Re: Changing root's shell
Ross Penner wrote: On 8/8/06, Pete Slagle [EMAIL PROTECTED] wrote: I followed your steps but the problem remains. The /etc/passwd file is edited but I still can't logon as root. When I changed the shell initially, I used chpass. I also tried changeing the /etc/master.passwd file to no avail. As mentioned by others: did you remount the root partition rw? In single user mode it is mounted read-only. 2nd: Did you use vipw, the pw command or just vi? If you can see your changes in the master.passwd file, then you might just need to rebuild the db files while still in single-user mode: # pwd_mkdb /etc/master.passwd # pwd_mkdb -p /etc/master.passwd If this fails, maybe some strange character sneaked in and building the database fails. Then you can recover the original master.passwd from the sources, /usr/src/etc/master.passwd, you still have to rebuild the db files. Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Is it possible to make a big floppy image to boot the freebsd installer?
Hi, I am want to make a floppy image for booting freebsd installer to install by network. So I can use 3COM DynamicAccess boot services to make a pxeboot menu to boot this image. By using DynamicAccess, I can make a pxeboot menu for many boot environment, such as WinPE, Dos, etc. Is it possible to make a floppy image with full FreeBSD installer environment? From 6.1-RELEASE ISO, I found there are 3 images, boot.flp, kernelX.flp, it can't be used for me. Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
On Aug 8, 2006, at 5:30 PM, Marc G. Fournier wrote: On Wed, 9 Aug 2006, Antony Mawer wrote: On 9/08/2006 9:16 AM, Marc G. Fournier wrote: Can you tell me exactly what you do with those two pieces of data? Is there any way that information would be accessible from the internet? Absolutely nothing else we do with it ... it just gives us a unique key to work with ... in fact, assuming each of your servers use a different IP, there is no reason you couldn't do the uname trick above to hide the hostname ... Unless someone breaks into the server, or database, somehow, the data isn't accessible ... What if we improved upon this - if instead of storing the hostname and IP address, we stored a one-way hash of this information? OpenSSH in recent versions takes the same approach with its authorized_keys files... Could create problems long term .. one thing I will be using the IPs to do is: SELECT ip, count(1) FROM systems GROUP BY ip ORDER BY count DESC; to look for any 'abnormalities' like todays with Armenia ... hashing it would make stuff like that fairly difficult ... Marc G. Fournier Hub.Org Networking Services (http:// www.hub.org) Email . [EMAIL PROTECTED] MSN . [EMAIL PROTECTED] Yahoo . yscrappy Skype: hub.orgICQ . 7615664 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions- [EMAIL PROTECTED] Yes, that's true particularly if the server's were all the same hardware type and the software was compiled at the same time. Maybe my CPUID suggestion would come in handy? Also, maybe that person from Armenia installed the script in a distribution that's included in a virtual image (vmware comes to mind), and he's loading it on a bunch of different machines behind a (virtual) NAT or something... just a thought to consider. -Garrett ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Major Upgrade (Easy But Important Question)
Hi; I'm running BSD 5.3 and need to upgrade. I've never upgraded BSD and certainly don't want to make a mistake, since I'm not physically anywhere near the box. Can someone point me to docs that explain how to upgrade? TIA, beno ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
On Tue, Aug 08, 2006 at 09:30:42PM -0300, Marc G. Fournier wrote: Could create problems long term .. one thing I will be using the IPs to do is: SELECT ip, count(1) FROM systems GROUP BY ip ORDER BY count DESC; to look for any 'abnormalities' like todays with Armenia ... hashing it would make stuff like that fairly difficult ... You can make _two_ hashes and then concatenate to form unique key. Then you still be able to see a lot of single IPs. Personaly, I dont care very much about IP/hostname disclosure :-) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Major Upgrade (Easy But Important Question)
I'm running BSD 5.3 and need to upgrade http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ makeworld.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Problem With Upgrading
When I type /stand/sysinstall and go through the screens I get hung up in the ftp process. It keeps telling me that it hasn't been able to retrieve any packages, no matter what ftp sites I try or how many times I try. I select the site, it asks me if I'm multi-user and if the network is configured. I say no because it's a stand-alone machine and I'm the only user. It asks me about IPv6. I tried yes the first time and it couldn't configure, so I say no now. I forget what the next question is, but it has me select my connection. Since I don't know, I select that option. Maybe that's the problem? Please advise. TIA, beno ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
On 8/9/06, Chris [EMAIL PROTECTED] wrote: Nikolas Britton wrote: On 8/6/06, Marc G. Fournier [EMAIL PROTECTED] wrote: I've now committed v2.0 of the 300.statistics periodic script ... this one adds the device reporting that we'd talked about previously, and the summary reports now reflect the driver(s) in use for those deciding to report ... This Phase of the script is optional, and not enabled by default ... I can't think of any reason why you wouldn't want to report it, but just in case someone feels it poses a problem, its an opt-in report ... pkg-message updated to reflect the extra line you need to add to /etc/periodic.conf: monthly_statistics_report_devices=yes I've written it to report driver + chip= information from pciconf -l, since even pciconf -lv doesn't seem to use card= ... the summary report will be extended next to show both vendor and chip statistics ... Let me know of any problems ... This line is wrong: hptmv (1)Marvell Semiconductor (Was: Galileo Technology Ltd)MV88SX5081 8-port SATA PCI-X Controller1 Also why not track the ones with no driver attached... you should still be able to tell what the device is. How about some uptime stats as well? i don't see my tiny poor country philippines in the list? i already run /usr/local/etc/periodic/monthly/300.statistics btw is the syntax correct? monthly_statistics_enable=yes monthly_statistics_report_devices=yes or should the yes be YES ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
On Wed, 9 Aug 2006, Garrett Cooper wrote: Also, maybe that person from Armenia installed the script in a distribution that's included in a virtual image (vmware comes to mind), and he's loading it on a bunch of different machines behind a (virtual) NAT or something... just a thought to consider. If that's the case, those numbers should come back again in Sept ... but, the hostnames for the odd ones were all: http://www.domain.am; with the quotes included, which seemed a really odd value for 'hostname' to have produced :) Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email . [EMAIL PROTECTED] MSN . [EMAIL PROTECTED] Yahoo . yscrappy Skype: hub.orgICQ . 7615664 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
On Wed, 9 Aug 2006, Igor Robul wrote: On Tue, Aug 08, 2006 at 09:30:42PM -0300, Marc G. Fournier wrote: Could create problems long term .. one thing I will be using the IPs to do is: SELECT ip, count(1) FROM systems GROUP BY ip ORDER BY count DESC; to look for any 'abnormalities' like todays with Armenia ... hashing it would make stuff like that fairly difficult ... You can make _two_ hashes and then concatenate to form unique key. Then you still be able to see a lot of single IPs. Personaly, I dont care very much about IP/hostname disclosure :-) Except that you are disclosing that each and every time you send out an email, or hit a web site ... :) Regardless, though ... what do ppl suggest here? Simple 'md5' hash? Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email . [EMAIL PROTECTED] MSN . [EMAIL PROTECTED] Yahoo . yscrappy Skype: hub.orgICQ . 7615664 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
On Wed, 9 Aug 2006, jan gestre wrote: /usr/local/etc/periodic/monthly/300.statistics btw is the syntax correct? monthly_statistics_enable=yes monthly_statistics_report_devices=yes or should the yes be YES ? syntax is correct, and you are now on the countries list :) thx Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email . [EMAIL PROTECTED] MSN . [EMAIL PROTECTED] Yahoo . yscrappy Skype: hub.orgICQ . 7615664 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
Marc G. Fournier wrote: If that's the case, those numbers should come back again in Sept ... but, the hostnames for the odd ones were all: http://www.domain.am; with the quotes included, which seemed a really odd value for 'hostname' to have produced :) Looks like a directadmin host. Moreover, resolves to an IP which is not in Armenia. Thought you were using some kind of IP to Country db like GeoIP to find geographic locations of the hosts. Otherwise, domains under f.e. .com gonna be shown as USA? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Removing boot options and setting boot only to BSD
Am 09.08.2006 um 05:48 schrieb Viswas Nair: I have FBSD 6 and Win XP on my machine. I would like to remove the boot menu options that I get and set BSD to open default. How do I go about doing this ? I intend to use Win XP very rarely and hence would want to manually update the config files needed if I need to go to Win XP. Just install the standard mbr using fdisk(8): # fdisk -B ad0 Make sure that your FreeBSD slice is the only active slice, also using fdisk. If you want to go back to FreeBSD's boot0, use boot0cfg(8): # boot0cfg -B Stefan -- Stefan Bethke [EMAIL PROTECTED] Fon +49 170 346 0140 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: make distribution fails
but the PR database is busy, I cannot read the details. What am I doing wrong? What version are you trying to install? On 5.X you gotta be in /usr/src/etc, but on 6.X this changed to /usr/src. Cheers, Erik I'm using 6.1 RELEASE. I upgraded yesterday with cvsup. It does not work from /usr/src either. :-( See below Laszlo messias# cd /usr/src messias# make distribution DESTDIR=/usr/local/diskless KERNCONF=DISKLESS cd /usr/src/etc; MAKEOBJDIRPREFIX=/usr/obj MACHINE_ARCH=i386 MACHINE=i386 CPUTYPE= GROFF_BIN_PATH=/usr/obj/usr/src/tmp/legacy/usr/bin GROFF_FONT_PATH=/usr/obj/usr/src/tmp/legacy/usr/share/groff_font GROFF_TMAC_PATH=/usr/obj/usr/src/tmp/legacy/usr/share/tmac PATH=/usr/obj/usr/src/tmp/legacy/usr/sbin:/usr/obj/usr/src/tmp/legacy/usr/bin:/usr/obj/usr/src/tmp/legacy/usr/games:/usr/obj/usr/src/tmp/usr/sbin:/usr/obj/usr/src/tmp/usr/bin:/usr/obj/usr/src/tmp/usr/games:/sbin:/bin:/usr/sbin:/usr/bin make distribution cd /usr/src/etc; install -o root -g wheel -m 644 amd.map apmd.conf auth.conf crontab csh.cshrc csh.login csh.logout devd.conf devfs.conf dhclient.conf disktab fbtab ftpusers gettytab group hosts hosts.allow hosts.equiv hosts.lpd inetd.conf login.access login.conf mac.conf motd netconfig network.subr networks newsyslog.conf portsnap.conf pf.conf pf.os phones profile protocols rc rc.bsdextended rc.firewall rc.firewall6 rc.initdiskless rc.sendmail rc.shutdown rc.subr remote rpc services shells snmpd.config sysctl.conf syslog.conf usbd.conf etc.i386/ttys /usr/src/etc/../gnu/usr.bin/man/manpath/manpath.config /usr/src/etc/../usr.bin/mail/misc/mail.rc /usr/src/etc/../usr.bin/locate/locate/locate.rc printcap /usr/local/diskless/etc; cap_mkdb -l /usr/local/diskless/etc/login.conf; install -o root -g wheel -m 755 netstart pccard_ether rc.suspend rc.resume /usr/local/diskless/etc; install -o root -g wheel -m 600 master.passwd nsmb.conf opieaccess /usr/local/diskless/etc; pwd_mkdb -L -i -p -d /usr/local/diskless/etc /usr/local/diskless/etc/master.passwd install: wrong number or types of arguments usage: install [-bCcpSsv] [-B suffix] [-f flags] [-g group] [-m mode] [-o owner] file1 file2 install [-bCcpSsv] [-B suffix] [-f flags] [-g group] [-m mode] [-o owner] file1 ... fileN directory install -d [-v] [-g group] [-m mode] [-o owner] directory ... *** Error code 64 Stop in /usr/src/etc. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. messias# ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
On 8/9/06, Igor Robul [EMAIL PROTECTED] wrote: On Tue, Aug 08, 2006 at 09:30:42PM -0300, Marc G. Fournier wrote: Could create problems long term .. one thing I will be using the IPs to do is: SELECT ip, count(1) FROM systems GROUP BY ip ORDER BY count DESC; to look for any 'abnormalities' like todays with Armenia ... hashing it would make stuff like that fairly difficult ... You can make _two_ hashes and then concatenate to form unique key. Then you still be able to see a lot of single IPs. Personaly, I dont care very much about IP/hostname disclosure :-) I still like my idea the best for unique keys. It's a better way to detect hosts behind NATs, here it is again, four versions to pick from: # ifconfig | sha256 cbcc2f55a340c248af7e8a10871150d827af11d7051bbc782eefa04b0603248b # ifconfig | sha1 b607b9d45e6ad40c02ab20800e0d70245ab6db68 # ifconfig | md5 22a2a3eca61166fb113f1a688b3dd842 # ifconfig | cksum 3977021799 540 The only down side is it still can be faked, just like everything else. -- BSD Podcasts @: http://bsdtalk.blogspot.com/ http://freebsdforall.blogspot.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
On Wed, Aug 09, 2006 at 05:54:26AM -0300, Marc G. Fournier wrote: Except that you are disclosing that each and every time you send out an email, or hit a web site ... :) Original poster concerned about this because he does not normaly use his servers for this kind of work, if I had understood him correctly these servers are for internal use only, and while they can connect to Internet, he is worried about secrets. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
On Wed, Aug 09, 2006 at 05:41:55AM -0500, Nikolas Britton wrote: # ifconfig | sha256 cbcc2f55a340c248af7e8a10871150d827af11d7051bbc782eefa04b0603248b # ifconfig | sha1 b607b9d45e6ad40c02ab20800e0d70245ab6db68 # ifconfig | md5 22a2a3eca61166fb113f1a688b3dd842 # ifconfig | cksum 3977021799 540 The only down side is it still can be faked, just like everything else. IP from which connection is made cannot be faked, at least I dont know how to fake it. So there is at least one unfakable part of key. But there is no real need to keep real IP in database, for privacy reasons it is better to keep one-way hash in database. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
On 8/9/06, Nikolas Britton [EMAIL PROTECTED] wrote: On 8/9/06, Igor Robul [EMAIL PROTECTED] wrote: On Tue, Aug 08, 2006 at 09:30:42PM -0300, Marc G. Fournier wrote: Could create problems long term .. one thing I will be using the IPs to do is: SELECT ip, count(1) FROM systems GROUP BY ip ORDER BY count DESC; to look for any 'abnormalities' like todays with Armenia ... hashing it would make stuff like that fairly difficult ... You can make _two_ hashes and then concatenate to form unique key. Then you still be able to see a lot of single IPs. Personaly, I dont care very much about IP/hostname disclosure :-) I still like my idea the best for unique keys. It's a better way to detect hosts behind NATs, here it is again, four versions to pick from: # ifconfig | sha256 cbcc2f55a340c248af7e8a10871150d827af11d7051bbc782eefa04b0603248b # ifconfig | sha1 b607b9d45e6ad40c02ab20800e0d70245ab6db68 # ifconfig | md5 22a2a3eca61166fb113f1a688b3dd842 # ifconfig | cksum 3977021799 540 The only down side is it still can be faked, just like everything else. Based on the man pages: http://www.freebsd.org/cgi/man.cgi? md5 first appeared in 1.1.5.1-RELEASE sha1 first appeared in 4.10-RELEASE sha256 first appeared in 6.0-RELEASE, 5.5-RELEASE. That rules out sha256 and sha1, cksum was never a contender so this leaves md5. -- BSD Podcasts @: http://bsdtalk.blogspot.com/ http://freebsdforall.blogspot.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Large File System?
