Re: Dangerously Dedicated
Date: Thu, 10 Dec 2009 03:12:45 +0100 From: Polytropon free...@edvax.de Subject: Re: Dangerously Dedicated To: Maxim Khitrov mkhit...@gmail.com Cc: freebsd-questions@freebsd.org Message-ID: 20091210031245.3fd58187.free...@edvax.de Content-Type: text/plain; charset=US-ASCII On Wed, 9 Dec 2009 20:41:40 -0500, Maxim Khitrov mkhit...@gmail.com wrote: On Wed, Dec 9, 2009 at 8:33 PM, Rolf Nielsen listrea...@lazlarlyricon.com wrote: As far as I understand it, it's called Dangerously Dedicated because it may cause other systems not to recognise the disk. Consequently, newfs'ing a slice without first partitioning it can hardly be DD, since that is what other systems do, right? I think I understand: using the DOS compatible partition (slice) table follows the principle of least surprise. That is why I use slices for my dedicated BSD machine. 4 places to put your data are ostensibly better than 1, and I avoid any possible BIOS bugs if the BIOS sees a non-standard MBR. That is correct. That slice will not be bootable, but you can use it to store data. Being bootable is a matter of what the MBR boot block says. In a DD setting, it refers to the first partition (that's not within a slice), e. g. ad0a. Especially in a multi-OS setting, the use of slices seems to be strongly recommended so all operating systems behave in the required way (due to compatibility reasons, see DOS primary partitions), which limits the number of slices to 4. I would say a common partition format is REQUIRED in a multi-boot situation. For PC OS's, that means DOS compatibility. For plain storage, it's not needed to encapsulate the partition with the file system inside a slice, e. g. ad1 ad1s1 ad1s1e { [ (/data) ] } in comparison to ad1 ad1c { (/data) } And as it is known, the c can be omitted, as in # mount /dev/ad1 /data The Detailed 8.0 release notes don't say anything about bootability: 2.2.5 File Systems “dangerously dedicated” mode for the UFS file system is no longer supported http://www.freebsd.org/releases/8.0R/relnotes-detailed.html I also note that the DOS partition (slice) table is not explictly required either: could you use an Apple partiton (slice) table instead? UFS not supporting DD mode struck me as weird BECAUSE it has to work with different architectures. Of course, if you are just storing raw data, you don't always *need* a filesystem. Regards, James Phillips __ Yahoo! Canada Toolbar: Search from anywhere on the web, and bookmark your favourite sites. Download it now http://ca.toolbar.yahoo.com. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Monolithic vs Modular Kernel?
Hi, What are the pros and cons of building a stripped down kernel and loading all the missing parts via modules (such that you end up with the same functionality as generic kernel) vs having a kernel with all the modules built in? Also, is there anyway to detect if there are hardware without drivers (such as a sound card without any snd_ loaded) and to detect the type of device (e.g. network, usb, sound, graphics)? Lastly, is there any way to determine what 'modules' a kernel is build with? Regards, David signature.asc Description: This is a digitally signed message part.
Re: Dangerously Dedicated
On Thu, 10 Dec 2009 00:04:28 -0800 (PST), James Phillips anti_spam...@yahoo.ca wrote: The Detailed 8.0 release notes don't say anything about bootability: 2.2.5 File Systems “dangerously dedicated” mode for the UFS file system is no longer supported http://www.freebsd.org/releases/8.0R/relnotes-detailed.html Okay, but what happens when you # newfs /dev/ad1 in the assumption that ad1 will be a pure data disk, and issuing this command will create a partition covering the whole ad1 disk without any slice, and then create an UFS file system in this partition? I cannot imagine that this shouldn't be possible anymore. I'm convinced that abandoning DD for bootable disks is completely understandable, but... Where are the points when problem occur? (I've got no 8.0 installation at hand so I can't check this in a live setting.) I also note that the DOS partition (slice) table is not explictly required either: could you use an Apple partiton (slice) table instead? I don't know how they differ from each other. Of course, if you are just storing raw data, you don't always *need* a filesystem. You can of course simply use tar (as the most universal file system, at least among UNIXes) on a raw disk, e. g. tar cf /lots/of/files /dev/ad1 and retrieve it using tar xf /dev/ad1 But in the common case of a pure data disk, as I mentioned it above, you have a file system (inside a partition), but no slice. In such a case, the fdisk utility will show a sysid 165 partition for the disk, just as if a slice would be present. I'm interested in knowing where this will end. FreeBSD defaulting to FAT file system for maximum compatibility? Don't mind, just a joke. It will of course use NTFS. :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 8.0 installation doesn't contain X distributions
In freebsd-questions Digest, Vol 287, Issue 16, Message: 8 On Sat, 05 Dec 2009 19:39:08 +0200 Manolis Kiagias son...@otenet.gr wrote: Nicky Chorley wrote: Hi, I downloaded the DVD ISO for FreeBSD 8.0 (i386) and verified the MD5 checksum before burning. With regards to choosing distributions for installation, the handbook says If a graphical user interface is desired then a distribution set that is preceded by an X should be chosen and the help for the Choose Distributions section of sysinstall says An X- prefixed before a distribution set means that the Xorg base distribution, libraries, manual pages, servers and a set of default fonts will be selected in addition to the set itself... However, I do not see any distributions listed that are prefixed with X-. The choices are All, Reset, Developer, Kern-Developer, User, Minimal and Custom. Even the Custom option has nothing related to Xorg. That's correct, these have been removed. Hi Manolis, Look, I'm sorry, but I think this is a huge regression, especially if we're still hoping that people with no prior experience of installing freeBSD, people coming from Linux and such, for essentially or including desktop use, are going to have a rewarding installation experience. Is it supposed to be like this (i.e. no distributions containing X are presented on installation), or do I need to download other media from which to install? Note that I'm not asking how to install X and I realise that I can do it post-installation, but I'm just wondering whether I've made a mistake with my download or if the documentation is out of date. You've done nothing wrong, the documentation is in need of an update. Please file a doc-bug PR. Removing X from the distributions is a right step IMO, these are just 3rd party packages and it seems confusing if they get installed along with the base system. I think this is taking base-system-only installation purity to excess. Fine for people installing servers of course, and maybe it will shift more people wanting a GUI environment towards PC-BSD and such if we want to discourage these from using FreeBSD as it is (or maybe, was) but even with my 11 years experience of installing FrreeBSD versions from 2.2 till now, I kept on wondering, how would a newbie fare at this point? If you wish to install X during initial installation you can still do it when you get to the packages stage. I believe you will need the DVD for that. I used the memstick.img (discussed in another thread) and then FTP for installing packages. I've done this before using bootonly CDs, and it has advantages and disadvantages; for me it's been mostly positive. The main advantage is access to all packages. If you know what you want, and which categories they live in, it's great; an hour or so picking and away you go (modulo failures with this FTP site or that). There still exist people with slow net connections and older, slower kit for whom building everything from source would be very tedious. The main disadvantage is - access to all packages :) In the case of X, you and I, developers and most people here know to hunt for the Xorg meta-port. But the naive or new installer knows of no such thing, and could beat around in the huge lists of X software for ages, wondering what's required and what's not to get a desktop going. The previous basic setup menus in sysinstall for X were not only useful; I suspect that they are virtually essential for someone, say, coming from Debian or Ubuntu or such, wanting to try FreeBSD on their system, or the genuine first-time installer of FreeBSD. sysinstall used to assume as little prior knowledge or need to pre-read the Handbook and/or FAQ or follow the lists as possible. Now it's seeming much more firmly targeted at the already experienced user, and I feel that's regressive. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Monolithic vs Modular Kernel?
2009/12/10 David Naylor naylor.b.da...@gmail.com Hi, What are the pros and cons of building a stripped down kernel and loading all the missing parts via modules (such that you end up with the same functionality as generic kernel) vs having a kernel with all the modules built in? Also, is there anyway to detect if there are hardware without drivers (such as a sound card without any snd_ loaded) and to detect the type of device (e.g. network, usb, sound, graphics)? Lastly, is there any way to determine what 'modules' a kernel is build with? Regards, David kldstat -v ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: make delete-old question
On Thu, Dec 10, 2009 at 08:54:19AM +0100, Rolf G Nielsen wrote: Frank Shute wrote: Hi, Successfully upgraded from 7.2 to 8.0 but had my usual problem when jumping major versions with the make delete-old target. The problem being that it asks me to confirm deletion of each lib/file with a y and a return. I've found that I never say n to any deletion and it becomes very tedious to hammer at the keyboard for hundreds of libs/files. Is there a way to change the Makefile so that they all get deleted with just one y and a return? Or possibly use yes(1) to script it? TIA. Regards, yes | make delete-old Thanks Rolf, I hoped it would be something simple. Now I'll update my laptop. Regards, -- Frank Contact info: http://www.shute.org.uk/misc/contact.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Monolithic vs Modular Kernel?
David Naylor wrote: Hi, What are the pros and cons of building a stripped down kernel and loading all the missing parts via modules (such that you end up with the same functionality as generic kernel) vs having a kernel with all the modules built in? Flexibility mainly. The default kernel is pretty highly modularized nowadays, meaning that it doesn't need to be enormous but can still support most hardware encountered in the field. Even so, it still contains some wired-in code to support certain classes of functionality that will not be necessary on all systems. In general, there's not a huge benefit compared to the inconvenience to be gained from aggressively stripping down your kernel nowadays, unless you have a particular need for a really minimal system. Also, is there anyway to detect if there are hardware without drivers (such as a sound card without any snd_ loaded) and to detect the type of device (e.g. network, usb, sound, graphics)? Running: # pciconf -lv will show up any devices on the PCI busses without any attached drivers. Similarly usbconfig(8) will tell you all about attached USB busses and devices. Lastly, is there any way to determine what 'modules' a kernel is build with? Examine the kernel configuration file. If you don't have access to this, you might be able to extract it from the kernel image if it has been built with options INCLUDE_CONFIG_FILE however, AFAIK this isn't the default for GENERIC kernels. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. Flat 3 7 Priory Courtyard PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW, UK signature.asc Description: OpenPGP digital signature
Re: 8.0 installation doesn't contain X distributions
On Thu, 10 Dec 2009 19:47:08 +1100 (EST), Ian Smith smi...@nimnet.asn.au wrote: In freebsd-questions Digest, Vol 287, Issue 16, Message: 8 On Sat, 05 Dec 2009 19:39:08 +0200 Manolis Kiagias son...@otenet.gr wrote: Removing X from the distributions is a right step IMO, these are just 3rd party packages and it seems confusing if they get installed along with the base system. I think this is taking base-system-only installation purity to excess. Imagine the following situation: A user wants to run Linux applications on FreeBSD. He selects the Linux ABI service for startup via sysinstall. The corresponding _enable setting will be added to rc.conf, and - surprise! - a package will be installed. The same thing happens when a user installs X. Of course, X is not part of the base system, but in the same way that sysinstall (down)loads and installs packages when a specific service is selected, it should act the same way for X. I know that X has become a problematic and very complex thing, not just a few packages (as it was in the past with XFree86). X should be installabe in a manner made easy, just like the Linux ABI. In the case of X, you and I, developers and most people here know to hunt for the Xorg meta-port. The average user intending to run a desktop system won't be happy with compiling stuff... But the naive or new installer knows of no such thing, and could beat around in the huge lists of X software for ages, wondering what's required and what's not to get a desktop going. Therefore, I always liked the choice for X in sysinstall: It basically installed all the components to get X up and running. No big trouble getting the correct xorg-driver-* packages, installing and removing them, the xorg-input-* packages with the same story... -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 8.0-RELEASE-i386-memstick fixit - No USB devices found!
