $counter_file = '99.00-IG_visitor_count.php'; clearstatcache(); ignore_user_abort(true); # prevent refresh from aborting file operations $fh = fopen($counter_file, 'r+'); # use 'r+' so file can be read and written. if ($fh) { if (flock($fh, LOCK_EX)) # don't do anything unless lock is successful { $count = chop(fread($fh, filesize($counter_file))); $count++; rewind($fh); fwrite($fh, $count); fflush($fh); ftruncate($fh, ftell($fh)); flock($fh, LOCK_UN); } else echo Could not lock counter file '$counter_file'; fclose($fh); } else echo Could not open counter file '$counter_file'; ignore_user_abort(false);## put things back to normal echo brnbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp; nbsp;nbsp;You are the $count visitor since 2/15/2009; ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Help with high LA
Hi All, I need help for some strange problem with one of my servers, that can cost my job. It's a FreeBSD 7.0-RELEASE-p5/amd64 running on a Dell PowerEdge III as a Virtual machine of VMware ESXi. There are only two VM in this box, and one of them (basicly a mail server) is running fine. The problem is with high loads on the other one, that runs (besides other services) http and pop3. TOP show LA from 40 to 90 most of the time. I thought, at first, that was a disk botleneck due to some big mailboxes, or something related to some Apache (2.2.9) fine tuning, but it's something else. If I stop pop3 and apache services (the most active of the box), the LA drops to 1~2. Starting only one of them (any one) the LA rise to 20~40. Sugesting that it's not tied to a specific service. I did a test running just pop3 (Qpopper), pointing the mail spool to a empty directory, to make shure that it's not a disk problem. And the LA also goes to sky (~30). The same happens with only apache running pointing to a simple http page. The console shows messages like: ipfw: install_state: Too many dynamic rules I know I must review my rules and limit the number of keep-state entries, but a tryed to rise the number of dynamic buckets via sysctl: sysctl -w net.inet.ip.fw.dyn_buckets=2048 But it seems it's not working, since the number of current buckets doesn't pass 256: net.inet.ip.fw.curr_dyn_buckets: 256 I tryed to make some OS tuning, from the handbook, like increase the maxcon: kern.ipc.somaxconn: 2048 but nothing seems to work. Other entries in the logs: Feb 12 09:06:20 host1 inetd[1248]: accept (for ftp): Software caused connection abort Feb 12 09:06:20 host1 inetd[1248]: accept (for pop3): Software caused connection abort I need some clues to undestand what is happening. Thank you, - Marcelo ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Apache/php
On Thu, 12 Feb 2009, Fbsd1 wrote: I have php code on home page to count how many times it is accessed from the internet. Problem is pages deeper in website can jump back direct to home page and this again gets counted. This is one of many ways that counters can be wildly inaccurate and is among the reasons that mature web sites don't use counters (or at least don't display them). Is there any way to give the php counter routine intelligent so it will bypass bumping the counter on accesses coming from pages in the site? Sure. You can just not bump the counter when HTTP_REFERER is a page at your site. There are increasingly more complex ways to eliminate *some* other sources of inaccuracy, but you get nearer to redesigning the site to suit the counter, which is silly in most cases. Analysis of server logs is the real way to go about serious statistics, although there still are sources of inaccuracies which cannot be reduced. -- Lars Eighner http://www.larseighner.com/index.html 8800 N IH35 APT 1191 AUSTIN TX 78753-5266 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Logcheck dependency hell
Hello, could anyone help me what command should I use to find out which logcheck-required port _exactly_ is trying to install half of the X libraries? The logcheck port lists the following build depends (output of pretty-print-build-depends-list): This port requires package(s) compositeproto-0.4 damageproto-1.1.0_2 dmxproto-2.2.2 docbook-1.4 docbook-4.1_3 docbook-4.2 docbook-4.3 docbook-4.4 docbook-4.5 docbook-5.0_1 docbook-sk-4.1.2_4 docbook-to-man-1.0_1 docbook-xml-4.2_1 docbook-xml-4.3 docbook-xml-4.4 docbook-xml-4.5 e2fsprogs-libuuid-1.41.4_1 expat-2.0.1 fixesproto-4.0 fontcacheproto-0.1.2 fontconfig-2.6.0,1 fontsproto-2.0.2 freetype2-2.3.7 inputproto-1.5.0 iso8879-1986_2 jade-1.2.1_9 kbproto-1.0.3 libFS-1.0.1 libICE-1.0.4_1,1 libSM-1.1.0,1 libX11-1.1.99.2,1 libXScrnSaver-1.1.3 libXTrap-1.0.0 libXau-1.0.4 libXaw-1.0.5_1,1 libXcomposite-0.4.0,1 libXcursor-1.1.9_1 libXdamage-1.1.1 libXdmcp-1.0.2_1 libXevie-1.0.2 libXext-1.0.5,1 libXfixes-4.0.3_1 libXfont-1.3.4,1 libXfontcache-1.0.4 libXft-2.1.13 libXi-1.2.0,1 libXinerama-1.0.3,1 libXmu-1.0.4,1 libXp-1.0.0,1 libXpm-3.5.7 libXrandr-1.2.3 libXrender-0.9.4_1 libXres-1.0.3_3 libXt-1.0.5_1 libXtst-1.0.3_1 libXv-1.0.4,1 libXvMC-1.0.4_1 libXxf86dga-1.0.2 libXxf86misc-1.0.1 libXxf86vm-1.0.2 libdmx-1.0.2_1 libfontenc-1.0.4 liboldX-1.0.1 libpthread-stubs-0.1 libxcb-1.1.93 libxkbfile-1.0.5 libxkbui-1.0.2_1 perl-5.8.9 pixman-0.13.2 pkg-config-0.23_1 printproto-1.0.4 python25-2.5.2_3 randrproto-1.2.1 recordproto-1.13.2 renderproto-0.9.3 scrnsaverproto-1.1.0 trapproto-3.4.3 videoproto-2.2.2 xcb-proto-1.3 xextproto-7.0.5 xf86dgaproto-2.0.3 xf86miscproto-0.9.2 xf86vidmodeproto-2.2.2 xineramaproto-1.1.2 xmlcatmgr-2.2 xmlcharent-0.3_2 xorg-libraries-7.4 xproto-7.0.14 xtrans-1.2.3 to build. However, I really doubt that something as simple as logcheck really needs all of these dependencies and I can't trace it far enough to see which dependency is pulling all these X libs. How can I trace this dependency hell? Is logcheck really this heavy or is the port that bad? Thanks for any input, -- Nino ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Iptables in FreeBSD
Hi all I am a new to FreeBsd, can someone translate these iptables rules for freebsd? /usr/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE /usr/sbin/iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT /usr/sbin/iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT regards Imran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Apache/php
Fbsd1 wrote: I have php code on home page to count how many times it is accessed from the internet. Problem is pages deeper in website can jump back direct to home page and this again gets counted. Is there any way to give the php counter routine intelligent so it will bypass bumping the counter on accesses coming from pages in the site? [snip] Just a very generic suggestion: Use session. If a session has not been established count the visit, set a session cookie and then whenever a jumpback happens check for session cookie. If there is a session cookie then don't increment. This is a portion of how most simple login pages function. Plenty of code samples and examples around the net that you can lift and get ideas. Just look for PHP Login pages. Probably better and easier ways, but this is what jumps out first. -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Help with high LA
sc...@centroin.com.br wrote: Hi All, I need help for some strange problem with one of my servers, that can cost my job. It's a FreeBSD 7.0-RELEASE-p5/amd64 running on a Dell PowerEdge III as a Virtual machine of VMware ESXi. There are only two VM in this box, and one of them (basicly a mail server) is running fine. The problem is with high loads on the other one, that runs (besides other services) http and pop3. TOP show LA from 40 to 90 most of the time. I thought, at first, that was a disk botleneck due to some big mailboxes, or something related to some Apache (2.2.9) fine tuning, but it's something else. If I stop pop3 and apache services (the most active of the box), the LA drops to 1~2. Starting only one of them (any one) the LA rise to 20~40. Sugesting that it's not tied to a specific service. I did a test running just pop3 (Qpopper), pointing the mail spool to a empty directory, to make shure that it's not a disk problem. And the LA also goes to sky (~30). The same happens with only apache running pointing to a simple http page. The console shows messages like: ipfw: install_state: Too many dynamic rules I know I must review my rules and limit the number of keep-state entries, but a tryed to rise the number of dynamic buckets via sysctl: sysctl -w net.inet.ip.fw.dyn_buckets=2048 But it seems it's not working, since the number of current buckets doesn't pass 256: net.inet.ip.fw.curr_dyn_buckets: 256 I tryed to make some OS tuning, from the handbook, like increase the maxcon: kern.ipc.somaxconn: 2048 but nothing seems to work. Other entries in the logs: Feb 12 09:06:20 host1 inetd[1248]: accept (for ftp): Software caused connection abort Feb 12 09:06:20 host1 inetd[1248]: accept (for pop3): Software caused connection abort I need some clues to undestand what is happening. Thank you, - Marcelo Me, I would get rid of inetd and just run the services as daemons. Since these are services which always need to be up there is no need for inetd. I also usually don't run firewalls on my service servers, but rather locate them in a subnet where there is a dedicated box for firewalling. I don't have the experience with your type of VM configuration, but I have the feeling that you could push the firewall function somewhere else. Dump inetd and if it is acceptable (e.g. you are behind something else) try running without ipfw. You probably need to do some in depth profiling of your problem box, and I'm probably not at the level of expertise you need. There are others in the list which can be more helpful. Just thought I'd toss out what I'd look at first if it me. -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How-to erase a DVD-RW
The manpage of growisofs suggests this: Note that DVD+RW re-formatting procedure does not substitute for blank- ing. If you want to nullify the media, e.g. for privacy reasons, do it explicitly with 'growisofs -Z /dev/dvd=/dev/zero'. which is exactly what i suggested - writing 0 byte disc dvd+rw-format will clear DVD+RW disk. Definitely much easier. -- Polytropon From Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Delivery Failure Report: Attachment Blocked
This message contains a disallowed attachment. Attachments of this type are often used by mass mailer viruses such as SoBig and BugBear. If this is a legitimate file attachment please resend it after renaming the extension to, for example, from .bat to .txt. We apologise for any inconvenience. This type of attachment is currently blocked.---BeginMessage--- ---End Message--- Some parts of this message were removed because they violated your mail server's policies. message.zip was removed from the message because it violates your mail server's policy. ---BeginMessage--- Dear user of mailbox.gu.edu.au, We have detected that your account has been used to send a large amount of junk email messages during this week. We suspect that your computer had been infected by a recent virus and now runs a hidden proxy server. Please follow the instruction in order to keep your computer safe. Virtually yours, The mailbox.gu.edu.au support team. ---End Message--- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Restricting users to their own home directories / not letting users view other users files...?
