Re: nested labels
On 2006 Sep 28 , at 01:08, Jeffrey Katz wrote: Adam Martin's discussion of nested partitions was very enlightening and useful. A nice thing about the approach is that it can be used on a dangerously dedicated hard drive. Well, it merely takes advantage of GEOM. You can even nest GPTs, and other things inside of BSD labels, and vice versa. The most important thing to keep in mind is that every time that you create a new device from partitioning a device, GEOM allows you to install partitioning tables on them, and make more devices from those. As can be seen from my absurd case. That said, there are many good reasons to avoid over-partitioning a drive. Data can become more difficult to organize, as various filesystems have limited space, and start filling up at different rates. Also, failures in the sectors that contain the partitioning tables will cause you to have great difficulty in reconstructing data, in the event of disc failures. Don't over abuse nested partitions. I like to keep a paper copy of the actual sizes of all the entities in my partition tables, and their offsets, and mountpoints. At least once, this knowledge has helped me recover from serious disc failure. With the advent of half-terabyte, and larger drives, we're nearing the upper bounds of 32-bit bounded filesystems, and partitioning tables. GPTs are supposedly able to handle larger volumes than 2TB. Keep an eye on the freebsd large disc project: http://www.freebsd.org/projects/bigdisk/index.html Cheers, -- Adam David Alan Martin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Sync files locally?
Paul Schmehl wrote: --On Wednesday, September 27, 2006 17:04:39 -0500 Dan Nelson [EMAIL PROTECTED] wrote: You could use rsync to do this, but It'd probably be easier to get your remote rsync to drop the files in the right directory in the first place. Hmmm...maybe I don't fully understand rsync. The files are from a webserver and owned by www:www. The rsync runs under my account, so the perms are changed to mine. Maybe there's a switch with rsync that would allow me to sync directly? I'll poke around the man page. Thanks. 1) rsync changes behaviour depending on whether or not you include a trailing / from the man-page: rsync -av /src/foo /dest rsync -av /src/foo/ /dest/foo works the same way, (and sync locally in this example). Read the man page, there are lots of examples. 2) The options -t and -p preserve time and permissions respectively. Ownership will always change to the user running rsync unless you run as root. This has nothing to do with rsync, you can't run chown as an ordinary user. You can preserve the group if you're in that group on the destination host. 3) The files you are syncing - should they be writeable by www? For security, you may really want something like this: -rw-r- user:wwwfile and have user do the rsync. If you really need to have www write to the file, set group permissions +w. Personally, I have all my web-pages owned by me, and let apache access read-only. Log-files generated are owned by apache, but I don't back these up since they are continuously generated and rotated out. The config file is also only readable by apache, I don't want the risk of some exploit committing changes to the config file. It might be useful to have a separate dir where apache can store files with write permissions and owned by apache. But this depends on the web apps you deploy. IIRC to run rsync over ssh the user doing the syncing must have shell access, running your sync as root is not desirable, it MAY be preferred to have it run as www to preserve owner also, at least you can restrict access for www. Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
PortUpgrade multiple packages?
Is it safe to portupgrade several packages in parallel? Open several root consoles and do a portupgrade in each one at the same time? Bob ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: PortUpgrade multiple packages?
Bob wrote: Is it safe to portupgrade several packages in parallel? Open several root consoles and do a portupgrade in each one at the same time? That might cause problems if the programs have the same dependencies (fetch conflict or even worse, build conflict) However you can tell portupgrade to install more programs which is probably not really slower than running them parallel (smp etc is excluded from this assumption) -- Armin Pirkovitsch [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Can't log in a root from anywhere but the console screen.
I want to use a PC to telnet to the freeBSD server and login as root but it won't let me! Can you help? I can login as a normal user just not as root, I can't key in su to get in as superuser either. Jim. Jim Borland Unit 2 Wallace Studios 27 Wallace Avenue LisburnBT27 4AE mail: [EMAIL PROTECTED] www: www.meridiansystems.co.uk tel: +44 (0)28 9260 5060 fax: +44 (0)28 9264 0700 mob: This message contains confidential information and is intended only for [EMAIL PROTECTED] If you are not freebsd-questions@FreeBSD.org you should not disseminate, distribute or copy this e-mail. Please notify [EMAIL PROTECTED] immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. Jim Borland therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: PortUpgrade multiple packages?
On Thursday 28 September 2006 04:23, Armin Pirkovitsch wrote: That might cause problems if the programs have the same dependencies (fetch conflict or even worse, build conflict) Likely they do; Mozilla, Seamonkey, Opera, and Firefox. (all flagged in my security audit) Was hoping to do them all at once. (smp etc is excluded from this assumption) Yeah, running SMP, so cpu is not a problem. But bumping into deps may very well be. I have synched-up my ports tree, and have also done portupgrade -Fa so all the sources, as well as any deps are already here. However, I fear several packages may need the same dep, and all try to upgrade it at the same time would make a mess! I don't think portupgrade is smart enough to detect multiple upgrades, at least I have not seen any reference in the docs. Thanks! guess I will just so one a night, some of these are pretty BIG. Bob ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Can't log in a root from anywhere but the console screen.
Jim Borland wrote: I want to use a PC to telnet to the freeBSD server and login as root but it won't let me! Can you help? I can login as a normal user just not as root, I can't key in su to get in as superuser either. 1) Don't use telnet, use ssh, for security. 2) Are you in the wheel group? Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Downgrade from 6.2 PR to 6.1 RELEASE?
On 28/9/06 01:42, Ahmad Arafat Abdullah [EMAIL PROTECTED] wrote: - Original Message - From: Chris [EMAIL PROTECTED] To: FreeBSD Questions freebsd-questions@freebsd.org Subject: Downgrade from 6.2 PR to 6.1 RELEASE? Date: Wed, 27 Sep 2006 16:46:42 -0700 I felt I should ask this question before taking a drastic action. I built this new production system complete with jail (which I can recreate very quickly) and all was running perfectly under 6.2 PRERELEASE. I was planning taking a chance and going production (against common wisdom of running 6.2 PRERELEASE in production). Yesterday I decided to cvsup and rebuild one more time and discovered a glaring problem on this AMD64 Tyan s4882. It can't reboot with the reboot command or shutdown -r about 75% of the time, it hangs between the uptime output and where it states Rebooting, then requires a manual reset to get going again. This tells me I have to fall back or will create a nightmare for production use. Presuming I can live with certain driver issues on 6.1 RELEASE P6, are there any serious dangers or unique procedures in going backward, to RELENG_6_1 from RELENG_6 that suggest it would be better to just start from scratch? I've not fallen back from CURRENT to a RELEASE, this will be my first time. maybe u can give it a try, why not? same like my case, and it's weird.. when i upgraded my box to 6.2-PRERELEASE, something weird happens.. i can't login to my KDE ( my KDE is up and running ) using my user+pass, surprisingly i add one more user+pass and it's can logged in! Can you report that to [EMAIL PROTECTED] please? We're building 6.2-BETA2 this weekend and it would be nice to fix this before 6.2-RELEASE if it's a wider issue. Ceri -- That must be wonderful! I don't understand it at all. -- Moliere ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Can't log in a root from anywhere but the console screen.
Jim Borland Unit 2 Wallace Studios 27 Wallace Avenue LisburnBT27 4AE mail: [EMAIL PROTECTED] www: www.meridiansystems.co.uk tel: +44 (0)28 9260 5060 fax: +44 (0)28 9264 0700 mob: This message contains confidential information and is intended only for [EMAIL PROTECTED] If you are not freebsd-questions@FreeBSD.org you should not disseminate, distribute or copy this e-mail. Please notify [EMAIL PROTECTED] immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. Jim Borland therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. -Original Message- From: Erik Norgaard [mailto:[EMAIL PROTECTED] Sent: 28 September 2006 09:42 To: Jim Borland Cc: freebsd-questions@FreeBSD.org Subject: Re: Can't log in a root from anywhere but the console screen. Jim Borland wrote: I want to use a PC to telnet to the freeBSD server and login as root but it won't let me! Can you help? I can login as a normal user just not as root, I can't key in su to get in as superuser either. 1) Don't use telnet, use ssh, for security. 2) Are you in the wheel group? Erik suggested I use ssh, I've never used ssh before and when I do it says the connection has been refused. The root user is in the wheel group, I have a user called jim which is in a group called group he is able to login using telnet. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Does mpd (multi-link PPP daemon) support IPv6?