On Sat, 5 Dec 2009, Randi Harper wrote: On Sat, Dec 5, 2009 at 4:01 AM, Ian Smith smi...@nimnet.asn.au wrote: In freebsd-questions Digest, Vol 286, Issue 12, Message 7 On Fri, 27 Nov 2009 06:51:50 -0800 Randi Harper ra...@freebsd.org wrote: On Fri, Nov 27, 2009 at 5:00 AM, Derek (freebsd lists) 48225...@razorfever.net wrote: [..] I made the memstick.img by dd as per the release page on my Thinkpad T23. It only sports USB 1.0 ports, and while I was confident of the dd (which took ~25m at ~600kB/s), I didn't really expect a 2002 laptop to boot from the image, but on seeing the USB stick show up in its BIOS and promoting it in the disk boot order, it did! Never underestimate IBM .. [..] So .. booted into sysinstall, fdisk and label ad0s4, leave boot0 as was, committed that much after two earlier attempts failed due to the below, quit to reboot, checked the labelling, redid the mount points, all ok. Picked pretty much all distributions from custom install, then of course had to select media. Picked USB - and got about what Derek did, no USB disk found. Very long story short: googled for ages and found a forum thread about this very problem, in which someone suggested Options / Rescan Devices then trying again. The OP there said it didn't work for him, but it sure did for me! After knowing that, the install went pretty smoothly, modulo not getting fc-10 to install by FTP, but that's another issue.. And just now, prompted by this thread I tried selecting Fixit, to again get what Derek did. And again, Options / Rescan Devices fixed it for me. Maybe it will for Derek and/or maybe provide another clue? Maybe sysinstall could try a device rescan itself in that circumstance? This is a known issue. It would be possible to write in a hack to fix this problem that would be fairly quick to implement, but sysinstall already has one too many bandaids in place. I'd rather take a little bit of extra time and fix the underlying problem, especially since there is this workaround (forcing a device rescan) that seems to work for users in the meanwhile. At best it's an 'unknown known' :) Except for this present thread, my 'googling for ages' found nothing in FreeBSD lists about it. I was so close to giving up until I could go somewhere to burn a DVD, by then. I appreciate your disinclination to extend that message in sysinstall, it's been about to die for so long it's no longer funny, still it would have saved me half a day, and I'm sure I won't be the last person to run into this. I guess I should file a PR with a patch .. sysinstall was written back in the good 'ol days of pre-devfs and hasn't been updated much since. When it first runs, it does a device scan - that is, there's this really ugly data structure of all possible devices and a description/limit for each. So, just for example (and I'm not checking the code, so this value is probably wrong), say there's an entry for 'fxp' that is a type network with a limit of 16 devices - it's going to poke the system looking for fxp0, fxp1, ..., fxp15. It's doing this for every single network card, all possible disk devices, everything. Back in the day when computers were slower, this process could take a while, so it only happened once unless the user selected it again. But now, a rescan on my T23 was quite fast, and it's only a P3 1133MHz. Needless to say, this is extremely inefficient (sysinstall code has to be changed any time a new driver is added, too!) and there's a lot of better ways to do this. It's very easy to pull a list of network cards, disks, etc, but the work in moving away from that ugly data structure is no small job. Right now, much of my time is being taken up in trying to get gpt support into sysinstall, but getting rid of that data structure is high in my priority list, especially since there's a workaround. Old/cheap USB flash sticks seem to be the main offender, as they are slow to be recognized/probed, and sysinstall has already finished it's device scan by then. Point taken, but an unknown workaround is no use to the newbie installer (see my prior whinge to Manolis re the X installation menu going away) Yes, I was using an older 1GB Shintaro stick, the only one on hand, on a machine using USB 1.0 only, but I doubt I'll be the only one; sysinstall has always striven to work with other than just top-range newer kit. I do know how hard it is for developers to remember what mortals don't know, or to imagine why folks might not be running more recent gear :) While I'm at it .. selecting 'Holographic Shell', while in that state at least, brings up a shell that (perhaps due to stick not being mounted?) has no ls command, making navigation difficult :) pwd works, set works, but no ls. Later (from debug msgs on vty1) I saw that I'd been perhaps in /stand and only much later
mountroot prompt after hint.apic.0.disabled=1
Don't know if that loader.conf change affected this server, I disabled APIC in loader.conf after finding it may be responsible for a slow clock on this VMware guest FreeBSD install. I rebooted for the changes to take affect and it goes now to a mountroot prompt, can't seem to load the root partition. I type ? at the prompt and it does not list anything after 'List of GEOM managed disk devices'. Can anyone suggest how I can fix this problem? Thanks, Robert ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
How to upgrade
Hi list, Yesterday I decided to upgrade my server, which currently running 7.1rel. p8. Do I have to first upgrade to 7.2 release and then to 8.0, or instead of this, directly do a safe step to 8.0 release ? Thanks in advance Dimitar, ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
CUPS laserjet 2200dn with Jetdirect 610N on network - one remaining problem
Hi All Thank you everyone for your help as a result of combined efforts I have finally succeeded in getting cups the server to communicate with the printer and print. HOWEVER!! One minor niggling problem remains. I cannot communicate with the cups management interface on http://localhost:631 due to password authentication failure. I try logging in as 'root' with correct root password in the login dialogue. I altered the loglevel to debug and the output is at the end of the email. It seems as though the cupsd is not receiving the input (probably due to some config error on my part!). I have tried using a number of different browsers but get the same result. Prior to testing I did: dns1# lppasswd -g wheel -a root The standard cups error log showed cupsdAuthorize: pam_start() returned 4 (system error)! So I raised the loglevel to debug and got the results shown further down. All the configuration has been done manually. I restarted cupsd with: dns1# /usr/local/etc/rc.d/cupsd restart Stopping cupsd. Starting cupsd. The HP JetDirect Configuration report includes the following info: ___ Model Number: J4169A Firmware Version: L.20.24 Under TCP/IP we have: Hostname: [mydevice] Domain Name: [my_domain].[my_tld] # The following all show correct entries: Ip Address: Subnet Mask: Default Gateway: DNS Server: __ End of jetDirect config info: The beast is printing. Cups is running: dns1# ps -aux |grep cupsd root 40253 0.0 0.1 27956 5332 ?? Is1:01PM 0:00.02 /usr/local/sbin/cupsd -C /usr/local/etc/cups/cupsd.conf dns1# cat /usr/local/etc/cups/cupsd.conf # # $Id: cupsd.conf.in 8805 2009-08-31 16:34:06Z mike $ # # Sample configuration file for the CUPS scheduler. See man cupsd.conf for a # complete description of this file. # # Log general information in error_log - change warn to debug # for troubleshooting... LogLevel warn # Administrator user group... SystemGroup wheel # Only listen for connections from the local machine. Listen localhost:631 Listen /var/run/cups.sock # Show shared printers on the local network. Browsing On BrowseOrder allow,deny BrowseAllow all BrowseLocalProtocols CUPS # Default authentication type, when authentication is required... DefaultAuthType Basic # Restrict access to the server... Location / Order Deny, Allow Deny from All Allow from 127.0.0.1 Allow from 62.49.197.50 /Location # Restrict access to the admin pages... Location /admin AuthType Default Require user @SYSTEM Order Deny, Allow Deny from All Allow from 127.0.0.1 Allow from 62.49.197.50 /Location # Restrict access to configuration files... Location /admin/conf AuthType Default Require user @SYSTEM Order Deny, Allow Deny from All Allow from 127.0.0.1 Allow from 62.49.197.50 Order allow,deny /Location # Set the default printer/job policies... Policy default # Job-related operations must be done by the owner or an administrator... Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel- Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend- Current-Job Resume-Job CUPS-Move-Job CUPS-Get-Document Require user @OWNER @SYSTEM Order deny,allow
Re: 8.0 installation doesn't contain X distributions
Ian Smith wrote: In freebsd-questions Digest, Vol 287, Issue 16, Message: 8 On Sat, 05 Dec 2009 19:39:08 +0200 Manolis Kiagias son...@otenet.gr wrote: However, I do not see any distributions listed that are prefixed with X-. The choices are All, Reset, Developer, Kern-Developer, User, Minimal and Custom. Even the Custom option has nothing related to Xorg. That's correct, these have been removed. Hi Manolis, Look, I'm sorry, but I think this is a huge regression, especially if we're still hoping that people with no prior experience of installing freeBSD, people coming from Linux and such, for essentially or including desktop use, are going to have a rewarding installation experience. Is it supposed to be like this (i.e. no distributions containing X are presented on installation), or do I need to download other media from which to install? Note that I'm not asking how to install X and I realise that I can do it post-installation, but I'm just wondering whether I've made a mistake with my download or if the documentation is out of date. You've done nothing wrong, the documentation is in need of an update. Please file a doc-bug PR. Removing X from the distributions is a right step IMO, these are just 3rd party packages and it seems confusing if they get installed along with the base system. I think this is taking base-system-only installation purity to excess. On the other hand, I feel it is confusing when you find yourself essentially selecting packages in the menus for the base-system components. The DVD *still* has the packages, and you are still asked if you wish to install any. Xorg is just one click away - select the meta-package and the entire thing goes in. Fine for people installing servers of course, and maybe it will shift more people wanting a GUI environment towards PC-BSD and such if we want to discourage these from using FreeBSD as it is (or maybe, was) but even with my 11 years experience of installing FrreeBSD versions from 2.2 till now, I kept on wondering, how would a newbie fare at this point? Having shown the FreeBSD installation to people only acquainted with Windows or Ubuntu, I always get the same reaction: Completely disheartening, confusing, complex. You need to know too many things and when everything is done right, you are just rewarded with a console login. This is a fact: FreeBSD is not for the faint of heart, and definitely not for someone who wants a desktop in five minutes. You have to get past the initial shock and devote a lot of time to learn your way around the system. This requires considerable effort and there are lots of people who have neither the time nor the inclination to dig deep into an OS - they just want a working desktop. IMHO an extra click for the Xorg is not that much important in the grand scheme of things. I think it would be best if beginners are informed beforehand that they really need to study: you will not get a working desktop FreeBSD 'by chance' or because someone else configured the defaults for you and you just restored an image to your hard drive (as I understand, this is what most desktop-oriented Linux distros do these days) Now if we delve deeper into this we are going to hit philosophical questions like Do we want ignorant users? Is our setup procedure so discouraging that even would-be-knowledgeable users abandon the system early? Should we provide an Ubuntu-like BSD install? I can live with sysinstall myself, although I don't really like it. There are numerous problems with it (and we had a long thread in the past about it, so I am not going to repeat myself) with the added fact that as the system progresses to new features (journaling, ZFS, gpart ...) sysinstall stands still and does not provide any way to use them during initial setup. I've introduced more than a few beginners to FreeBSD. I always warn them beforehand what to expect - I only continue with those who are prepared to study the handbook and a few (hundred...) pages of my introductory notes. All of them are now happy, satisfied users. But none expected to have a working desktop in five minutes. There are other distributions for that (PC-BSD, Ubuntu) If you wish to install X during initial installation you can still do it when you get to the packages stage. I believe you will need the DVD for that. I used the memstick.img (discussed in another thread) and then FTP for installing packages. I've done this before using bootonly CDs, and it has advantages and disadvantages; for me it's been mostly positive. The main advantage is access to all packages. If you know what you want, and which categories they live in, it's great; an hour or so picking and away you go (modulo failures with this FTP site or that). There still exist people with slow net connections and older, slower kit for whom building everything from source would