On Wed, Feb 11, 2009 at 11:22:17AM -0500, Keith Palmer wrote: I realize I can fix this by setting the permissions on the /home/shannon directory to 700. *However* then Apache (running as user www) won't display the documents in /home/shannon/public_html from http://ip-address/~shannon/;, instead returning a 403 Forbidden error. I did not see a correct answer to your question so far, so here you are: - set the permissions to the users homedir to 0700 - run chmod o+x on the homedir this sets the permissions to drwx-x which is exactly what you want: others can switch to this directory but _not_ read its contents - change the permissions to public_html to whatever you need for apache (0755 probably) done. cu, Uwe ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
freebsd 7.1 and high avalalibity
Hi all: What kind of options do I have for HA software in terms of Freebsd 7.1? I have two servers that need to work in symphony so that in case one down then we have another replica to work with. Thanks in advance ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ipv6 and freebsd
gahn wrote: Thanks Steve: the router that sending RA is juniper and the protocol router-advertisement has been activated: g...@lab_1 show interfaces fe-0/0/3 ... Logical interface fe-0/0/3.170 (Index 70) (SNMP ifIndex 59) ... Addresses, Flags: Is-Preferred Destination: fe80::/64, Local: fe80::214:f600:aa2c:d403 Addresses, Flags: Is-Preferred Is-Primary Destination: fec0:10:5::/64, Local: fec0:10:5:0:214:f600:aa2c:d403 fec0::/10 was deprecated per RFC3879. Perhaps the Juniper unit is obeying this and just not sending the prefix in the advertisement? Everything else looks good, so lets test that possibility (as remote as it is). Take your tcpdump one step further: lab# tcpdump -n -i bge1 ip6 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on bge1, link-type EN10MB (Ethernet), capture size 96 bytes 17:55:44.027565 IP6 fe80::214:f600:aa2c:3c03 ff02::1: ICMP6, router advertisement, length 24 18:02:46.283353 IP6 fe80::214:f600:aa2c:d403 ff02::1: ICMP6, router advertisement, length 24 # tcpdump -n -i bge1 -s 0 -w /path/to/file.pcap ip6 After a time of that running (there won't be any STDOUT output), stop the capture, and open the file in Wireshark. (I've never figured out how to get tcpdump to read the data portion of the packets from a file). With the -s0, it will capture the headers and the data of each packet, so you should be able to tell whether the RA announcements do actually contain the prefix you are trying to get configured. Something that I should have asked from the get-go...do you have any sort of firewall running on the box? I'll set this up in my lab here today. Although we don't have any Juniper units, I'll see if I can recreate the problem with Cisco hardware. You may also want to test using a non-deprecated address space. The documentation address may work for instance. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Restricting users to their own home directories / not letting users view other users files...?
Paul, Thanks so much, this solution works really well! It doesn't lock users out of the entire system, but it does ensure that users can't view other user's files via SFTP/SSH, which is fantastic. The actual syntax for setting the setgid bit on directories is: find /path/to/directory -type d -exec chmod g+s '{}' \; Thanks! -- - Keith Palmer ke...@academickeys.com http://www.AcademicKeys.com/ On Wed, February 11, 2009 2:23 pm, Paul Schmehl wrote: --On Wednesday, February 11, 2009 12:38:33 -0600 Keith Palmer ke...@academickeys.com wrote: ... really? Write a script to copy the user's files over on a schedule...? I can see where that might be an option for some people, but that's entirely not an option in this case. I'd have to schedule it to run every 5 seconds or something to keep users from getting upset. What if I symlinked each home user's public_html directory to a directory readable only by Apache? Would Apache be able to read the destination directory via the symlink, even if it doesn't have permission to access the destination directory? Why can't you chgroup and setgid the homedirs to www? (Or whatever account the web server is running under.) You really have two requirements: 1) Users can't see other users' files 2) The web server can read all users' web files So you chmod the homedirs to 750/640, and chgroup the dirs and files to www, then set the sticky bit for the group, and you're done. Seems to me that's the simplest way to go about it. Setting the sticky bit ensures that any new files created by a user will have www as the group. So chown -R someuser:www /home/someuser find /home/someuser -type d exec chmod 2750 {} \; find /home/someuser -type f exec chomd 2640 {} \; (Might have my syntax on the find command messed up a bit. Make sure to man that.) If your users have their webfiles in /home/someuser/public_html, then you only need to setgid that dir and its subdirs, no the user's homedir. -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. *** Check the headers before clicking on Reply. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Restricting users to their own home directories / not letting users view other users files...?
On Thu, Feb 12, 2009 at 09:39:18AM -0500, Keith Palmer wrote: Thanks so much, this solution works really well! It doesn't lock users out of the entire system, but it does ensure that users can't view other user's files via SFTP/SSH, which is fantastic. This solution enforces the switch of all user directories to group www, which also means that any member of the group www gets access to these directories. This would be even more dangerous if your webserver runs with gid www and contains a php-module or something similar with a long tradition of security problems. Sorry, but you really, really should not do it this way. The sticky bit for group www on the public_html directories can be a good idea, though. bye, Uwe ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
vm.pmap.shpgperproc or vm.pmap.pv_entry_max
I'm gettig an error on my console about 'Approaching the limit on PV entries', to which its giving me two choices as to how to deal with it ... Why would I use one over the other? Thx Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email . scra...@hub.org MSN . scra...@hub.org Yahoo . yscrappy Skype: hub.orgICQ . 7615664 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ipv6 and freebsd
Thanks Steve: We use fec0::... as global unique IPv6 address in the lab environment. the IPv6 routers in our lab uses fec0:0:5::/64 with eui-64 addressing scheme (for testing). From the host lab (freebsd) machine, it clearly sees two link-local addresses for two IPv6 routers via RA messages. the IP routers also sent But why not the host lab configure itself with global unique address with prefix fec0:0:5:0::/64 (provided by the routers)? What shall I do to accomplish this on FreeBSD? --- On Thu, 2/12/09, Steve Bertrand st...@ibctech.ca wrote: From: Steve Bertrand st...@ibctech.ca Subject: Re: ipv6 and freebsd To: ipfr...@yahoo.com Cc: freebsd general questions freebsd-questions@freebsd.org Date: Thursday, February 12, 2009, 6:20 AM gahn wrote: Thanks Steve: the router that sending RA is juniper and the protocol router-advertisement has been activated: g...@lab_1 show interfaces fe-0/0/3 ... Logical interface fe-0/0/3.170 (Index 70) (SNMP ifIndex 59) ... Addresses, Flags: Is-Preferred Destination: fe80::/64, Local: fe80::214:f600:aa2c:d403 Addresses, Flags: Is-Preferred Is-Primary Destination: fec0:10:5::/64, Local: fec0:10:5:0:214:f600:aa2c:d403 fec0::/10 was deprecated per RFC3879. Perhaps the Juniper unit is obeying this and just not sending the prefix in the advertisement? Everything else looks good, so lets test that possibility (as remote as it is). Take your tcpdump one step further: lab# tcpdump -n -i bge1 ip6 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on bge1, link-type EN10MB (Ethernet), capture size 96 bytes 17:55:44.027565 IP6 fe80::214:f600:aa2c:3c03 ff02::1: ICMP6, router advertisement, length 24 18:02:46.283353 IP6 fe80::214:f600:aa2c:d403 ff02::1: ICMP6, router advertisement, length 24 # tcpdump -n -i bge1 -s 0 -w /path/to/file.pcap ip6 After a time of that running (there won't be any STDOUT output), stop the capture, and open the file in Wireshark. (I've never figured out how to get tcpdump to read the data portion of the packets from a file). With the -s0, it will capture the headers and the data of each packet, so you should be able to tell whether the RA announcements do actually contain the prefix you are trying to get configured. Something that I should have asked from the get-go...do you have any sort of firewall running on the box? I'll set this up in my lab here today. Although we don't have any Juniper units, I'll see if I can recreate the problem with Cisco hardware. You may also want to test using a non-deprecated address space. The documentation address may work for instance. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Restricting users to their own home directories / not letting users view other users files...?