Hi, all: I want to know whether mpd (multi-link PPP daemon) could possibly support IPv6. When I want to establish a PPTP connection with a PPTP server running mpd, could I use IPv6CP instead of IPv4CP to set up the PPP? If it supports, how could I configure the related parameters in the configuration files? I could only find the ipcp syntax. Best regards, blue ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: pdf editor
How about PDFEdit? http://pdfedit.petricek.net/pdfedit.index_e Edward ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
OT General, RAID and Drives
Hi, This is just about the best mailing list that I'm subscribed to for this discussion, and I believe this was in some extend covered before (SCSI vs. SATA). I'm looking at getting some storage put together. At the moment, I have about 800GB of Fiber Channels in a JBOD configuration (Posted previously about this looking for Emulex Drivers in BSD). For interest sakes, it is running on Windows 2003 at the moment, as the only drivers I found are for Windows and Linux based systems - nothing for FreeBSD as far as Emulex goes. Now, let's talk about Disk IO *only*. I'm not too hecticly interested in transfer speeds, as even PATA has more than enough speed as far as my requirements go. The applications that I intent to run on the storage system however, will be MASSIVELY IO intensive. We're talking LARGE files ranging from 800MB to 50GB (per file), with various reads and writes inside the files. I am considering RAID3 for this with hot spares and the like. Now, given that someone can shed some light on the IO issues, I'm happy to get rid of all FC devices I have (3 x DAE's fully populated), and invest in SATA or SCSI (which will also be significantly cheaper). But, what kind of IO can you expect from SATA on RAID3? FC (which I have now), performs VERY well even with software RAID5 as far as Disk IO goes. From experience working with SCSI arrays, I know that SCSI is also a pretty good choice for Disk IO. SCSI is still however a tad expensive. Given a good PCIe 64bit SATA controller. What can be expected as far as Disk IO goes??? Will I be safe in presuming that I will get reasonable (and with that I mean, something that can be comparable to FC) IO out of such a system? If we're looking at 3TB arrays spanned over 7 or more disks, will it perform? The costs of SATA is also much less than SCSI or FC, but the MTBF for SATA seems to be something that is very much questioned in systems like this. Given the cost factor of SATA vs FC, replacing disks on SATA seems to be small change in comparison of what HBAs, FC Drives, and the link costs - so that is also a risk I'm willing to take. Google is giving me very little results as far as performance goes when comparing FC vs. SATA however. Anyone *please* some information on this??? Thanks allot, Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ACPI on Install Problem
Me again. :-( After we'd realised that we were hitting our heads off the wall, and that the answer was in the mount points, we rushed upstairs to get an install underway. First diskette in ... second diskette then it asked for the boot diskette again (boot.flp). Guess what happens then... loading required module 'pci' [ spinning baton for five minutes ] Then we get to the menu with the little FreeBSD demon, and we hit ENTER to take a default install. ACPI autoload failed - no such file or directory And the machine hangs. Just like our heads ... in despair. :-( D. - Découvrez un nouveau moyen de poser toutes vos questions quelque soit le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions et vos expériences. Cliquez ici. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
growfs HELP
Hi everyone, First of all, glad to still be running FBSD after all these years. I tried following some docs I found online in order to make my /usr partition bigger and made it all the way to growfs -s, which is where I got stuck. First of all, here was my original dilema, what I did, then a descript of where I am regarding growfs problem. System (aka firewall): Pentium60 40M RAM 2 NICS, running FBSD4.5-stable (a great firewall running 24/7 since OCT 2000.) I tried to upgrade (make buildword make installworld to 4.11-stable).. I made the new world and installed the new kernel but not quite enough space to do the last steps (mergemaster and then installworld). So I built a spare box, and installed FBSD on it. I put the hard drive from the firewall as secondary master, and a larger drive as secondary slave. * I ran dd and imaged the old drive onto the new drive old drive seagate 1.2gb new drive quantum 4.3gb * I put the new drive into the old faithful P60 (firewall). It boots up fine running 4.11-p22 and is currently online as my firewall. What is left to do: Finish the 4.11 install which ended on make kernel KERNCONF=CUSTOMKERN.. I just need to mergemaster then installworld as single user. Obviously, /usr partition (/dev/ad0s1f) is basically full w/ 8.6MB free. ** soo.. I did some fdisk magic and got stuck on the growfs (final step) in order to growfs /usr fdisk reports my 1 partition @ full size of disk but no idea how to properly use growfs. Here is what I have: cylinders=8895 heads=15 sectors/track=63 (945blks/cyl) media sector size 512 partition 1 sysid 165, start 63, size 8405712 (4104 Meg), flag 80 (active) beg: cyl 0/head 1 / sector 1 end: cyl 1023 / head 14 / sector 63 basically I need help filling in the following blank (/dev/ad0s1f == /usr slice) # growfs -s __ /dev/ad0s1f as shown above, fdisk sees the correct geometry as 4104MB partition but /stand/sysinstall disklabel editor sees ad0s1 as 2888MB, which is the amount of space I thought I was to be adding to /usr via growfs. Currently, my /usr slice is 975MB and really needs to grow. :) Please let me know what other info I can provide that will help you help me solve this problem. I have read man growfs and some docs online, however, I'm stuck and dont know exactly how to resolve the problem. Much thanks, Kris _ Find a local pizza place, music store, museum and more then map the best route! http://local.live.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Out of Office Auto Reply:
I will be travelling from 28th to 30th September. I will have limited access to mail during this period. Please expect a delay in response to the mails. Thanks -Prasanth Sekharan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Can't log in a root from anywhere but the console screen.
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jim Borland Sent: Thursday, September 28, 2006 4:22 AM To: freebsd-questions@FreeBSD.org Subject: RE: Can't log in a root from anywhere but the console screen. Jim Borland Unit 2 Wallace Studios 27 Wallace Avenue LisburnBT27 4AE mail: [EMAIL PROTECTED] www: www.meridiansystems.co.uk tel: +44 (0)28 9260 5060 fax: +44 (0)28 9264 0700 mob: -Original Message- From: Erik Norgaard [mailto:[EMAIL PROTECTED] Sent: 28 September 2006 09:42 To: Jim Borland Cc: freebsd-questions@FreeBSD.org Subject: Re: Can't log in a root from anywhere but the console screen. Jim Borland wrote: I want to use a PC to telnet to the freeBSD server and login as root but it won't let me! Can you help? I can login as a normal user just not as root, I can't key in su to get in as superuser either. 1) Don't use telnet, use ssh, for security. 2) Are you in the wheel group? Erik suggested I use ssh, I've never used ssh before and when I do it says the connection has been refused. The root user is in the wheel group, I have a user called jim which is in a group called group he is able to login using telnet. The best thing to do is to add the user jim to the wheel group, then you should be able to login as him over ssh, then su to superuser, and do virtually everything root can do. It is considered a security risk to allow root access to ssh. But it's your server. So if you want root to be able to login despite my warning. Edit /etc/ssh/sshd_config and find #PermitRootLogin no, remove the hash, and change the no to yes ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Creating New Users over Telnet/SSH
On Wednesday 27 September 2006 18:10, John Cruz wrote: Nikos Vassiliadis wrote: On Tuesday 26 September 2006 18:29, Derek Ragona wrote: [snip] No, you can force a default shell without modifications. Check out login.conf(5) and shell variable. However, the original post implies little FreeBSD experience. Why do you want to automate such a procedure? You said it's going to be for a networking class, that is a limited a number of users, right? sdf is a public access Unix system and has to do this automatically, you don't have to. [EMAIL PROTECTED] is a seasoned administrator, who has tampered the OS in a number of ways. Just my 2 cents, Nikos That's basically what I was asking, could this be something easily done with a script that could be a fun learning experience, or would it require major OS customization and wouldn't be worth the time or trouble. Thanks for your input, Nikos. It's not very difficult to do. I would suggest starting your scripting adventures from something else. Something that will not have to do with system administration or something that will not be executed by unknown users with superuser power. Perhaps you can keep the script to yourself 'till you feel it's read for production use. You can write the script and then try to break it with invalid input... Once you would have learned where/how it breaks, you will be able to correct it. Start your reading from the sh manual page... HTH, Nikos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Can't log in a root from anywhere but the console screen.
On Thu, Sep 28, 2006 at 07:22:23AM -0500, Dustin Coates wrote: -Original Message- From: Erik Norgaard [mailto:[EMAIL PROTECTED] Sent: 28 September 2006 09:42 To: Jim Borland Cc: freebsd-questions@FreeBSD.org Subject: Re: Can't log in a root from anywhere but the console screen. Jim Borland wrote: I want to use a PC to telnet to the freeBSD server and login as root but it won't let me! Can you help? I can login as a normal user just not as root, I can't key in su to get in as superuser either. 1) Don't use telnet, use ssh, for security. 2) Are you in the wheel group? Erik suggested I use ssh, I've never used ssh before and when I do it says the connection has been refused. The root user is in the wheel group, I have a user called jim which is in a group called group he is able to login using telnet. The best thing to do is to add the user jim to the wheel group, then you should be able to login as him over ssh, then su to superuser, and do virtually everything root can do. It is considered a security risk to allow root access to ssh. But it's your server. So if you want root to be able to login despite my warning. Edit /etc/ssh/sshd_config and find #PermitRootLogin no, remove the hash, and change the no to yes First, sshd is not running, that is why the connection has been refused messages is being seen. put sshd_enable=yes in /etc/rc.conf. Look at /etc/defaults/rc.conf, it is your friend, and any daemon that you want to run, must have xyz_enable=yes in the /etc/rc.conf, if it conforms to the current FreeBSD mores. Also, as suggested above, add jim to the wheel group, this will allow you to su to root. Take a look at the http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ google and the above document, will answer a lot of your questions. I Can't say in strong enough terms, how Bad and idea it is to have root allowed for ssh, or even worse, to use telnet, especially over the Internet. Good luck, FreeBSD is how we've run our servers for years, and have been solid work horses. A.G. -- ___ A.G. Russell IV KC5KFDThe Knife Company e-mail: [EMAIL PROTECTED] Phone 479-631-0055 FAX 479-631-8734 Old Klingon Saying -- 'oH majQa' yIn je bang, Qo' bang --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Does mpd (multi-link PPP daemon) support IPv6?
I want to know whether mpd (multi-link PPP daemon) could possibly support IPv6. When I want to establish a PPTP connection with a PPTP server running mpd, could I use IPv6CP instead of IPv4CP to set up the PPP? If it supports, how could I configure the related parameters in the configuration files? I could only find the ipcp syntax. I run mpd and I did a simple `grep -i ipv6 /usr/local/share/doc/mpd/*`. It came up with nothing. No mention of IPv6 in the mpd(8) man page either. Try to contact the project admins, they probably know more then us on this topic. Get their email at http://sourceforge.net/projects/mpd Cheers, David -- David Robillard UNIX systems administrator Oracle DBA CISSP, RHCE Sun Certified Security Administrator Montreal: +1 514 966 0122 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Reading .pub's
Hello. Anything in the port tree can read MsPublisher files? bye Thanks av. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Fw: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-06:23.openssl
Can anyone define exceptionally large as noted in this statement?: NOTE ALSO: The above patch reduces the functionality of libcrypto(3) by prohibiting the use of exceptionally large public keys. It is believed that no existing applications legitimately use such key lengths as would be affected by this change. It would be nice if exceptionally large were replaced with keys in excess of x bits in size or something. I don't expect that this will affect me, but ambiguous statements like that make me uncomfortable. Begin forwarded message: Date: Thu, 28 Sep 2006 13:13:53 GMT From: FreeBSD Security Advisories [EMAIL PROTECTED] To: FreeBSD Security Advisories [EMAIL PROTECTED] Cc: Subject: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-06:23.openssl -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 = FreeBSD-SA-06:23.opensslSecurity Advisory The FreeBSD Project Topic: Multiple problems in crypto(3) Category: contrib Module: openssl Announced: 2006-09-28 Credits:Dr S N Henson, Tavis Ormandy, Will Drewry Affects:All FreeBSD releases. Corrected: 2006-09-28 13:02:37 UTC (RELENG_6, 6.1-PRERELEASE) 2006-09-28 13:03:14 UTC (RELENG_6_1, 6.1-RELEASE-p8) 2006-09-28 13:03:41 UTC (RELENG_6_0, 6.0-RELEASE-p13) 2006-09-28 13:03:57 UTC (RELENG_5, 5.5-STABLE) 2006-09-28 13:04:16 UTC (RELENG_5_5, 5.5-RELEASE-p6) 2006-09-28 13:04:47 UTC (RELENG_5_4, 5.4-RELEASE-p20) 2006-09-28 13:05:08 UTC (RELENG_5_3, 5.3-RELEASE-p35) 2006-09-28 13:05:59 UTC (RELENG_4, 4.11-STABLE) 2006-09-28 13:06:23 UTC (RELENG_4_11, 4.11-RELEASE-p23) CVE Name: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-4343 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit URL:http://security.FreeBSD.org/. I. Background FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. II. Problem Description Several problems have been found in OpenSSL: 1. During the parsing of certain invalid ASN1 structures an error condition is mishandled, possibly resulting in an infinite loop. [CVE-2006-2937] 2. A buffer overflow exists in the SSL_get_shared_ciphers function. [CVE-2006-3738] 3. A NULL pointer may be dereferenced in the SSL version 2 client code. [CVE-2006-4343] In addition, many applications using OpenSSL do not perform any validation of the lengths of public keys being used. [CVE-2006-2940] III. Impact Servers which parse ASN1 data from untrusted sources may be vulnerable to a denial of service attack. [CVE-2006-2937] An attacker accessing a server which uses SSL version 2 may be able to execute arbitrary code with the privileges of that server. [CVE-2006-3738] A malicious SSL server can cause clients connecting using SSL version 2 to crash. [CVE-2006-4343] Applications which perform public key operations using untrusted keys may be vulnerable to a denial of service attack. [CVE-2006-2940] IV. Workaround No workaround is available, but not all of the vulnerabilities mentioned affect all applications. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 4-STABLE, 5-STABLE, or 6-STABLE, or to the RELENG_6_1, RELENG_6_0, RELENG_5_5, RELENG_5_4, RELENG_5_3, or RELENG_4_11 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 4.11, 5.3, 5.4, 5.5, 6.0, and 6.1 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-06:23/openssl.patch # fetch http://security.FreeBSD.org/patches/SA-06:23/openssl.patch.asc b) Execute the following commands as root: # cd /usr/src # patch /path/to/patch c) Recompile the operating system as described in URL: http://www.freebsd.org/handbook/makeworld.html and reboot the system. NOTE: Any third-party applications, including those installed from the FreeBSD ports collection, which are statically linked to libcrypto(3) should be recompiled in order to use the corrected code. NOTE ALSO: The above patch reduces the functionality of libcrypto(3) by prohibiting the use of exceptionally large public keys. It is believed that no existing applications legitimately use such key lengths as would be affected by this change. VI.