Re: 8.0 installation doesn't contain X distributions
Polytropon wrote: On Thu, 10 Dec 2009 19:47:08 +1100 (EST), Ian Smith smi...@nimnet.asn.au wrote: In freebsd-questions Digest, Vol 287, Issue 16, Message: 8 On Sat, 05 Dec 2009 19:39:08 +0200 Manolis Kiagias son...@otenet.gr wrote: Removing X from the distributions is a right step IMO, these are just 3rd party packages and it seems confusing if they get installed along with the base system. I think this is taking base-system-only installation purity to excess. Imagine the following situation: A user wants to run Linux applications on FreeBSD. He selects the Linux ABI service for startup via sysinstall. The corresponding _enable setting will be added to rc.conf, and - surprise! - a package will be installed. The same thing happens when a user installs X. Of course, X is not part of the base system, but in the same way that sysinstall (down)loads and installs packages when a specific service is selected, it should act the same way for X. I know that X has become a problematic and very complex thing, not just a few packages (as it was in the past with XFree86). X should be installabe in a manner made easy, just like the Linux ABI. In the case of X, you and I, developers and most people here know to hunt for the Xorg meta-port. The average user intending to run a desktop system won't be happy with compiling stuff... Exactly. Most desktop users want a working system in the minimum of time (Can't blame them for that). Even with packages, we cannot beat an image-based distro, esp. since it will also provide all essential default settings. But the naive or new installer knows of no such thing, and could beat around in the huge lists of X software for ages, wondering what's required and what's not to get a desktop going. Therefore, I always liked the choice for X in sysinstall: It basically installed all the components to get X up and running. No big trouble getting the correct xorg-driver-* packages, installing and removing them, the xorg-input-* packages with the same story... There is an X.org meta-package that installs everything though. It is just a problem with the beginner not knowing what to select. This can be tackled in two ways IMO, first is by creating a First time FreeBSD desktop installer type article, second would be adding a menu choice in sysinstall Install a standard X desktop {GNOME,KDE}. I must admit I much prefer the first solution. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 8.0 installation doesn't contain X distributions
Exactly. Most desktop users want a working system in the minimum of time (Can't blame them for that). Even with packages, we cannot beat an image-based distro, esp. since it will also provide all essential default settings. If I might butt in: If the user-to-be wants a working system in 5 minutes could there be a link on the FreeBSD homepage itself directing them to PC-BSD (or similar) .ISOs? Perhaps with an addendum that, while they can download and install FreeBSD 'straight up, no chaser' using an image from the FreeBSD page, it *isn't* going to be 5 minutes and perhaps a derivative version might be their best bet. Just a thought, r ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 8.0 installation doesn't contain X distributions
all I gotta say is I just spent 3 days compiling gnome2 for fbsd.. It shouldn't take that long or be that hard/complicated. Most of it was stupid crap that I would of thought should of been taken care of by now. Applications complaining about which version of python is installed, complaining about needing newer versions of this or that and stopping the process. Than off to find the proper port to install (and having to use FORCE PKG REGISTER) to appease the original install. Back to the gnome install let it run again until the next application configuration screen. You can't just do a make config in the meta port for the entire process.. That would be too easy.. Last time I did a Xorg installed I just ended up doing a pkg_add because I grew tired of the problems I kept having with ports griping about this and that being outdated or whatever. This time I wanted to see the process through and figure I might learn a thing or two. I digress though... My intention with fbsd wasn't for a desktop though; but why install linux to get a feel for X(org) when we can do it on fbsd? Yet why should it feel like I'm a circus poodle trying to make it work? On Thu, Dec 10, 2009 at 8:22 AM, Manolis Kiagias son...@otenet.gr wrote: Polytropon wrote: On Thu, 10 Dec 2009 19:47:08 +1100 (EST), Ian Smith smi...@nimnet.asn.au wrote: In freebsd-questions Digest, Vol 287, Issue 16, Message: 8 On Sat, 05 Dec 2009 19:39:08 +0200 Manolis Kiagias son...@otenet.gr wrote: Removing X from the distributions is a right step IMO, these are just 3rd party packages and it seems confusing if they get installed along with the base system. I think this is taking base-system-only installation purity to excess. Imagine the following situation: A user wants to run Linux applications on FreeBSD. He selects the Linux ABI service for startup via sysinstall. The corresponding _enable setting will be added to rc.conf, and - surprise! - a package will be installed. The same thing happens when a user installs X. Of course, X is not part of the base system, but in the same way that sysinstall (down)loads and installs packages when a specific service is selected, it should act the same way for X. I know that X has become a problematic and very complex thing, not just a few packages (as it was in the past with XFree86). X should be installabe in a manner made easy, just like the Linux ABI. In the case of X, you and I, developers and most people here know to hunt for the Xorg meta-port. The average user intending to run a desktop system won't be happy with compiling stuff... Exactly. Most desktop users want a working system in the minimum of time (Can't blame them for that). Even with packages, we cannot beat an image-based distro, esp. since it will also provide all essential default settings. But the naive or new installer knows of no such thing, and could beat around in the huge lists of X software for ages, wondering what's required and what's not to get a desktop going. Therefore, I always liked the choice for X in sysinstall: It basically installed all the components to get X up and running. No big trouble getting the correct xorg-driver-* packages, installing and removing them, the xorg-input-* packages with the same story... There is an X.org meta-package that installs everything though. It is just a problem with the beginner not knowing what to select. This can be tackled in two ways IMO, first is by creating a First time FreeBSD desktop installer type article, second would be adding a menu choice in sysinstall Install a standard X desktop {GNOME,KDE}. I must admit I much prefer the first solution. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 8.0 installation doesn't contain X distributions
On Thu, Dec 10, 2009 at 9:01 AM, Reed Loefgren rloefg...@forethought.netwrote: Exactly. Most desktop users want a working system in the minimum of time (Can't blame them for that). Even with packages, we cannot beat an image-based distro, esp. since it will also provide all essential default settings. If I might butt in: If the user-to-be wants a working system in 5 minutes could there be a link on the FreeBSD homepage itself directing them to PC-BSD (or similar) .ISOs? Perhaps with an addendum that, while they can download and install FreeBSD 'straight up, no chaser' using an image from the FreeBSD page, it *isn't* going to be 5 minutes and perhaps a derivative version might be their best bet. Just a thought, r After trying installation of FreeBSD 8.0 Release ( before RCs ) without success ( Gnome : Some menu elements are not working , for example shutdown , it is becoming necessary to open a terminal and explicitly write shutdown -p now , it is not possible to every thing by terminal or GUI elements ) , ( KDE4 : Konsole not working because after a short show of terminal window , it is disappearing , it is not possible to do every thing without Konsole ) , ( XFCE - It is becoming rock solid due to key board insensitivity , on the same computer many operating systems are working , from FreeBSD to many Linux distributions ) . After those attempts , I have installed DesktopBSD 1.7 . I can say that it is a WONDERFUL FreeBSD distribution based on FreeBSD 7.2 and KDE4 where FreeBSD 7.2 from www.FreeBSD.org can not be compared with its beatiness . Now , I am waiting FreeBSD 8.x from www.FreeBSD.org , where x 0 , with the hope that it will be possible to have an easily usable FreeBSD distribution . Thank you very much . Mehmet Erol Sanliturk ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Root exploit for FreeBSD
From my information security manager: FreeBSD isn't much used within the University (I understand) and has a (comparatively) poor security record. Most recently, for example: http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.html -- Anton Shterenlikht Room 2.6, Queen's Building Mech Eng Dept Bristol University University Walk, Bristol BS8 1TR, UK Tel: +44 (0)117 331 5944 Fax: +44 (0)117 929 4423 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How to upgrade
On 10/12/2009 10:36, Dimitar Trandov wrote: Hi list, Yesterday I decided to upgrade my server, which currently running 7.1rel. p8. Do I have to first upgrade to 7.2 release and then to 8.0, or instead of this, directly do a safe step to 8.0 release ? Thanks in advance Dimitar, ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org 7.2 first then 8.0. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
In response to Anton Shterenlikht me...@bristol.ac.uk: From my information security manager: FreeBSD isn't much used within the University (I understand) and has a (comparatively) poor security record. Most recently, for example: http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.html Are you trying to make your infosec guy look like an idiot? Does he realize that FreeBSD has a grand total of 16 security problems for all of 2009? Hell, Microsoft has that many in an average month. If he can find something (other than OpenBSD) with a better record than that, I'd love to hear about it. -- Bill Moran http://www.potentialtech.com http://people.collaborativefusion.com/~wmoran/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
Anton Shterenlikht wrote: From my information security manager: FreeBSD isn't much used within the University (I understand) and has a (comparatively) poor security record. Most recently, for example: http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.html Without wanting to get into any flame wars, I will only say this .. I find this kind of unsubstantiated speculation extremely disappointing. It speaks not only to an apparent lack of knowledge about FreeBSD but also about any alternative operating system. Subject closed, imb ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Temporarily halt boot process to enter encryption keys?