Your other proposed solution results in the same situation, correct? No matter what, Apache needs read-access to any and all files, so no matter what PHP will have access to read any user's files. There's no way around that for a shared hosting situation that I know of... If you remove the groups write privs, then PHP scripts can't really do any damage at least. Your solution doesn't work because the user keith could still do a ls /home/shannon/public_html/ and get the directory listing (shannon's public_html directory is 0755, per your suggestion). Unless I'm missing something...? -- - Keith Palmer ke...@academickeys.com http://www.AcademicKeys.com/ On Thu, February 12, 2009 10:45 am, Uwe Laverenz wrote: On Thu, Feb 12, 2009 at 09:39:18AM -0500, Keith Palmer wrote: Thanks so much, this solution works really well! It doesn't lock users out of the entire system, but it does ensure that users can't view other user's files via SFTP/SSH, which is fantastic. This solution enforces the switch of all user directories to group www, which also means that any member of the group www gets access to these directories. This would be even more dangerous if your webserver runs with gid www and contains a php-module or something similar with a long tradition of security problems. Sorry, but you really, really should not do it this way. The sticky bit for group www on the public_html directories can be a good idea, though. bye, Uwe ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ipv6 and freebsd
gahn wrote: Thanks Steve: We use fec0::... as global unique IPv6 address in the lab environment. the IPv6 routers in our lab uses fec0:0:5::/64 with eui-64 addressing scheme (for testing). From the host lab (freebsd) machine, it clearly sees two link-local addresses for two IPv6 routers via RA messages. the IP routers also sent But why not the host lab configure itself with global unique address with prefix fec0:0:5:0::/64 (provided by the routers)? What shall I do to accomplish this on FreeBSD? Well, I got this working with no issues. The router I used is an old Cisco 2651XM, and my box is FreeBSD 7.1. I even went as far to use space out of fec0::/10. Were you able to get a full pcap to ensure your global prefix is within the RA messages? If the global accept_rtadv is set to 1, and the interface is also told to accept the advertisements, then I can't explain why this is not working for you, other than a firewall on the host blocking inbound ICMP (which is very bad for IPv6, for this reason, and due to the havoc breaking PMTUd can cause). Remember that tcpdump will capture the RA's on the wire before they are dropped by any packet filter. Can you ping6 the lab host from the router, using its link-local address? Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
X -config - failed to set mtrr: invalid argument
On 8.0-current i386 with i845 chipset I gave up on agp and intel driver. I tried vesa and got failed to set mtrr: Invalid argument ^C failed to unset mtrr: No such file or directory # tail -5 /var/log/Xorg.0.log (==) VESA(0): Write-combining range (0x0,0x1000) was already clear (==) VESA(0): Write-combining range (0x0,0x1000) was already clear (==) VESA(0): Write-combining range (0x0,0x1000) was already clear (==) VESA(0): Write-combining range (0x0,0x1000) was already clear (==) VESA(0): Write-combining range (0x0,0x1000) was already clear # the same error was reported earlier: http://lists.freebsd.org/pipermail/freebsd-questions/2009-January/191357.html EA EA eitanadlerlist at gmail.com Sun Jan 25 05:51:26 PST 2009 __ In my third attempt to get any form of a working X server I tried the xf86-video-vesa driver. (x11/nvidia-driver fails, x11-drivers/xf86-video-nv fails) I get the following error message: failed to set mtrr: Invalid argument In Xorg.log I have the following line at the end (==) VESA(0): Write combining range (0x0,0x1000) was already clear __ not sure what platform this was. Any advice? many thanks anton -- Anton Shterenlikht Room 2.6, Queen's Building Mech Eng Dept Bristol University University Walk, Bristol BS8 1TR, UK Tel: +44 (0)117 928 8233 Fax: +44 (0)117 929 4423 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Restricting users to their own home directories / not letting users view other users files...?
On Thu, Feb 12, 2009 at 11:04:59AM -0500, Keith Palmer wrote: Your other proposed solution results in the same situation, correct? No No, it doesn't. Let's assume shannon is in the login group users, her home directory would look like this: drwx-x 2 shannon users 512 Feb 12 17:19 shannon This ensures that apache can enter /home/shannon which is necessary because that's where public_html is. It is not possible for apache to read the contents of /home/shannon because 'r' is missing. This would achieve the goal that other users including apache can not read the contents of the home dir. Ok, now apache needs read only access to public_html, so I would set permissions this way (2750 shannon:www): drwxr-s--- 2 shannon www512 Feb 12 17:30 public_html All directories under public_html should also have these permissions, all files should have 0640 or 0644. This would achieve the goal that apache can read everything it needs to but nothing more. matter what, Apache needs read-access to any and all files, so no matter what PHP will have access to read any user's files. There's no way around that for a shared hosting situation that I know of... Sure there is: this way apache can not read any other files outside public_html. Your solution doesn't work because the user keith could still do a ls /home/shannon/public_html/ and get the directory listing (shannon's public_html directory is 0755, per your suggestion). Unless I'm missing something...? You don't have to set it to 0755. If you set it to 2750 keith can no longer see the files in shannon/public_html as long as he isn't member of group www. And even if their homedirs contain a folder that belongs to group www, they don't have to be members of www themselves. I don't now your environment, but there other ways of getting things more secure, such as the use of jails, restricting shell access or forcing the use of a restricted shell and so on. bye, Uwe ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
/var/db/pkg/*/+INSTALL arguments
What are the proper arguments to pass to +INSTALL during package installation? Please don't tell me to use pkg_add, I want to rsync /usr/local/ and then run the needed post-install stuff. Thanks, Rich ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: freebsd 7.1 and high avalalibity
gahn skrev: Hi all: What kind of options do I have for HA software in terms of Freebsd 7.1? I have two servers that need to work in symphony so that in case one down then we have another replica to work with. Thanks in advance ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org No virus found in this incoming message. Checked by AVG - www.avg.com Version: 8.0.234 / Virus Database: 270.10.23/1947 - Release Date: 02/10/09 17:44:00 Hello gahn, CARP or freevrrpd. http://www.freebsd.org/doc/en/books/handbook/carp.html http://www.freshports.org/net/freevrrpd/ /R ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Restricting users to their own home directories / not letting users view other users files...?
Ahhh... well, that's a considerably more verbose solution than your first solution. The groups are not the default FreeBSD groups, as I thought you were using. I will definitely check that out, thanks! I looked into restricted shells and such, but I couldn't find any documentation or information on that sort of stuff... -- - Keith Palmer ke...@academickeys.com http://www.AcademicKeys.com/ On Thu, February 12, 2009 11:48 am, Uwe Laverenz wrote: On Thu, Feb 12, 2009 at 11:04:59AM -0500, Keith Palmer wrote: Your other proposed solution results in the same situation, correct? No No, it doesn't. Let's assume shannon is in the login group users, her home directory would look like this: drwx-x 2 shannon users 512 Feb 12 17:19 shannon This ensures that apache can enter /home/shannon which is necessary because that's where public_html is. It is not possible for apache to read the contents of /home/shannon because 'r' is missing. This would achieve the goal that other users including apache can not read the contents of the home dir. Ok, now apache needs read only access to public_html, so I would set permissions this way (2750 shannon:www): drwxr-s--- 2 shannon www512 Feb 12 17:30 public_html All directories under public_html should also have these permissions, all files should have 0640 or 0644. This would achieve the goal that apache can read everything it needs to but nothing more. matter what, Apache needs read-access to any and all files, so no matter what PHP will have access to read any user's files. There's no way around that for a shared hosting situation that I know of... Sure there is: this way apache can not read any other files outside public_html. Your solution doesn't work because the user keith could still do a ls /home/shannon/public_html/ and get the directory listing (shannon's public_html directory is 0755, per your suggestion). Unless I'm missing something...? You don't have to set it to 0755. If you set it to 2750 keith can no longer see the files in shannon/public_html as long as he isn't member of group www. And even if their homedirs contain a folder that belongs to group www, they don't have to be members of www themselves. I don't now your environment, but there other ways of getting things more secure, such as the use of jails, restricting shell access or forcing the use of a restricted shell and so on. bye, Uwe ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Accessing the complete log (rlog)
In the last episode (Feb 10), Mel said: On Tuesday 10 February 2009 22:13:09 Yann-Gaël Guéhéneuc wrote: Is it possible that you CVS server does not support rlog because of recursion? Do you think it could be possible to enable rlog? Easy work-around: hop over to /usr/share/examples/cvs/cvs-supfile. Read/edit. Install /usr/ports/net/cvsup-without-gui. Run cvsup -L2 /path/to/edited/cvs-supfile cvs log locally, all you want ;) Space needed: # du -sh /home/ncvs 3.7G/home/ncvs If you cvsup the whole source tree and are just interested in reading the commitlogs themselves, archived commitlogs going back to 1995 are stored at /home/ncvs/CVSROOT-src/commitlogs . You can also get them in mailing-list format by downloading the cvs-all list archives from ftp://ftp.freebsd.org/pub/FreeBSD/doc/mailing-lists/archive/ . Yet another option is to use the Subversion repository instead of CVS: svn log -v -r 1:HEAD svn://svn.freebsd.org/base will dump all commitlogs starting with the first. Probably not recommended if you are going to scan through every commit, but handy if you want to pick and choose, and much much faster than CVS. What changes were made to ufs between 1995 and 1996: svn log -r '{1995-01-01}:{1996-01-01}' svn://svn.freebsd.org/base/head/sys/ufs -- Dan Nelson dnel...@allantgroup.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Restricting users to their own home directories / not letting users view other users files...?