Re: Reading .pub's
In response to Andrea Venturoli [EMAIL PROTECTED]: Hello. Anything in the port tree can read MsPublisher files? Have you looked at Scribus? I don't know for a fact that it can use MSPub files, but it's probably the best thing to check. -- Bill Moran Collaborative Fusion Inc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Fw: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-06:23.openssl
Bill Moran wrote: Can anyone define exceptionally large as noted in this statement?: NOTE ALSO: The above patch reduces the functionality of libcrypto(3) by prohibiting the use of exceptionally large public keys. It is believed that no existing applications legitimately use such key lengths as would be affected by this change. It would be nice if exceptionally large were replaced with keys in excess of x bits in size or something. I don't expect that this will affect me, but ambiguous statements like that make me uncomfortable. DH and DSA are limited to 1 bits. RSA is limited to 16400 or 4112 bits depending upon whether the public exponent is less or more than 72 bits. I wouldn't have allowed this change into the security branches if I was not very very confident that no applications would be affected by this. Colin Percival ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Fw: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-06:23.openssl
In response to Colin Percival [EMAIL PROTECTED]: Bill Moran wrote: Can anyone define exceptionally large as noted in this statement?: NOTE ALSO: The above patch reduces the functionality of libcrypto(3) by prohibiting the use of exceptionally large public keys. It is believed that no existing applications legitimately use such key lengths as would be affected by this change. It would be nice if exceptionally large were replaced with keys in excess of x bits in size or something. I don't expect that this will affect me, but ambiguous statements like that make me uncomfortable. DH and DSA are limited to 1 bits. RSA is limited to 16400 or 4112 bits depending upon whether the public exponent is less or more than 72 bits. I wouldn't have allowed this change into the security branches if I was not very very confident that no applications would be affected by this. Colin Percival I'm not questioning your ability to make these decisions, Colin. Far, far from it. I'm the type that is made uncomfortable by any statement that reads _anything_ like don't worry, we've taken care of it. Take that email as two separate statements: 1) I'm curious as to exactly how big exceptionally large is. 2) I think this security advisory could be improved by including the answer to #1. Thanks for the quick response, and all the work you do. -- Bill Moran Collaborative Fusion Inc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need help, some thing goes with wrong with Bridge-networking
steven [EMAIL PROTECTED] writes: Dear Sir: Those days i tried build an in-line firewall, I take freebsd as a good operation system because it is safety and stabilty, but i came with trouble when i follow the handbook to bridge the two Ethernet Card, the book(http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-bridging.html) says that i should recomplie the kernel to add options BRIDGE into it, however, after compiling the new kernel, typing comamds including sysctl -w net.link.ether.bridge.enable=1,sysctl -w net.link.ether.bridge.config=rl0,rl1, the bridge seems out of working, and my fressbsd system version is 6.1, those two network card is not assign any static ipv4 address, Can you tell me why it comes intn that, dieing to hrear from your answer, and i'm appriciate for it. A bridge does not necessarily have to have an IP address. For us to help you, you will need to be more specific about what you are trying and what you want to have happen. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Replace worksation, now can't ssh to older machine
stan [EMAIL PROTECTED] writes: My trusty lon suffering FreeBSD workstation at work died (hardware), and I am in the process of replacig it. The current iss I have is that I have several older HP-UX achines that I need to be able to ssh to. I can't remeber exactly how I set these machines up (it was years agao), but they seem to have some restrictions as to what machines can ssh to them. I can't sem to get the new FreeBSD machine to be accepted by them. The are running: OpenSSH_2.5.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090600f I added the id_rsa.pub and identity.pub lines to the ~/.ssh/authorized_keys file on one of the HP-UX machines, but when Itry to conect with verbose mode urned on, I get: ssh -v phse6 OpenSSH_4.2p1 FreeBSD-20050903, OpenSSL 0.9.7e-p1 25 Oct 2004 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Connecting to phse6.meadwestvaco.com [170.85.106.131] port 22. debug1: Connection established. debug1: identity file /home/stan/.ssh/identity type 0 debug1: identity file /home/stan/.ssh/id_rsa type 1 debug1: identity file /home/stan/.ssh/id_dsa type -1 debug1: Remote protocol version 1.99, remote software version OpenSSH_2.5.1p1 debug1: match: OpenSSH_2.5.1p1 pat OpenSSH_2.5.0p1*,OpenSSH_2.5.1p1* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.2p1 FreeBSD-20050903 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server-client 3des-cbc hmac-md5 none debug1: kex: client-server 3des-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST_OLD(2048) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'phse6.meadwestvaco.com' is known and matches the DSA host key. debug1: Found key in /home/stan/.ssh/known_hosts:195 debug1: ssh_dss_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Next authentication method: publickey debug1: Offering public key: /home/stan/.ssh/id_rsa debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Trying private key: /home/stan/.ssh/id_dsa debug1: Next authentication method: keyboard-interactive debug1: Authentications that can continue: publickey,keyboard-interactive debug1: No more authentication methods to try. Permission denied (publickey,keyboard-interactive). Any sugestionsas to what to check next? Turn on verbose mode on the servers, and see what they think. They're the ones that are unhappy with the authentication, so they're the ones you should look at for why the RSA key isn't being accepted. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: PortUpgrade multiple packages?
Bob [EMAIL PROTECTED] writes: On Thursday 28 September 2006 04:23, Armin Pirkovitsch wrote: That might cause problems if the programs have the same dependencies (fetch conflict or even worse, build conflict) Likely they do; Mozilla, Seamonkey, Opera, and Firefox. (all flagged in my security audit) Was hoping to do them all at once. (smp etc is excluded from this assumption) Yeah, running SMP, so cpu is not a problem. But bumping into deps may very well be. I have synched-up my ports tree, and have also done portupgrade -Fa so all the sources, as well as any deps are already here. However, I fear several packages may need the same dep, and all try to upgrade it at the same time would make a mess! I don't think portupgrade is smart enough to detect multiple upgrades, at least I have not seen any reference in the docs. Thanks! guess I will just so one a night, some of these are pretty BIG. You could look over the dependencies and figure out the conflicts by hand. One way to do that would be to use portupgrade -n on the different major packages, and compare the results. Or maybe sysutils/gpkgdep would be easier for you to figure out the overlaps from... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: LVM support in FreeBSD
On Thu, Sep 07, 2006 at 03:37:28PM +0100, Jeff Rollin wrote: Thanks for the pointers. As an aside, are you worried about the legality of VMWare images in VMPlayer? I don't think they're an issue (at least with You can freely download VMware server from VMWare. ... no FreeBSD port :-( ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Kopete MSN + Cam
Warren Liddell wrote: Is or will there ever be support to allow the viewing of Webcams from others or is it simply not possible ? Webcam support still isn't fully functional in any of the opensource projects I think; gaim is the closest to getting a working prototype though, through the gaim-vv subproject. IIRC, the author of Kopete is helping out, so the MSN webcam functionality might become available in Kopete sometime in the near future. -Garrett ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: growfs HELP
On Thu, Sep 28, 2006 at 03:26:27AM -0500, Kristopher Yates wrote: Hi everyone, First of all, glad to still be running FBSD after all these years. I tried following some docs I found online in order to make my /usr partition bigger and made it all the way to growfs -s, which is where I got stuck. First of all, here was my original dilema, what I did, then a descript of where I am regarding growfs problem. System (aka firewall): Pentium60 40M RAM 2 NICS, running FBSD4.5-stable (a great firewall running 24/7 since OCT 2000.) I tried to upgrade (make buildword make installworld to 4.11-stable).. I made the new world and installed the new kernel but not quite enough space to do the last steps (mergemaster and then installworld). So I built a spare box, and installed FBSD on it. I put the hard drive from the firewall as secondary master, and a larger drive as secondary slave. * I ran dd and imaged the old drive onto the new drive old drive seagate 1.2gb new drive quantum 4.3gb * I put the new drive into the old faithful P60 (firewall). It boots up fine running 4.11-p22 and is currently online as my firewall. What is left to do: Finish the 4.11 install which ended on make kernel KERNCONF=CUSTOMKERN.. I just need to mergemaster then installworld as single user. Obviously, /usr partition (/dev/ad0s1f) is basically full w/ 8.6MB free. ** soo.. I did some fdisk magic and got stuck on the growfs (final step) in order to growfs /usr fdisk reports my 1 partition @ full size of disk but no idea how to properly use growfs. To use growfs you must have space in the slice contiguous with the partition you want to increase in size. It cannot just grow anywhere. You really did not want to move things using dd. You really wanted to build the new file systems to the sizes you want on the new disk and then use dump/restore to to the new partitions. First, fdisk the new disk and put the MBR on it and create your one slice on it and flag that as bootable. Then, use disklabel (in 4.xxx, bsd label in later versions of FreeBSD) to create your slices and also make it write out the boot sector. There is a block of examples in the disklabel/bsdlabel man page that tells how to use dd to make sure a drive is clean and then fdisk to make one slice with MBR and finally two disklabels to create the bootable partition and then to edit the partition table for all the partitions. That group of commands is just what you need. Then, do a newfs on each partition created (except swap) and then make a mount point for them. Mount the 'a' partition on something like '/newroot' for example and then run dump/restore to copy root cd /newroot dump 0af - / | restore -rf - Do the same dump/restore thing for each of the partitions/filesystems. Make sure you cd in to the base of each mounted new filesystem before doing the dump/restore and replace the '/' in the dump to be each filesystem - for example, for /usr, make a /newusr mountpoint mount it and then cd to /newusr and do 'dump 0af - /usr | restore -rf -' When you get done, you will have a fully useable, bootable copy of your machine on the new disk. Move the new disk to the primary boot position in your boot chain and start it up. By the way, those are pretty small drives. I don't see any on the market nowdays less that 18 GB and more likely larger. Maybe you need some new hardware. jerry Here is what I have: cylinders=8895 heads=15 sectors/track=63 (945blks/cyl) media sector size 512 partition 1 sysid 165, start 63, size 8405712 (4104 Meg), flag 80 (active) beg: cyl 0/head 1 / sector 1 end: cyl 1023 / head 14 / sector 63 basically I need help filling in the following blank (/dev/ad0s1f == /usr slice) # growfs -s __ /dev/ad0s1f as shown above, fdisk sees the correct geometry as 4104MB partition but /stand/sysinstall disklabel editor sees ad0s1 as 2888MB, which is the amount of space I thought I was to be adding to /usr via growfs. Currently, my /usr slice is 975MB and really needs to grow. :) Please let me know what other info I can provide that will help you help me solve this problem. I have read man growfs and some docs online, however, I'm stuck and dont know exactly how to resolve the problem. Much thanks, Kris _ Find a local pizza place, music store, museum and more?then map the best route! http://local.live.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