On Wed, 09 Dec 2009 01:31:47 -0600 Corey J. Bukolt 0...@mail.ru wrote: Hello list, I have a FreeNAS box with a CF card for root, and 3 drives (soon to be 4) set up with encryption and raidz on top of them. A less than excellent detailed report of what I did is here: http://bit.ly/5BeZq8 This setup is a bit hackish as after the system boots I need to attach each drive using geli, run zpool import -f primary, and then restart all my services (nfs, samba, etc). It's become a bit of a chore (especially when doing it all from a N810), so I'm looking for a way to temporary halt the boot process so that I can ssh in, attach the drives, and then allow the system to continue to boot. It's fairly trivial to write an rc.d script that pauses the boot process and waits for devices, but sshd runs after LOGIN, and nfs runs before, so you can't easily reorder then without maintaining modified rc.d scripts. I don't see the point though. Why not just write a script to do what you are doing now? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
At 09:41 AM 12/10/2009, Anton Shterenlikht wrote: From my information security manager: FreeBSD isn't much used within the University (I understand) and has a (comparatively) poor security record. Most recently, for example: http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.html Some say... world flat... some say roundish. There are lots of opinions to choose from. It would be nice to see an actual properly designed study quoted... or even some raw data referenced. and I am not talking about something vendor sponsored that examines such track records. In the case of the above mentioned zero day exploit someone posted, I think FreeBSD did a GREAT job at getting a fast unofficial patch out and then 2 days later an official advisory and patch out. Take a look at their actual track record at http://www.freebsd.org/security and judge for yourself based on that. Note, a good chunk of whats there is common across multiple operating systems (e.g ntpd, BIND, openssl etc) There are lots of reasons why someone might use or not use FreeBSD. In my _opinion_, a poor security record is not one of them... But judge for yourself based on their actual track record. ---Mike Mike Tancsa, tel +1 519 651 3400 Sentex Communications,m...@sentex.net Providing Internet since 1994www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
Bill Moran wrote: In response to Anton Shterenlikht me...@bristol.ac.uk: From my information security manager: FreeBSD isn't much used within the University (I understand) and has a (comparatively) poor security record. Most recently, for example: http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.html Are you trying to make your infosec guy look like an idiot? He doesn't really have to _try_, does he? I have always thought that an infosec person should *know* what they have running within their own network, and furthermore, gather his comparative analysis from somewhere other than the dept-of-some-guys-blog. Perhaps these are not the job requirements of a security person. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 8.0 installation doesn't contain X distributions
Mehmet Erol Sanliturk wrote: On Thu, Dec 10, 2009 at 9:01 AM, Reed Loefgren rloefg...@forethought.netwrote: Exactly. Most desktop users want a working system in the minimum of time (Can't blame them for that). Even with packages, we cannot beat an image-based distro, esp. since it will also provide all essential default settings. If I might butt in: If the user-to-be wants a working system in 5 minutes could there be a link on the FreeBSD homepage itself directing them to PC-BSD (or similar) .ISOs? Perhaps with an addendum that, while they can download and install FreeBSD 'straight up, no chaser' using an image from the FreeBSD page, it *isn't* going to be 5 minutes and perhaps a derivative version might be their best bet. Just a thought, r After trying installation of FreeBSD 8.0 Release ( before RCs ) without success ( Gnome : Some menu elements are not working , for example shutdown , it is becoming necessary to open a terminal and explicitly write shutdown -p now , it is not possible to every thing by terminal or GUI elements ) , You are probably missing policykit/hal settings. Have a look at: http://www.freebsd.org/gnome/docs/halfaq.html ( KDE4 : Konsole not working because after a short show of terminal window , it is disappearing , it is not possible to do every thing without Konsole ) , Haven't used KDE4 in FreeBSD for a while so I can't really say. I have built some packages but not used them yet. ( XFCE - It is becoming rock solid due to key board insensitivity , on the same computer many operating systems are working , from FreeBSD to many Linux distributions ) . After those attempts , I have installed DesktopBSD 1.7 . I can say that it is a WONDERFUL FreeBSD distribution based on FreeBSD 7.2 and KDE4 where FreeBSD 7.2 from www.FreeBSD.org can not be compared with its beatiness . You do realize of course that DesktopBSD *is* FreeBSD with many of these settings and defaults pre-applied for you? Obviously the DesktopBSD developers do a wonderful job on it, but it is also possible to build this yourself using FreeBSD and ports. It will take more time, it will be more tedious and you will learn a lot of stuff. And you will have a lot more control of what gets installed and how the final system behaves. Obviously these are less important factors, if the purpose is to have a desktop system as quickly as possible. Now , I am waiting FreeBSD 8.x from www.FreeBSD.org , where x 0 , with the hope that it will be possible to have an easily usable FreeBSD distribution . You may also want to give PC-BSD a try. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
Anton Shterenlikht me...@bristol.ac.uk writes: From my information security manager: FreeBSD isn't much used within the University (I understand) and has a (comparatively) poor security record. Most recently, for example: comparatively, compared to what? Windows? Linux? We beat them both into the ground. He is speaking from ignorance. DES -- Dag-Erling Smørgrav - d...@des.no ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
2009/12/10 Anton Shterenlikht me...@bristol.ac.uk: From my information security manager: FreeBSD isn't much used within the University (I understand) and has a (comparatively) poor security record. Most recently, for example: http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.html Wow. Just...wow. FreeBSD's security record, the rate at which fixes occur, the ports system and the overall sanity of the environment is *precisely* why we have been migrating from RHEL to FreeBSD at my University (I'm employed by the University, not a student). I would be quite curious as to which operating system is serving as the baseline for this comparison. I would also be quite curious as to whether the manager making said statement is responsible for central IT services or is locked into providing services by a particular vendor. kmw -- Beware the leader who bangs the drums of war in order to whip the citizenry into a patriotic fervor, for patriotism is indeed a double-edged sword. It both emboldens the blood, just as it narrows the mind. And when the drums of war have reached a fever pitch and the blood boils with hate and the mind has closed, the leader will have no need in seizing the rights of the citizenry. Rather, the citizenry, infused with fear and blinded by patriotism, will offer up all of their rights unto the leader and gladly so - Unattributed, post 9/11 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: HP USB 2.0 Tape Drive
On Wed, Dec 09, 2009 at 03:50:04PM -0800, Doug Sampson wrote: Hi, I'm looking to buy a tape drive and am currently looking at USB 2.0 DAT tape drives from HP. I searched the hardware compatibility list and cannot locate any information tape drives except the disclaimer that SCSI tape drives do work on SCSI controller cards that are recognized by the FreeBSD OS. The only thing I can find is that apparently the ehci driver must be used if USB 2.0 interface is to be used with a tape drive. Does anyone have had positive or negative experience using these USB-based DAT tape drives? Specifically, I am looking at the HP (Hewlett-Packard) StorageWorks Q1581SB DAT 160 Tape Drive. If there are other branded USB 2.0-based tape drives (i.e. Quantum) that you've used with little or no problems, I would be interested in knowing about these. I don't think you will have a problem using a USB2 interface. But, I really cannot recommend DAT. That type of system seems to have been pushed beyond its ability.The tapes fail frequently.The only thing nice about DAT is its rapid search ability. But, if you can't read what you thought you wrote, it doesn't matter how fast you can search for it. jerry ~Doug ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
On Thu, 10 Dec 2009 14:41:41 + Anton Shterenlikht me...@bristol.ac.uk wrote: FreeBSD isn't much used within the University (I understand) and has a (comparatively) poor security record. In comparison to what it is supposed to have a poor security record? Most recently, for example: http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.html Yes, and? http://docs.freebsd.org/cgi/getmsg.cgi?fetch=0+0+archive/2009/freebsd-security-notifications/20091206.freebsd-security-notifications http://security.freebsd.org/advisories/FreeBSD-SA-09:16.rtld.asc Andreas -- GnuPG key : 0x2A573565|http://www.gnupg.org/howtos/de/ Fingerprint: 925D 2089 0BF9 8DE5 9166 33BB F0FD CD37 2A57 3565 pgps1e71xOvxr.pgp Description: PGP signature
Re: Root exploit for FreeBSD
Fire the noob you have working for you and hire someone with a clue. Anton Shterenlikht wrote: From my information security manager: FreeBSD isn't much used within the University (I understand) and has a (comparatively) poor security record. Most recently, for example: http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.html -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Dangerously Dedicated
On Thu, Dec 10, 2009 at 03:08:16AM +0100, Polytropon wrote: On Thu, 10 Dec 2009 02:33:17 +0100, Rolf Nielsen listrea...@lazlarlyricon.com wrote: As far as I understand it, it's called Dangerously Dedicated because it may cause other systems not to recognise the disk. Primarily, it's called dedicated (only) because it describes a setting where a whole hard disk is dedicated to the FreeBSD operating system. The addition dangerously seems to describe the danger that other operating systems cannot handle such a disk layout, or may cause problems to them - but I don't know this for sure because I'm not a multi-booter. :-) It is dangerous because other systems cannot talk to it. It is dedicated because only FreeBSD can talk to it. It is a somewhat redundant term but it sounds good and important. jerry ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Dangerously Dedicated