--On Thursday, February 12, 2009 10:04:59 -0600 Keith Palmer ke...@academickeys.com wrote: Your other proposed solution results in the same situation, correct? No matter what, Apache needs read-access to any and all files, so no matter what PHP will have access to read any user's files. There's no way around that for a shared hosting situation that I know of... If you remove the groups write privs, then PHP scripts can't really do any damage at least. Your solution doesn't work because the user keith could still do a ls /home/shannon/public_html/ and get the directory listing (shannon's public_html directory is 0755, per your suggestion). Unless I'm missing something...? If you set the world readable bit, you break the entire schema. To make it work, world must have no access - not even directory search access. So you set u=rwx,g=srx,o-rwx (or 2750), for homedirs and u=rw,g=sr,o-rwx (or 2640) for files. To maintain the schema you would also need to change the users' umask to 027 or (script a perm change periodically to remove the world bits from new files.) If you want to get more granular, you can set the homedirs and all subdirs to owner:owner and only set the public_html dir and its subdirs to owner:www. The key is to remove the world access from the homedirs and everything under them, set the group to www, setgid and change the umask. Once you've done that, it's pretty much maintenance free. It wouldn't hurt to script something that crawls the homedirs periodically looking for perm problems, just in case something crops up. The webserver only needs read access to files (unless the application you're running has some special requirements.) You can make a perl script (or php files, python, tcl, you name it) read only and then configure Apache so it's executable from within Apache but not directly from the hard drive. Most application vendors tend to err on the side of too-loose perms, demanding rwx for everything when that's really not needed. You can play around with the perms and see what breaks, then roll the new set out once you've figured out what's needed. But, if you do it right, world doesn't need any access at all, and that's going to be a requirement going forward to keep others from seeing the files. If world has access, anyone on the server has access. The webserver I maintain has no access at all for world. Individual dirs may have differing access rights depending upon who needs to get into them, but world is excluded. This means an attacker has to become root or the webserver user before he can even see the web stuff, and only root would have more than read access. If the web server has read only access to the files, then an attacker is limited to exploiting vulnerabilities in the webserver or the applications running on it. I strongly suggest you install and use mod_security (if you're not already) to protect against that. It's very lightweight and works quite well. There's an active user community, and you can protect against existing vulnerabilities with the right filters in place. -- Paul Schmehl (pa...@utdallas.edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/
Re: Accessing the complete log (rlog)
On Thu, 12 Feb 2009 11:30:10 -0600, Dan Nelson dnel...@allantgroup.com wrote: Yet another option is to use the Subversion repository instead of CVS: svn log -v -r 1:HEAD svn://svn.freebsd.org/base will dump all commitlogs starting with the first. Probably not recommended if you are going to scan through every commit, but handy if you want to pick and choose, and much much faster than CVS. What changes were made to ufs between 1995 and 1996: svn log -r '{1995-01-01}:{1996-01-01}' svn://svn.freebsd.org/base/head/sys/ufs If you want even faster results, you can *mirror* the svn repository with svnsync :) Then the diff options are exactly the same, but for the repo-url you can use `file:///local/path/to/mirror', i.e.: svn log -r '{1995-01-01}:{1996-01-01}' file:///svnroot/base/head/sys/ufs ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ipv6 and freebsd
gahn wrote: What shall I do to accomplish this on FreeBSD? For clarification and completeness, here is exactly what I did: First, config the router (Cisco): interface FastEthernet0/0 ip address 192.168.3.2 255.255.255.0 duplex auto speed auto ipv6 address 2607:F118:A::1/64 ipv6 address FEC0:10::1/64 ipv6 nd ra-lifetime 210 ipv6 nd prefix 2607:F118:A::/64 ipv6 nd prefix FEC0:10::/64 Next, on the host, ensure we are properly prepared: # sysctl -a net.inet6.ip6.accept_rtadv net.inet6.ip6.accept_rtadv: 1 # ndp -i fxp0 linkmtu=1500, maxmtu=1500, curhlim=64, basereachable=30s0ms, reachable=39s, retrans=1s0ms Flags: nud accept_rtadv Ensure there is not a blanket ICMP filter on the host, by pinging the link local address from the router (even if you can ping, it is still possible that ICMP type 9 are being blocked): # ping fe80::20d:60ff:fe4c:81ca Output Interface: FastEthernet0/0 Packet sent with a source address of FE80::20A:F4FF:FE0B:B109 ! Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/0 ms Ensure we see RAs on the wire: # tcpdump -n -i fxp0 ip6 listening on fxp0, link-type EN10MB (Ethernet), capture size 96 bytes 09:30:50.820717 IP6 fe80::20a:f4ff:fe0b:b109 ff02::1: ICMP6, router advertisement, length 96 Capture the entire packet with the RA information to make sure that the router is actually sending the prefixes we want to autoconf. Dump this info into a file, so we can scp it to our workstation to read it into Wireshark: # tcpdump -n -i fxp0 -s 0 -w /var/log/test.pcap ip6 What does Wireshark tell us about the advertisement: ICMPv6 Option (Prefix information) Type: Prefix information (3) Length: 32 Prefix length: 64 Flags: 0xc0 1... = Onlink .1.. = Auto ..0. = Not router address ...0 = Not site prefix Valid lifetime: 2592000 Preferred lifetime: 604800 Prefix: 2607:f118:a:: *** ICMPv6 Option (Prefix information) Type: Prefix information (3) Length: 32 Prefix length: 64 Flags: 0xc0 1... = Onlink .1.. = Auto ..0. = Not router address ...0 = Not site prefix Valid lifetime: 2592000 Preferred lifetime: 604800 Prefix: fec0:10:: *** So by this point, we've confirmed that everything is in order. I don't know if FreeBSD will autoconf if the 'L' bit (Onlink) flag is set to 0, so check that too. Let's see our ifconfig output: # ifconfig fxp0 inet6 fe80::20d:60ff:fe4c:81ca%fxp0 prefixlen 64 scopeid 0x1 inet 192.168.3.1 netmask 0xff00 broadcast 192.168.3.255 inet6 2607:f118:a:0:20d:60ff:fe4c:81ca prefixlen 64 autoconf inet6 fec0:10::20d:60ff:fe4c:81ca prefixlen 64 autoconf The last thing to try, is to ping6 the known IPv6 address of the router from the host. Perhaps ifconfig is not displaying the learnt addressing information until it is used. (This situation did come up for me, but it may have been a coincidence in timing. I haven't been able to reproduce it). Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ipv6 and freebsd
Steve: Thanks for the help. well i find the problem: on the juniper routers, the configuration missed the statement of prefix fec0:: under the clause of router-advertisement. Once i set that right, it works as it should be. best --- On Thu, 2/12/09, Steve Bertrand st...@ibctech.ca wrote: From: Steve Bertrand st...@ibctech.ca Subject: Re: ipv6 and freebsd To: ipfr...@yahoo.com Cc: freebsd general questions freebsd-questions@freebsd.org Date: Thursday, February 12, 2009, 6:20 AM gahn wrote: Thanks Steve: the router that sending RA is juniper and the protocol router-advertisement has been activated: g...@lab_1 show interfaces fe-0/0/3 ... Logical interface fe-0/0/3.170 (Index 70) (SNMP ifIndex 59) ... Addresses, Flags: Is-Preferred Destination: fe80::/64, Local: fe80::214:f600:aa2c:d403 Addresses, Flags: Is-Preferred Is-Primary Destination: fec0:10:5::/64, Local: fec0:10:5:0:214:f600:aa2c:d403 fec0::/10 was deprecated per RFC3879. Perhaps the Juniper unit is obeying this and just not sending the prefix in the advertisement? Everything else looks good, so lets test that possibility (as remote as it is). Take your tcpdump one step further: lab# tcpdump -n -i bge1 ip6 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on bge1, link-type EN10MB (Ethernet), capture size 96 bytes 17:55:44.027565 IP6 fe80::214:f600:aa2c:3c03 ff02::1: ICMP6, router advertisement, length 24 18:02:46.283353 IP6 fe80::214:f600:aa2c:d403 ff02::1: ICMP6, router advertisement, length 24 # tcpdump -n -i bge1 -s 0 -w /path/to/file.pcap ip6 After a time of that running (there won't be any STDOUT output), stop the capture, and open the file in Wireshark. (I've never figured out how to get tcpdump to read the data portion of the packets from a file). With the -s0, it will capture the headers and the data of each packet, so you should be able to tell whether the RA announcements do actually contain the prefix you are trying to get configured. Something that I should have asked from the get-go...do you have any sort of firewall running on the box? I'll set this up in my lab here today. Although we don't have any Juniper units, I'll see if I can recreate the problem with Cisco hardware. You may also want to test using a non-deprecated address space. The documentation address may work for instance. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Accessing the complete log (rlog)
Thank you all for your kind and quick help! Indeed, I am really interested only in the commitlogs so I will probably try Dan's solution first, then if I need more data, I'll follow Mel or Giorgos's solutions! Cheers! Yann Giorgos Keramidas wrote: On Thu, 12 Feb 2009 11:30:10 -0600, Dan Nelson dnel...@allantgroup.com wrote: Yet another option is to use the Subversion repository instead of CVS: svn log -v -r 1:HEAD svn://svn.freebsd.org/base will dump all commitlogs starting with the first. Probably not recommended if you are going to scan through every commit, but handy if you want to pick and choose, and much much faster than CVS. What changes were made to ufs between 1995 and 1996: svn log -r '{1995-01-01}:{1996-01-01}' svn://svn.freebsd.org/base/head/sys/ufs If you want even faster results, you can *mirror* the svn repository with svnsync :) Then the diff options are exactly the same, but for the repo-url you can use `file:///local/path/to/mirror', i.e.: svn log -r '{1995-01-01}:{1996-01-01}' file:///svnroot/base/head/sys/ufs -- Yann-Gaël Guéhéneuc Ph.D. et ing. / Ph.D. and eng. Professeur agrégé / Associate professor DGIGL, École Polytechnique 1-514-340-5121 #7116 (Téléphone / Phone) C.P. 6079, succ. Centre-Ville 1-514-340-5139 (Télécopie / Fax) Montréal, QC, H3C 3A7, Canada www.ptidej.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
KDE4: How to make Home/End keys to work properly in the kde4-console?