denyhosts problems
I'm trying to get denyhosts-2.5 to work in 6.0 and have inserted a line in hosts.allow ALL: xxx.myoffice.com : allow sshd: /etc/hosts.deniedssh : deny ALL: ALL : allow but am finding that this causes my home ip to be denied even though I log in with a pre-shared key. The /etc/hosts.deniedssh file is being created, but my home ip is not present (it would be hard as I have a dynamically allocated one anyhow). The hosts.deniedssh file contains entries like ... ALL: 61.219.xx.250 : deny ALL: 209.8.xx.242 : deny ... I am getting an error in the auth log related to the denial that looks like this /etc/hosts.allow, line 24: can't verify hostname: getaddrinfo(xxx-yyy-.., AF_INET) where /etc/hosts.allow line24 corresponds to the sshd: /etc/hosts.deniedssh : deny line in hosts.allow. I have the same setup in 6.1 and it seems to work. But I still see messages related to line 24 from that setup. Does denyhosts work properly? -- Robin Becker ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Kopete MSN + Cam
2006/9/28, Garrett Cooper [EMAIL PROTECTED]: Warren Liddell wrote: Is or will there ever be support to allow the viewing of Webcams from others or is it simply not possible ? Webcam support still isn't fully functional in any of the opensource projects I think; gaim is the closest to getting a working prototype though, through the gaim-vv subproject. IIRC, the author of Kopete is helping out, so the MSN webcam functionality might become available in Kopete sometime in the near future. -Garrett There is an MSN Messenger clone for Linux. I haven't used it but I think it seems to be good. I will try it shortly. You can read further and download from the project's homepage at http://amsn.sourceforge.net/ Don't forget to enable linux compatibility in /etc/rc.conf from linux_enable=NO to linux_enable=YES Pls notify me if it's working -- Regards, [Hunor] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
moused insists on starting
6.1. Moused starts on boot, and issuing /etc/rc.d/moused stop has not effect. My /etc/rc.conf has the line: moused_enable=NO yet the damn thing starts. -- Bill Moran Collaborative Fusion Inc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Thread libraries and Perl
I use a Perl program that uses GTK2 for its display. This means that it uses the p5-Gtk2 port. Many GTK2 routines are threaded, and when they are called, the rtld fails to resolve the symbol pthread_getschedparam and the program exists. I know that normally the inclusion of the threading libraries is done at compile time for the main code which will be using threading routines in libraries to which it is linked, but Perl is not compiled and, if I don't do something to pull libpthread into the process, such as using LD_PRELOAD, I will get the error. My question is, what is the best way to do this? Should the Perl bindings to the threaded libraries do it? (In this case, p5-Gtk2) or is there a better way. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: [EMAIL PROTECTED] Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751 pgprVUKjrQe3n.pgp Description: PGP signature
Re: moused insists on starting
On Thursday 28 September 2006 14:08, Bill Moran wrote: 6.1. Moused starts on boot, and issuing /etc/rc.d/moused stop has not effect. My /etc/rc.conf has the line: moused_enable=NO yet the damn thing starts. Assuming you have a USB mouse, this is controlled by /etc/devd.conf (or /etc/usbd.conf in older releases). Comment out or modify the ums/moused entry to suit your preferences. JN ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: moused insists on starting
In response to John Nielsen [EMAIL PROTECTED]: On Thursday 28 September 2006 14:08, Bill Moran wrote: 6.1. Moused starts on boot, and issuing /etc/rc.d/moused stop has not effect. My /etc/rc.conf has the line: moused_enable=NO yet the damn thing starts. Assuming you have a USB mouse, this is controlled by /etc/devd.conf (or /etc/usbd.conf in older releases). Comment out or modify the ums/moused entry to suit your preferences. Huh. I hate to be a whiner, but shouldn't this respect the moused_enable setting in rc.conf? I find this a violation of POLA. -- Bill Moran Collaborative Fusion Inc. IMPORTANT: This message contains confidential information and is intended only for the individual named. If the reader of this message is not an intended recipient (or the individual responsible for the delivery of this message to an intended recipient), please be advised that any re-use, dissemination, distribution or copying of this message is prohibited. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: moused insists on starting
On 9/28/06, Bill Moran [EMAIL PROTECTED] wrote: 6.1. Moused starts on boot, and issuing /etc/rc.d/moused stop has not effect. My /etc/rc.conf has the line: moused_enable=NO yet the damn thing starts. USB mouse? Becuase those seem to be handled automagically somewhere by usbd. usbd.conf(5) gives an ensample of how to make usbd attach a mouse, but there does not seem to be a simple counterexample, and it happens without such lines in any case, it would seem. From a quick grep, it would appear that apmd has a provision for starting moused, as with devd. -- -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: moused insists on starting
Bill Moran wrote: [ ... ] I hate to be a whiner, but shouldn't this respect the moused_enable setting in rc.conf? I find this a violation of POLA. I would agree that a USB mouse should respect moused_enable; I gather this means the USB daemon needs to become smarter... -- -Chuck PS: Is there any chance you can not use the 16-line .sig disclaimer...? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: moused insists on starting
In response to Chuck Swiger [EMAIL PROTECTED]: PS: Is there any chance you can not use the 16-line .sig disclaimer...? Yes. I usually take the time to manually delete it when it doesn't apply, but (like any manual process) I sometimes forget. -- Bill Moran Collaborative Fusion Inc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: growfs HELP
Anyone else have any suggestions? I was thinking I could rewrite my partition table to what it was originally, then growfs using the empty partionable space.. but I dont exactly know how. I just had some docs I found online (URL is below). Before I did fdisk -s, the 2.888GB was an empty partition of the drive where I could have created a new partition.. but instead I did fdisk to merge it all into the same partition. The docs I read said to do that, then growfs.. I just didnt understand the vague explanation of doing the math to determine the correct number of sectors to pass to growfs. The docs I was using: http://ezine.daemonnews.org/200111/growfs.html I know it is possible without doing all that you suggested. It should be a matter of just executing growfs properly and I'm done. Otherwise, it would be easier to just do a fresh install than to do all that you suggested. Makes sense to me. I'd rather not have to reinstall. My idea was to post here and get a better understanding, growfs and be done with it. I didnt expect comments from the peanut gallery; ie. By the way, those are pretty small drives. I don't see any on the market nowdays less that 18 GB and more likely larger. Maybe you need some new hardware. ///jerry Not everyone has a kush job at the SCNC working with universities. A) Why does a box that is just running NATD and portsentry need an 18GB hard drive and a faster processor? B) Maybe you need to give me some money so that I may afford to build the fancy firewall/gateway that you suggest. I almost appreciate your reply but found your final remark to be rather condescending. My hardware is fine. It works and its all I have. This firewall box has been online 24/7 since 1998 running FBSD just fine. Blow the dust out once a year and keep on trucking. Michigan has the 2nd worst economy in the US. I would think you would be more understanding of my situation. Unfortunately, you have proven me wrong. Thanks to the FREEBSD community for continuing to be the leader in backward-compatible support for old hardware. Long live the Pentium 60 and the 640 ATA controller! ;) Cheers, Kris From: Jerry McAllister [EMAIL PROTECTED] To: Kristopher Yates [EMAIL PROTECTED] CC: freebsd-questions@freebsd.org Subject: Re: growfs HELP Date: Thu, 28 Sep 2006 11:45:37 -0400 On Thu, Sep 28, 2006 at 03:26:27AM -0500, Kristopher Yates wrote: Hi everyone, First of all, glad to still be running FBSD after all these years. I tried following some docs I found online in order to make my /usr partition bigger and made it all the way to growfs -s, which is where I got stuck. First of all, here was my original dilema, what I did, then a descript of where I am regarding growfs problem. System (aka firewall): Pentium60 40M RAM 2 NICS, running FBSD4.5-stable (a great firewall running 24/7 since OCT 2000.) I tried to upgrade (make buildword make installworld to 4.11-stable).. I made the new world and installed the new kernel but not quite enough space to do the last steps (mergemaster and then installworld). So I built a spare box, and installed FBSD on it. I put the hard drive from the firewall as secondary master, and a larger drive as secondary slave. * I ran dd and imaged the old drive onto the new drive old drive seagate 1.2gb new drive quantum 4.3gb * I put the new drive into the old faithful P60 (firewall). It boots up fine running 4.11-p22 and is currently online as my firewall. What is left to do: Finish the 4.11 install which ended on make kernel KERNCONF=CUSTOMKERN.. I just need to mergemaster then installworld as single user. Obviously, /usr partition (/dev/ad0s1f) is basically full w/ 8.6MB free. ** soo.. I did some fdisk magic and got stuck on the growfs (final step) in order to growfs /usr fdisk reports my 1 partition @ full size of disk but no idea how to properly use growfs. To use growfs you must have space in the slice contiguous with the partition you want to increase in size. It cannot just grow anywhere. You really did not want to move things using dd. You really wanted to build the new file systems to the sizes you want on the new disk and then use dump/restore to to the new partitions. First, fdisk the new disk and put the MBR on it and create your one slice on it and flag that as bootable. Then, use disklabel (in 4.xxx, bsd label in later versions of FreeBSD) to create your slices and also make it write out the boot sector. There is a block of examples in the disklabel/bsdlabel man page that tells how to use dd to make sure a drive is clean and then fdisk to make one slice with MBR and finally two disklabels to create the bootable partition and then to edit the partition table for all the partitions. That group of commands is just what you need. Then, do a newfs on each partition created (except swap) and then make a mount point for them. Mount the 'a' partition on