On 08/08/06, Martin Hepworth [EMAIL PROTECTED] wrote: Softupdates are the FreeBSD equivalent. From my point of view they perform better than a traditional journaling FS (do a google search for the original usenix papers on these). Journalling means not having to fsck the file system in the event of an unclean shutdown. So it's wrong to describe softupdates as equivalent. It's not. I also find they speed up I/O quite alot, esp for fast changing filesystems like mail spools. Certainly I have found using softupdates to be considerably faster than without. martin Frem. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Large File System?
On 08/08/06, Chad Leigh -- Shire.Net LLC [EMAIL PROTECTED] wrote: Right now, if no fsck is really really important to you for your data store, then get an OpenSolaris system and put ZFS on it. Never fsck again as it is ALWAYS (they claim) in a coherent state. Or wait for ZFS to show up on FreeBSD Indeed. However as most of my platform is running FreeBSD the problem doesn't go away. Not just for the above reasons, I am implementing a Solaris server with 1.7TB on ZFS and sharing it to a bunch of FreeBSD machines over nfs on dedicated gigabit with jumbo frames on separate interfaces from the standard default interface. (My main reason was to not have storage tied to an individual worker server) I would have used Solaris for this a while ago, but there were no drivers for the RAID card :-( Hence, Linux Chad Frem. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Large File System?
On 8/8/06, Martin Hepworth [EMAIL PROTECTED] wrote: On 8/8/06, Freminlins [EMAIL PROTECTED] wrote: snip The single most important thing missing for me in FreeBSD is a journalling file system as I would use it on every box. snip Softupdates are the FreeBSD equivalent. From my point of view they perform better than a traditional journaling FS (do a google search for the original usenix papers on these). I also find they speed up I/O quite alot, esp for fast changing filesystems like mail spools. You've never had to fsck a 2TB+ array, have you?... This is why we DEMAND journaling UFS2. or ZFS. -- BSD Podcasts @: http://bsdtalk.blogspot.com/ http://freebsdforall.blogspot.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problem With Upgrading
On Wed, 09 Aug 2006 03:51:55 -0400 beno [EMAIL PROTECTED] wrote: When I type /stand/sysinstall and go through the screens I get hung up in the ftp process. It keeps telling me that it hasn't been able to retrieve any packages, no matter what ftp sites I try or how many times I try. I select the site, it asks me if I'm multi-user and if the network is configured. I say no because it's a stand-alone machine and I'm the only user. Try: ping -c 3 www.google.com without the quotes. If you don't get an error, your network is configured, in which case you should answer yes to this question. It asks me about IPv6. I tried yes the first time and it couldn't configure, so I say no now. I forget what the next question is, but it has me select my connection. Since I don't know, I select that option. Maybe that's the problem? Please advise. TIA, beno ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Large File System?
Nikolas Britton wrote: You've never had to fsck a 2TB+ array, have you?... This is why we DEMAND journaling UFS2. or ZFS. Ask and ye shall receive. http://lists.freebsd.org/pipermail/freebsd-current/2006-August/064932.html Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
ruby-1.8.4_9,1 portupgrade build failure
snip cc -shared -Wl,-soname,../../../.ext/i386-freebsd5/digest/sha2.so - L'../../..' -o ../../../.ext/i386-freebsd5/digest/sha2.so sha2.o sha2hl.o sha2init.o -Wl,-R -Wl,/usr/local/lib -L/usr/local/lib -L. -lruby18 -lcrypt -lm -pthread -lc compiling dl Generating callback.func Fatal error 'Spinlock called when not threaded.' at line 87 in file /usr/src/lib/libpthread/thread/thr_spinlock.c (errno = 2) Abort trap (core dumped) *** Error code 134 Stop in /usr/ports/lang/ruby18/work/ruby-1.8.4/ext/dl. *** Error code 1 Stop in /usr/ports/lang/ruby18/work/ruby-1.8.4. *** Error code 1 Stop in /usr/ports/lang/ruby18. ** Command failed [exit code 1]: /usr/bin/script -qa /tmp/portupgrade79846.0 env PORT_UPGRADE=yes make PORT_UPGRADE=yes ** Fix the problem and try again. ** Listing the failed packages (*:skipped / !:failed) ! lang/ruby18 (ruby-1.8.2_4)(coredump) --- Packages processed: 0 done, 0 ignored, 0 skipped and 1 failed FreeBSD 5.4-STABLE #7: Sun Sep 25 20:31:36 EST 2005 CPU: Intel(R) Pentium(R) 4 CPU 2.80GHz (2813.54-MHz 686-class CPU) real memory = 520028160 (495 MB) ruby-1.8.2_4 needs updating (port has 1.8.4_9,1) ruby18-bdb1-0.2.2 = up-to-date with port any thoughts ? ive searched all over for spinlock errors but cant find anything.. my ports tree is almost 100% up to date.. unless im missing something in the kernel? Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problem With Upgrading
In response to beno [EMAIL PROTECTED]: When I type /stand/sysinstall and go through the screens I get hung up in the ftp process. It keeps telling me that it hasn't been able to retrieve any packages, no matter what ftp sites I try or how many times I try. I select the site, it asks me if I'm multi-user and if the network is configured. I say no because it's a stand-alone machine and I'm the only user. It asks me about IPv6. I tried yes the first time and it couldn't configure, so I say no now. I forget what the next question is, but it has me select my connection. Since I don't know, I select that option. Maybe that's the problem? Take this however you want, but if you don't understand the questions, answering them is going to produce random results. First off, you _are_ multi-user, unless you're doing something very weird. The system boots to multi-user by default, you have to interrupt the boot process to get into single-user mode. Secondly, if you're already able to connect to the internet, you already have network configuration set up, so you would answer yes to the first question if that were the case. If you're not connected to the Internet yet, randomly choosing configuration options will get you there eventually, but I don't recommend it as a process. Find out from your ISP what your Internet settings should be and set them up accordingly. I _highly_ doubt that you're using IPv6 yet, very little of the Internet is using IPv6. If you have more questions, ask. Good luck. -- Bill Moran Collaborative Fusion Inc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Alpha question
Hi Sorry for sending a question to you, but I am struggling a bit... I have a problem installing FreeBSD on an Alphaserver 1000A. Can you point me in the right direction as to where to post this? Thanks a million Hugo Hamman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
access to Echange server via IMAP
Hello, Our central mail server is Exchange (please no comments :-)) On my FreeBSD notebook I'm using as MUA mutt, fetchmail with IMAP to get the e-mail and sendmail to send mail over to the Exchange, so far so good and I'm happy with it. Btw: one could even access the INBOX with something like $ mutt -f imap://server/ but fetchmail is better, I think. The only problem is access to common address books. Is there some IMAP-client in the ports or elsewhere for FreeBSD for fetching the address books from the Exchange server? Or does anybody know how to do this speaking IMAP with telnet like: $ telnet server 143 Connected to server * OK Microsoft Exchange Server 2003 IMAP4rev1 server version 6.5.7638.1 (server) ready. A0001 CAPABILITY * CAPABILITY IMAP4 IMAP4rev1 A0001 OK CAPABILITY completed. A0002 LOGIN apitz A0002 OK LOGIN completed. A0003 SELECT Public folders A0003 NO This a special mailbox and can not be selected or used as the destinati on for mailbox operations. ... A0010 LOGOUT * BYE Microsoft Exchange Server 2003 IMAP4rev1 server version 6.5.7638.1 signing off. A0010 OK LOGOUT completed. Thx matthias -- Matthias Apitz Manager Technical Support - OCLC PICA GmbH Gruenwalder Weg 28g - 82041 Oberhaching - Germany t +49-89-61308 351 - f +49-89-61308 399 - m +49-170-4527211 e [EMAIL PROTECTED] - w http://www.oclcpica.org/ http://guru.UnixLand.de/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
pkg_add question
Generally -- is it OK to do a 'pkg_add' from 'packages-6-stable' to a 5.4 system? Specifically, I think I need to update 'fetchmail.' What I've read *seems* to indicate it's OK, but... Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: pkg_add question
V.I.Victor wrote: Generally -- is it OK to do a 'pkg_add' from 'packages-6-stable' to a 5.4 system? Specifically, I think I need to update 'fetchmail.' What I've read *seems* to indicate it's OK, but... Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Well I guess it works, but why not just cvsup your ports ( or use portsnap ) and use portupgrade to update your ports ? In general that would be the best Idea -- -Frank Staals ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: pkg_add question
V.I.Victor wrote: Generally -- is it OK to do a 'pkg_add' from 'packages-6-stable' to a 5.4 system? Specifically, I think I need to update 'fetchmail.' What I've read *seems* to indicate it's OK, but... Well I guess it works, but why not just cvsup your ports ( or use portsnap ) and use portupgrade to update your ports ? In general that would be the best Idea -- -Frank Staals This is a small machine that is only used as an email front-end. When I built it I didn't install 'ports' -- sorry, I should have mentioned that in the original post. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Thin terminals for FreeBSD
cpghost [EMAIL PROTECTED] writes: I'm using EPIA 5000 mini-ATX boards with 512 MB RAM, diskless booting from an NFS server. They load X.org and everything else on demand. Compared to local HDDs, there's a small performance hit when loading programs [and those boards are not the fastest, though 100% silent ;-)], but users here are happy enough with them. Ditto: I have one of these in my kitchen and like it -- no sysadm, silent, etc. Not the fastest but mine is 3 years old. Only problem I've noticed is if Mozilla (or whatever) uses all the RAM then X11 restarts, losing your sessions. Doesn't happen all the time. One day I'll set up swap to run over the net. I really like the fact that I install stuff like Mozilla and other software on one box (the server) and its immediately available around the house on the rest of the boxes. The less sysadm I do the better. - Do I need to use gigabit ethernet? Or is it enough to use a normal 100 Mbps wired network? I heard that there can be bandwidth problems when using many terminals, but I do not have experience. For a diskless setup, 100 MB switched on the client side is enough; but you'd definitely prefer gigabit ethernet on the NFS server. I'm using switched 100Mbps ether but I only have the one diskless client. I have a couple other clients mounting just some of the filesystems over the net and would prefer GigE but it's not bad as it is. I'd definitely do this diskless thing if I had 10-20 client terminals to set up, like in an internet cafe or something. If they get wedged, who cares: just power-cycle them. :-) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Thin terminals for FreeBSD
the EPIA's look nice but cost too much. For comparable performance you can retrofit an old netier XL2000 on ebay with a laptop hard drive. They are small, fanless and come with an AMD 400-450 Mhz proc. They usually go for about 10$ on ebay. You need to get an internal laptop IDE cable and a laptopn hard drive... they also support netboot! So yo dont really need the hard drive, On 8/9/06, Chris Shenton [EMAIL PROTECTED] wrote: cpghost [EMAIL PROTECTED] writes: I'm using EPIA 5000 mini-ATX boards with 512 MB RAM, diskless booting from an NFS server. They load X.org and everything else on demand. Compared to local HDDs, there's a small performance hit when loading programs [and those boards are not the fastest, though 100% silent ;-)], but users here are happy enough with them. Ditto: I have one of these in my kitchen and like it -- no sysadm, silent, etc. Not the fastest but mine is 3 years old. Only problem I've noticed is if Mozilla (or whatever) uses all the RAM then X11 restarts, losing your sessions. Doesn't happen all the time. One day I'll set up swap to run over the net. I really like the fact that I install stuff like Mozilla and other software on one box (the server) and its immediately available around the house on the rest of the boxes. The less sysadm I do the better. - Do I need to use gigabit ethernet? Or is it enough to use a normal 100 Mbps wired network? I heard that there can be bandwidth problems when using many terminals, but I do not have experience. For a diskless setup, 100 MB switched on the client side is enough; but you'd definitely prefer gigabit ethernet on the NFS server. I'm using switched 100Mbps ether but I only have the one diskless client. I have a couple other clients mounting just some of the filesystems over the net and would prefer GigE but it's not bad as it is. I'd definitely do this diskless thing if I had 10-20 client terminals to set up, like in an internet cafe or something. If they get wedged, who cares: just power-cycle them. :-) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Sendmail FreeBSD 5.3 Issue