I chose Linux in Settings-Edit Current Profile-Input. But Home/End keys bring the cursor to the beginning/end of line either only in 'vim', or only for commands typed into console. But not for both. If Home=\E[1~ and End=\E[4~ keys work in vim, but for the console commands instead of moving cursor they type '~'. If Home=\E[H and End=\E[F keys work for the console commands but not in vim. I believe the first combination is correct and should work for both vim and console. But why it doesn't work in console? Yuri ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Pallets-Videos of Warrior Systems
MR® Hebbecker Workhorse Lawson Walz-Schenk HIX MHM Hopkins TAS Antec TUF Ranar Anatol CAPS Come see us at the ISS Shows in Orlando or Atlantic City during February March. Videos of the Warrior Supreme Warrior XPS are now available. See Below Warrior Supreme - All-Over Wrap-Around Flip Pallets Warrior XPS - All-Over Wrap-Around Removable Flip Pallets SEE VIDEO SEE VIDEO The All-Over Wrap Around Flip Pallet allows you to do a perfectly registered front to back wrap around print. That is, with one machine one setup, and one extra person, you can produce shirts with stunning appeal that increases your production value dramatically. All-Over Wrap-Around Removable + Side Shifting + Rotating - Flip Pallets - . It does full Blown AOP Wrap-Around it can be moved from machine to machine . The pallets slide left and right to increase your stroke width and can be rotated 180 degrees. By Email Only Very Special Offers Your First Winged Floodbar - 50% OFF 4 x 22-Sleeve Pallets - Get 20% OFF - for Certain Machines 4 x 22-Pocket - get 25% OFF - Certain Machines Special Thanks to the crew of T-Shirt Forums.com for making the videos at ISS Long Beach. This is the worlds leading information resource and blog-spot for everything related to t-shirt printing . If you want to be removed from this list please Reply with Remove in the subject line. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: freebsd-questions Digest, Vol 246, Issue 90
On Thu, Feb 12, 2009 at 11:58:44AM +0700, joko bodo wrote: why i get mail with subject always digest: You're probably subscribed to the digest version of the mailing list, where all the emails to the list over a given period of time are bundled together into a single message, rather than each email arriving in your inbox separately. -- Chad Perrin [ content licensed OWL: http://owl.apotheon.org ] Quoth Philip Machanick: caution: if you write code like this, immediately after you are fired the person assigned to maintaining your code after you leave will resign pgps7oCw3FLU6.pgp Description: PGP signature
Assigning static ip address
Hi list, I've been experimenting and googling for hours w/ no luck. All I want to do is run dhcp and then replace the ip address of the interface with a new static ip afterwards. I've been looking at the /etc/dhclient.conf man pages, but they don't seem to help. I can do it from rc.conf like: ifconfig_em0=inet 1.2.3.4 but then I loose all the other dhcp parameters like dns and stuff. Is it really that hard??? thanks - Nikolaj ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 7.4 - X -configure gives No devices to configure
On Wed, 2009-02-11 at 10:42 +, Anton Shterenlikht wrote: Upgrade from 7.3 to 7.4 made X unsuable on FBSD 7.1-stable i386. I followed the UPDATE procedures, had no errors on build, but on X -configure I get No devices to configure. Configuration failed. This is a Compaq Armada 1700 laptop, old I know, but 7.3 worked fine. The graphics is by Chips and Technologies, nothing fancy, and the driver is xf86-video-chips-1.2.1. The full log is below. What's going on? many thanks anton *** X.Org X Server 1.5.3 Release Date: 5 November 2008 X Protocol Version 11, Revision 0 Build Operating System: FreeBSD 7.1-STABLE i386 Current Operating System: FreeBSD mech-aslap33.men.bris.ac.uk 7.1-STABLE FreeBSD 7.1-STABLE #0: Sat Jan 31 14:31:50 GMT 2009 me...@mech-aslap33.men.bris.ac.uk:/usr/obj/usr/src/sys/ARMADA1700 i386 Build Date: 09 February 2009 10:16:23AM Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (==) Log file: /var/log/Xorg.0.log, Time: Wed Feb 11 10:15:59 2009 (II) Loader magic: 0x81bede0 (II) Module ABI versions: X.Org ANSI C Emulation: 0.4 X.Org Video Driver: 4.1 X.Org XInput driver : 2.1 X.Org Server Extension : 1.1 X.Org Font Renderer : 0.6 (II) Loader running on freebsd (--) Using syscons driver with X support (version 2.0) (--) using VT number 9 (--) PCI:*(0...@0:8:0) Chips and Technologies F6 HiQVPro rev 168, Mem @ 0x4000/0, BIOS @ 0x/65536 List of video drivers: chips (II) LoadModule: chips (II) Loading /usr/local/lib/xorg/modules/drivers//chips_drv.so (II) Module chips: vendor=X.Org Foundation compiled for 1.5.3, module version = 1.2.1 Module class: X.Org Video Driver ABI class: X.Org Video Driver, version 4.1 (II) System resource ranges: [0] -1 0 0x0010 - 0x3fff (0x3ff0) MX[B]E(B) [1] -1 0 0x000f - 0x000f (0x1) MX[B] [2] -1 0 0x000c - 0x000e (0x3) MX[B] [3] -1 0 0x - 0x0009 (0xa) MX[B] [4] -1 0 0x - 0x (0x1) IX[B] [5] -1 0 0x - 0x00ff (0x100) IX[B] (II) Primary Device is: PCI 0...@00:08:0 No devices to configure. Configuration failed. I'll need to see a pciconf -lv, but it looks like the chips driver isn't recognizing your chip. You could try the vesa driver. The chips driver has not been maintained in quite a while I would say. robert. -- Robert Noland rnol...@freebsd.org FreeBSD signature.asc Description: This is a digitally signed message part
Re: Assigning static ip address
Nikolaj Thygesen wrote: Hi list, I've been experimenting and googling for hours w/ no luck. All I want to do is run dhcp and then replace the ip address of the interface with a new static ip afterwards. I've been looking at the /etc/dhclient.conf man pages, but they don't seem to help. I can do it from rc.conf like: ifconfig_em0=inet 1.2.3.4 but then I loose all the other dhcp parameters like dns and stuff. Is it really that hard??? thanks - Nikolaj Is there a reason you don't set /etc/resolv.conf to static nameservers as well? Also does not fixed-address lease give you what you want? -- Adam Vandemore Systems Administrator IMED Mobility (605) 498-1610 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Assigning static ip address
Nikolaj Thygesen wrote: Hi list, I've been experimenting and googling for hours w/ no luck. All I want to do is run dhcp and then replace the ip address of the interface with a new static ip afterwards. I've been looking at the /etc/dhclient.conf man pages, but they don't seem to help. I can do it from rc.conf like: ifconfig_em0=inet 1.2.3.4 but then I loose all the other dhcp parameters like dns and stuff. Is it really that hard??? thanks - Nikolaj Your rc.conf line is incomplete. Even if that line was complete, your route would be missing Your /etc/resolv.conf gets rewritten by dhclient every time it renews the IP. Given your rc.conf statement is incomplete, is why you lose 100% connectivity. Basic networking on a LAN (meaning: NO INTERNET) is IP address and subnet basic networking ON the internet needs a router in addition to the above full internet working needs DNS server in addition to the above. You don't even hit the Basic w/out Internet. Please either give details from rc.conf, or read it's manpage so we can point you to the manpage again. --Tim ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How-to erase a DVD-RW
Wojciech Puchar wrote: The manpage of growisofs suggests this: Note that DVD+RW re-formatting procedure does not substitute for blank- ing. If you want to nullify the media, e.g. for privacy reasons, do it explicitly with 'growisofs -Z /dev/dvd=/dev/zero'. which is exactly what i suggested - writing 0 byte disc that writes binary 0, the ASCII NUL character. /dev/zero is NOT a zero-size file. Untested, and I don't use DVD RW medium as I don't have a need for it yet: growisofs -Z /dev/cd0=: the : is interpreted by the csh shell as an always true return value, to which you can use to truncate files: :/boot/kernel/kernel #only the inexperienced may blindly try this. DON'T TRY THIS AT HOME OR WORK Given this logic, it should also return true for an input file. Try it. I'd be curious to see if it works. --Tim dvd+rw-format will clear DVD+RW disk. Definitely much easier. -- Polytropon From Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Assigning static ip address
On Thursday 12 February 2009 6:00:04 pm Nikolaj Thygesen wrote: Hi list, I've been experimenting and googling for hours w/ no luck. All I want to do is run dhcp and then replace the ip address of the interface with a new static ip afterwards. I've been looking at the /etc/dhclient.conf man pages, but they don't seem to help. I can do it from rc.conf like: ifconfig_em0=inet 1.2.3.4 but then I loose all the other dhcp parameters like dns and stuff. Is it really that hard??? thanks - Nikolaj Could you plase configure your /etc/rc.conf file to something like this? ifconfig_ed0=inet 192.168.1.105 netmask 255.255.255.0 defaultrouter=192.168.1.1 Where defaultrouter is the IP of your dhcp server and tell me what happens? Regards -- Blessings Gonzalo Nemmi ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Assigning static ip address
Could you plase configure your /etc/rc.conf file to something like this? ifconfig_ed0=inet 192.168.1.105 netmask 255.255.255.0 defaultrouter=192.168.1.1 Where defaultrouter is the IP of your dhcp server and tell me what happens? AFAIK, this should really be the default gateway IP, not the DHCP server. -- Glen Barber ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Assigning static ip address
Gonzalo Nemmi wrote: On Thursday 12 February 2009 6:00:04 pm Nikolaj Thygesen wrote: Could you plase configure your /etc/rc.conf file to something like this? ifconfig_ed0=inet 192.168.1.105 netmask 255.255.255.0 defaultrouter=192.168.1.1 Where defaultrouter is the IP of your dhcp server and tell me what happens? Regards When I do, I get: em0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=19bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4 ether 00:1b:21:1b:fd:bd inet6 fe80::21b:21ff:fe1b:fdbd%em0 prefixlen 64 scopeid 0x1 inet 192.168.1.105 netmask 0xff00 broadcast 192.168.1.255 media: Ethernet autoselect (1000baseTX full-duplex) status: active I still get no connectivity until i run dhclient em0 which gives me: em0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=19bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4 ether 00:1b:21:1b:fd:bd inet6 fe80::21b:21ff:fe1b:fdbd%em0 prefixlen 64 scopeid 0x1 inet 192.168.1.105 netmask 0xff00 broadcast 192.168.1.255 inet 10.0.0.2 netmask 0xff00 broadcast 10.0.0.255 media: Ethernet autoselect (1000baseTX full-duplex) status: active adding what I guess is called an alias 10.0.0.2 ip?!?! I'm not that much of an expert in these matters, and I'm a bit puzzled why, at first (before calling dhclient), it can't resolve addresses eventhough /etc/resolv.conf contains all my dns's. br - N ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
accents in file names
Hi. is there a way to have a freebsd system with file names with accented words. Like filé.txt instead of file.txt. Now if I copy a file with an accented letter to my freebsd box, the accented letter simply disappear. thanks, daniel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Assigning static ip address
ifconfig_em0=inet 1.2.3.4 but then I loose all the other dhcp parameters like dns and stuff. Is it really that hard??? echo nameserver yourdns /etc/resolv.conf and turn off dhclient of course ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Bios chip update suggestions