Re: denyhosts problems
On Thu, Sep 28, 2006 at 05:22:43PM +0100, Robin Becker wrote: I'm trying to get denyhosts-2.5 to work in 6.0 and have inserted a line in hosts.allow ALL: xxx.myoffice.com : allow sshd: /etc/hosts.deniedssh : deny ALL: ALL : allow but am finding that this causes my home ip to be denied even though I log in with a pre-shared key. sshd will still avail itself of libwrap's functionality /before/ the client even has a chance to offer its key. Anyone who manages to get a copy of your key will need also to satisfy your /etc/hosts.allow rules before they can use it. The /etc/hosts.deniedssh file is being created, but my home ip is not present (it would be hard as I have a dynamically allocated one anyhow). The hosts.deniedssh file contains entries like ... ALL: 61.219.xx.250 : deny ALL: 209.8.xx.242 : deny ... This is wrong - when using an auxiliary file like this, that file should contain only the IP address of offending hosts. If you think about how hosts.allow rules are structured, this will make sense. I am getting an error in the auth log related to the denial that looks like this /etc/hosts.allow, line 24: can't verify hostname: getaddrinfo(xxx-yyy-.., AF_INET) where /etc/hosts.allow line24 corresponds to the sshd: /etc/hosts.deniedssh : deny line in hosts.allow. Indeed. It is precisely that rule that is uncovering the problems with your current configuration. Look at the structure of the rules. First, you have the service name, a colon, an address specification, another colon, and an action. (this is actually a bit of an over simplification, but you can get the full story if you look at hosts_access(5)) If the address specification actually contains the path to a file, the contents of that file are interpolated into the body of the rule. So, in your case, what libwrap constructs will look something like ALL : ALL : 61.219.xx.250 : deny : deny which, clearly, is nonsense! Make sure that denyhosts.cfg has a blank value for BLOCK_SERVICE and that it points HOSTS_DENY to the right file. I guess that at least is correct, though. DenyHosts will then correctly record only the IP address of blocked hosts, which will result in much saner rule expansions! I have the same setup in 6.1 and it seems to work. But I still see messages related to line 24 from that setup. Does denyhosts work properly? I suspect it is not quite the same - check the BLOCK_SERVICE setting on that machine. Check out the DenyHosts FAQ - it's very useful. http://denyhosts.sourceforge.net/faq.html And the FreeBSD hosts_options(5) man page as well, which, as I said earlier, contains the full story on setting up your /etc/hosts.allow. HTH Dan -- Daniel Bye PGP Key: http://www.slightlystrange.org/pgpkey-dan.asc PGP Key fingerprint: D349 B109 0EB8 2554 4D75 B79A 8B17 F97C 1622 166A _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ pgpkX6ttmQUbR.pgp Description: PGP signature
Re: growfs HELP
On Thu, Sep 28, 2006 at 01:54:26PM -0500, Kristopher Yates wrote: Anyone else have any suggestions? I was thinking I could rewrite my partition table to what it was originally, then growfs using the empty partionable space.. but I dont exactly know how. I just had some docs I found online (URL is below). Before I did fdisk -s, the 2.888GB was an empty partition of the drive where I could have created a new partition.. but instead I did fdisk to merge it all into the same partition. The docs I read said to do that, then growfs.. I just didnt understand the vague explanation of doing the math to determine the correct number of sectors to pass to growfs. The docs I was using: http://ezine.daemonnews.org/200111/growfs.html I know it is possible without doing all that you suggested. It should be a matter of just executing growfs properly and I'm done. Otherwise, it would be easier to just do a fresh install than to do all that you suggested. Makes sense to me. I'd rather not have to reinstall. No, it is less trouble to do it the way I wrote. Doing the dd stuff is harder and anyway, may not result in what you want. Growfs is really not all that useful. Remember that you have to have empty space in the slice right contiguous to to the one you want to grow. You cannot just grab space from somewhere else on the disk and add it in. You could, if you have free space already within an existing file system, move some diectories, such as /usr/local out of /usr and put them[it] in the available space and create a sym link to the new location. But, if it is unused space that has not been part of a partition, you will remake the partition table with disklabel. If the space is right at the end of existing partitioned space, you might get away with it without redoing everything, but it is kind of an unadvisable thing to try, because what gets written back in the partition table for the existing partitions just might not line up exactly with their previous positions - you're expecting a new pointer to point to the same place as the old one. It could, but maybe a critical sector gets mapped out in the middle things. It would mess things up. So, My idea was to post here and get a better understanding, growfs and be done with it. I didnt expect comments from the peanut gallery; ie. It takes some knowledge to grow peanuts. If you want help, don't throw ignorance stones. By the way, those are pretty small drives. I don't see any on the market nowdays less that 18 GB and more likely larger. Maybe you need some new hardware. ///jerry Not everyone has a kush job at the SCNC working with universities. What do you know about SCNC? Obviously nothing. A) Why does a box that is just running NATD and portsentry need an 18GB hard drive and a faster processor? Whatever you want. B) Maybe you need to give me some money so that I may afford to build the fancy firewall/gateway that you suggest. I almost appreciate your reply but found your final remark to be rather condescending. My hardware is fine. It works and its all I have. This firewall box has been online 24/7 since 1998 running FBSD just fine. Blow the dust out once a year and keep on trucking. Fine. I have a couple of those right here. Michigan has the 2nd worst economy in the US. I would think you would be more understanding of my situation. Unfortunately, you have proven me wrong. Because the previous governor abetted by his psuedo right-wing cronies in the state congress gutted the state's economy before he finally got term limited out. Thanks to the FREEBSD community for continuing to be the leader in backward-compatible support for old hardware. Long live the Pentium 60 and the 640 ATA controller! ;) Cheers, Kris From: Jerry McAllister [EMAIL PROTECTED] To: Kristopher Yates [EMAIL PROTECTED] CC: freebsd-questions@freebsd.org Subject: Re: growfs HELP Date: Thu, 28 Sep 2006 11:45:37 -0400 On Thu, Sep 28, 2006 at 03:26:27AM -0500, Kristopher Yates wrote: Hi everyone, First of all, glad to still be running FBSD after all these years. I tried following some docs I found online in order to make my /usr partition bigger and made it all the way to growfs -s, which is where I got stuck. First of all, here was my original dilema, what I did, then a descript of where I am regarding growfs problem. System (aka firewall): Pentium60 40M RAM 2 NICS, running FBSD4.5-stable (a great firewall running 24/7 since OCT 2000.) I tried to upgrade (make buildword make installworld to 4.11-stable).. I made the new world and installed the new kernel but not quite enough space to do the last steps (mergemaster and then installworld). So I built a spare box, and installed FBSD on it. I put the hard drive from the firewall as secondary master, and a larger drive as secondary slave. * I ran dd and imaged
IPFW protected sites
With my ipfw firewall I can't surf the protected sites (I think by means of the ssl protocol), those with the closed locker in the frame of the browser. How can I enable this sites from my freebsd 6.1 box? Ciao Vittorio ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
konqueror protected sites
I cannot access protected sites (such as those of internet banking, credit card and so on) with konqueror under kde because the process died unexpectedly) while I can smoothly surf them with other browsers like mozilla. What should I do? Vittorio ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: moused insists on starting
Bill Moran wrote: In response to John Nielsen [EMAIL PROTECTED]: On Thursday 28 September 2006 14:08, Bill Moran wrote: 6.1. Moused starts on boot, and issuing /etc/rc.d/moused stop has not effect. My /etc/rc.conf has the line: moused_enable=NO yet the damn thing starts. Assuming you have a USB mouse, this is controlled by /etc/devd.conf (or /etc/usbd.conf in older releases). Comment out or modify the ums/moused entry to suit your preferences. Huh. I hate to be a whiner, but shouldn't this respect the moused_enable setting in rc.conf? I find this a violation of POLA. I have recently been told that you have to set moused_nondefault_enable=NO in your rc.conf to deactivate this behaviour. There is no need to mess with your devd.conf. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
compling php4 with pcre, the session extension
Hi there, does anybody know how to compile php4 with pcre and the session extension? I am unable to find those options in the 'make config' menu? Looks like I need them. cheers, Noah ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: compling php4 with pcre, the session extension
Noah wrote: Hi there, does anybody know how to compile php4 with pcre and the session extension? I am unable to find those options in the 'make config' menu? Looks like I need them. Just install the devel/php4-pcre and www/php4-session ports. Easy. Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
mouse problem in
hi i am new about freebsd . currently i am running 6.2-PRERELEASE(?) in one of my machine . other 2 are FC5 and xp . i am using common one set of keyboard , mouse and monitor for every cpu through KVM (model REX-420 ) cpu changer . the problem is whenever i change to other os then go back to freebsd the mouse does not work . to change cpu i need to press Scroll Lock 2 times then the number (for me 1-freebsd ,2 -xp ,3 -FC5 ) . i also noticed that if i press Scroll Lock 2 times the mouse pointer just vanish . please help me .why this happens ? is there any way so that i can keep the mouse working ? azhar here is a copy of dmesg . Copyright (c) 1992-2006 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 6.2-PRERELEASE #0: Sun Sep 24 16:53:30 UTC 2006 [EMAIL PROTECTED]:/usr/src/sys/i386/compile/GENERIC atkbdc0: Keyboard controller (i8042) port 0x60,0x64 irq 1 on acpi0 atkbd0: AT Keyboard irq 1 on atkbdc0 kbd0 at atkbd0 atkbd0: [GIANT-LOCKED] psm0: PS/2 Mouse irq 12 on atkbdc0 psm0: [GIANT-LOCKED] psm0: model VersaPad, device ID 0 psm0: failed to get status (doinitialize). psm0: failed to enable the device (doopen). psm0: failed to enable the device (reinitialize). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPFW protected sites
vittorio wrote: With my ipfw firewall I can't surf the protected sites (I think by means of the ssl protocol), those with the closed locker in the frame of the browser. How can I enable this sites from my freebsd 6.1 box? HTTPS uses port 443. You need to open up access to any host port 443 in your firewall. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: linux recovery tool