I have a machine that I have installed bind and sendmail from the ports collection it is a mail gateway. When I do a nslookup from the box when it first boots up I do an nslookup on the host name mail2.memorialcare.org It returns the correct ip address. But when I send an email through sendmail on the box that sends to memorialcare.org through mail2.memorialcare.org I get this error Jun 27 06:26:29 rdc-mailgw02 sm-mta[623]: k5RBPtCM000608: [EMAIL PROTECTED], delay=00:00:05, xdelay=00:00:00, mailer=esmtp, pri=30005, relay=mail2.memorialcare.org., dsn=5.1.2, stat=Host unknown (Name server: mail2.memorialcare.org.: host not found) And then if I do an nslookup from the box after that I get a ** server can't find mail2.memorialcare.org: NXDOMAIN Has anyone ever seen anything like this? __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Is it possible to make a big floppy image to boot the freebsd
Hi, I am want to make a floppy image for booting freebsd installer to install by network. So I can use 3COM DynamicAccess boot services to make a pxeboot menu to boot this image. By using DynamicAccess, I can make a pxeboot menu for many boot environment, such as WinPE, Dos, etc. Is it possible to make a floppy image with full FreeBSD installer environment? From 6.1-RELEASE ISO, I found there are 3 images, boot.flp, kernelX.flp, it can't be used for me. Well, that is essentially the way the CD installer is done. I made one of our variation of FreeBSD a few years back when it was only two floppies - had just gone up from 1 to 2. It would take me a while to remember what I had to do, but pretty much everything I did was right out of documentation with maybe a little research on some other online publication sites (OnLamp, etc). So, study a little and good luck, jerry Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Thin terminals for FreeBSD
Chris Shenton wrote: cpghost [EMAIL PROTECTED] writes: I'm using EPIA 5000 mini-ATX boards with 512 MB RAM, diskless booting from an NFS server. They load X.org and everything else on demand. Compared to local HDDs, there's a small performance hit when loading programs [and those boards are not the fastest, though 100% silent ;-)], but users here are happy enough with them. Ditto: I have one of these in my kitchen and like it -- no sysadm, silent, etc. Not the fastest but mine is 3 years old. Only problem I've noticed is if Mozilla (or whatever) uses all the RAM then X11 restarts, losing your sessions. Doesn't happen all the time. One day I'll set up swap to run over the net. Have you enabled any swap? Of course, swap over nfs is not desirable, but it's preferred over running out of memory. I have forgotten the details, but basically you create a swap file of the required size like this # dd if=/dev/zero of=/path/to/swapfile bs=1k count=64k (to get 64MB) and mount that. Note, that if you have more diskless clients, then each must have it's own swap. Also, currently, by default, memory fs's are created for /var and /tmp if you use 6.X, using up your RAM. Try tuning that, and create a link /tmp - /var/tmp to save space. Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9 smime.p7s Description: S/MIME Cryptographic Signature
Re: Sendmail FreeBSD 5.3 Issue
Make sure you have nsswitch configured correctly, and your hosts file, and the reverse DNS maps setup correctly. -Derek At 09:31 AM 8/9/2006, Derrick Schimcek wrote: I have a machine that I have installed bind and sendmail from the ports collection it is a mail gateway. When I do a nslookup from the box when it first boots up I do an nslookup on the host name mail2.memorialcare.org It returns the correct ip address. But when I send an email through sendmail on the box that sends to memorialcare.org through mail2.memorialcare.org I get this error Jun 27 06:26:29 rdc-mailgw02 sm-mta[623]: k5RBPtCM000608: [EMAIL PROTECTED], delay=00:00:05, xdelay=00:00:00, mailer=esmtp, pri=30005, relay=mail2.memorialcare.org., dsn=5.1.2, stat=Host unknown (Name server: mail2.memorialcare.org.: host not found) And then if I do an nslookup from the box after that I get a ** server can't find mail2.memorialcare.org: NXDOMAIN Has anyone ever seen anything like this? __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Filtering mail based on header contents
I would recommend you simply monitor your email, checking the SPAM scoring. There are two levels at which you can bounce SPAM in SpamAssasin. You will likely want to set the higher level to bounce after you have chosen what score you want to set for the bouncing. Redirecting to a mailbox will get tedious for you to manually filter through. This is a bit off topic for this list, so if you need help with configuration settings, you can email me directly. -Derek At 12:44 AM 8/9/2006, Christopher Martin wrote: I have a mail system on which I have recently implemented spamassassin with Pyzor, DCC and Razor. I am really happy with the tagging accuracy and am ready to start filtering mail. I know spamassassin can be configured to drop all mail with a score over a certain amount, but I am concerned about dropping false positives. I would really prefer to either drop it in a folder for each user, or just send them all to a mailbox. The system we use has two tiers: mail enters the filtering server running sendmail, spamassassin Pyzor and DCC, which then sends to a qmail/courier-imap server. I would prefer to have the actual mailbox server drop the mail into a spam folder in each user's mailbox, but I realise that this could be a bit ambitious. Also, not all of the users use IMAP (about half use POP) so differentiating between IMAP and POP users is important. Does anyone have any suggestions? Failing that, is there an easy way to filter based on header content (Spamassassin score) in Sendmail on the filtering machine, or would I have to implement procmail or some such to redirect all spam to one mailbox? Chris Martin IT Support e.Bit Level 2, 499 Kent Street Sydney, NSW, 2000 Phone: 02 9279 2577 Fax:02 9299 5528 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
Someone mentioned having output from the script so you would know it was running. This patch would do that, if you want to add that functionality. --- 300.statistics.orig Wed Aug 9 09:49:35 2006 +++ 300.statistics Wed Aug 9 09:54:17 2006 @@ -44,6 +44,7 @@ SYS=`/usr/bin/uname -r` ARCH=`/usr/bin/uname -m` do_fetch getid.php?hn=$HN\sys=$SYS\arch=$ARCH\opsys=$OS + echo Posting monthly OS statistics to bsdstats.hub.org\n case $monthly_statistics_report_devices in [Yy][Ee][Ss]) IFS= @@ -57,6 +58,7 @@ DEV=`echo $line | awk '{print $4}' | cut -c8-11` do_fetch report_device.php?driver=$DRIVER\vendor=$VEN\device=$DEV\hn=$HN done +echo Posting monthly device statistics to bsdstats.hub.org\n line=$( sysctl -n hw.model ) VEN=$( echo $line | cut -d ' ' -f 1 ) @@ -69,6 +71,7 @@ do_fetch report_cpu.php?cpu_id=CPU$n\vendor=$VEN\cpu_type=$DEV\hn=$HN n=$(( $n + 1 )) done +echo Posting monthly CPU statistics to bsdstats.hub.org\n ;; esac -- Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ smime.p7s Description: S/MIME Cryptographic Signature
kde port
the freebsd-kde list doesnt seem to exist anymore, so i thought i would throw this out here. anyone have any guesses as to how long it will be before kde 3.5.4 is merged into the ports tree? thanks, jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: pkg_add question
Am 09.08.2006 um 15:43 schrieb V.I.Victor: Generally -- is it OK to do a 'pkg_add' from 'packages-6-stable' to a 5.4 system? No. You might get away with putting a 6-stable package on a 6.1 system, but only if you're lucky. Packages compiled for newer releases will never* work on older releases. You need to build from ports. Stefan * There's trivial software that might work, but there is absolutly no guaranty. -- Stefan Bethke [EMAIL PROTECTED] Fon +49 170 346 0140 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
Marc G. Fournier wrote: On Wed, 9 Aug 2006, Igor Robul wrote: On Tue, Aug 08, 2006 at 09:30:42PM -0300, Marc G. Fournier wrote: Could create problems long term .. one thing I will be using the IPs to do is: SELECT ip, count(1) FROM systems GROUP BY ip ORDER BY count DESC; to look for any 'abnormalities' like todays with Armenia ... hashing it would make stuff like that fairly difficult ... You can make _two_ hashes and then concatenate to form unique key. Then you still be able to see a lot of single IPs. Personaly, I dont care very much about IP/hostname disclosure :-) Except that you are disclosing that each and every time you send out an email, or hit a web site ... :) The systems I'm concerned about are on private IP space, to not send email and don't have X installed, much less a web browser and can only access certain FreeBSD sites to update ports. In fact, they're not even accessible from *inside* our network except from certain hosts. In order to successfully run the stats script on these hosts, I would have to open a hole in the firewall to bsdstats.hub.org on the correct port. And yes, I *am* paranoid. But if you really want *all* statistics you can get, then you'll have to deal with us paranoid types. My workstation, which is on a public IP, is already registered. Regardless, though ... what do ppl suggest here? Simple 'md5' hash? I think md5 is fine. SHA256 would probably be better. :-) -- Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ smime.p7s Description: S/MIME Cryptographic Signature
Re: pkg_add question
Am 09.08.2006 um 16:02 schrieb V.I.Victor: This is a small machine that is only used as an email front-end. When I built it I didn't install 'ports' -- sorry, I should have mentioned that in the original post. Install portsnap from your 5.4 CD, then use it to download the current version of the ports tree. If you haven't done so already, install sysutils/portupgrade; that makes it easy to upgrade the ports that are installed on your system. Stefan -- Stefan Bethke [EMAIL PROTECTED] Fon +49 170 346 0140 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Changing root's shell
On 8/8/06, Pete Slagle [EMAIL PROTECTED] wrote: Ross Penner wrote: how do you drop to single user mode? I just know how to get there at boot time. Thanks. On 8/8/06, *Pete Slagle* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: ross wrote: so it seems changed root login's shell to /usr/bin/bash which doesn't exist. now I can't login to root at all. Oh yes, sudo isn't installed. How would you grand masters of FreeBSD fix my embarrasing mistake. Dunno if any grand masters are about, but maybe I can help with this one. - drop to single user mode: `shutdown now` - when prompted for a shell, type /bin/sh - `vipw /etc/passwd` and (carefully) change root's shell to /bin/sh - type `exit` at the shell prompt to return from single user mode Normally you just do what I said, `shutdown now` as root, but I guess you can't do that in your situation. (Silly me.) So just reboot into single user mode instead, and follow the rest of the steps. Good luck, Pete interestingly, by hitting the power button on the front, it went through the shutdown process without root permissions. I followed your steps but the problem remains. The /etc/passwd file is edited but I still can't logon as root. When I changed the shell initially, I used chpass. I also tried changeing the /etc/master.passwd file to no avail. You need to make sure that the root file system is remounted with read/write permission. To do that, simply type mount -u / Rather than trying to edit either /etc/passwd or /etc/master.passwd directly, you should use vipw to change things in the password systen and for that you need /usr mounted if it is in a separate file system from root. So, just to be sure everything you need is available type: mount -a Then type: vipw and edit the root entry and put the shell back to /bin/sh Always leave the root shell as /bin/sh If you want to do work as root with some different shell, create another root account such as Rwork or Wroot or whatever and give that the other shell and use it. That leaves root pristine for those times of difficulty. To create another root account, just use vipw and dupicate the line for root and edit the new copy to have a new name and the different shell.You might also want to give it its own home directory to keep things nice and clean - say /root/Rwork if the id you made is Rwork. Get out of vipw as you would vi - eg with 'ESC :wqENTER' and then the account is made and all the master.passwd and database are updated correctly, automatically and with appropriate file locking. Then you need to set a password on the new account. When you do this, you MUST use the id name on the passwd command. Other wise it will change the first id that has the same UID which will most likely be the regular root account rather than your new one. So, type: passwd Rwork (presuming you made the new id be named Rwork) answer the double prompts and voila, it is there. If you made it have its own home directory, you have to create that directory so type: cd /root mkdir Rwork (or whatever new root id you created) Put whatever .cshrc .login .profile you want in to that directory and you are home free. NOTE that if your system does not allow remote root logins so you have to log in as a normal ID and then su to root, then the same will be true for this new account. Log in as a normal (non-root) id and then do: su Rwork (if Rwork is that new root ID). The regular account will also still need to be in the wheel group to do the su to any root ID. Have fun, jerry ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Using putty as a ssh client on FreeBSD
I'm trying to use putty on my FBSD 6.1-R box to access another FreeBSD box. I can get in fine using the command line ssh client but when I attempt to use putty I get the following error: Unable to use key file /usr/home/jpaetzel/.ssh/id_rsa (OpenSSH SSH-2 private key) Can anyone point out to me what I am doing wrong? -- Thanks, Josh Paetzel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