Bruce Cran wrote: On Sat, 14 Mar 2009 18:37:55 +0800 Fbsd1 fb...@a1poweruser.com wrote: Chris Whitehouse wrote: Fbsd1 wrote: I have an desktop manufactured in 2002 by a South Korean company Hyunju. The company is now out of business. It's bio's do not allow booting from a usb memory stick. I want to find an bio's update that adds booting from usb memory stick. I know the desktop uses AWARD bio's chip and the bio's id string is 01/08/2002-694T-686-P6VXM2TC-00 All the internet bio's chip update url's found by Google search are customized for MS windows. Suggestions on how or where to purchase the correct bio's chip update? What do you mean the update url's are customised for windows? The bios doesn't know anything about operating system. Most likely you could download a dos boot disk image - google, there are plenty around - create a bootable floppy and copy your latest bios image and bios update program, eg awdflash.exe onto it. Just boot from the floppy and run the update. Just be sure the bios image is really intended for your motherboard and don't interrupt the update. Chris What i mean is all the bio update sites have a utility that runs from the website to fetch your bio id string info. This utility will not work on a non-windows operating system. I'd recommend having a copy of the Ultimate Boot CD (http://www.ultimatebootcd.com/) for such situations. I even needed it when I had Vista x64 installed and found that the flash program wanted to load an unsigned driver - I had to boot into XP using the CD because Vista x64 blocked the driver. Once booted from the CD you can access the Internet and see local drives. Wow! one reply from a post 4 weeks ago, another from 4 weeks into the future! This list is amazing. Thanks for your reply Fbsd1. By non-windows you mean not even DOS? I guess your options then are a windows live cd (UBCD?) or put a spare hard disk in the machine and install windows (not a pleasant experience). Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: accents in file names
On Feb 12, 2009, at 1:46 PM, Daniel Leal wrote: is there a way to have a freebsd system with file names with accented words. Like filé.txt instead of file.txt. Now if I copy a file with an accented letter to my freebsd box, the accented letter simply disappear. UFS supports 8-bit characters except for / and \0, but you also need to run a terminal with UTF8 support and use a correct font to view such things. Perhaps this might give you some insight: http://www.cl.cam.ac.uk/~mgk25/unicode.html Note that other file systems have more comprehensive Unicode support: http://en.wikipedia.org/wiki/Comparison_of_file_systems#Limits Perhaps I'm biased, but I've long been of the opinion that the Mac platform with HFS+ has very good internationalization support. Regards, -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: accents in file names
how and from what do you copy. UFS generally doesn't have any limits for filename characters. i do have files with polish letters on my disk - no problem On Thu, 12 Feb 2009, Daniel Leal wrote: Hi. is there a way to have a freebsd system with file names with accented words. Like filé.txt instead of file.txt. Now if I copy a file with an accented letter to my freebsd box, the accented letter simply disappear. thanks, daniel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: accents in file names
accented letter to my freebsd box, the accented letter simply disappear. UFS supports 8-bit characters except for / and \0, but you also need to run a terminal with UTF8 support and use a correct font to view such things. why? i use ISO-8859-2 UFS doesn't deal with encoding at all, just store what you give ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How-to erase a DVD-RW
which is exactly what i suggested - writing 0 byte disc that writes binary 0, the ASCII NUL character. /dev/zero is NOT a zero-size file. yes it is [woj...@wojtek ~/NOBACKUP]$ dd if=/dev/null of=/dev/null bs=1 0+0 records in 0+0 records out 0 bytes transferred in 0.37 secs (0 bytes/sec) /dev/null simply gives EOF when trying to read ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Assigning static ip address
On Thu, Feb 12, 2009 at 10:38:02PM +0100, Nikolaj Thygesen wrote: Gonzalo Nemmi wrote: On Thursday 12 February 2009 6:00:04 pm Nikolaj Thygesen wrote: Could you plase configure your /etc/rc.conf file to something like this? ifconfig_ed0=inet 192.168.1.105 netmask 255.255.255.0 defaultrouter=192.168.1.1 Where defaultrouter is the IP of your dhcp server and tell me what happens? Regards When I do, I get: em0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=19bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4 ether 00:1b:21:1b:fd:bd inet6 fe80::21b:21ff:fe1b:fdbd%em0 prefixlen 64 scopeid 0x1 inet 192.168.1.105 netmask 0xff00 broadcast 192.168.1.255 media: Ethernet autoselect (1000baseTX full-duplex) status: active I still get no connectivity until i run dhclient em0 which gives me: em0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=19bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4 ether 00:1b:21:1b:fd:bd inet6 fe80::21b:21ff:fe1b:fdbd%em0 prefixlen 64 scopeid 0x1 inet 192.168.1.105 netmask 0xff00 broadcast 192.168.1.255 inet 10.0.0.2 netmask 0xff00 broadcast 10.0.0.255 media: Ethernet autoselect (1000baseTX full-duplex) status: active adding what I guess is called an alias 10.0.0.2 ip?!?! I'm not that much of an expert in these matters, and I'm a bit puzzled why, at first (before calling dhclient), it can't resolve addresses eventhough /etc/resolv.conf contains all my dns's. I think you need to turn off dhclient in /etc/rc.conf - or don't turn it on. Also, make sure your resolv.conf is correct and the default router is correctly set in /etc/rc.conf to your gateway address.It looks like your ifconfig might be correct, but either or both of resolv.conf or default router is wrong or dhclient is running and clobbering them. jerry br - N ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: accents in file names
2009/2/12 Chuck Swiger cswi...@mac.com: On Feb 12, 2009, at 1:46 PM, Daniel Leal wrote: is there a way to have a freebsd system with file names with accented words. Like filé.txt instead of file.txt. Now if I copy a file with an accented letter to my freebsd box, the accented letter simply disappear. UFS supports 8-bit characters except for / and \0, but you also need to run a terminal with UTF8 support and use a correct font to view such things. Perhaps this might give you some insight: http://www.cl.cam.ac.uk/~mgk25/unicode.html Note that other file systems have more comprehensive Unicode support: http://en.wikipedia.org/wiki/Comparison_of_file_systems#Limits Perhaps I'm biased, but I've long been of the opinion that the Mac platform with HFS+ has very good internationalization support. Regards, -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Yeah, I love the way you're allowed a / in filenames on the Mac. Makes me snigger... How are you copying the files over? On my Mac: [ch...@zeus]~% touch bluurgh\303\251#\303\251 is what comes up when I make an é [ch...@zeus]~% ls 5500plugin.tar NetBeansProjects/ hist200.txt Applications/ Pictures/ hist300.txt Desktop/Public/ hist600.txt Documents/ Rips/ hist900.txt Library/Sites/ public_html@ Movies/ bluurghe?? xcodeJava/ Music/ drop/ [ch...@zeus]~% ls |grep bluu bluurghé [ch...@zeus]~% Look! grep supports that character, but ls doesn't show it properly... so scp works fine... [ch...@zeus]~% scp bluurghe\314\201 amnesiac.bayofrum.net:. bluurghé100%0 0.0KB/s 00:00 [ch...@zeus]~% ssh amnesiac.bayofrum.net 'ls |grep blu' bluurghé [ch...@zeus]~% ssh amnesiac.bayofrum.net 'rm blu*' Samba seems to do strange things though; copied it over with samba [ch...@zeus]~% ssh amnesiac.bayofrum.net 'ls |grep blu' bluurghé* [ch...@zeus]~% What's with the *? and after nfs: [ch...@zeus]~% sudo mount -t nfs amnesiac.bayofrum.net:/usr/home/chris Applications [ch...@zeus]~% cp bluurghe\314\201 Applications/ [ch...@zeus]~% ssh amnesiac.bayofrum.net 'ls |grep blu' bluurghé [ch...@zeus]~% What?? Why does it work OK with nfs and scp, but not samba? Really wouldn't bother unless you spend your time exclusively in GUI environments, just seems a real hassle. Chris -- R $h ! $- ! $+ $@ $2 @ $1 .UUCP. (sendmail.cf) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How-to erase a DVD-RW
2009/2/12 Wojciech Puchar woj...@wojtek.tensor.gdynia.pl: which is exactly what i suggested - writing 0 byte disc that writes binary 0, the ASCII NUL character. /dev/zero is NOT a zero-size file. yes it is [woj...@wojtek ~/NOBACKUP]$ dd if=/dev/null of=/dev/null bs=1 0+0 records in 0+0 records out 0 bytes transferred in 0.37 secs (0 bytes/sec) /dev/null simply gives EOF when trying to read But we're talking about /dev/zero, not /dev/null ... [ch...@zeus]~% dd if=/dev/zero of=/dev/null bs=2 count=5 5+0 records in 5+0 records out 10 bytes transferred in 0.50 secs (200684 bytes/sec) [ch...@zeus]~% Chris -- R $h ! $- ! $+ $@ $2 @ $1 .UUCP. (sendmail.cf) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: accents in file names
On Feb 12, 2009, at 2:50 PM, Wojciech Puchar wrote: accented letter to my freebsd box, the accented letter simply disappear. UFS supports 8-bit characters except for / and \0, but you also need to run a terminal with UTF8 support and use a correct font to view such things. why? i use ISO-8859-2 You've answered why when you state that you set up a locale which supports ISO Latin-X charset. If you are running in the default C/ POSIX locale, using the US-ASCII character set and a font that only knows about 7-bit ASCII glyphs, then you won't get accented characters. UFS doesn't deal with encoding at all, just store what you give That's right, which means you need to use filenames encoded in UTF8 rather than in arbitrary Unicode. People in Asia tend to want UTF-16 or UTF-32 encoding (although historical encodings like Big5, Shift- JIS, and now GB18030 for China are still rather popular, and those are multibyte encodings), and things like gcc's implementation of widechars or Python are standardizing on UTF-32. Regards, -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Old user can't log in
Just ran into a strange problem... I have a long-standing user account on my FreeBSD box that no longer works. She can't ssh into the box, and I can't even su to her account. $ su jessica Password: su: setusercontext: Invalid argument Doing some googling, I did find people with similar problems, but I guess I don't understand the solutions :-) Someone suggested doing the following: # ktrace -di su jessica # kdump -f ktrace.out This produces tons of output... the last few lines contain the following: 59929 su NAMI /etc/nsswitch.conf 59929 su RET stat 0 59929 su CALL setgroups(0x11,0x7fffe5d0) 59929 su RET setgroups -1 errno 22 Invalid argument 59929 su CALL gettimeofday(0x7fffd810,0) 59929 su RET gettimeofday 0 59929 su CALL socket(0x1,0x2,0) 59929 su RET socket 3 59929 su CALL fcntl(0x3,0x2,0x1) 59929 su RET fcntl 0 59929 su CALL connect(0x3,0x7fffd7b0,0x6a) 59929 su NAMI /var/run/logpriv 59929 su RET connect 0 59929 su CALL sendto(0x3,0x7fffdd10,0x42,0,0,0) 59929 su GIO fd 3 wrote 66 bytes 35Feb 12 17:59:14 su: initgroups(jessica,1022): Invalid argument I guess this is a clue, but I have no idea what to do with it. All other users that I've tried work, so the problem seems to be tied to something in this particular user's account. The /etc/passwd and /etc/group files look fine. Any suggestions, much appreciated. -- John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Old user can't log in