Ahmad Arafat Abdullah wrote: ... One of my hosters says they provide a ram based linux recovery tool, but I'm actually using freebsd on the hardware so am wondering if linux knows how to mount UFS partitions? -- Robin Becker Yes, it does .. thanks -- Robin Becker ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: denyhosts problems
Daniel Bye wrote: On Thu, Sep 28, 2006 at 05:22:43PM +0100, Robin Becker wrote: I'm trying to get denyhosts-2.5 to work in 6.0 and have inserted a line in hosts.allow ALL: xxx.myoffice.com : allow sshd: /etc/hosts.deniedssh : deny ALL: ALL : allow but am finding that this causes my home ip to be denied even though I log in with a pre-shared key. sshd will still avail itself of libwrap's functionality /before/ the client even has a chance to offer its key. Anyone who manages to get a copy of your key will need also to satisfy your /etc/hosts.allow rules before they can use it. The /etc/hosts.deniedssh file is being created, but my home ip is not present (it would be hard as I have a dynamically allocated one anyhow). The hosts.deniedssh file contains entries like ... ALL : ALL : 61.219.xx.250 : deny : deny which, clearly, is nonsense! I am not writing this file, denyhosts is. Make sure that denyhosts.cfg has a blank value for BLOCK_SERVICE and that it points HOSTS_DENY to the right file. I guess that at least is correct, though. My BAD I have the value ALL for BLOCK_SERVICE, I suppose that's the problem. I read further and it seems I do indeed need to set an empty value. Thanks. DenyHosts will then correctly record only the IP address of blocked hosts, which will result in much saner rule expansions! I have the same setup in 6.1 and it seems to work. But I still see messages related to line 24 from that setup. Does denyhosts work properly? I suspect it is not quite the same - check the BLOCK_SERVICE setting on that machine. You're probably right. Check out the DenyHosts FAQ - it's very useful. http://denyhosts.sourceforge.net/faq.html And the FreeBSD hosts_options(5) man page as well, which, as I said earlier, contains the full story on setting up your /etc/hosts.allow. Thanks again. -- Robin Becker ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: linux recovery tool
Robin Becker wrote: Ahmad Arafat Abdullah wrote: ... One of my hosters says they provide a ram based linux recovery tool, but I'm actually using freebsd on the hardware so am wondering if linux knows how to mount UFS partitions? -- Robin Becker Yes, it does .. thanks That is if the kernel has UFS and BSD labels support compiled into the kernel. Be aware that UFS support isn't really 100% stable yet, so they marked UFS writing as dangerous in the Linux kernel file systems config section. However, UFS fs reading is stable. -Garrett ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
portupgrade: ruby state=swread
Hello, i'm actually updating my installed ports with portupgrade -a over a remote ssh session. Before i have done a cvsup and a portsdb -Fu There are only 3 ports needing an update, one of this port is ruby. pkg_info means i have ruby18-bdb1-0.2.2 installed and under /usr/ports/distfiles/ruby is ruby-1.8.5.tar.gz (i think it's the update version) All ran fine but since 1hour top shows me the following: last pid: 12998; load averages: 0.47, 0.18, 0.06up 0+03:12:40 23:28:35 41 processes: 1 running, 40 sleeping CPU states: 0.8% user, 0.0% nice, 0.8% system, 0.4% interrupt, 98.0% idle Mem: 82M Active, 4340K Inact, 24M Wired, 5268K Cache, 22M Buf, 480K Free Swap: 231M Total, 126M Used, 105M Free, 54% Inuse, 956K In PID USERNAME THR PRI NICE SIZERES STATETIME WCPU COMMAND 12613 root1 -200 123M 87500K swread 6:29 0.05% ruby18 The output of portupgrade -a is also since 1hour: snip stringio.c: c. strscan.c: cc Generating RI... I use FreeBSD_6.1.RELEASE without the today published patch for FreeBSD-SA-06:23.openssl What can i do now? I don't want to kill the update process. Dunno what happens then :/ Many thanks in advance for any hints Pascal Bleyler ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: portupgrade: ruby state=swread
HI, I've founded this atm: http://portsmon.freebsd.org/portoverview.py?category=langportname=ruby1 8 what are my options? The PC has only 80M RAM ... :( Thanks Pascal Bleyler -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pascal Bleyler Sent: Thursday, September 28, 2006 11:45 PM To: freebsd-questions@freebsd.org Subject: portupgrade: ruby state=swread Hello, i'm actually updating my installed ports with portupgrade -a over a remote ssh session. Before i have done a cvsup and a portsdb -Fu There are only 3 ports needing an update, one of this port is ruby. pkg_info means i have ruby18-bdb1-0.2.2 installed and under /usr/ports/distfiles/ruby is ruby-1.8.5.tar.gz (i think it's the update version) All ran fine but since 1hour top shows me the following: last pid: 12998; load averages: 0.47, 0.18, 0.06up 0+03:12:40 23:28:35 41 processes: 1 running, 40 sleeping CPU states: 0.8% user, 0.0% nice, 0.8% system, 0.4% interrupt, 98.0% idle Mem: 82M Active, 4340K Inact, 24M Wired, 5268K Cache, 22M Buf, 480K Free Swap: 231M Total, 126M Used, 105M Free, 54% Inuse, 956K In PID USERNAME THR PRI NICE SIZERES STATETIME WCPU COMMAND 12613 root1 -200 123M 87500K swread 6:29 0.05% ruby18 The output of portupgrade -a is also since 1hour: snip stringio.c: c. strscan.c: cc Generating RI... I use FreeBSD_6.1.RELEASE without the today published patch for FreeBSD-SA-06:23.openssl What can i do now? I don't want to kill the update process. Dunno what happens then :/ Many thanks in advance for any hints Pascal Bleyler ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: portupgrade: ruby state=swread
On Fri, Sep 29, 2006 at 12:30:45AM +0200, Pascal Bleyler wrote: HI, I've founded this atm: http://portsmon.freebsd.org/portoverview.py?category=langportname=ruby1 8 what are my options? The PC has only 80M RAM ... :( Wait it out, add more RAM, or use a tool that requires less memory. Others may recommend portmaster, but I've not used it and cannot comment on its utility or resource requirements. You can always just use pkg_add/pkg_delete by hand (if you're careful), of course. Kris pgpnqc3NWtFNI.pgp Description: PGP signature
Raid strip with freebsd slices or partitions
Hi, i would like to do a raid strip with freebsd slices or partitions and not with a entire disk. For example: I've a two SCSI drivers with 68Gb. I want to make a two partitions or slices in two disks, first with 10G and other with 58Gb, this in two disks, and make a raid strip virtual disk with 58+58GB = 116 GB, and user other two partitions normaly. -- Thanks for all answers Mario Augusto Mania m3BSD --- [EMAIL PROTECTED] Cel.: (43) 9938-9629 Msn: [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: growfs HELP
It takes some knowledge to grow peanuts. If you want help, don't throw ignorance stones. Hey dude, You threw the first stone. I'm not Jesus. I'll throw one right back 'atcha, old man. By the way, those are pretty small drives. I don't see any on the market nowdays less that 18 GB and more likely larger. Maybe you need some new hardware. ///jerry After reading your initial response, I decided to create a new partition and move the majority of /usr to it. I dont have all day. Problem solved. I see in your last response that we are agreeable technologically, at least as far as symlinking goes. Waste not, want not. ON a final note, democrats are just as corrupt as republicans. Don't go whining about milking the cow dry being a problem with right wing fascists. Left wing libs do the same thing all the time. Look at both sides of the fence. God Bless the FBI. We should throw all the rich senators and congressmen in jail. Talk about ignorant stones. I didn't know you collected rocks! efilnikufecin and a long cold winter, Kris From: Jerry McAllister [EMAIL PROTECTED] To: Kristopher Yates [EMAIL PROTECTED] CC: freebsd-questions@freebsd.org Subject: Re: growfs HELP Date: Thu, 28 Sep 2006 15:17:17 -0400 On Thu, Sep 28, 2006 at 01:54:26PM -0500, Kristopher Yates wrote: Anyone else have any suggestions? I was thinking I could rewrite my partition table to what it was originally, then growfs using the empty partionable space.. but I dont exactly know how. I just had some docs I found online (URL is below). Before I did fdisk -s, the 2.888GB was an empty partition of the drive where I could have created a new partition.. but instead I did fdisk to merge it all into the same partition. The docs I read said to do that, then growfs.. I just didnt understand the vague explanation of doing the math to determine the correct number of sectors to pass to growfs. The docs I was using: http://ezine.daemonnews.org/200111/growfs.html I know it is possible without doing all that you suggested. It should be a matter of just executing growfs properly and I'm done. Otherwise, it would be easier to just do a fresh install than to do all that you suggested. Makes sense to me. I'd rather not have to reinstall. No, it is less trouble to do it the way I wrote. Doing the dd stuff is harder and anyway, may not result in what you want. Growfs is really not all that useful. Remember that you have to have empty space in the slice right contiguous to to the one you want to grow. You cannot just grab space from somewhere else on the disk and add it in. You could, if you have free space already within an existing file system, move some diectories, such as /usr/local out of /usr and put them[it] in the available space and create a sym link to the new location. But, if it is unused space that has not been part of a partition, you will remake the partition table with disklabel. If the space is right at the end of existing partitioned space, you might get away with it without redoing everything, but it is kind of an unadvisable thing to try, because what gets written back in the partition table for the existing partitions just might not line up exactly with their previous positions - you're expecting a new pointer to point to the same place as the old one. It could, but maybe a critical sector gets mapped out in the middle things. It would mess things up. So, My idea was to post here and get a better understanding, growfs and be done with it. I didnt expect comments from the peanut gallery; ie. It takes some knowledge to grow peanuts. If you want help, don't throw ignorance stones. By the way, those are pretty small drives. I don't see any on the market nowdays less that 18 GB and more likely larger. Maybe you need some new hardware. ///jerry Not everyone has a kush job at the SCNC working with universities. What do you know about SCNC? Obviously nothing. A) Why does a box that is just running NATD and portsentry need an 18GB hard drive and a faster processor? Whatever you want. B) Maybe you need to give me some money so that I may afford to build the fancy firewall/gateway that you suggest. I almost appreciate your reply but found your final remark to be rather condescending. My hardware is fine. It works and its all I have. This firewall box has been online 24/7 since 1998 running FBSD just fine. Blow the dust out once a year and keep on trucking. Fine. I have a couple of those right here. Michigan has the 2nd worst economy in the US. I would think you would be more understanding of my situation. Unfortunately, you have proven me wrong. Because the previous governor abetted by his psuedo right-wing cronies in the state congress gutted the state's economy before he finally got term limited out. Thanks to the FREEBSD community for continuing to be the leader in backward-compatible support for old hardware. Long
Re: portupgrade: ruby state=swread