SNMP mib elements are zero on 6.1
Howdy! I am upgrading a server farm from FreeBSD 4.10 to FreeBSD 6.1. I am running net-snmp and if I query a fbsd 6.1 machine I get zero values for many MIB entries. eg for a 6.1 machine I get many bogus entries. (but some good like laLoad.1 is ok) snmpwalk -v 2c -c public 6.1server enterprises [snip] UCD-SNMP-MIB::memTotalSwap.0 = INTEGER: 0 UCD-SNMP-MIB::memAvailSwap.0 = INTEGER: 0 UCD-SNMP-MIB::memTotalReal.0 = INTEGER: 1877672 UCD-SNMP-MIB::memAvailReal.0 = INTEGER: 0 UCD-SNMP-MIB::memTotalSwapTXT.0 = INTEGER: -1 UCD-SNMP-MIB::memAvailSwapTXT.0 = INTEGER: -1 UCD-SNMP-MIB::memTotalRealTXT.0 = INTEGER: -1 UCD-SNMP-MIB::memAvailRealTXT.0 = INTEGER: -1 UCD-SNMP-MIB::memTotalFree.0 = INTEGER: 0 [snip] UCD-SNMP-MIB::ssCpuUser.0 = INTEGER: 0 UCD-SNMP-MIB::ssCpuSystem.0 = INTEGER: 0 UCD-SNMP-MIB::ssCpuIdle.0 = INTEGER: 0 UCD-SNMP-MIB::ssCpuRawUser.0 = Counter32: 0 UCD-SNMP-MIB::ssCpuRawNice.0 = Counter32: 0 UCD-SNMP-MIB::ssCpuRawSystem.0 = Counter32: 0 UCD-SNMP-MIB::ssCpuRawIdle.0 = Counter32: 0 UCD-SNMP-MIB::ssCpuRawKernel.0 = Counter32: 0 UCD-SNMP-MIB::ssCpuRawInterrupt.0 = Counter32: 0 [snip] but for for a 4.10 machine I get good values snmpwalk -v 2c -c public 4.10server enterprises [snip] UCD-SNMP-MIB::memTotalSwap.0 = INTEGER: 0 UCD-SNMP-MIB::memAvailSwap.0 = INTEGER: 0 UCD-SNMP-MIB::memTotalReal.0 = INTEGER: 854392 UCD-SNMP-MIB::memAvailReal.0 = INTEGER: 1664 UCD-SNMP-MIB::memTotalFree.0 = INTEGER: 47936 [snip] UCD-SNMP-MIB::ssCpuUser.0 = INTEGER: 25 UCD-SNMP-MIB::ssCpuSystem.0 = INTEGER: 27 UCD-SNMP-MIB::ssCpuIdle.0 = INTEGER: 46 UCD-SNMP-MIB::ssCpuRawUser.0 = Counter32: 241897859 UCD-SNMP-MIB::ssCpuRawNice.0 = Counter32: 0 UCD-SNMP-MIB::ssCpuRawSystem.0 = Counter32: 225612717 UCD-SNMP-MIB::ssCpuRawIdle.0 = Counter32: 765671208 UCD-SNMP-MIB::ssCpuRawKernel.0 = Counter32: 157494473 [snip] Ideas? Is a bug in 6.1? or net-snmp or am I missing something? thanx - steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Using putty as a ssh client on FreeBSD
Am 09.08.2006 um 17:13 schrieb Josh Paetzel: I'm trying to use putty on my FBSD 6.1-R box to access another FreeBSD box. I can get in fine using the command line ssh client but when I attempt to use putty I get the following error: Unable to use key file /usr/home/jpaetzel/.ssh/id_rsa (OpenSSH SSH-2 private key) PuTTY does not support OpenSSH key file formats. You will need to convert them to PuTTY format with PuTTYgen. Stefan -- Stefan Bethke [EMAIL PROTECTED] Fon +49 170 346 0140 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: access to Echange server via IMAP
On 8/9/06, Matthias Apitz [EMAIL PROTECTED] wrote: Hello, Our central mail server is Exchange (please no comments :-)) In my experiece MS Exchange support for IMAP is very poor, even when using MS Outlook. (Especially when using MS Outlook?) The only problem is access to common address books. Is there some IMAP-client in the ports or elsewhere for FreeBSD for fetching the address books from the Exchange server? Or does anybody know how to do this speaking IMAP with telnet like: I don't think it will work, but it really depends on how the address books are stored; it's been a few years since I had to fight with MS Exchange. If you are Active Directory integrated, you may be able to use the directory as if it was an LDAP server ('cause it kinda is) and pull data out of it that way. But you should take this to an MS Exchange list. -- -- Perfection is just a word I use occasionally with mustard. --Atom Powers-- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
(no subject)
Gerard Seibert wrote: lp|bj8pa06n.upp;r=600x600;q=high;c=full;p=letter;m=raw:\ :lp=/dev/null:\ :if=/usr/local/etc/apsfilter/basedir/bin/apsfilter:\ :sd=/var/spool/lpd/lp:\ :lf=/var/spool/lpd/lp/log:\ :af=/var/spool/lpd/lp/acct:\ :mx#0:\ :sf:\ :sh: Ummm... given that there's no 'rm' capability in this printcap I guess you must be using Samba to communicate with the remote windows printer. If so, then that printcap looks fine. Well, setting lp=/dev/null seems to cause some complaints, but that should just be cosmetic. I'd start looking for problems in the Samba setup. Can you use smbclient to connect to the printserver machine via Samba using the credentials you gave in the apsfilter setup? Does it show that you have access to the shared printer there? Double check the contents of /usr/local/etc/apsfilter/SETUP.cfg and the apsfilterrc files in that directory and it's sub-directories. Also, is there anything interesting in the log file /var/spool/lpd/lp/log ? Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: Using putty as a ssh client on FreeBSD
--- Josh Paetzel [EMAIL PROTECTED] wrote: I'm trying to use putty on my FBSD 6.1-R box to access another FreeBSD box. I can get in fine using the command line ssh client but when I attempt to use putty I get the following error: Unable to use key file /usr/home/jpaetzel/.ssh/id_rsa (OpenSSH SSH-2 private key) Can anyone point out to me what I am doing wrong? -- Thanks, Josh Paetzel ___ I'm pretty sure putty uses a different form of encryption with their key files. I know they do in the Windows version anyway. They have a tool you can use to convert your key into something putty likes. Try to find putty-keygen or something along those lines; perhaps as a separate port. I've had issues like this connecting to my FreeBSD boxes from Windows with putty, but ultimately found a way to import the BSD key into puttys format with their key-generator program. -brian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Thin terminals for FreeBSD
Ansar Mohammed [EMAIL PROTECTED] writes: the EPIA's look nice but cost too much. For comparable performance you can retrofit an old netier XL2000 on ebay with a laptop hard drive. They are small, fanless and come with an AMD 400-450 Mhz proc. They usually go for about 10$ on ebay. You need to get an internal laptop IDE cable and a laptopn hard drive... they also support netboot! So yo dont really need the hard drive, Sure, agreed. The EPIA's just what I needed for the space I had at the time. I was just pointing out that diskless boxes, net booting, and NFS mounted apps are a big win. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: pkg_add question
V.I.Victor wrote: Generally -- is it OK to do a 'pkg_add' from 'packages-6-stable' to a 5.4 system? Specifically, I think I need to update 'fetchmail.' What I've read *seems* to indicate it's OK, but... Not a good idea. 6.x packages are going to want libc.so.6 and other 6.x shlibs, which won't be available on your 5.5 box. You can, in principle, install packages from any of the 5.x releases or from 5.x-STABLE on a 5.x box, and modulo problems sorting out dependencies, everything should be able to work. However, you'll find it's a lot less effort in the end to just grab the latest ports tree using cvsup or portsnap and update that way. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Ndis + Netgear WG311v3 ; Won't attach device correctly
Hey, Today I got my hands on a Netgear WG311v3 and since there is no propper support for that card I decided to use nids, so I installed the ndis and if_ndis kernel modules, generated a new Kernel Module by using the WG311v3.INF and WG311v3XP.sys files; according to this thread: http://linuxcompatible.org/Netgear_WG311v3_WLAN_PCI_Card_with_Debian_Linux_Testing_t33271.html I should use those files. So far it worked, I loaded the module correctly and I had a ndis0. Allthough I had problems configuring the card correctly ( it wouldn't assosiate ). So I reloaded the module but this time it wouldn't attach my device correctly. This is what keeps happening: [EMAIL PROTECTED] kldstat Id Refs AddressSize Name 1 12 0xc040 5cfe2c kernel 21 0xc09d 7794 snd_emu10k1.ko 32 0xc09d8000 22b88sound.ko 81 0xc0a76000 59b90acpi.ko 92 0xc2cfd000 16000linux.ko 101 0xc2ea7000 3000 daemon_saver.ko 111 0xc2ef8000 2000 rtc.ko [EMAIL PROTECTED] kldload /boot/kernel/WG311v3XP_sys.ko My dmesg shows this: ndis0: NETGEAR WG311v3 802.11g Wireless PCI Adapter mem 0xfe1e-0xfe1e,0xfe1d-0xfe1d irq 19 at device 10.0 on pci2 ndis0: NDIS API version: 5.1 ndis0: init handler failed device_attach: ndis0 attach returned 6 these are the kernel modules loaded after loading WG311v3XP_sys : [EMAIL PROTECTED] kldstat Id Refs AddressSize Name 1 20 0xc040 5cfe2c kernel 21 0xc09d 7794 snd_emu10k1.ko 32 0xc09d8000 22b88sound.ko 81 0xc0a76000 59b90acpi.ko 92 0xc2cfd000 16000linux.ko 101 0xc2ea7000 3000 daemon_saver.ko 111 0xc2ef8000 2000 rtc.ko 151 0xc310c000 47000WG311v3XP_sys.ko 161 0xc30e8000 b000 if_ndis.ko 172 0xc376a000 13000ndis.ko 181 0xc377d000 c000 pccard.ko [EMAIL PROTECTED] The only thing changed since the first time I loaded the module was I copied it to /boot/kernel and I added WG311v3XP_sys_load=YES to /boot/loader.conf but those changes shouldn't have effect on not correctly loading it I think. I also tried to use the WG311v3.sys file, but I get the same output in my dmesg as above. Can anyone tell me why it won't load my module correctly anymore ? And what I should do to get it working again Regards, -- -Frank Staals ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Ndis + Netgear WG311v3 ; Won't attach device correctly
On Wednesday 09 August 2006 11:40, Frank Staals wrote: The only thing changed since the first time I loaded the module was I copied it to /boot/kernel and I added WG311v3XP_sys_load=YES to /boot/loader.conf but those changes shouldn't have effect on not correctly loading it I think. This is the key. I can't remember where I read it but this is a documented caveat of the ndis driver. Windows doesn't typically invoke network drivers until after the system is loaded, so some drivers won't work in FreeBSD unless they're loaded after the system is up. So take the line out of /boot/loader.conf, test that the driver works correctly if you reboot and kldload it manually, then make an rc script or something to automatically load the driver later in the boot process. JN ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Telecom
[EMAIL PROTECTED] wrote: Dear All, Can we use FreeBSD in Telecom industry? If I want to build an Internet Backbone which connect across country in asia. Is it suitable? How is its stability of routing compare to Cisco? Rgds, ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] juniper routers do exactly this (freebsd for network routing protocols, asics for hardware forwarding). Not sure how they compare to Ci$co (I'm assuming cost is driving factor for evaluating freebsd as a routing platform). freebsd can do bgp/ospf/etc with software such as: quagga or zebra, or the newer xorp. some people have used freebsd as a routing platform for large networks, see occaid.org (their network was built with freebsd/quagga and ip-ip tunnels, although they did have some juniper m5s) what you will probably find is that routing in software may not offer the performance required for a backbone network. This is of course dependent on your needs, and some people (occaid) have achieved line-rate (small packets) ip forwarding with intel pro 1000 cards and some patches to enable fastforwarding for ipv6 in freebsd. hope this is of some help. I can't give any numbers with regard to stability -- quagga/zebra did have some issues as I recall. for large amounts of traffic it may help to enable device driver polling to reduce interrupt overhead. --Aaron ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: access to Echange server via IMAP
Matthias Apitz wrote: Hello, Our central mail server is Exchange (please no comments :-)) On my FreeBSD notebook I'm using as MUA mutt, fetchmail with IMAP to get the e-mail and sendmail to send mail over to the Exchange, so far so good and I'm happy with it. Btw: one could even access the INBOX with something like $ mutt -f imap://server/ but fetchmail is better, I think. The only problem is access to common address books. Is there some IMAP-client in the ports or elsewhere for FreeBSD for fetching the address books from the Exchange server? Or does anybody know how to do this speaking IMAP with telnet like: Assuming you have a legitimate account, any LDAP browser *should* be able to grab the address books. This assumes (although I haven't tried it) that you could set up an addressbook using LDAP and the DC and get your addressbooks. (I believe Exchange's GAL is just a pointer to the DC's schema and data.) -- Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ smime.p7s Description: S/MIME Cryptographic Signature
PHP4 + odbc
Hi, I installed php4-odbc-4.4.2_2 and apache-2.0.55_4 via ports on FreeBSD 5.4-STABLE. The relevant part of the phpinfo() follows: odbc ODBC Supportenabled Active Persistent Links 0 Active Links0 ODBC libraryno value ODBC_INCLUDEno value ODBC_LFLAGS no value ODBC_LIBS no value Is it correct? Because I cannot connect to the database. I get 'Zero Sized Reply' into the browser. On the Linux machine with php5 I get odbc ODBC Supportenabled Active Persistent Links 0 Active Links0 ODBC libraryunixODBC ODBC_INCLUDE-I/usr/include ODBC_LFLAGS -L/usr/lib ODBC_LIBS -lodbc I installed the php4-odbc-4.4.2_2 via: cd /usr/ports/databases/php4-odbc ; make ; make install and edited /usr/local/etc/odbc.ini and /usr/local/etc/odbcinst.ini Am I missing something? What I am doing wrong? Thank you very much for any hints. Regards, lk PS: I googled and didn't find anything relevant... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