On Feb 12, 2009, at 3:14 PM, John Almberg wrote: Just ran into a strange problem... I have a long-standing user account on my FreeBSD box that no longer works. She can't ssh into the box, and I can't even su to her account. $ su jessica Password: su: setusercontext: Invalid argument Does group 1022 exist in /etc/groups? Is the user a member of more than 16 groups? -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
recovering from a power outage
What's the canonical method for checking ufs file systems on a FreeBSD 7.1/amd64 system after an unscheduled power outage? thanks dn ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: recovering from a power outage
On Thu, Feb 12, 2009 at 04:06:49PM -0800, David Newman wrote: What's the canonical method for checking ufs file systems on a FreeBSD 7.1/amd64 system after an unscheduled power outage? How about fsck jerry thanks dn ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: recovering from a power outage
On 2/12/09 4:41 PM, Jerry McAllister wrote: On Thu, Feb 12, 2009 at 04:06:49PM -0800, David Newman wrote: What's the canonical method for checking ufs file systems on a FreeBSD 7.1/amd64 system after an unscheduled power outage? How about fsck Right. I'm asking procedurally how that's invoked -- eg., do I need to boot into single-user mode, what filesystem(s) do I mount and how, what switches if any do I use with fsck and so on. thanks! dn jerry thanks dn ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How-to erase a DVD-RW
Wojciech Puchar wrote: which is exactly what i suggested - writing 0 byte disc that writes binary 0, the ASCII NUL character. /dev/zero is NOT a zero-size file. yes it is [woj...@wojtek ~/NOBACKUP]$ dd if=/dev/null of=/dev/null bs=1 0+0 records in 0+0 records out 0 bytes transferred in 0.37 secs (0 bytes/sec) /dev/null simply gives EOF when trying to read we're not talking about null we're talking about zero Try again, maybe? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: recovering from a power outage
David Newman wrote: On 2/12/09 4:41 PM, Jerry McAllister wrote: On Thu, Feb 12, 2009 at 04:06:49PM -0800, David Newman wrote: What's the canonical method for checking ufs file systems on a FreeBSD 7.1/amd64 system after an unscheduled power outage? How about fsck Right. I'm asking procedurally how that's invoked -- eg., do I need to boot into single-user mode, what filesystem(s) do I mount and how, what switches if any do I use with fsck and so on. thanks! dn jerry thanks dn It's part of the bootup scripts now. It runs in the background 60 seconds after the login prompt shows up (not exactly, but close to 60 secs) it's the background_fsck option that defaults to YES in /etc/rc startup. only if there's major problems will it bail out, screaming for help. it'll drop you into a shell telling you that the filesystems need repair. --Tim ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Assigning static ip address
Nikolaj Thygesen wrote: Hi list, I've been experimenting and googling for hours w/ no luck. All I want to do is run dhcp and then replace the ip address of the interface with a new static ip afterwards. I've been following this thread all day, but I still don't understand exactly what you are trying to accomplish. From what I understand (and correct me if I'm wrong): - you are working on a FreeBSD host system - you have a DHCP server on the network, but it is not on this host - you want to use all of the DHCP assigned parameters on the host, but you want to have a static IP on the host you are working on that is different than the one assigned to you If that is correct, then you really only have two options: - do an #ifconfig, and in the configuration on the DHCP server, specify a directly assigned IP address to your MAC address. This way, DHCP server will feed you the same 'static' (aka permanent lease) address to you, and will also provide you with all other configuration parameters, or; - do not configure the IP address on the host via rc.conf. Let dhclient do its job, and have the system run a script at bootup with the requirement that 'network' setup is done, and that will set ONLY the IP address. It would help if you could specify what platform the DHCP server is running on, and whether you have control of it or not. It is important that you don't set a static IP address on your host that the DHCP server has in its lease pool. If you do, it may/will cause IP conflicts on the network. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: recovering from a power outage
On Thu, 12 Feb 2009 16:45:18 -0800 David Newman dnew...@networktest.com wrote: do I need to boot into single-user mode, what filesystem(s) do I mount and how, what switches if any do I use with fsck and so on. i thought it happens in the background anyway. i don't recall having to do anything other than listen to the drive whirring away - and we've had many power outages! -- In friendship, prad ... with you on your journey Towards Freedom http://www.towardsfreedom.com (website) Information, Inspiration, Imagination - truly a site for soaring I's ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: recovering from a power outage
[ deletia introducing discussion of fsck ] On Thu, 12 Feb 2009, Tim Judd wrote: It's part of the bootup scripts now. It runs in the background 60 seconds after the login prompt shows up (not exactly, but close to 60 secs) it's the background_fsck option that defaults to YES in /etc/rc startup. only if there's major problems will it bail out, screaming for help. it'll drop you into a shell telling you that the filesystems need repair. If you are paranoid (like I am) and want to watch everything happen, then it is nice that fsck will read /etc/fstab (if still present) and correlate filesystem names with devices, so you can just follow a sequence like this: (boot single user) fsck / fsck /usr fsck /var ...etc Once you have run fsck on /, you can mount it using mount -u -o rw / so that you can then run ed (which is in /bin). I am assuming that the reason you cannot use ed to look at a file until this point is because it wants to write the temporary buffer somewhere, even if there are no changes, and if / is readonly and nothing else is mounted, then /tmp is unavailable for this purpose. Can anyone corroborate that? If so, does anyone know when ed started wanting to make a temp file even before any edits are made? I am sure that ed has gotten me out of similar jams in the past, when I wanted to see part of a file in an unchecked root fs, and cat wouldn't fit the bill because the file was too long (and more and friends are far away on /usr, and therefore not available if still patching up the root). Anyone? Andrew. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Assigning static ip address
On Thursday 12 February 2009 7:33:31 pm Glen Barber wrote: Could you plase configure your /etc/rc.conf file to something like this? ifconfig_ed0=inet 192.168.1.105 netmask 255.255.255.0 defaultrouter=192.168.1.1 Where defaultrouter is the IP of your dhcp server and tell me what happens? AFAIK, this should really be the default gateway IP, not the DHCP server. You are absolutely right ... default gateway should really be the default gateway ... wich in my case it's also my dhco server ( WRT54G Linksys) ... I think I made way too many assumptions on my post ... So .. OP, please: 1) ifconfig_ed0=inet 192.168.1.105 netmask 255.255.255.0 Assign _your_ static ip to inet ... 192.168.1.105 is mine and was there just to set an example. Same thing applies to netmask As a side note, your static ip, should be out of the range of the valid dhcp lease ips 2) defaultrouter=192.168.1.1 Assing _your_ defaultrouter ip to defaultrouter ... 192.168.1.1 is mine and was there just to set an example. Thanks Glen for pointing that out. Regards -- Blessings Gonzalo Nemmi ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: recovering from a power outage
On Thu, 12 Feb 2009, David Newman wrote: On 2/12/09 4:41 PM, Jerry McAllister wrote: On Thu, Feb 12, 2009 at 04:06:49PM -0800, David Newman wrote: What's the canonical method for checking ufs file systems on a FreeBSD 7.1/amd64 system after an unscheduled power outage? How about fsck Right. I'm asking procedurally how that's invoked -- eg., do I need to boot into single-user mode, what filesystem(s) do I mount and how, what switches if any do I use with fsck and so on. Normally after booting after a power outage fsck will run automatically as part of the system startup, and will prune the filesystems automatically. If it finds an error it can't fix without help, it will drop you into a command line and tell you that there were errors that require your input to fix. At that point you can just run fsck {reported filesysem with errors} ie: fsck /dev/ad0s1e Sometimes you may want to use the -y switch, but use it with caution. man fsck for more info on other options. - Jamie thanks! dn jerry thanks dn ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Assigning static ip address
No, it isn't that hard...you could set up rc.conf to get a dynamic IP when the machine starts, and then you could write a startup script and place it in /usr/local/etc/rc.d that sleeps for however long you want the dynamic IP to be active, and then runs ifconfig to reconfigure your IP address to the static you want. You'd want to set up your rc.conf to get the dhcp address at boot time...here are some of the default options...season to taste: dhclient_program=/sbin/dhclient # Path to dhcp client program. dhclient_flags= # Extra flags to pass to dhcp client. #dhclient_flags_fxp0= # Extra dhclient flags for fxp0 only background_dhclient=NO# Start dhcp client in the background. - Wherever you go, there you are! On Thu, 12 Feb 2009, Nikolaj Thygesen wrote: Hi list, I've been experimenting and googling for hours w/ no luck. All I want to do is run dhcp and then replace the ip address of the interface with a new static ip afterwards. I've been looking at the /etc/dhclient.conf man pages, but they don't seem to help. I can do it from rc.conf like: ifconfig_em0=inet 1.2.3.4 but then I loose all the other dhcp parameters like dns and stuff. Is it really that hard??? thanks - Nikolaj ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Wordpress Port Question
Greetings, I have a question regarding Wordpress and Wordpress-mu ports. I want to install wordpress on my personal webserver (apache2, mysql, etc). I have several virtual hosts all with legitimate individual domain names. IE, www.mydomain.com, www.anotherdomain.com, www.yetanotherdomain.com. Do I need to install Wordpress or Wordpress-mu on my server ? The server has a clean install of Freebsd7 on it. I googled for my answer, but the comparisons between the two did not make it clear. Thanks for any guidance, -Darryl ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Old user can't log in
On Feb 12, 2009, at 7:19 PM, Chuck Swiger wrote: On Feb 12, 2009, at 3:14 PM, John Almberg wrote: Just ran into a strange problem... I have a long-standing user account on my FreeBSD box that no longer works. She can't ssh into the box, and I can't even su to her account. $ su jessica Password: su: setusercontext: Invalid argument Does group 1022 exist in /etc/groups? Yes Is the user a member of more than 16 groups? Actually, 15 plus it's own group, so yes, I guess exactly 16. I can guess what you're going to say next. Frack... Okay, I guess I can reorganize groups to eliminate this problem. Thanks for the hint (as they say, a hint to the wise is sufficient...) -- John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: recovering from a power outage