Jerry McAllister writes: It is dedicated because only FreeBSD can talk to it. Is this correct? What about {Net, Open, DregonFly}BSD, or Linux? Robert Huff ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How to upgrade
I think you wrong. I read the Official Announce for FreeBSD 8.0-RELEASE http://www.freebsd.org/releases/8.0R/announce.html You can find this sentence : Systems running 7.[012]-RELEASE, 8.0-BETA[1234], or 8.0-RC[123] can upgrade as follows: You can upgrade directly from 7.1 to 8.0 with the steps described in the Handbook (from sources with csup or binaries with freebsd-update). You must recompile your ports after this major upgrade. Alexandre. --- En date de : Jeu 10.12.09, Ricardo Jesus ricardo.meb.je...@gmail.com a écrit : De: Ricardo Jesus ricardo.meb.je...@gmail.com Objet: Re: How to upgrade À: Dimitar Trandov d.tran...@tcebank.com Cc: freebsd-questions@freebsd.org Date: Jeudi 10 Décembre 2009, 13h35 On 10/12/2009 10:36, Dimitar Trandov wrote: Hi list, Yesterday I decided to upgrade my server, which currently running 7.1rel. p8. Do I have to first upgrade to 7.2 release and then to 8.0, or instead of this, directly do a safe step to 8.0 release ? Thanks in advance Dimitar, ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org 7.2 first then 8.0. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Dangerously Dedicated
On Thu, Dec 10, 2009 at 10:43:37AM -0500, Robert Huff wrote: Jerry McAllister writes: It is dedicated because only FreeBSD can talk to it. Is this correct? What about {Net, Open, DregonFly}BSD, or Linux? Not Linux without some programming, but maybe some of the other BSDs. jerry Robert Huff ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
Anton Shterenlikht wrote: From my information security manager: FreeBSD isn't much used within the University (I understand) and has a (comparatively) poor security record. Most recently, for example: http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.html yeah we know, but really, quoting security as a reason not to use it is a bit like quoting flat tyres (British spelling to those USA'ns reading) as a reason to not buy a Jag. Every OS has them and in fact we are better than many. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
On Thu, Dec 10, 2009 at 09:51:22AM -0500, Bill Moran wrote: In response to Anton Shterenlikht me...@bristol.ac.uk: From my information security manager: FreeBSD isn't much used within the University (I understand) and has a (comparatively) poor security record. Most recently, for example: http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.html Are you trying to make your infosec guy look like an idiot? Does he realize that FreeBSD has a grand total of 16 security problems for all of 2009? Hell, Microsoft has that many in an average month. If he can find something (other than OpenBSD) with a better record than that, I'd love to hear about it. I was just stressed after being forced by him to explain why I wanted firewall exceptions for two ports to my FreeBSD portscluster nodes. I explained the reasons and that was settled. I wouldn't be surprised if I'm the sole fbsd user at my Uni. The situation with computing is not great and getting worse. The Uni is, of course, addicted to Microsoft, but having realised all the problems with that, lately the policy has been to deny (!) MS users admin access to their own desktops. The situation is just ridiculous - if a MS user wants to install a piece of software on their PC he/she has to ask for permission, and then wait until some computer officer would come and do install for them. Also recently, well.. about a year ago, no host (!) could be accessed from outside the Uni firewall. Special exception has to be obtained even for ssh. There is only one dedicated sun server which accepts only ssh. The users are supposed to dial to this frontend server first, and from there to hosts on the local net. Honestly, the situation is so bad that I sometimes wonder - perhaps it's me who is mad. It seems IT services look at anybody who wants to escape MS with suspicion at best. I had to fight a long battle, well.. I had some support from other academics, to have a linux class in my Faculty. Here the opposition wasn't so much security, as why would any undegraduate need linux, as if MS solutions are a pinnacle of human thought. And from I understand it's going to get worse. Apparently the IT services are drawing up plans to completely forbid use of non-autorized OS. I imagine fbsd will not be authorized. So I'm anticipating another battle already. Perhaps I should start putting together some statistics to make my case more forcefully. many thanks for your support, as always -- Anton Shterenlikht Room 2.6, Queen's Building Mech Eng Dept Bristol University University Walk, Bristol BS8 1TR, UK Tel: +44 (0)117 331 5944 Fax: +44 (0)117 929 4423 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How to upgrade
On 10/12/2009 15:50, Alexandre L. wrote: I think you wrong. I read the Official Announce for FreeBSD 8.0-RELEASE http://www.freebsd.org/releases/8.0R/announce.html You can find this sentence : Systems running 7.[012]-RELEASE, 8.0-BETA[1234], or 8.0-RC[123] can upgrade as follows: You can upgrade directly from 7.1 to 8.0 with the steps described in the Handbook (from sources with csup or binaries with freebsd-update). You must recompile your ports after this major upgrade. Alexandre. --- En date de : Jeu 10.12.09, Ricardo Jesusricardo.meb.je...@gmail.com a écrit : De: Ricardo Jesusricardo.meb.je...@gmail.com Objet: Re: How to upgrade À: Dimitar Trandovd.tran...@tcebank.com Cc: freebsd-questions@freebsd.org Date: Jeudi 10 Décembre 2009, 13h35 On 10/12/2009 10:36, Dimitar Trandov wrote: Hi list, Yesterday I decided to upgrade my server, which currently running 7.1rel. p8. Do I have to first upgrade to 7.2 release and then to 8.0, or instead of this, directly do a safe step to 8.0 release ? Thanks in advance Dimitar, ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org 7.2 first then 8.0. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Either way you achieve your goal. And there is nothing like reading the documentation before upgrading. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
On Thu, Dec 10, 2009 at 5:21 PM, Anton Shterenlikht me...@bristol.ac.uk wrote: On Thu, Dec 10, 2009 at 09:51:22AM -0500, Bill Moran wrote: In response to Anton Shterenlikht me...@bristol.ac.uk: I had to fight a long battle, well.. I had some support from other academics, to have a linux class in my Faculty. Here the opposition wasn't so much security, as why would any undegraduate need linux, as if MS solutions are a pinnacle of human thought. This is getting so funny.. Next topic please. Peace. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
8.0: OpenSSL stat()'s NLS 500+ times causing extreme system load
We have a Nagios server (ports/net-mgmt/nagios) that has a lot of check_nrpe2 (ports/net-mgmt/nrpe2) checks. We recently upgraded the server it runs on to 8.0-STABLE (r199975). The performance has never been great, but now it's really atrocious and I'm trying to figure out what's going on. The machine (a dual-core Nehalem) has a load average of 5 - 10 at all times, and top shows 100% CPU usage, 75% system CPU usage. No process has more than a few % CPU though. This is due to the large number of very short-lived processes doing individual Nagios checks that don't live long enough to appear in top. I investigated in some more detail with ktrace and found that each execution of check_nrpe2 performs 520 stat() calls. The bulk of them look like this: 81915 check_nrpe2 CALL stat(0x7fbfde28,0x7fbfddc4) 81915 check_nrpe2 NAMI /usr/share/nls/C/libc.cat 81915 check_nrpe2 RET stat -1 errno 2 No such file or directory 81915 check_nrpe2 CALL stat(0x7fbfde28,0x7fbfddc4) 81915 check_nrpe2 NAMI /usr/share/nls/libc/C 81915 check_nrpe2 RET stat -1 errno 2 No such file or directory 81915 check_nrpe2 CALL stat(0x7fbfde28,0x7fbfddc4) 81915 check_nrpe2 NAMI /usr/local/share/nls/C/libc.cat 81915 check_nrpe2 RET stat -1 errno 2 No such file or directory 81915 check_nrpe2 CALL stat(0x7fbfde28,0x7fbfddc4) 81915 check_nrpe2 NAMI /usr/local/share/nls/libc/C 81915 check_nrpe2 RET stat -1 errno 2 No such file or directory 81915 check_nrpe2 CALL stat(0x7fbfde28,0x7fbfddc4) kdump also shows 70 calls to getpid, which seems excessive. (About 50 of them appear to be in a tight loop.) The check_nrpe2 program simply opens an SSL socket to a remote server, sends a short request and gets a short response. It is a pretty simple program. (~22k of source) The calls to getpid() bother me a bit, but I think the NLS is the real problem: $ kdump -E -t n | fgrep /nls/ | head -1 81915 check_nrpe2 0.016815 NAMI /usr/share/nls/C/libc.cat $ kdump -E -t n | fgrep /nls/ | tail -1 81915 check_nrpe2 0.135663 NAMI /usr/local/share/nls/libc/C $ kdump -E | tail -1 81915 check_nrpe2 0.222510 CALL exit(0x1) $ kdump -E -t n | fgrep /nls/ | wc 5082540 32004 So this program spends over half its life looping over 508 stat() calls looking for a nonexistent libc.cat file. And then another chunk (probably a lot smaller, but not measured) looping over getpid(). Both appear to be related to SSL; if I set up nrpe not to use it, both excesses go away and the program finishes in about half the time, using about half the CPU resources. To confirm that it was SSL-related, I tried: $ ktrace openssl s_client -connect x2:5666 And I got the exact same stat() getpid() behavior. Obviously there is some small CPU overhead associated with SSL. This is not about that. This is about the system overhead induced by calling stat 500+ times on a directory that doesn't exist. This gets a little worse. Because there are several checks running at any given time, there is a lot of contention to VFS lookup this handful of paths. That's an area where FreeBSD has known SMP performance issues I've seen discussed elsewhere, and this is a pathological worst case. The net result, a dual core machine is brought to its knees by a relatively simple Nagios setup. Anyway, long story short, why is OpenSSL doing this and how can we make it stop? Thanks for any suggestions! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
--On Thursday, December 10, 2009 08:41:41 -0600 Anton Shterenlikht me...@bristol.ac.uk wrote: From my information security manager: FreeBSD isn't much used within the University (I understand) and has a (comparatively) poor security record. Most recently, for example: http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.ht ml Please pass this to your information security manager: From one information security manager to another, you're an idiot. -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. *** It is as useless to argue with those who have renounced the use of reason as to administer medication to the dead. Thomas Jefferson ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