Igor Robul wrote: The only down side is it still can be faked, just like everything else. IP from which connection is made cannot be faked, at least I dont know how to fake it. So there is at least one unfakable part of key. But there is no real need to keep real IP in database, for privacy reasons it is better to keep one-way hash in database. We're using PAT. That means that, when I use a private host to access the internet, I could be on any one of a number of IP addresses. However, I was assuming that Marc is using the IP reported by ifconfig, which *should* be unique for each host, as opposed to the IP that connects to him, which could represent literally thousands of hosts in some cases. -- Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ smime.p7s Description: S/MIME Cryptographic Signature
Re: BSDstats Project v2.0 ...
On Wed, 9 Aug 2006, Paul Schmehl wrote: Marc G. Fournier wrote: On Wed, 9 Aug 2006, Igor Robul wrote: On Tue, Aug 08, 2006 at 09:30:42PM -0300, Marc G. Fournier wrote: Could create problems long term .. one thing I will be using the IPs to do is: SELECT ip, count(1) FROM systems GROUP BY ip ORDER BY count DESC; to look for any 'abnormalities' like todays with Armenia ... hashing it would make stuff like that fairly difficult ... You can make _two_ hashes and then concatenate to form unique key. Then you still be able to see a lot of single IPs. Personaly, I dont care very much about IP/hostname disclosure :-) Except that you are disclosing that each and every time you send out an email, or hit a web site ... :) The systems I'm concerned about are on private IP space, to not send email and don't have X installed, much less a web browser and can only access certain FreeBSD sites to update ports. In fact, they're not even accessible from *inside* our network except from certain hosts. In order to successfully run the stats script on these hosts, I would have to open a hole in the firewall to bsdstats.hub.org on the correct port. And yes, I *am* paranoid. But if you really want *all* statistics you can get, then you'll have to deal with us paranoid types. My workstation, which is on a public IP, is already registered. Done ... now I really hope that the US stats rise, maybe? I have a hard time believing that Russia and the Ukraine have more deployments then the 'good ol'US of A' ... or do they? *raised eyebrow* Here is what is now stored in the database (using my IP as a basis) # select * from systems where ip = md5('24.224.179.167'); id |ip| hostname | operating_system | release | architecture | country |report_date --+--+--+--++--+-+--- 1295 | 45c80b9266a5a6683eee9c9798bd6575 | 4a9110019f2ca076407ed838bf190017 | FreeBSD | 6.1-RC1| i386 | CA | 2006-08-09 02:34:05.12579 1 | 45c80b9266a5a6683eee9c9798bd6575 | 9a45e58ab9535d89f0a7d2092b816364 | FreeBSD | 6.1-STABLE | i386 | CA | 2006-08-09 16:01:03.34788 And yup, I have two hosts sitting behind a router ... Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email . [EMAIL PROTECTED] MSN . [EMAIL PROTECTED] Yahoo . yscrappy Skype: hub.orgICQ . 7615664 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
On Wed, 9 Aug 2006, Paul Schmehl wrote: Igor Robul wrote: The only down side is it still can be faked, just like everything else. IP from which connection is made cannot be faked, at least I dont know how to fake it. So there is at least one unfakable part of key. But there is no real need to keep real IP in database, for privacy reasons it is better to keep one-way hash in database. We're using PAT. That means that, when I use a private host to access the internet, I could be on any one of a number of IP addresses. However, I was assuming that Marc is using the IP reported by ifconfig, which *should* be unique for each host, as opposed to the IP that connects to him, which could represent literally thousands of hosts in some cases. ifconfig most definitely wouldn't be unique for each host ... ifconfig on my machines here would show 192.168.1.2 and 192.168.1.99 ... I have no idea how many, but I imagine there are *alot* of hosts behind a NAT, or router, that would show those same numbers ... The uniqueness is a combination of IP+hostname ... again, as one pointed out with PCBSD, this isn't always necessarily the case, but, IMHO, that is a flaw of PCBSD having all hosts on the same network using the same hostname ... Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email . [EMAIL PROTECTED] MSN . [EMAIL PROTECTED] Yahoo . yscrappy Skype: hub.orgICQ . 7615664 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
On Wed, 9 Aug 2006, Vahan Yerkanian wrote: Marc G. Fournier wrote: If that's the case, those numbers should come back again in Sept ... but, the hostnames for the odd ones were all: http://www.domain.am; with the quotes included, which seemed a really odd value for 'hostname' to have produced :) Looks like a directadmin host. Moreover, resolves to an IP which is not in Armenia. Thought you were using some kind of IP to Country db like GeoIP to find geographic locations of the hosts. Otherwise, domains under f.e. .com gonna be shown as USA? I'm using GeoIP for this, based on the IP that is IP of the connection ... this is one flaw, IMHO, to using md5, its going to be a bit harder to spot stuff like this ... but, not impossible either ... Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email . [EMAIL PROTECTED] MSN . [EMAIL PROTECTED] Yahoo . yscrappy Skype: hub.orgICQ . 7615664 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Ndis + Netgear WG311v3 ; Won't attach device correctly
John Nielsen wrote: On Wednesday 09 August 2006 11:40, Frank Staals wrote: The only thing changed since the first time I loaded the module was I copied it to /boot/kernel and I added WG311v3XP_sys_load=YES to /boot/loader.conf but those changes shouldn't have effect on not correctly loading it I think. This is the key. I can't remember where I read it but this is a documented caveat of the ndis driver. Windows doesn't typically invoke network drivers until after the system is loaded, so some drivers won't work in FreeBSD unless they're loaded after the system is up. So take the line out of /boot/loader.conf, test that the driver works correctly if you reboot and kldload it manually, then make an rc script or something to automatically load the driver later in the boot process. JN ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Ah thanks a lot, that did the trick -- -Frank Staals ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
With minor mods, committed ... I moved bsdstats.hub.org to a variable, and added an 'echo' for when the stats, or a part of them, is disabled, that way if this ever does get into the base system, ppl reading monthly run output will know that they exist, and how to turn it on ... thx ... On Wed, 9 Aug 2006, Paul Schmehl wrote: Someone mentioned having output from the script so you would know it was running. This patch would do that, if you want to add that functionality. --- 300.statistics.orig Wed Aug 9 09:49:35 2006 +++ 300.statistics Wed Aug 9 09:54:17 2006 @@ -44,6 +44,7 @@ SYS=`/usr/bin/uname -r` ARCH=`/usr/bin/uname -m` do_fetch getid.php?hn=$HN\sys=$SYS\arch=$ARCH\opsys=$OS + echo Posting monthly OS statistics to bsdstats.hub.org\n case $monthly_statistics_report_devices in [Yy][Ee][Ss]) IFS= @@ -57,6 +58,7 @@ DEV=`echo $line | awk '{print $4}' | cut -c8-11` do_fetch report_device.php?driver=$DRIVER\vendor=$VEN\device=$DEV\hn=$HN done +echo Posting monthly device statistics to bsdstats.hub.org\n line=$( sysctl -n hw.model ) VEN=$( echo $line | cut -d ' ' -f 1 ) @@ -69,6 +71,7 @@ do_fetch report_cpu.php?cpu_id=CPU$n\vendor=$VEN\cpu_type=$DEV\hn=$HN n=$(( $n + 1 )) done +echo Posting monthly CPU statistics to bsdstats.hub.org\n ;; esac -- Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email . [EMAIL PROTECTED] MSN . [EMAIL PROTECTED] Yahoo . yscrappy Skype: hub.orgICQ . 7615664 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
Marc G. Fournier wrote: The uniqueness is a combination of IP+hostname ... again, as one pointed out with PCBSD, this isn't always necessarily the case, but, IMHO, that is a flaw of PCBSD having all hosts on the same network using the same hostname ... That's the nice thing with the 'ifconfig|sha256' scheme. Because it would include the MAC address of the interfaces in the hash, the only 'identical' machines would be ones with no ethernet interfaces at all. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
On Wed, 9 Aug 2006, Howard Jones wrote: Marc G. Fournier wrote: The uniqueness is a combination of IP+hostname ... again, as one pointed out with PCBSD, this isn't always necessarily the case, but, IMHO, that is a flaw of PCBSD having all hosts on the same network using the same hostname ... That's the nice thing with the 'ifconfig|sha256' scheme. Because it would include the MAC address of the interfaces in the hash, the only 'identical' machines would be ones with no ethernet interfaces at all. Right, and the bad thing is if yu alias another IP on that device, the hash totally changes, so we see that one host now as being two different ones :) That's why we disqualified using ifconfig right at the beginning ... Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email . [EMAIL PROTECTED] MSN . [EMAIL PROTECTED] Yahoo . yscrappy Skype: hub.orgICQ . 7615664 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
On Tuesday 08 August 2006 9:17 am, Marc G. Fournier wrote: But, there is no such ting as an 'index number' ... when everyone reports in next month, for instance, there is no 'number' that will be re-used for them that matches something used this month ... What about: indexnumber=$(md5 -q /etc/ssh/ssh_host_rsa_key.pub) That file gets generated the first time a host is booted with sshd_enable=YES and almost never changes afterward. Also, literally every BSD machine I've ever touched has sshd enabled (although usually severely locked down), and I suspect that's true for most people. -- Kirk Strauser ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Up to v2.2 ... ( Was: Re: BSDstats Project v2.0 ... )
On Tue, 8 Aug 2006, [EMAIL PROTECTED] wrote: --On August 9, 2006 9:32:18 AM +1000 Antony Mawer [EMAIL PROTECTED] wrote: On 9/08/2006 9:16 AM, Marc G. Fournier wrote: Can you tell me exactly what you do with those two pieces of data? Is there any way that information would be accessible from the internet? Absolutely nothing else we do with it ... it just gives us a unique key to work with ... in fact, assuming each of your servers use a different IP, there is no reason you couldn't do the uname trick above to hide the hostname ... Unless someone breaks into the server, or database, somehow, the data isn't accessible ... What if we improved upon this - if instead of storing the hostname and IP address, we stored a one-way hash of this information? OpenSSH in recent versions takes the same approach with its authorized_keys files... I like that idea. I'm ready to submit my workstation, but I'm still a bit hesitant about some servers I adminA one way hash would alleviate my concerns. 'k, v2.2 brings us up to hashed unique keys, for more anonymity, and we've just added 'class' and 'subclass' to the devices report, so that we can improve the reporting, namely, so that we can group things better (ie. all RAID controllers or all ethernet controllers), that sort of thing ... the devices list is getting a bit big to load right now ... the 'all devices' list will still be available, but, for instance, ppl looking to see 'most popular ethernet controller', this should help speed things up a bit ... Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email . [EMAIL PROTECTED] MSN . [EMAIL PROTECTED] Yahoo . yscrappy Skype: hub.orgICQ . 7615664 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
Marc G. Fournier wrote: Right, and the bad thing is if yu alias another IP on that device, the hash totally changes, so we see that one host now as being two different ones :) That's why we disqualified using ifconfig right at the beginning ... But didn't you say that you effectively wipe the database once a month, (or expire entries over that age)? I can't find the post that mentioned that now, naturally... :-) if you aren't using the 'key' as a database key, then what do you care that it changes as long as it uniquely identifies the system (which it definitely would)? I don't know how typical I am, but I don't really remember the last time I added an IP alias on a running server, for our few dozen production systems. I would imagine that those types of changes might well be lost of systems coming and going. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
FreeBSD as a VPN Server/Router
I am going to venture into the field of the security gurus so help me God! It looks like I am gonna get stuck in wet cement, I can feel it;) I have two sites, siteA and siteB. Each site has a horde of Windows PCs behind a FreeBSD box, which acts as a firewall/router/proxy/everything:) Each site has got a dedicated connection to an ISP. At the moment it's the same ISP, if that matters, but my thinking is that it can be any ISP. I have a challenge of establishing a WAN between the two sites. They are geographically apart. In this scenario, siteA has several applications running on several windows servers which are behind the FreeBSD box. The challenge is to allow siteB to access these applications securely via the WAN setup. VPN comes straight to mind, but this is a new area to me. The boxes are both FreeBSD 5.5-STABLE. I am looking for pointers/clues on how to do the setup in a clean way, while adhering to K.I.S.S as closely as possible. If extra hardware (other than the FreeBSD boxes) is required so that the WAN is efficient, I'd be happy to know. I am very optimistic on pulling this one off, since I belong to a community full of security experts (FreeBSD users). PS: I am already googling, perhaps with the wrong keywords:-) -Wash http://www.netmeister.org/news/learn2quote.html DISCLAIMER: See http://www.wananchi.com/bms/terms.php -- +==+ |\ _,,,---,,_ | Odhiambo Washington[EMAIL PROTECTED] Zzz /,`.-'`'-. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +==+ Who messed with my anti-paranoia shot? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: make distribution fails