Pascal Bleyler wrote: There are only 3 ports needing an update, one of this port is ruby. pkg_info means i have ruby18-bdb1-0.2.2 installed and under /usr/ports/distfiles/ruby is ruby-1.8.5.tar.gz (i think it's the update version) All ran fine but since 1hour top shows me the following: last pid: 12998; load averages: 0.47, 0.18, 0.06up 0+03:12:40 23:28:35 41 processes: 1 running, 40 sleeping CPU states: 0.8% user, 0.0% nice, 0.8% system, 0.4% interrupt, 98.0% idle Mem: 82M Active, 4340K Inact, 24M Wired, 5268K Cache, 22M Buf, 480K Free Swap: 231M Total, 126M Used, 105M Free, 54% Inuse, 956K In PID USERNAME THR PRI NICE SIZERES STATETIME WCPU COMMAND 12613 root1 -200 123M 87500K swread 6:29 0.05% ruby18 The output of portupgrade -a is also since 1hour: snip stringio.c: c. strscan.c: cc Generating RI... I use FreeBSD_6.1.RELEASE without the today published patch for FreeBSD-SA-06:23.openssl What can i do now? I don't want to kill the update process. Dunno what happens then :/ You haven't got enough free memory and the process is swapping - swread == swap read. Give it time and it should finish. If you have other processes using significant memory which you can kill off that might help. --Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Kopete MSN + Cam
Forró A Hunor wrote: 2006/9/28, Garrett Cooper [EMAIL PROTECTED]: Warren Liddell wrote: Is or will there ever be support to allow the viewing of Webcams from others or is it simply not possible ? Webcam support still isn't fully functional in any of the opensource projects I think; gaim is the closest to getting a working prototype though, through the gaim-vv subproject. IIRC, the author of Kopete is helping out, so the MSN webcam functionality might become available in Kopete sometime in the near future. -Garrett There is an MSN Messenger clone for Linux. I haven't used it but I think it seems to be good. I will try it shortly. You can read further and download from the project's homepage at http://amsn.sourceforge.net/ It's already in ports: net-im/amsn and doesn't need linux compat %make run-depends-list /usr/ports/devel/gmake /usr/ports/devel/tcllib /usr/ports/devel/tcltls /usr/ports/graphics/imlib /usr/ports/x11-toolkits/tk84 I've installed it and someone with a login has logged in but that's the extent of testing here, ie not tested with a webcam. Chris Don't forget to enable linux compatibility in /etc/rc.conf from linux_enable=NO to linux_enable=YES Pls notify me if it's working ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IP address impersonation
We have a remotely hosted 6.0 server that has apparently been impersonated by a colocated server. The provider allows root access and we have set up our server from a base 6.0 installation. We were allocated an ip address and mostly we have had a good experience with this setup. However, twice in three weeks we have had difficulty in logging in and have had to crash boot the server. Analysis of the logs revealed that another machine on the hoster's network had assigned itself our ip address. Even when we provided the suspect mac address it seemed the hoster had trouble in finding out/appreciating what the problem was. I have little experience of this sort of thing, but can anyone else offer some advice on 1) is this a recognized form of attack? I can see that it could be used for password harvesting and traffic interception, but are there other implications. 2) Are there ways to mitigate this kind of problem? We have other hosted servers on machines with similar (root) access. They presumably could also be impersonated. We found this out by inspection of our own log files; could the provider be doing something more to prevent this? -- Robin Becker ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IP address impersonation
Taking over an IP is a known way to inspect traffic. Essentially if done well the spoofing server will act like a proxy server, inspecting the data and sending it along to the correct server. Another way, particularly at a data center is to setup a server running the NIC in promiscuous mode so that nic will catch any packets on the netowrk. Is the data center bringing up a server with a duplicate IP? Or are they attempting to change your server's IP when they bring up a server on your assigned address? It also could be just bad book keeping on the data center's part, having re-used an IP and not taken it completely out of another server's configuration files. -Derek At 05:53 PM 9/28/2006, Robin Becker wrote: We have a remotely hosted 6.0 server that has apparently been impersonated by a colocated server. The provider allows root access and we have set up our server from a base 6.0 installation. We were allocated an ip address and mostly we have had a good experience with this setup. However, twice in three weeks we have had difficulty in logging in and have had to crash boot the server. Analysis of the logs revealed that another machine on the hoster's network had assigned itself our ip address. Even when we provided the suspect mac address it seemed the hoster had trouble in finding out/appreciating what the problem was. I have little experience of this sort of thing, but can anyone else offer some advice on 1) is this a recognized form of attack? I can see that it could be used for password harvesting and traffic interception, but are there other implications. 2) Are there ways to mitigate this kind of problem? We have other hosted servers on machines with similar (root) access. They presumably could also be impersonated. We found this out by inspection of our own log files; could the provider be doing something more to prevent this? -- Robin Becker ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
buildworld upgrading advise please.
Hello Gurus Im on FreeBSD 6.1-R decided to upgrade the src tree and for security reasons only so i did the following cvsup srcall and ports (RELENG_6_1) changed /etc/make.conf to CFLAGS= -O -pipe NO_PROFILE= cd /usr/src # make buildworld # make buildkernel # make installkernel # reboot the following steps not from single user, just root, it refused to run from single user # mergemaster -p # make installworld # mergemaster # reboot Till here no errors and everything seems allright! the output of uname -a is FreeBSD 6.1-RELEASE-p7 FreeBSD 6.1-RELEASE-p7 #0: Fri Sep 29 01:37:30 AST 2006 root@:/usr/obj/usr/src/sys/GENERIC i386 Is this enough ? Some websites has only these steps, but in the handbook asking to update /etc, recomiple the base system and many others.. Can someone comment about my steps and advice if anything more is needed. pluse, why all was okay from root user not single user mode, and why it didnot work from single user mode. Thank you. _ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Sync files locally?
--On September 28, 2006 9:33:39 AM +0200 Erik Norgaard [EMAIL PROTECTED] wrote: 1) rsync changes behaviour depending on whether or not you include a trailing / from the man-page: rsync -av /src/foo /dest rsync -av /src/foo/ /dest/foo That I know. works the same way, (and sync locally in this example). Read the man page, there are lots of examples. 2) The options -t and -p preserve time and permissions respectively. Ownership will always change to the user running rsync unless you run as root. This has nothing to do with rsync, you can't run chown as an ordinary user. You can preserve the group if you're in that group on the destination host. 3) The files you are syncing - should they be writeable by www? For security, you may really want something like this: -rw-r- user:wwwfile They're user:www, but the user isn't me. :-) I could go into the reasons for that, but it doesn't really matter. and have user do the rsync. If you really need to have www write to the file, set group permissions +w. No, I don't need that and don't want it either. The owners of the site own the files, and I know how to use sudo. :-) IIRC to run rsync over ssh the user doing the syncing must have shell access, running your sync as root is not desirable, it MAY be preferred to have it run as www to preserve owner also, at least you can restrict access for www. I use ssh with keys so I can cron the job, but I'll have to do the extra step of fixing perms and ownership after copying the rsynced files over. No big deal. I'll script that as well. Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/
Re: buildworld upgrading advise please.
- Original Message - From: Marwan Sultan [EMAIL PROTECTED] To: freebsd-questions@freebsd.org Subject: buildworld upgrading advise please. Date: Thu, 28 Sep 2006 23:29:01 + Hello Gurus Im on FreeBSD 6.1-R decided to upgrade the src tree and for security reasons only so i did the following cvsup srcall and ports (RELENG_6_1) changed /etc/make.conf to CFLAGS= -O -pipe NO_PROFILE= cd /usr/src # make buildworld # make buildkernel # make installkernel # reboot the following steps not from single user, just root, it refused to run from single user # mergemaster -p # make installworld # mergemaster # reboot Till here no errors and everything seems allright! the output of uname -a is FreeBSD 6.1-RELEASE-p7 FreeBSD 6.1-RELEASE-p7 #0: Fri Sep 29 01:37:30 AST 2006 root@:/usr/obj/usr/src/sys/GENERIC i386 Is this enough ? Some websites has only these steps, but in the handbook asking to update /etc, recomiple the base system and many others.. Can someone comment about my steps and advice if anything more is needed. pluse, why all was okay from root user not single user mode, and why it didnot work from single user mode. Thank you. Just sharing the same opinion.. i think yr step is fair and good enuff since u're also go thru mergemaster steps.. mine also do the same step since 4.x and it works fine for me with no errors or anything weird.. my make.conf: # added by use.perl 2006-08-22 09:40:06 PERL_VER=5.8.8 PERL_VERSION=5.8.8 CFLAGS= -O -pipe COPTFLAGS= -O -pipe NO_PROFILE=true CPUTYPE?=pentium4 in your /etc/make.conf u just stated NO_PROFILE= with blank statements.. can we consider is as false? -- ___ Play 100s of games for FREE! http://games.mail.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: linux recovery tool
- Original Message - From: Garrett Cooper [EMAIL PROTECTED] To: freebsd-questions@freebsd.org Subject: Re: linux recovery tool Date: Thu, 28 Sep 2006 14:03:45 -0700 Robin Becker wrote: Ahmad Arafat Abdullah wrote: ... One of my hosters says they provide a ram based linux recovery tool, but I'm actually using freebsd on the hardware so am wondering if linux knows how to mount UFS partitions? -- Robin Becker Yes, it does .. thanks That is if the kernel has UFS and BSD labels support compiled into the kernel. Be aware that UFS support isn't really 100% stable yet, so they marked UFS writing as dangerous in the Linux kernel file systems config section. However, UFS fs reading is stable. -Garrett Mr garrett TQ for highlighting it.. referring to your statement there.. izzit the same like NTFS mount on linux? read-only and not stable/supported on writing? TQ -- ___ Play 100s of games for FREE! http://games.mail.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Raid strip with freebsd slices or partitions
On Thu, Sep 28, 2006 at 10:35:10PM +, m3 BSD wrote: Hi, i would like to do a raid strip with freebsd slices or partitions and not with a entire disk. For example: I've a two SCSI drivers with 68Gb. I want to make a two partitions or slices in two disks, first with 10G and other with 58Gb, this in two disks, and make a raid strip virtual disk with 58+58GB = 116 GB, and user other two partitions normaly. -- Thanks for all answers Mario Augusto Mania m3BSD --- [EMAIL PROTECTED] Cel.: (43) 9938-9629 Msn: [EMAIL PROTECTED] ___ I believe you want to use the GEOM(4) subsystem in general and the gstripe(8) command in particular. I've only used gmirror(8) with entire disks, but I believe you can simply specify a device name corresponding to the slices you want to stripe. -Damian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
BSDStats v4.0: Attempt to address some major issues ...