http://security.freebsd.org/advisories/FreeBSD-SA-09:16.rtld.asc On Thu, Dec 10, 2009 at 11:05:16AM -0600, Paul Schmehl thus spake: --On Thursday, December 10, 2009 08:41:41 -0600 Anton Shterenlikht me...@bristol.ac.uk wrote: From my information security manager: FreeBSD isn't much used within the University (I understand) and has a (comparatively) poor security record. Most recently, for example: http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.ht ml Please pass this to your information security manager: From one information security manager to another, you're an idiot. -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. *** It is as useless to argue with those who have renounced the use of reason as to administer medication to the dead. Thomas Jefferson ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- i am a mutthead ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chargen wrote: On Thu, Dec 10, 2009 at 5:21 PM, Anton Shterenlikht me...@bristol.ac.uk wrote: On Thu, Dec 10, 2009 at 09:51:22AM -0500, Bill Moran wrote: In response to Anton Shterenlikht me...@bristol.ac.uk: I had to fight a long battle, well.. I had some support from other academics, to have a linux class in my Faculty. Here the opposition wasn't so much security, as why would any undegraduate need linux, as if MS solutions are a pinnacle of human thought. This is getting so funny.. Next topic please. Peace. What bothers me is that some of these worshipers (be that demon, penguin, apple, or windows) simple cannot fathom the old right tool for the right job saying... //Svein - -- - +---+--- /\ |Svein Skogen | sv...@d80.iso100.no \ / |Solberg Østli 9| PGP Key: 0xE5E76831 X|2020 Skedsmokorset | sv...@jernhuset.no / \ |Norway | PGP Key: 0xCE96CE13 | | sv...@stillbilde.net ascii | | PGP Key: 0x58CD33B6 ribbon |System Admin | svein-listm...@stillbilde.net Campaign|stillbilde.net | PGP Key: 0x22D494A4 +---+--- |msn messenger: | Mobile Phone: +47 907 03 575 |sv...@jernhuset.no | RIPE handle:SS16503-RIPE - +---+--- If you really are in a hurry, mail me at svein-mob...@stillbilde.net This mailbox goes directly to my cellphone and is checked even when I'm not in front of my computer. - Picture Gallery: https://gallery.stillbilde.net/v/svein/ - -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkshKgUACgkQODUnwSLUlKQepACgkDgvRoCEbJvrRbfkCa3YrF9P c/IAoKNxVaAcoVn/cEYUg0yIJgf6k+ek =oGMp -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: HP USB 2.0 Tape Drive
On Wed, Dec 09, 2009 at 03:50:04PM -0800, Doug Sampson wrote: Does anyone have had positive or negative experience using these USB-based DAT tape drives? Specifically, I am looking at the HP (Hewlett-Packard) StorageWorks Q1581SB DAT 160 Tape Drive. If there are other branded USB 2.0-based tape drives (i.e. Quantum) that you've used with little or no problems, I would be interested in knowing about these. Apparently the umass driver supports at least some models, they are reported as sa(4) devices; see http://lists.freebsd.org/pipermail/freebsd-questions/2005-November/104550.html I don't know if the speed problems in abovementioned message still exist. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgprbYJj7qfAI.pgp Description: PGP signature
Re: Root exploit for FreeBSD
On Thu, 10 Dec 2009 16:21:50 + Anton Shterenlikht me...@bristol.ac.uk wrote: I had to fight a long battle, well.. I had some support from other academics, to have a linux class in my Faculty. Here the opposition wasn't so much security, as why would any undegraduate need linux, as if MS solutions are a pinnacle of human thought. I feel for you. I used to work for DEC, at one time a major UNIX vendor. Then one day all employees were forced to install Windows NT to access their mail accounts because management, in its wisdom, decided to standardize on Mickeysoft Exchange Server. No real reason, since up til then UNIX mail servers had been more than adequate. IT services had similarly restrictive policies regarding users installing SW, etc. I always wondered who Mickeysoft bribed to get that put through. Fortuantely, I had no problem setting up a black FreeBSD box to preserve my sanity. --- Gary Jennejohn ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
can't get a full fbsd 7.2 amd64 install
fbsd 7.2 amd64 kernel developer install Here's a successful install du du -d1 -h / 2.0K/.snap 2.0K/dev 1.8G/usr 1.6G/var 1.7M/etc 2.0K/cdrom 2.0K/dist 1.1M/bin 206M/boot 6.7M/lib 396K/libexec 2.0K/media 2.0K/mnt 2.0K/proc 4.0M/rescue 42K/root 4.3M/sbin 24K/tmp 3.6G/ here's what we're getting on another machine, way too little: du -h -d1 / 2.0K/.snap 2.0K/dev 1.1G/usr 238K/var 1.7M/etc 2.0K/cdrom 2.0K/dist 1.1M/bin 411M/boot 6.7M/lib 396K/libexec 2.0K/media 2.0K/mnt 2.0K/proc 4.0M/rescue 10K/root 4.3M/sbin 12K/tmp 1.5G/ and /usr is also missing 800 MB just after install. using 7.2 amd64 disc01, as forever. I ran sysinstall, post install config, and checked stuff, but still didn't get, eg, anything in /usr/bin/ comments? Could my client have chosen the wrong .iso? Len ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
On Thu, Dec 10, 2009 at 10:21 AM, Anton Shterenlikht me...@bristol.ac.ukwrote: Perhaps I should start putting together some statistics to make my case more forcefully. I fought the same battle at the Univ. I attended (as a student). They were an M$ shop as well and had issues with me running OpenBSD. I stuck to it and finally got a straight answer from the Dean of CS: I don't know anything about OpenBSD...please just use Windows and be like everyone else!. Odd, I thought that one role of higher education is to teach critical thinking, which by definition means disagreements will (and should!) occur. Apparently I was wrong. I later took a independent study at the same Univ. I wanted to compare security records for various OS's (FreeBSD and OpenBSD being listed in there). This was rejected in favor of me doing security research for Windows...so I wrote a program to demonstrate why Admins shouldn't blindly trust even system code (Windows Server 2003...stuff like netstat and task manager) and demonstrated that to the graduate level network security class (I was an undergrad at the time). I completely gave up when the grad students followed suit with the dean and tried arguing with me that my code was hacked together specifically to exhibit the behavior I was trying to demonstrate...as if it wasn't *real* and it couldn't be used to a malicious user's advantage. I guess it doesn't exist in the security world (according to the previously mentioned grad students) if it's not mainstream thinking...I feel sorry for the companies that depend on those idiots for security. If they've bought into M$ FUD, no amount of statistics/code/demonstrations will help. I'd skip the statistics in favor of putting together a resume. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
fdisk/bsdlabel/disklabel: Class not found?
Hello all! I've found many references to this error on Google: fdisk: Class not found, bsdlabel: Class not found but none explain what this error *means*. Could someone explain this error and possible remedies? I'm using a custom 8.0-RELEASE-p1 kernel. I don't even need to edit the label in order for bsdlabel to spit this out! Any information would be very helpful! Thanks, Nick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: CUPS laserjet 2200dn with Jetdirect 610N on network - one remaining problem
I have had a posting on the Cups list from Michael Sweet msw...@apple.com who has suggested the problem is something to do with my pam configuration. Thanks in advance for further guidance: Thanks Michael - it looks as though you may have put your finger on the problem -- but I am not certain how to react to it!!! (see below) On Dec 10, 2009, at 5:34 AM, David Southwell wrote: Thanks to some help from people on one of the freebsd lists I have finally succeeded in getting cups the server to communicate with the printer and print. HOWEVER!! One minor niggling problem remains. I still cannot communicate with the cups management interface on http://localhost:631 due to password authentication failure. So the title of this thread is still very relevant. Thanks in advance for any help with the problem. To bring readers up to date: I try logging in as 'root' with correct root password in the login dialogue. I altered the loglevel to debug and the output is at the end of this post. It seems as though the cupsd is not receiving the input (probably due to some config error on my part!). I have tried using a number of different browsers but get the same result. Prior to testing I did: dns1# lppasswd -g wheel -a root The standard cups error log showed cupsdAuthorize: pam_start() returned 4 (system error)! OK, so you have a PAM configuration error most likely - check that the /etc/pam.d/cups file is consistent with the other PAM files in /etc/pam.d (i.e. using the correct security modules...) ahahahaha There is no /etc/pam.d/cups file !! There is a /usr/local/etc/pam.d/cups which has the following lines: auth requiredpam_unknown.so nodelay account requiredpam_unknown.so Shown below is ls -l for each directory! Wanted --- good model for pam.d/cups and where to put it!!! chuckles [NB This is a freebsd 7.2 p3 amd64 system with intel quad core.] dns1# ls -l /etc/pam.d/ total 38 -r--r--r-- 1 root wheel 2907 May 1 2009 README -rw-r--r-- 1 root wheel 322 May 1 2009 atrun -rw-r--r-- 1 root wheel 199 May 1 2009 cron -rw-r--r-- 2 root wheel 547 May 1 2009 ftp -rw-r--r-- 2 root wheel 547 May 1 2009 ftpd -rw-r--r-- 1 root wheel 467 May 1 2009 gdm_disabled -rw-r--r-- 1 root wheel 365 May 1 2009 imap -rw-r--r-- 1 root wheel 467 May 1 2009 kde -rw-r--r-- 1 root wheel 374 May 1 2009 login -rw-r--r-- 1 root wheel 662 May 1 2009 other -rw-r--r-- 1 root wheel 319 May 1 2009 passwd -rw-r--r-- 1 root wheel 365 May 1 2009 pop3 -rw-r--r-- 1 root wheel 328 May 1 2009 rsh -rw-r--r-- 1 root wheel 739 May 1 2009 sshd -rw-r--r-- 1 root wheel 380 May 1 2009 su -rw-r--r-- 1 root wheel 705 May 1 2009 system -rw-r--r-- 1 root wheel 754 May 1 2009 telnetd -rw-r--r-- 1 root wheel 532 May 1 2009 xdm dns1# ls -l /usr/local/etc/pam.d total 16 -r--r--r-- 1 root wheel 69 Dec 10 09:19 cups -r--r--r-- 1 root wheel 672 Dec 7 10:06 gdm -r--r--r-- 1 root wheel 98 Nov 29 17:42 gnome-screensaver -r--r--r-- 1 root wheel 135 Nov 4 22:09 polkit -r--r--r-- 1 root wheel 135 Dec 2 09:00 polkit-1 -r--r--r-- 1 root wheel 399 Sep 27 18:20 sudo -r--r--r-- 1 root wheel 399 Sep 27 18:20 sudo.default -r--r--r-- 1 root wheel 98 Nov 5 03:22 xscreensaver Maybe someone who is versed in the intricacies of pam.d on freebsd 7.2 p3 amd64 might be willing to point me in the right direction. Thanks David ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: fdisk/bsdlabel/disklabel: Class not found?