Nagy László Zsolt wrote: but the PR database is busy, I cannot read the details. What am I doing wrong? What version are you trying to install? On 5.X you gotta be in /usr/src/etc, but on 6.X this changed to /usr/src. Cheers, Erik I'm using 6.1 RELEASE. I upgraded yesterday with cvsup. It does not work from /usr/src either. :-( See below I do: # cd /usr/src # make buildworld # make KERNCONF=DISKLESS buildkernel # mkdir /var/diskless/FreeBSD # make DESTDIR=/var/diskless/FreeBSD installworld # make DESTDIR=/var/diskless/FreeBSD distribution # make DESTDIR=/var/diskless/FreeBSD KERNCONF=DISKLESS installkernel You have to build/install world before distribution. Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9 smime.p7s Description: S/MIME Cryptographic Signature
Re: FreeBSD as a VPN Server/Router
I am going to venture into the field of the security gurus so help me God! It looks like I am gonna get stuck in wet cement, I can feel it;) I have two sites, siteA and siteB. Each site has a horde of Windows PCs behind a FreeBSD box, which acts as a firewall/router/proxy/everything:) Each site has got a dedicated connection to an ISP. At the moment it's the same ISP, if that matters, but my thinking is that it can be any ISP. I have a challenge of establishing a WAN between the two sites. They are geographically apart. In this scenario, siteA has several applications running on several windows servers which are behind the FreeBSD box. The challenge is to allow siteB to access these applications securely via the WAN setup. VPN comes straight to mind, but this is a new area to me. The boxes are both FreeBSD 5.5-STABLE. I am looking for pointers/clues on how to do the setup in a clean way, while adhering to K.I.S.S as closely as possible. If extra hardware (other than the FreeBSD boxes) is required so that the WAN is efficient, I'd be happy to know. I am very optimistic on pulling this one off, since I belong to a community full of security experts (FreeBSD users). PS: I am already googling, perhaps with the wrong keywords:-) It's been a couple of years since I did this, but this worked for me... http://www.pjkh.com/wiki/vtund -philip ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD as a VPN Server/Router
there is a freebsd based project called pfsense (.org) that would suit your needs perfectly. ive been running it for quite a while now, and i think its the best thing since sliced bread. i have a IPSec WAN between 2 sites (my apt, and my servers that are at a colo). tons of features that are found on other expensive firewalls, are included! cheers, jonathan On Wednesday 09 August 2006 12:33, Odhiambo Washington wrote: I am going to venture into the field of the security gurus so help me God! It looks like I am gonna get stuck in wet cement, I can feel it;) I have two sites, siteA and siteB. Each site has a horde of Windows PCs behind a FreeBSD box, which acts as a firewall/router/proxy/everything:) Each site has got a dedicated connection to an ISP. At the moment it's the same ISP, if that matters, but my thinking is that it can be any ISP. I have a challenge of establishing a WAN between the two sites. They are geographically apart. In this scenario, siteA has several applications running on several windows servers which are behind the FreeBSD box. The challenge is to allow siteB to access these applications securely via the WAN setup. VPN comes straight to mind, but this is a new area to me. The boxes are both FreeBSD 5.5-STABLE. I am looking for pointers/clues on how to do the setup in a clean way, while adhering to K.I.S.S as closely as possible. If extra hardware (other than the FreeBSD boxes) is required so that the WAN is efficient, I'd be happy to know. I am very optimistic on pulling this one off, since I belong to a community full of security experts (FreeBSD users). PS: I am already googling, perhaps with the wrong keywords:-) -Wash http://www.netmeister.org/news/learn2quote.html DISCLAIMER: See http://www.wananchi.com/bms/terms.php -- +==+ |\ _,,,---,,_ | Odhiambo Washington[EMAIL PROTECTED] Zzz /,`.-'`'-. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +==+ Who messed with my anti-paranoia shot? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
On Wed, 9 Aug 2006, Howard Jones wrote: Marc G. Fournier wrote: Right, and the bad thing is if yu alias another IP on that device, the hash totally changes, so we see that one host now as being two different ones :) That's why we disqualified using ifconfig right at the beginning ... But didn't you say that you effectively wipe the database once a month, (or expire entries over that age)? I can't find the post that mentioned that now, naturally... :-) if you aren't using the 'key' as a database key, then what do you care that it changes as long as it uniquely identifies the system (which it definitely would)? I don't know how typical I am, but I don't really remember the last time I added an IP alias on a running server, for our few dozen production systems. I would imagine that those types of changes might well be lost of systems coming and going. I add/remove IPs from our servers several times each week, as we add VPS and remove them, or move then between boxes ... Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email . [EMAIL PROTECTED] MSN . [EMAIL PROTECTED] Yahoo . yscrappy Skype: hub.orgICQ . 7615664 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Doing Routing On My Production Server
Hi; I'm updating my firewall and I've found a nifty how-to that recommends using a BSD box in front of another box as your firewall, using the first as a router and passing one NIC to the other box. Can't all that be done from the same box? TIA, beno ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD as a VPN Server/Router
On 08/09/2006 12:33, Odhiambo Washington wrote: I am going to venture into the field of the security gurus so help me God! It looks like I am gonna get stuck in wet cement, I can feel it;) I have two sites, siteA and siteB. Each site has a horde of Windows PCs behind a FreeBSD box, which acts as a firewall/router/proxy/everything:) Each site has got a dedicated connection to an ISP. At the moment it's the same ISP, if that matters, but my thinking is that it can be any ISP. I have a challenge of establishing a WAN between the two sites. They are geographically apart. In this scenario, siteA has several applications running on several windows servers which are behind the FreeBSD box. The challenge is to allow siteB to access these applications securely via the WAN setup. VPN comes straight to mind, but this is a new area to me. The boxes are both FreeBSD 5.5-STABLE. I am looking for pointers/clues on how to do the setup in a clean way, while adhering to K.I.S.S as closely as possible. The FreeBSD Handbook has a chapter on this: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html HTH. If extra hardware (other than the FreeBSD boxes) is required so that the WAN is efficient, I'd be happy to know. I am very optimistic on pulling this one off, since I belong to a community full of security experts (FreeBSD users). PS: I am already googling, perhaps with the wrong keywords:-) -Wash http://www.netmeister.org/news/learn2quote.html DISCLAIMER: See http://www.wananchi.com/bms/terms.php -- +==+ |\ _,,,---,,_ | Odhiambo Washington[EMAIL PROTECTED] Zzz /,`.-'`'-. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +==+ Who messed with my anti-paranoia shot? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Regards, Eric ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ext usb2 drive and fbsd6
dick hoogendijk wrote: Maybe I should not ask this here but I take my chances. I love fbsd but it /is/ pickier on some hardware than windows and I don't want to use that software, so.. I'm planning an external hardrive. NAS (network attached storage) drive are very expensive. So I will buy an usb2 drive, I think. As always, money's short ;-) Do you have suggestions on *good* working and not to expensive usb2 harddisks for FreeBSD-6.1? They should be reliable and easy to mount on my server. I have a Western Digital Essential USB hard drive that I use for backup purposes on my 6.1 system. http://www.westerndigital.com/en/products/Products.asp?DriveID=182 Haven't had any problems yet. HTH, Micah ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Doing Routing On My Production Server
* On 09/08/06 14:01 -0400, beno wrote: | Hi; | I'm updating my firewall and I've found a nifty how-to that recommends | using a BSD box in front of another box as your firewall, using the | first as a router and passing one NIC to the other box. Can't all that | be done from the same box? Hi Beno, If you don't mind exposing the one box to the hostile Internet, then the answer is yes. Just block everything using the firewall on the same box. What is your concept of a firewall, by the way? -Wash http://www.netmeister.org/news/learn2quote.html DISCLAIMER: See http://www.wananchi.com/bms/terms.php -- +==+ |\ _,,,---,,_ | Odhiambo Washington[EMAIL PROTECTED] Zzz /,`.-'`'-. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +==+ First Rule of History: History doesn't repeat itself -- historians merely repeat each other. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
Marc G. Fournier wrote: On Wed, 9 Aug 2006, Howard Jones wrote: Marc G. Fournier wrote: Right, and the bad thing is if yu alias another IP on that device, the hash totally changes, so we see that one host now as being two different ones :) That's why we disqualified using ifconfig right at the beginning ... But didn't you say that you effectively wipe the database once a month, (or expire entries over that age)? I can't find the post that mentioned that now, naturally... :-) if you aren't using the 'key' as a database key, then what do you care that it changes as long as it uniquely identifies the system (which it definitely would)? I don't know how typical I am, but I don't really remember the last time I added an IP alias on a running server, for our few dozen production systems. I would imagine that those types of changes might well be lost of systems coming and going. I add/remove IPs from our servers several times each week, as we add VPS and remove them, or move then between boxes ... This problem is intractable: any scheme you can think of to generate a unique identifying number on a random host out there on the net will either fail to actually be unique, or suffer from mutating over time as machine configuration changes. How about the following. Use the bsdstats.hub.org to generate a random token and hand it to the client. 128 bits of randomness gives a sufficiently large domain (340,282,366,920,938,463,463,374,607,431,768,211,456 different possible combinations) that given a good RNG collisions are not a problem. You can generate that sort of token easily by, for example: % openssl rand -base64 16 KSOWkPuK03Od99S5vaPGdQ== Base64 encoded strings will have to be URL escaped if they are passed as parameters in a HTTP GET -- perhaps encoding as a string of hex digits might be a better idea: % openssl rand 16 | hexdump -e '16/1 %01x \n' 566fc9f2374a7e999d9587dc143373fc Anyhow, that's just implementation detail. So the transaction would go like this the first time a client machine tried to report its configuration: ClientServer - Check for cached ID token Not found Request new token from server -- Generate token Record it in DB Return token to client -- Cache token in file Generate OS version info Send to server with ID token --- If token is known, record data in DB Generate Driver info Send to server with ID token --- If token is known, record data in DB etc. etc. - Because the server generates the tokens, it knows which ones are valid, and can discard any data sent to it without a valid token. That doesn't prevent any vandal-minded person from requesting a metric butt-load of tokens to spam the database with, but that's no worse than the current situation. The neat thing is, the number of available tokens is so huge that it is infeasible to guess or accidentally collide with someone else's token. Eg. At 100Mb/s it would take about 10^33 seconds or 10^25 years to exhaustively search the whole token space. Thus spammed data will just time out at the end of the month without affecting anyone else's real data. Stealing an existing ID token by breaking into a machine or snooping on the net would be possible, but presumably sufficiently difficult to do in a large enough quantity that it wouldn't have a significant effect on the overall statistics. If snooping turns out to be a real problem, then using HTTPS is a possibility, but that will ramp up the load on the server quite a bit. For subsequent updates, the client machine just reuses the same token out of its cache file. If the cached token gets deleted, then the client machine will just have to request a new one and rely on the old data timing out at the end of the month. Saving away the token should be simple -- just make the server return the data to a 'get_token' query as MIME type text/plain and have fetch dump it in a cache file somewhere. /var/db/bsdstats for example. I can code up the client side of this in about 5 minutes, but the server end of things will take a little more work. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: BSDstats Project v2.0 ...