On Thu, Feb 12, 2009 at 05:16:53PM -0800, prad wrote: On Thu, 12 Feb 2009 16:45:18 -0800 David Newman dnew...@networktest.com wrote: do I need to boot into single-user mode, what filesystem(s) do I mount and how, what switches if any do I use with fsck and so on. i thought it happens in the background anyway. i don't recall having to do anything other than listen to the drive whirring away - and we've had many power outages! It does run in the background, but if you have time, it isn't a bad idea to run it in single user before bring the whole system back up in the circumstance of a catastrophic failure like a power outage. jerry -- In friendship, prad ... with you on your journey Towards Freedom http://www.towardsfreedom.com (website) Information, Inspiration, Imagination - truly a site for soaring I's ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Wordpress Port Question
Hi, Darryl Hoar wrote: | I want to install wordpress on my personal webserver (apache2, mysql, etc). Do you want to blog alone? If yes, WP fits you well. And you don't need to worry about the vhosts. (It seems to me you want to use one for your WP...) Regards, H signature.asc Description: OpenPGP digital signature
Re: Wordpress Port Question
Darryl Hoar wrote: Greetings, I have a question regarding Wordpress and Wordpress-mu ports. I want to install wordpress on my personal webserver (apache2, mysql, etc). I have several virtual hosts all with legitimate individual domain names. IE, www.mydomain.com, www.anotherdomain.com, www.yetanotherdomain.com. Do I need to install Wordpress or Wordpress-mu on my server ? The server has a clean install of Freebsd7 on it. I googled for my answer, but the comparisons between the two did not make it clear. Thanks for any guidance, -Darryl The wordpress-mu (Multi User) listens only to one domain name (like *.domain.com) and allows for users to create their own blog. If however you want to be in control, you need the wordpress version (on or more times, depending on your needs). Both my daughters have their own wordpress installation (not from ports btw - I update them manually via svn). Peter -- http://www.boosten.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: recovering from a power outage
Jerry McAllister writes: do I need to boot into single-user mode, what filesystem(s) do I mount and how, what switches if any do I use with fsck and so on. i thought it happens in the background anyway. i don't recall having to do anything other than listen to the drive whirring away - and we've had many power outages! It does run in the background, but if you have time, it isn't a bad idea to run it in single user before bring the whole system back up in the circumstance of a catastrophic failure like a power outage. 1) It was my understanding one has to force-mount a dirty filesuystem. IF this sounds like a practice best left to senior Jedi Masters ... it porbably is. 2) I would _never_ let background fsck take care of things after a crash, While hovering over the keyboard is a pain, I will find out how badly things are damaged, rather than have boatloads of files mysteriously vanish. Robert Huff ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Old user can't log in
On Thu, 2009-02-12 at 21:48 -0500, John Almberg wrote: On Feb 12, 2009, at 7:19 PM, Chuck Swiger wrote: On Feb 12, 2009, at 3:14 PM, John Almberg wrote: Just ran into a strange problem... I have a long-standing user account on my FreeBSD box that no longer works. She can't ssh into the box, and I can't even su to her account. $ su jessica Password: su: setusercontext: Invalid argument Does group 1022 exist in /etc/groups? Yes Is the user a member of more than 16 groups? Actually, 15 plus it's own group, so yes, I guess exactly 16. I can guess what you're going to say next. Frack... Okay, I guess I can reorganize groups to eliminate this problem. Thanks for the hint (as they say, a hint to the wise is sufficient...) -- John I've been following this thread with interest: are you saying FreeBSD logins cannot handle more than 16 groups? If so, why? Is this mitigated by using other authentication methods (ie kerberos, ldap, etc)? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Old user can't log in
On Feb 12, 2009, at 8:17 PM, Da Rock wrote: I've been following this thread with interest: are you saying FreeBSD logins cannot handle more than 16 groups? If so, why? Is this mitigated by using other authentication methods (ie kerberos, ldap, etc)? There's a compile-time limit of the relevant kernel data structures as to how many groups a user can be in, described by sysctl kern.ngroups. It's possible to recompile the kernel with a larger number, but doing so will break NFS (and possibly other things). It doesn't matter whether you use Kerberos, LDAP, etc to set up the groups; while those things do not have a 16-group limit, the FreeBSD kernel [1] does. With reasonable organization, and appropriate use of sudo or setgid binaries for things like people who use SVN or CVS, there generally isn't reason or need for a user to be in so many groups. For the exceptional cases, switching to using a full ACL system rather than the traditional Unix permission model is probably going to be a better solution. Regards, -- -Chuck [1]: And almost all other Unixes... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Old user can't log in
On Thu, 2009-02-12 at 20:37 -0800, Chuck Swiger wrote: On Feb 12, 2009, at 8:17 PM, Da Rock wrote: I've been following this thread with interest: are you saying FreeBSD logins cannot handle more than 16 groups? If so, why? Is this mitigated by using other authentication methods (ie kerberos, ldap, etc)? There's a compile-time limit of the relevant kernel data structures as to how many groups a user can be in, described by sysctl kern.ngroups. It's possible to recompile the kernel with a larger number, but doing so will break NFS (and possibly other things). It doesn't matter whether you use Kerberos, LDAP, etc to set up the groups; while those things do not have a 16-group limit, the FreeBSD kernel [1] does. With reasonable organization, and appropriate use of sudo or setgid binaries for things like people who use SVN or CVS, there generally isn't reason or need for a user to be in so many groups. For the exceptional cases, switching to using a full ACL system rather than the traditional Unix permission model is probably going to be a better solution. Interesting. What would you suggest for full ACL? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Old user can't log in
On Feb 12, 2009, at 8:52 PM, Da Rock wrote: With reasonable organization, and appropriate use of sudo or setgid binaries for things like people who use SVN or CVS, there generally isn't reason or need for a user to be in so many groups. For the exceptional cases, switching to using a full ACL system rather than the traditional Unix permission model is probably going to be a better solution. Interesting. What would you suggest for full ACL? Well, it depends on what you're doing in terms of user requirements and systems (ie, are the FreeBSD boxes fileservers, clients, or both?), but the stuff which comes with FreeBSD is documented in acl(3), getfacl, setfacl, etc. Other choices might involve something like the Andrew File System / Transarc DFS stuff, or Windows Active Directory and Samba/CIFS on the FreeBSD boxes Regards, -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Old user can't log in
On Thu, 2009-02-12 at 21:52 -0800, Chuck Swiger wrote: On Feb 12, 2009, at 8:52 PM, Da Rock wrote: With reasonable organization, and appropriate use of sudo or setgid binaries for things like people who use SVN or CVS, there generally isn't reason or need for a user to be in so many groups. For the exceptional cases, switching to using a full ACL system rather than the traditional Unix permission model is probably going to be a better solution. Interesting. What would you suggest for full ACL? Well, it depends on what you're doing in terms of user requirements and systems (ie, are the FreeBSD boxes fileservers, clients, or both?), but the stuff which comes with FreeBSD is documented in acl(3), getfacl, setfacl, etc. Other choices might involve something like the Andrew File System / Transarc DFS stuff, or Windows Active Directory and Samba/CIFS on the FreeBSD boxes Regards, So you're talking in terms of the FS only? I thought you said the kernel wasn't capable? I'll have to look into this a more thoroughly, I'm intrigued to say the least. Not to say I'll ever probably use it, but it does present a limitation. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: recovering from a power outage
David Newman dnew...@networktest.com wrote: What's the canonical method for checking ufs file systems on a FreeBSD 7.1/amd64 system after an unscheduled power outage? Wait. The system will automatically detect a dirty shutdown and check the disks during the boot process. If the disks are only mildly scrambled by the outage, the system will continue to boot and the filesystem check program will run in the background -- you'll notice some disk slowness until fsck is done cleaning things up, but things will be otherwise fine. See the man page for fsck and fsck_ffs for more details. -- Bill Moran http://www.potentialtech.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Restricting users to their own home directories / not letting users view other users files...?
On Thursday 12 February 2009 19:15:21 Paul Schmehl wrote: If you set the world readable bit, you break the entire schema. To make it work, world must have no access - not even directory search access. So you set u=rwx,g=srx,o-rwx (or 2750), for homedirs and u=rw,g=sr,o-rwx (or 2640) for files. To maintain the schema you would also need to change the users' umask to 027 or (script a perm change periodically to remove the world bits from new files.) If you want to get more granular, you can set the homedirs and all subdirs to owner:owner and only set the public_html dir and its subdirs to owner:www. The key is to remove the world access from the homedirs and everything under them, set the group to www, setgid and change the umask. setgid on the directory is a SysV-ism to switch on BSD behaviour. FreeBSD always sets group ownership of files to the group of the directory they're created in, so all you need to do is change the ownership of the directory and the umask. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Wordpress Port Question
Darryl Hoar wrote: Greetings, I have a question regarding Wordpress and Wordpress-mu ports. I want to install wordpress on my personal webserver (apache2, mysql, etc). I have several virtual hosts all with legitimate individual domain names. IE, www.mydomain.com, www.anotherdomain.com, www.yetanotherdomain.com. Do I need to install Wordpress or Wordpress-mu on my server ? The server has a clean install of Freebsd7 on it. I googled for my answer, but the comparisons between the two did not make it clear. Thanks for any guidance, -Darryl The other two respones suggesting referral and sessions are correct as well as the warnings on each. Referrals are notoriously inaccurate and adding in sessions/cookie support retroactively can sometimes be a bit of a challenge. Depends on how important it is to you, but I think most people are satisfied with the vistors metric offered by a package like Webalizer or google analytics, although they also have shortcomings. If you only need a ballpark figure, I'd go about it that way. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org