bsdlabel: Class not found re-edit the label? [y]: You cant edit it. You can only say N and it exits w/o saving any changes. This is very annoying, because you cannot do anything with the label unlike the old days.. I had to mount an older drive and then I was able to edit the bsdlabel on the 8.0 drive as it was not 'online' - -- J.D. Bronson Information Technology Aurora Health Care - Milwaukee WI ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FreeBSD and ACHI driver
Hello List Having upgraded to FreeBSD 8.0 everything is running fine, I decided to try the ahci_load=YES in /boot/loader.conf The first machine was fine after a reboot, zpool status pool: tank state: ONLINE scrub: scrub completed after 0h14m with 0 errors on Thu Dec 10 07:19:21 2009 config: NAMESTATE READ WRITE CKSUM tankONLINE 0 0 0 raidz1ONLINE 0 0 0 ada0ONLINE 0 0 0 ada1ONLINE 0 0 0 ada2ONLINE 0 0 0 errors: No known data errors ahci0: [ITHREAD] ahci0: AHCI v1.10 with 4 3Gbps ports, Port Multiplier supported ahcich0: AHCI channel at channel 0 on ahci0 ahcich0: [ITHREAD] ahcich1: AHCI channel at channel 1 on ahci0 ahcich1: [ITHREAD] ahcich2: AHCI channel at channel 2 on ahci0 ahcich2: [ITHREAD] ahcich3: AHCI channel at channel 3 on ahci0 ahcich3: [ITHREAD] (aprobe1:ahcich1:0:15:0): SIGNATURE: (aprobe0:ahcich1:0:0:0): SIGNATURE: (aprobe2:ahcich2:0:15:0): SIGNATURE: (aprobe0:ahcich2:0:0:0): SIGNATURE: (aprobe3:ahcich3:0:15:0): SIGNATURE: (aprobe0:ahcich3:0:0:0): SIGNATURE: ada0 at ahcich1 bus 0 target 0 lun 0 ada0: Hitachi HDP725050GLA360 GM4OA5CA ATA/ATAPI-8 SATA 2.x device ada0: 300.000MB/s transfers ada0: 476940MB (976773168 512 byte sectors: 16H 63S/T 16383C) ada0: Native Command Queueing enabled ada1 at ahcich2 bus 0 target 0 lun 0 ada1: Hitachi HDP725050GLA360 GM4OA5CA ATA/ATAPI-8 SATA 2.x device ada1: 300.000MB/s transfers ada1: 476940MB (976773168 512 byte sectors: 16H 63S/T 16383C) ada1: Native Command Queueing enabled ada2 at ahcich3 bus 0 target 0 lun 0 ada2: Hitachi HDP725050GLA360 GM4OA5CA ATA/ATAPI-8 SATA 2.x device ada2: 300.000MB/s transfers ada2: 476940MB (976773168 512 byte sectors: 16H 63S/T 16383C) ada2: Native Command Queueing enabled The second however eris# zpool status pool: tank state: UNAVAIL status: One or more devices could not be opened. There are insufficient replicas for the pool to continue functioning. action: Attach the missing device and online it using 'zpool online'. see: http://www.sun.com/msg/ZFS-8000-3C scrub: none requested config: NAMESTATE READ WRITE CKSUM tankUNAVAIL 0 0 0 insufficient replicas raidz1UNAVAIL 0 0 0 insufficient replicas ad8 UNAVAIL 0 0 0 cannot open ad6 UNAVAIL 0 0 0 cannot open ad4 UNAVAIL 0 0 0 cannot open ad10UNAVAIL 0 0 0 cannot open ad14UNAVAIL 0 0 0 cannot open ad12UNAVAIL 0 0 0 cannot open eris# ahci0: [ITHREAD] ahci0: AHCI v1.10 with 6 3Gbps ports, Port Multiplier supported ahcich0: AHCI channel at channel 0 on ahci0 ahcich0: [ITHREAD] ahcich1: AHCI channel at channel 1 on ahci0 ahcich1: [ITHREAD] ahcich2: AHCI channel at channel 2 on ahci0 ahcich2: [ITHREAD] ahcich3: AHCI channel at channel 3 on ahci0 ahcich3: [ITHREAD] ahcich4: AHCI channel at channel 4 on ahci0 ahcich4: [ITHREAD] ahcich5: AHCI channel at channel 5 on ahci0 ahcich5: [ITHREAD] ahcich0: Poll timeout on slot 0 (aprobe0:ahcich0:0:0:0): SIGNATURE: ahcich1: Poll timeout on slot 0 (aprobe1:ahcich1:0:0:0): SIGNATURE: ahcich2: Poll timeout on slot 0 (aprobe2:ahcich2:0:0:0): SIGNATURE: ahcich3: Poll timeout on slot 0 (aprobe3:ahcich3:0:0:0): SIGNATURE: ahcich4: Poll timeout on slot 0 (aprobe4:ahcich4:0:0:0): SIGNATURE: ahcich5: Poll timeout on slot 0 (aprobe5:ahcich5:0:0:0): SIGNATURE: ahcich0: Timeout on slot 0 ahcich1: Timeout on slot 0 ahcich2: Timeout on slot 0 ahcich3: Timeout on slot 0 ahcich4: Timeout on slot 0 ahcich5: Timeout on slot 0 run_interrupt_driven_hooks: still waiting after 60 seconds for xpt_config ahcich0: Timeout on slot 0 ahcich1: Timeout on slot 0 ahcich2: Timeout on slot 0 ahcich3: Timeout on slot 0 ahcich4: Timeout on slot 0 ahcich5: Timeout on slot 0 SMP: AP CPU #1 Launched! Trying to mount root from ufs:/dev/mirror/gm0s1a ZFS filesystem version 13 ZFS storage pool version 13 re0: link state changed to UP without the achi driver %zpool status pool: tank state: ONLINE scrub: none requested config: NAMESTATE READ WRITE CKSUM tankONLINE 0 0 0 raidz1ONLINE 0 0 0 ad8 ONLINE 0 0 0 ad6 ONLINE 0 0 0 ad4 ONLINE 0 0 0 ad10ONLINE 0 0 0 ad14ONLINE 0 0 0 ad12ONLINE 0 0 0 errors: No known data errors atapci0: [ITHREAD]
Re: Root exploit for FreeBSD
Fortuantely, I had no problem setting up a black FreeBSD box to preserve my sanity. A tip for those threatened with no BSD box at work: FreeBSD runs fine _inside_ a box that looks like a multi sheet scanner. OK, slow, but invisible to managers who require MS only. These scanners often lie abandoned in company junk rooms ( cheap on web), as people know they used to need MS's abandoned NT (= Not There) operating system. Well they do ... until one installs BSD. Credit to David M. who did the FreeBSD work. Pictures of hardware to look for in junk rooms: http://www.berklix.com/scanjet/ Cheers, Julian -- Julian Stacey: BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com Mail plain text not quoted-printable, HTML or Base64: http://asciiribbon.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 8.0 installation doesn't contain X distributions
Manolis Kiagias wrote: Ian Smith wrote: In freebsd-questions Digest, Vol 287, Issue 16, Message: 8 On Sat, 05 Dec 2009 19:39:08 +0200 Manolis Kiagias son...@otenet.gr wrote: However, I do not see any distributions listed that are prefixed with X-. The choices are All, Reset, Developer, Kern-Developer, User, Minimal and Custom. Even the Custom option has nothing related to Xorg. That's correct, these have been removed. Hi Manolis, Look, I'm sorry, but I think this is a huge regression, especially if we're still hoping that people with no prior experience of installing freeBSD, people coming from Linux and such, for essentially or including desktop use, are going to have a rewarding installation experience. Is it supposed to be like this (i.e. no distributions containing X are presented on installation), or do I need to download other media from which to install? Note that I'm not asking how to install X and I realise that I can do it post-installation, but I'm just wondering whether I've made a mistake with my download or if the documentation is out of date. You've done nothing wrong, the documentation is in need of an update. Please file a doc-bug PR. Removing X from the distributions is a right step IMO, these are just 3rd party packages and it seems confusing if they get installed along with the base system. I think this is taking base-system-only installation purity to excess. On the other hand, I feel it is confusing when you find yourself essentially selecting packages in the menus for the base-system components. The DVD *still* has the packages, and you are still asked if you wish to install any. Xorg is just one click away - select the meta-package and the entire thing goes in. Fine for people installing servers of course, and maybe it will shift more people wanting a GUI environment towards PC-BSD and such if we want to discourage these from using FreeBSD as it is (or maybe, was) but even with my 11 years experience of installing FrreeBSD versions from 2.2 till now, I kept on wondering, how would a newbie fare at this point? Having shown the FreeBSD installation to people only acquainted with Windows or Ubuntu, I always get the same reaction: Completely disheartening, confusing, complex. You need to know too many things and when everything is done right, you are just rewarded with a console login. This is a fact: FreeBSD is not for the faint of heart, and definitely not for someone who wants a desktop in five minutes. You have to get past the initial shock and devote a lot of time to learn your way around the system. This requires considerable effort and there are lots of people who have neither the time nor the inclination to dig deep into an OS - they just want a working desktop. IMHO an extra click for the Xorg is not that much important in the grand scheme of things. I think it would be best if beginners are informed beforehand that they really need to study: you will not get a working desktop FreeBSD 'by chance' or because someone else configured the defaults for you and you just restored an image to your hard drive (as I understand, this is what most desktop-oriented Linux distros do these days) Now if we delve deeper into this we are going to hit philosophical questions like Do we want ignorant users? Is our setup procedure so discouraging that even would-be-knowledgeable users abandon the system early? Should we provide an Ubuntu-like BSD install? I can live with sysinstall myself, although I don't really like it. There are numerous problems with it (and we had a long thread in the past about it, so I am not going to repeat myself) with the added fact that as the system progresses to new features (journaling, ZFS, gpart ...) sysinstall stands still and does not provide any way to use them during initial setup. I've introduced more than a few beginners to FreeBSD. I always warn them beforehand what to expect - I only continue with those who are prepared to study the handbook and a few (hundred...) pages of my introductory notes. All of them are now happy, satisfied users. But none expected to have a working desktop in five minutes. There are other distributions for that (PC-BSD, Ubuntu) If you wish to install X during initial installation you can still do it when you get to the packages stage. I believe you will need the DVD for that. I used the memstick.img (discussed in another thread) and then FTP for installing packages. I've done this before using bootonly CDs, and it has advantages and disadvantages; for me it's been mostly positive. The main advantage is access to all packages. If you know what you want, and which categories they live in, it's great; an hour or so picking and away you go (modulo failures with this FTP site or that). There still exist people with slow net connections and older, slower kit for whom building everything from source would be very
Re: SMP and ALTQ_NOPCC
APseudoUtopia wrote: Hello, With the improvements in SMP in FreeBSD 8.0, is the ALTQ_NOPCC option still required? In the handbook and other older documentation, it says ALTQ_NOPCC is in fact required on SMP systems because the TSC is unstable. I was wondering if this is still the case after the improvements done with SMP. Thanks. Not every CPU has an unstable TSC. It mostly affects AMD processors and Intel Pentium M. Wikipedia has a great listing of models and families affected: http://en.wikipedia.org/wiki/Time_Stamp_Counter#Implementation_in_Various_Processors However, in /usr/src/sys/amd64/amd64/tsc.c you can find the following code: #ifdef SMP /* * We can not use the TSC in SMP mode unless the TSCs on all CPUs * are somehow synchronized. Some hardware configurations do * this, but we have no way of determining whether this is the * case, so we do not use the TSC in multi-processor systems * unless the user indicated (by setting kern.timecounter.smp_tsc * to 1) that he believes that his TSCs are synchronized. */ if (mp_ncpus 1 !smp_tsc) tsc_timecounter.tc_quality = -100; #endif It will set the quality of the timestamp counter to -100 if SMP is detected and effectively disable it so by default the TSC won't be used on an SMP system and consequently you don't have to use ALTQ_NOPCC. It is probably safe to enable and use TSC in pf, as described in the code, if you have a modern Intel CPU but I have not tested it. Regards Morgan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Get the cwd of a process?