Nikolas Britton wrote: I still like my idea the best for unique keys. It's a better way to detect hosts behind NATs, here it is again, four versions to pick from: # ifconfig | sha256 cbcc2f55a340c248af7e8a10871150d827af11d7051bbc782eefa04b0603248b # ifconfig | sha1 b607b9d45e6ad40c02ab20800e0d70245ab6db68 # ifconfig | md5 22a2a3eca61166fb113f1a688b3dd842 # ifconfig | cksum 3977021799 540 The only down side is it still can be faked, just like everything else. ifconfig output is by no means constant on a single host. Eg. Take my laptop; the media, status and ssid lines will change pretty often on my wireless nic. I mean several times during one session. Why not hash just the hostname? Or MAC-address? Of course these could also be fabricated, but you can't possibly avoid that as long as this is open source. (And the protocol would be pretty easy to reverse engineer anyway) How 'bout? $ ifconfig | grep ether | md5 This will change whenever one adds, removes or replaces a nic, though. Svein Halvor signature.asc Description: OpenPGP digital signature
Re: default boot option in dual-boot mode
thanks: it works like charm...:) with this setting, i only need to make a choice when i want it to boot into xp, otherwsie it just automatically get into freebsd. best --- Stefan Bethke [EMAIL PROTECTED] wrote: Am 08.08.2006 um 02:48 schrieb gahn: hi: how could i fix the default boot option in dual-boot mode? i have a machine with both windows xp and freebsd 6.1. it works fine with freebsd boot manager (wiht optios of f1 for xp and f2 for freebsd when it starts). but i would like to fix the default mode for freebsd; ie, if i don't make a choice on either f1 or f2 keys, then system automatically boots up as freebsd machine. boot0 will boot into the same OS as the last time automatically, so you don't need to do anything to boot into FreeBSD, if you had booted into FreeBSD the last time. If you want to *always* boot into FreeBSD, irrespective of the choice you made the last time, you can use the boot0cfg(8) utility to stop boot0 from remembering the last choice and stick to the stored default. Untested: # boot0cfg -o noupdate -s2 Stefan -- Stefan Bethke [EMAIL PROTECTED] Fon +49 170 346 0140 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: pkg_add question
On Wed, Aug 09, 2006 at 01:43:10PM +, V.I.Victor wrote: Generally -- is it OK to do a 'pkg_add' from 'packages-6-stable' to a 5.4 system? Absolutely not. Specifically, I think I need to update 'fetchmail.' What's wrong with using packages-5-stable? :-) What I've read *seems* to indicate it's OK, but... Where did you read this, so we can try to correct the bogus advice? Kris pgpvemMjDxsKZ.pgp Description: PGP signature
Re: BSDstats Project v2.0 ...
Svein Halvor Halvorsen wrote: Why not hash just the hostname? Or MAC-address? Of course these could Disregard this. I see that the discussion has moved on. I'm with Matthew Seaman's suggested server generated id-string. Svein Halvor signature.asc Description: OpenPGP digital signature
Re: BSDstats Project v2.0 ...
In response to Matthew Seaman [EMAIL PROTECTED]: This problem is intractable: any scheme you can think of to generate a unique identifying number on a random host out there on the net will either fail to actually be unique, or suffer from mutating over time as machine configuration changes. Really? What if you just generate some sort of UID or GUID and store it in /var/db/bsdstats.guid (or similar)? If the file exists, use it, if it doesn't exist, generate a new ID. Not 100% error prone, but should be pretty damn reliable. -- Bill Moran Collaborative Fusion Inc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
At 9:32 AM +1000 8/9/06, Antony Mawer wrote: What if we improved upon this - if instead of storing the hostname and IP address, we stored a one-way hash of this information? OpenSSH in recent versions takes the same approach with its authorized_keys files... A scattered list of ideas: It might be useful to keep part of the domain-name in plain-text. Just a minimal part, such as '.edu' or '.co.uk'. So that would be one value sent/saved. Then have an MD5 hash of `hostname` (hashing the full hostname, including full domain), or maybe a hash of the output from: hostname ; ifconfig | grep ether Eg: hostname ; ifconfig | grep ether freefour.acs.rpi.edu ether 00:09:5b:01:02:03 ether 00:11:09:09:08:07 (this machine has two ethernet cards in it, and no, those are not the real MAC addresses of the cards... :-) == (hostname ; ifconfig | grep ether) | md5 0670be39b40dc52d996e1a6dcee6cca7 Maybe combine that with the partial-domain, to get 0670be39b40dc52d996e1a6dcee6cca7.edu Further, whatever value you decide to use to create a unique value, you could just save that value away in some file under /var/db . If the file does not exist, then create it and store the probably-unique value. That way you can pick some algorithm which should produce a unique result, and not worry if the value of that algorithm might change (on a single machine) over time. You'll only calculate it once, and then keep using that result. -- Garance Alistair Drosehn = [EMAIL PROTECTED] Senior Systems Programmer or [EMAIL PROTECTED] Rensselaer Polytechnic Institute; Troy, NY; USA ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
On Wed, Aug 09, 2006 at 03:16:29PM -0400, Bill Moran wrote: In response to Matthew Seaman [EMAIL PROTECTED]: This problem is intractable: any scheme you can think of to generate a unique identifying number on a random host out there on the net will either fail to actually be unique, or suffer from mutating over time as machine configuration changes. Really? What if you just generate some sort of UID or GUID and store it in /var/db/bsdstats.guid (or similar)? Well, exactly. What I neglected to say in the above was to generate a unique identifying number that encodes part of the machine configuration. However, you're right in that the client could just invent its own random ID number. Given the large number of possible ID numbers in the scheme I proposed, there shouldn't be any problem with collisions so long as all those machines are generating good random numbers[1]. On reflection, the advantages of having the server generate the ID numbers are not really all that compelling. Cheers, Matthew [1] In fact, it would be a pretty neat experiment to get a whole load of machines to generate a chunk'o'randomness and send it into a central machine and see just how evenly distributed the answers are. -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW pgpLb61vrzzw3.pgp Description: PGP signature
Re: FreeBSD as a VPN Server/Router
Am 09.08.2006 um 19:33 schrieb Odhiambo Washington: In this scenario, siteA has several applications running on several windows servers which are behind the FreeBSD box. The challenge is to allow siteB to access these applications securely via the WAN setup. VPN comes straight to mind, but this is a new area to me. OpenVPN certainly fits your requirements. Besides a routed connection between two sides, it also offers a bridged setup, so it is ideally suited for connecting two Windows-centric networks. We use it at work for home VPNs as well as road warriors, configuration is straightforward, and performance is absolutely acceptable. IPSec has been mentioned before; I've had trouble understanding the configuration and how to diagnose problems. We did get it to work in the office, but only with a lot of trial and error. isakmpd and racoon are... idiosyncratic, to be polite. vtun has had major security issues in the past, so I would be wary, but I haven't looked into it for the past two years. pfSense is a FreeBSD-based firewall/routing OS, so you'd need to replace your existing FreeBSD routers with it, or add additional boxes. Stefan -- Stefan Bethke [EMAIL PROTECTED] Fon +49 170 346 0140 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: make distribution fails
I do: # cd /usr/src # make buildworld # make KERNCONF=DISKLESS buildkernel # mkdir /var/diskless/FreeBSD # make DESTDIR=/var/diskless/FreeBSD installworld # make DESTDIR=/var/diskless/FreeBSD distribution # make DESTDIR=/var/diskless/FreeBSD KERNCONF=DISKLESS installkernel You have to build/install world before distribution. Thanks, this was the problem. I created this for testing. Now I cannot remove it. messias# cd /var messias# chown -R root:wheel diskless chown: diskless/usr/sbin/sliplogin: Operation not permitted I cannot change owner or change permission for some files. Is it possible to delete this directory somehow? Laszlo ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: make distribution fails
Nagy László Zsolt wrote: I do: # cd /usr/src # make buildworld # make KERNCONF=DISKLESS buildkernel # mkdir /var/diskless/FreeBSD # make DESTDIR=/var/diskless/FreeBSD installworld # make DESTDIR=/var/diskless/FreeBSD distribution # make DESTDIR=/var/diskless/FreeBSD KERNCONF=DISKLESS installkernel You have to build/install world before distribution. Thanks, this was the problem. I created this for testing. Now I cannot remove it. messias# cd /var messias# chown -R root:wheel diskless chown: diskless/usr/sbin/sliplogin: Operation not permitted I cannot change owner or change permission for some files. Is it possible to delete this directory somehow? # chflags -R noschg /path/to/distribution then remove Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9 smime.p7s Description: S/MIME Cryptographic Signature
Re: make distribution fails
I cannot change owner or change permission for some files. Is it possible to delete this directory somehow? # chflags -R noschg /path/to/distribution then remove You are a true guru. :-) Thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SNMP mib elements are zero on 6.1
Howdy! I am upgrading a server farm from FreeBSD 4.10 to FreeBSD 6.1. I am running net-snmp and if I query a fbsd 6.1 machine I get zero values for many MIB entries. Ooops. running snmpd as non-root causes this. Will investigate. Works ok on 4.10 as non-root -steve eg for a 6.1 machine I get many bogus entries. (but some good like laLoad.1 is ok) snmpwalk -v 2c -c public 6.1server enterprises [snip] UCD-SNMP-MIB::memTotalSwap.0 = INTEGER: 0 UCD-SNMP-MIB::memAvailSwap.0 = INTEGER: 0 UCD-SNMP-MIB::memTotalReal.0 = INTEGER: 1877672 UCD-SNMP-MIB::memAvailReal.0 = INTEGER: 0 UCD-SNMP-MIB::memTotalSwapTXT.0 = INTEGER: -1 UCD-SNMP-MIB::memAvailSwapTXT.0 = INTEGER: -1 UCD-SNMP-MIB::memTotalRealTXT.0 = INTEGER: -1 UCD-SNMP-MIB::memAvailRealTXT.0 = INTEGER: -1 UCD-SNMP-MIB::memTotalFree.0 = INTEGER: 0 [snip] UCD-SNMP-MIB::ssCpuUser.0 = INTEGER: 0 UCD-SNMP-MIB::ssCpuSystem.0 = INTEGER: 0 UCD-SNMP-MIB::ssCpuIdle.0 = INTEGER: 0 UCD-SNMP-MIB::ssCpuRawUser.0 = Counter32: 0 UCD-SNMP-MIB::ssCpuRawNice.0 = Counter32: 0 UCD-SNMP-MIB::ssCpuRawSystem.0 = Counter32: 0 UCD-SNMP-MIB::ssCpuRawIdle.0 = Counter32: 0 UCD-SNMP-MIB::ssCpuRawKernel.0 = Counter32: 0 UCD-SNMP-MIB::ssCpuRawInterrupt.0 = Counter32: 0 [snip] but for for a 4.10 machine I get good values snmpwalk -v 2c -c public 4.10server enterprises [snip] UCD-SNMP-MIB::memTotalSwap.0 = INTEGER: 0 UCD-SNMP-MIB::memAvailSwap.0 = INTEGER: 0 UCD-SNMP-MIB::memTotalReal.0 = INTEGER: 854392 UCD-SNMP-MIB::memAvailReal.0 = INTEGER: 1664 UCD-SNMP-MIB::memTotalFree.0 = INTEGER: 47936 [snip] UCD-SNMP-MIB::ssCpuUser.0 = INTEGER: 25 UCD-SNMP-MIB::ssCpuSystem.0 = INTEGER: 27 UCD-SNMP-MIB::ssCpuIdle.0 = INTEGER: 46 UCD-SNMP-MIB::ssCpuRawUser.0 = Counter32: 241897859 UCD-SNMP-MIB::ssCpuRawNice.0 = Counter32: 0 UCD-SNMP-MIB::ssCpuRawSystem.0 = Counter32: 225612717 UCD-SNMP-MIB::ssCpuRawIdle.0 = Counter32: 765671208 UCD-SNMP-MIB::ssCpuRawKernel.0 = Counter32: 157494473 [snip] Ideas? Is a bug in 6.1? or net-snmp or am I missing something? thanx - steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Port Not Available