As painful as it was to do, I backed up the old data tonight and wiped out the stats ... for one major reason: the stats lost their accuracy. As several have noticed, the OpenBSD numbers have been increasing quite steadily, but looking at the RAW urls coming in, 99% of those #s were from a couple of IPs, and they were submitting the full range of releases and architectures ... Unfortunately, since we store neither IP or hostname, trying to 'surgically remove' the false entries proved to be very difficult ... I've have just committed BSDstats 4.0 to CVS, and there is a copy of it available at http://www.bsdstats.org/downloads/300.statistics ... download and replace the one you are currently running, as it will not work anymore ... the new version even knows to remove your /var/db/bsdstats file, since its format is no longer valid either ... I've increased the size of the IDTOKEN to 32 from 16, since I've been noticing alot of duplicates when two hosts submit at close to the same time ... I've also added an 'enable/disable' record before/after submitting the reports ... And, when reporting, both your TOKEN *and* KEY are sent, instead of just the KEY ... that way we not only check what we returned to you the first time, but also what you sent to us ... This version also has a 'Network Connectivity' check, in the form of checking a TXT record in DNS, so that if the Network is down, it doesn't bother going through the whole procedure ... And, finally, I've made 'checkin_server' configurable, so that you don't have to modify the script itself to change that value ... default being, of course, bsdstats.org ... Antony is working on docs for how to use Apache as a 'quick-n-dirty proxy server', which he'll put up onto the web site as soon as completed ... As I said, you just need to download the new version and run it, you don't have to wait for the port to go through, assuming you have already installed from the port and /etc/periodic.conf is setup ... Make sure you run it right after downloading though ... If anyone out there can see a flaw in the script ... or something that I may have overlooked as far as a 'loophole' that could be used to screw around with the data, please let me know ... I know its not possible, minus registration, to get rid of all holes, but, hopefully I've now gotten rid of the ones that a truck could (and did) drive though ... Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email . [EMAIL PROTECTED] MSN . [EMAIL PROTECTED] Yahoo . yscrappy Skype: hub.orgICQ . 7615664 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Dual Monitor problems
On Mon, 25 Sep 2006 21:24:58 -0400 Jonathan Arnold [EMAIL PROTECTED] wrote: Well, I didn't get much input here. How about if I generalize it a little bit? Is *anyone* currently running a late model ATI card with dual monitors? If so, could you post or email me your xorg.conf? -- Jonathan Arnold Daemon Dancing in the Dark, a FreeBSD blog: http://freebsd.amazingdev.com/blog This is a working dual monitor setup for a Radeon 9550 RV350 with dual Samsung 19 LCD panels. agp is in the kernel, drm and radeon loaded as modules. 6.1-STABLE FreeBSD 6.1-STABLE #0: Fri Jul 14 16:35:41 EDT 2006 xorg-server-6.9.0_3 X.Org X server and related programs I have experienced some lockups since upgrading to 6.1 It seems to happen with anything that does intensive ops like watching tv, dvds and games. HTH, Trevor - Section ServerLayout Identifier X.org Configured Screen 0 Screen0 0 0 InputDeviceMouse0 CorePointer InputDeviceKeyboard0 CoreKeyboard EndSection Section Files RgbPath /usr/X11R6/lib/X11/rgb ModulePath /usr/X11R6/lib/modules FontPath /usr/X11R6/lib/X11/fonts/webfonts/ FontPath /usr/X11R6/lib/X11/fonts/urwfonts-ttf/ FontPath /usr/X11R6/lib/X11/fonts/URW/ FontPath /usr/X11R6/lib/X11/fonts/misc/ FontPath /usr/X11R6/lib/X11/fonts/TTF/ FontPath /usr/X11R6/lib/X11/fonts/Type1/ FontPath /usr/X11R6/lib/X11/fonts/100dpi/ EndSection Section Module Load extmod Load dri Load dbe # Load record # Load xtrap Load glx Load type1 Load freetype EndSection Section InputDevice Identifier Keyboard0 Driver kbd EndSection Section InputDevice Identifier Mouse0 Driver mouse Option Protocol auto Option Device /dev/psm0 Option ZAxisMapping 4 5 6 7 EndSection Section Monitor Identifier Monitor0 VendorName SAM ModelNameSyncMaster Option DPMS EndSection Section Device Identifier Card0 Driver ati VendorName ATI Technologies Inc BoardName RV350 AS [Radeon 9550] BusID PCI:1:0:0 Option AGPMode 4# i # This MAKEM BIG LOCKUP #Option AGPFastWrite True # [bool] Option MergedDPI 100 100# [str] Option MergedFB True# [bool] Option CRT2Position RightOf # [str] Option MetaModes 1280x1024-1280x1024 Option RenderAccel True # [bool] Option DMAForXv True# [bool] EndSection Section Screen Identifier Screen0 Device Card0 MonitorMonitor0 DefaultDepth 24 SubSection Display Depth 24 Modes 1280x1024 Virtual 2560 1024 EndSubSection EndSection -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Can't Update With freebsd-update
I have been using freebsd-update to fetch binary security related updates since I started using FreeBSD this time last year. However, when I ran it tonight and paid attention to the initial output, I saw the following: The following files are affected by security fixes, but have not been updated because they have been modified locally: /boot/kernel/kernel /etc/rc.d/jail /lib/libcrypto.so.4 /usr/lib/libcrypto.a /usr/lib/libcrypto_p.a /usr/lib/libssl.a /usr/lib/libssl_p.a /usr/sbin/lwresd /usr/sbin/named No updates available I haven't compiled anything on my system from source (base system related anyway, ports yes) so why would this be reporting? Is there anyway I can grab the binary updates at this point and go from here? Thanks in advance! Jeff Cross http://www.averageadmins.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Can't Update With freebsd-update
Jeff Cross wrote: I have been using freebsd-update to fetch binary security related updates since I started using FreeBSD this time last year. However, when I ran it tonight and paid attention to the initial output, I saw the following: The following files are affected by security fixes, but have not been updated because they have been modified locally: /boot/kernel/kernel /etc/rc.d/jail /lib/libcrypto.so.4 /usr/lib/libcrypto.a /usr/lib/libcrypto_p.a /usr/lib/libssl.a /usr/lib/libssl_p.a /usr/sbin/lwresd /usr/sbin/named No updates available I haven't compiled anything on my system from source (base system related anyway, ports yes) so why would this be reporting? Is there anyway I can grab the binary updates at this point and go from here? Thanks in advance! Jeff Cross http://www.averageadmins.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Nevermind... Google is a wonderful thing and I should have consulted it first. For the archives, /usr/local/sbin/freebsd-update --branch crypto fetch ...corrected my issue. I found the info here: http://users.skynet.be/six/gpure/tech/freebsd.txt Jeff Cross http://www.averageadmins.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
sctp configuration under FreeBSD 6.1
Hi, Is there any document for configuring sctp under FreeBSD 6.1 Regards, Prafulla Kumar ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
NT loader still boot first FreeBSD slice, it could not boot second or another slice
Hi all, I wanted to make my system dual or multiboot. I decided to loadding os NT loader from Windows XP. I have read this: http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/disks.html#NT-BOOTLOADE R My situation: 1. partion ... wxp /dev/ad4s1 2. partion ... ntfs data partition /dev/ad4s2 3. partion ... fbsd adm64 /dev/ad4s3a 4. partion ... fbsd i386 /dev/ad4s4a Sata disk 320GB. What I did: 1. /dev/ad4s3a: cp /boot/boot1 FreeBSDa64.BSD to 1. partion 2. /dev/ad4s4a: cp /boot/boot1 FreeBSDi386.BSD to 1.partion 3. reply 1.-2. with dd if=/dev/ad4s3a of=/...dd.BSD bs=512 count=1 4. edit boot.ini so there are WXP and 2 copied boot1 to 3rd and 4th partition and 2 made by dd command, so 5 records NT loader boot 3rd partion without any problem, but when I want to boot to 4th partition, it loads 3rd one again and again. I does not get to there at all. If I compare these 4 files, all are the same, so how could ntloader to load something other than the first bsd partition if files did not differ at all !!! If it is known issue, why it is not in documentation, that point 9.10 in FAQ works ONLY and ONLY with ONLY 1 FreeBSD partition ? I recommand to edit this question 9.10 to mention this barrier, if it is true. P.S.: I am not currently subscribed in the freebsd-stable and freebsd-questions mailling lists, so mail me directly. Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
adding other login class to login.conf in case one is already there
Hi all, could somebody looks at this PR ? http://www.freebsd.org/cgi/query-pr.cgi?pr=103794 http://www.freebsd.org/cgi/query-pr.cgi?pr=103794 It began with my mail to LI Xin. He agreed that I attach our mail´s correspondence. Here it is: -Original Message- From: LI Xin [ mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Sent: Thursday, September 21, 2006 8:24 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: /etc/login.conf - add czech user login class with locales Hello Xin Li, I found out that last change to login.conf perhaps you have done. I see Russian user class and definition of lang and mm_char. Why is there only that one class ? Is it possible to upadte this file in CVS and add new user class for czech language ? czech|Czech Users Accounts:\ :charset=ISO-8859-2:\ :lang=cs_CZ.ISO8859-2:\ :tc=default: According to the CVS annotate, it seems that ache@ has added the Russian user class 9 years ago. It looks like an example to me, though. Actually the previous change I have made against RELENG_6 was a comment change which reduces diff against -HEAD, but frankly I am not an expert in this stuff, so it would probably better if there is someone who is more quantifiable than me to do the CVS operation. Would you please send a patch as PR, so someone can pick up (perhaps also by sending a reminder to -current@)? I guess there were some performance concerns about adding more login classes in the past, but with the newly added NSS caching mechanism things could have changed :-) Cheers, So could somebody give one´s opinion or even commit this change to RELENG_6 and HEAD CVS tree ? Thank you for attention. Daniel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Anyone used this mobo with 6.1 ??
ASUS P5LD2-VM-DH/C Onboard Audio, VGA, 1*GLAN, 1*PCI-E, 2*PCI, 4*DDRII, 4*SATAII (RAID 0,1), mATX --- The information transmitted in this e-mail is for the exclusive use of the intended addressee and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of it, or the taking of any action in reliance upon this information by persons and/or entities other than the intended recipient is prohibited. If you received this in error, please inform the sender and/or addressee immediately and delete the material. E-mails may not be secure, may contain computer viruses and may be corrupted in transmission. Please carefully check this e-mail (and any attachment) accordingly. No warranties are given and no liability is accepted for any loss or damage caused by such matters. --- ### This e-mail message has been scanned for Viruses by Bytecraft ### ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