Matthew Seaman wrote: Ummm... given that there's no 'rm' capability in this printcap I guess you must be using Samba to communicate with the remote windows printer. If so, then that printcap looks fine. Well, setting lp=/dev/null seems to cause some complaints, but that should just be cosmetic. I'd start looking for problems in the Samba setup. Can you use smbclient to connect to the printserver machine via Samba using the credentials you gave in the apsfilter setup? Does it show that you have access to the shared printer there? Double check the contents of /usr/local/etc/apsfilter/SETUP.cfg and the apsfilterrc files in that directory and it's sub-directories. Also, is there anything interesting in the log file /var/spool/lpd/lp/log ? Nothing other than this from the lpd-errs file produced when 'checkpc -fV' is run. lpd-errs: Aug 9 13:06:09 scorpio checkpc[6018]: lp: Checkwrite: fcntl F_SETFL of '/dev/null' failed - Inappropriate ioctl for device Aug 9 17:18:57 scorpio checkpc[14219]: lp: Checkwrite: fcntl F_SETFL of '/dev/null' failed - Inappropriate ioctl for device I can connect using smbclient without any problems. The problem is not there. The is just not connection with the print server, and that is what I cannot understand. I had the same problem with an install of 5.4. One day that message started being printed in the log and I could no longer print. I was forced to do a total reinstall of the OS. I really believe that the '/dev/null' thing is the key to this, but I do not have a clue how to go about fixing it. I have a bad feeling that I am going to have to do a total reinstall of the OS. With KDE, OpenOffice etc., that will take awhile. Unless you have a better idea Matthew, I will probably go that route this weekend. I do not need another over sized paper weight. -- Gerard Seibert [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Low-cost, FreeBSD-compatible notebook
Hello everyone. I am looking into buying a cheap notebook computer (sub $800, the cheaper the better). I have been playing around with FreeBSD for the last few months and have decided to make it my sole OS, so I really want a notebook that's as FreeBSD-compatible as possible. I know ThinkPad's the best for Linux (I would expect the same for FreeBSD), but as they are a little out of my price range ;) I was wondering if you guys had some other suggestions. Many thanks! J Kim - Do you Yahoo!? Everyone is raving about the all-new Yahoo! Mail Beta. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Removing boot options and setting boot only to BSD
On Wed, 9 Aug 2006 09:18:44 Viswas Nair wrote I have FBSD 6 and Win XP on my machine. I would like to remove the boot menu options that I get and set BSD to open default. How do I go about doing this ? I intend to use Win XP very rarely and hence would want to manually update the config files needed if I need to go to Win XP. Thanks. If you just replace the original boot program with the one that comes with BSD, then the new boot program will always present the previous choice as the default. Thus you get what you want, no manually updating the config files (whatever?) needed if you need to go to Win XP. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Low-cost, FreeBSD-compatible notebook
I am looking into buying a cheap notebook computer (sub $800, the cheaper the better). I have been playing around with FreeBSD for the last few months and have decided to make it my sole OS, so I really want a notebook that's as FreeBSD-compatible as possible. I know ThinkPad's the best for Linux (I would expect the same for FreeBSD), but as they are a little out of my price range ;) I was wondering if you guys had some other suggestions. http://www.cse.ucsc.edu/~dkulp/fbsd/laptop.html http://www.zapatec.com/freebsd/laptop/ -philip ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Low-cost, FreeBSD-compatible notebook
Thanks for the links, much appreciated. However, they seem a little outdated (I don't see any notebooks currently available via the manufacturer). You wouldn't happen to have anything more recent, would you? Thanks again. J Kim Philip Hallstrom [EMAIL PROTECTED] wrote: I am looking into buying a cheap notebook computer (sub $800, the cheaper the better). I have been playing around with FreeBSD for the last few months and have decided to make it my sole OS, so I really want a notebook that's as FreeBSD-compatible as possible. I know ThinkPad's the best for Linux (I would expect the same for FreeBSD), but as they are a little out of my price range ;) I was wondering if you guys had some other suggestions. http://www.cse.ucsc.edu/~dkulp/fbsd/laptop.html http://www.zapatec.com/freebsd/laptop/ -philip - Do you Yahoo!? Everyone is raving about the all-new Yahoo! Mail Beta. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: FreeBSD as a VPN Server/Router
The FreeBSD Handbook has a chapter on this: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html HTH. The only problem with IPSec is you need static IP addresses for the tunnelling mode (unless somebody knows something I don't, at which point I'd really like to hear about it!). OpenVPN is about as good as it gets stability wise, and can customised, hacked, and altered in any way you need. It can also use public key authentication. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Firefox amd mailto:
Hi All, I recently installed Firefox 1.5 on a FreeBSD 6.1 system. Mostly it seems to work fine with some apparent finickyness about odd character sets. Since it does not include Email, I also installed Thunderbird which works as its own standalone. But, when I am looking at a web page that has a 'mailto:' in a tag and I click on the link to send a message to whoever, nothing happens - presumably because there is no mail handler in Firefox. So, how, in FreeBSD 6.xxx do I deal with this? Can I make it call up something like a plugin or whatever to handle that mailto: Email item.I haven't found anything that looks like a configuration item for such as that. Thanks for any help you can give, jerry ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Firefox amd mailto:
Jerry McAllister wrote: Hi All, I recently installed Firefox 1.5 on a FreeBSD 6.1 system. Mostly it seems to work fine with some apparent finickyness about odd character sets. Since it does not include Email, I also installed Thunderbird which works as its own standalone. But, when I am looking at a web page that has a 'mailto:' in a tag and I click on the link to send a message to whoever, nothing happens - presumably because there is no mail handler in Firefox. So, how, in FreeBSD 6.xxx do I deal with this? Can I make it call up something like a plugin or whatever to handle that mailto: Email item.I haven't found anything that looks like a configuration item for such as that. Thanks for any help you can give, jerry use about:config in Firefox and set network.protocol-handler.app.mailto to /usr/X11R6/bin/thunderbird There are similar settings to get thunderbird to open http links in firefox. HTH, Micah ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Firefox amd mailto:
On Wed, 9 Aug 2006 18:53:04 -0400 (EDT) Jerry McAllister wrote: Hi All, I recently installed Firefox 1.5 on a FreeBSD 6.1 system. Mostly it seems to work fine with some apparent finickyness about odd character sets. Since it does not include Email, I also installed Thunderbird which works as its own standalone. But, when I am looking at a web page that has a 'mailto:' in a tag and I click on the link to send a message to whoever, nothing happens - presumably because there is no mail handler in Firefox. So, how, in FreeBSD 6.xxx do I deal with this? Can I make it call up something like a plugin or whatever to handle that mailto: Email item.I haven't found anything that looks like a configuration item for such as that. Thanks for any help you can give, Consider reading the following thread (it helped me with firefox+emacs): http://www.ubuntuforums.org/showthread.php?t=22333 WBR -- Boris Samorodov (bsam) Research Engineer, http://www.ipt.ru Telephone Internet SP FreeBSD committer, http://www.FreeBSD.org The Power To Serve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: FreeBSD as a VPN Server/Router
If OpenVPN seems like a bit much to tackle you could establish the link with an easy protocol like PPTP (PPTP can be added to pppd with the port /usr/ports/net/poptop) and then IPSec traffic traversing the link. Some even argue that this is a good idea because it's two layers of encryption (not to suggest that the PPTP encryption methods are a particular challenge to break), but they'll be a performance penalty to pay as well. Also, the load IPSec (or any encryption method for that matter) places on the encapsulating router is non-trivial, so be aware that if your hardware is a bit old you may get disappointing performance. I would suggest making the hardware at least current low end, or high end from a couple of years ago, to get the best performance. On side note, has anyone heard about the crypto lib for fast_ipsec and the Intel IPSec accelerated network cards (like the Pro 100/S)? I remember reading some time ago that there were, at the time, still issues getting the required info out of Intel to get the processor offloading working right. Is Intel still withholding the information? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Christopher Martin Sent: Thursday, 10 August 2006 8:42 AM To: FreeBSD Questions Mailing List (E-mail) Subject: RE: FreeBSD as a VPN Server/Router The FreeBSD Handbook has a chapter on this: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html HTH. The only problem with IPSec is you need static IP addresses for the tunnelling mode (unless somebody knows something I don't, at which point I'd really like to hear about it!). OpenVPN is about as good as it gets stability wise, and can customised, hacked, and altered in any way you need. It can also use public key authentication. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Firefox amd mailto:
Jerry McAllister wrote: Hi All, I recently installed Firefox 1.5 on a FreeBSD 6.1 system. Mostly it seems to work fine with some apparent finickyness about odd character sets. Since it does not include Email, I also installed Thunderbird which works as its own standalone. But, when I am looking at a web page that has a 'mailto:' in a tag and I click on the link to send a message to whoever, nothing happens - presumably because there is no mail handler in Firefox. So, how, in FreeBSD 6.xxx do I deal with this? Can I make it call up something like a plugin or whatever to handle that mailto: Email item.I haven't found anything that looks like a configuration item for such as that. Thanks for any help you can give, jerry use about:config in Firefox and set network.protocol-handler.app.mailto to /usr/X11R6/bin/thunderbird I guess I don't see where there is an 'about:config' I have pulled down every menu and don't see where anything looks like that. I also rummaged through the stuff in the .mozilla directory tree. Sorry if I am being dense, jerry There are similar settings to get thunderbird to open http links in firefox. HTH, Micah ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]