patrick wrote: I've made some headway... perl supports sitecustomize.pl which can be used to execute code when any perl script is run. It doesn't seem to be enabled by default, so I had to add the following line to /usr/ports/lang/perl5.8/Makefile's CONFIGURE_ARGS: -Dusesitecustomize \ As a temporary measure, my sitecustomize.pl has: system echo $$ $ENV{'PWD'} $0 . (localtime) . /tmp/scripts_used.lst; (found this in another thread somewhere) So, hopefully the next time this spammer comes back, I will see the original working directory, etc. before the process forks itself. Fingers crossed! Patrick For the mail archives and also my personal interest - did you ever figure out what was running the script? /Morgan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
On Thu, 10 Dec 2009 20:21:26 +0100 Julian H. Stacey j...@berklix.com replied: Fortuantely, I had no problem setting up a black FreeBSD box to preserve my sanity. A tip for those threatened with no BSD box at work: FreeBSD runs fine _inside_ a box that looks like a multi sheet scanner. OK, slow, but invisible to managers who require MS only. These scanners often lie abandoned in company junk rooms ( cheap on web), as people know they used to need MS's abandoned NT (= Not There) operating system. Well they do ... until one installs BSD. Credit to David M. who did the FreeBSD work. Pictures of hardware to look for in junk rooms: http://www.berklix.com/scanjet/ Cheers, Julian Out of pure morbid curiosity, would you please answer this question for me. You work for a corporation that specifically requires the use of a specific OS, the OS itself is not material to this question. It also forbids the use of any unauthorized OS or equipment on the companies network. You decide to ignore their directives and eventually: 1) Get caught 2) Cause a problem with the company's network, etc. Now, when you get fired and possible charged with a crime, do you: 1) Cry and bitch that they are being unfair? 2) Accept the fact that you deserved to be dismissed? Where I use to work, two or three employees were fired each year because they thought they knew more than everyone else. They failed to realize that they were being compensated to do what they were told and not what they thought they should be doing. The bottom line is if they are not smart enough to follow company directives, they are certainly not capable of instigating their own protocol. -- Jerry ges...@yahoo.com |=== |=== |=== |=== | Grandpa Charnock's Law: You never really learn to swear until you learn to drive. [I thought it was when your kids learned to drive. Ed.] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
2009/12/10 Anton Shterenlikht me...@bristol.ac.uk: I was just stressed after being forced by him to explain why I wanted firewall exceptions for two ports to my FreeBSD portscluster nodes. I explained the reasons and that was settled. Anton, I don't know about the UK, Great Britain or England, but in US Universities, this is fairly common. It just serves as a sanity check for the many, many requests central IT tends to get regarding allowing ingress traffic for faculty/staff machines, and it gives the firewall guys documentation that such-and-such machine should be receiving inbound traffic on specific ports. The Uni is, of course, addicted to Microsoft, but having realised all the problems with that, lately the policy has been to deny (!) MS users admin access to their own desktops. The situation is just ridiculous - if a MS user wants to install a piece of software on their PC he/she has to ask for permission, and then wait until some computer officer would come and do install for them. Again, I don't know about the UK, Great Britain or England, but in the US this is also quite common, at least with regards to University owned hardware. The first responsibility is to protect the network and existing services. Sadly, many groups fail to provide the next step, that being a relatively quick, easy way to have approved software installed for users, and a method for having non-approved software scrutinised and either approved or rejected. Also recently, well.. about a year ago, no host (!) could be accessed from outside the Uni firewall. Special exception has to be obtained even for ssh. There is only one dedicated sun server which accepts only ssh. The users are supposed to dial to this frontend server first, and from there to hosts on the local net. Again, quite common. Most Universities here do not provide public-facing IP addresses without some sort of application and approval process. For example, we have a handful of machines that are public facing but most of our hardware sits inside site-only networks. To access those machines you either have to be on-campus or you have to connect via VPN (and yes, we support Windows, Mac, Linux, Solaris, *BSD). Having an SSH proxy isn't an entirely bad idea, though I can see where performance may be hindered. I had to fight a long battle, well.. I had some support from other academics, to have a linux class in my Faculty. Here the opposition wasn't so much security, as why would any undegraduate need linux, as if MS solutions are a pinnacle of human thought. That's a pretty fair question and one that I hope you would have asked yourself before you made the push for the class. And from I understand it's going to get worse. Apparently the IT services are drawing up plans to completely forbid use of non-autorized OS. I imagine fbsd will not be authorized. So I'm anticipating another battle already. Does this extend to computers used for academic research, student owned computers being used on campus, etc? Perhaps it's because we're conditioned to think this way but a lot of us at universities in the US see a lot of this as being commonplace and to *not* do them is generally considered bad security practice. kmw -- Beware the leader who bangs the drums of war in order to whip the citizenry into a patriotic fervor, for patriotism is indeed a double-edged sword. It both emboldens the blood, just as it narrows the mind. And when the drums of war have reached a fever pitch and the blood boils with hate and the mind has closed, the leader will have no need in seizing the rights of the citizenry. Rather, the citizenry, infused with fear and blinded by patriotism, will offer up all of their rights unto the leader and gladly so - Unattributed, post 9/11 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Monolithic vs Modular Kernel?
On Thu, Dec 10, 2009 at 09:39:03AM +0200, David Naylor wrote: snip Also, is there anyway to detect if there are hardware without drivers (such as a sound card without any snd_ loaded) and to detect the type of device (e.g. network, usb, sound, graphics)? pciconf -lv|less Every device name (the lines with the @ in them) that starts with 'none' does not have a driver loaded. The following lines show you what kind of device it is. Lastly, is there any way to determine what 'modules' a kernel is build with? ls /boot/kernel/ All the files that end in .ko are loadable modules. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgpTirwLm3r0e.pgp Description: PGP signature
Re: Root exploit for FreeBSD
On Thu, 10 Dec 2009 20:21:26 +0100 Julian H. Stacey j...@berklix.com replied: Fortuantely, I had no problem setting up a black FreeBSD box to preserve my sanity. A tip for those threatened with no BSD box at work: FreeBSD runs fine _inside_ a box that looks like a multi sheet scanner. OK, slow, but invisible to managers who require MS only. These scanners often lie abandoned in company junk rooms ( cheap on web), as people know they used to need MS's abandoned NT (= Not There) operating system. Well they do ... until one installs BSD. Credit to David M. who did the FreeBSD work. Pictures of hardware to look for in junk rooms: http://www.berklix.com/scanjet/ Cheers, Julian Out of pure morbid curiosity, would you please answer this question for me. You work for a corporation that specifically requires the use of a specific OS, the OS itself is not material to this question. It also forbids the use of any unauthorized OS or equipment on the companies network. You decide to ignore their directives and eventually: 1) Get caught 2) Cause a problem with the company's network, etc. Now, when you get fired and possible charged with a crime, do you: 1) Cry and bitch that they are being unfair? 2) Accept the fact that you deserved to be dismissed? Where I use to work, two or three employees were fired each year because they thought they knew more than everyone else. They failed to realize that they were being compensated to do what they were told and not what they thought they should be doing. The bottom line is if they are not smart enough to follow company directives, they are certainly not capable of instigating their own protocol. most lickers are not very smart either. David ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
uath under FreeBSD 8.0-RELEASE
I installed FreeBSD8.0-RELEASE so I could see if it's compatible with my Netgear WG111T (this is newly supported in 8.0). Not surprising, uath (the new driver) is not in GENERIC (oopps, yes it is), so I copied GENERIC to LAPTOP3 and commented out most of the drivers, since I don't need them. I ensured that uath was not commented. Please note, as I wrote this I checked GENERIC and uath IS there, but it didn't get loaded because I don't see it with ifconfig... I added KERNCONF=LAPTOP3 to /etc/make.conf, went to /usr/src and rebuilt just the kernel, figuring the world was already sync'ed with GENERIC. The uath isn't showing up after a reboot. Do I need to buildworld/installworld or do I have to use uathload to load firmware? I figure the device already has firmware and I'd only have to use uathload if I got newer firmware from Netgear. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
dcons_crom in FreeBSD8.0-RELEASE
I figured the world and the kernel are in sync on the DVD, so I tried to rebuild just the kernel. Is this assumption valid? It failed to link due to symbols like dcons_crom. So I commented dcons_crom out of my kernel config. Is this actually a bug or do I need to buildworld/installworld? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Temporarily halt boot process to enter encryption keys?
RW wrote: On Wed, 09 Dec 2009 01:31:47 -0600 Corey J. Bukolt 0...@mail.ru wrote: Hello list, I have a FreeNAS box with a CF card for root, and 3 drives (soon to be 4) set up with encryption and raidz on top of them. A less than excellent detailed report of what I did is here: http://bit.ly/5BeZq8 This setup is a bit hackish as after the system boots I need to attach each drive using geli, run zpool import -f primary, and then restart all my services (nfs, samba, etc). It's become a bit of a chore (especially when doing it all from a N810), so I'm looking for a way to temporary halt the boot process so that I can ssh in, attach the drives, and then allow the system to continue to boot. It's fairly trivial to write an rc.d script that pauses the boot process and waits for devices, but sshd runs after LOGIN, and nfs runs before, so you can't easily reorder then without maintaining modified rc.d scripts. I don't see the point though. Why not just write a script to do what you are doing now? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org You are right that I could very well just write a script and be done with it, but I'm trying to find a more elegant approch. Starting up a whole bunch of services that are going to error, killing them, then restarting seems to me as a messy approch. Perhaps if I put a rc.d script before nfs that calls a lightweight sshd, such as dropbear, and waits for all the drives to be attached with geli. Once they are, the script kills sshd and the boot continues as normal. Think that would work? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 8.0 installation doesn't contain X distributions
Manolis Kiagias wrote: Polytropon wrote: On Thu, 10 Dec 2009 19:47:08 +1100 (EST), Ian Smith smi...@nimnet.asn.au wrote: But the naive or new installer knows of no such thing, and could beat around in the huge lists of X software for ages, wondering what's required and what's not to get a desktop going. Therefore, I always liked the choice for X in sysinstall: It basically installed all the components to get X up and running. No big trouble getting the correct xorg-driver-* packages, installing and removing them, the xorg-input-* packages with the same story... There is an X.org meta-package that installs everything though. It is just a problem with the beginner not knowing what to select. This can be tackled in two ways IMO, first is by creating a First time FreeBSD desktop installer type article, second would be adding a menu choice in sysinstall Install a standard X desktop {GNOME,KDE}. I must admit I much prefer the first solution. Agree with most of the above except I think an X option and a separate desktop option in sysinstall is better - not everyone who wants X also wants gnome or kde. Oh wait that's how it used to be :) The problem with an article is how to view it during an install and how to know it is even there. Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
error when updating ports in 8.0
Hi, Just update to release 8.0 a few days ago, then when update ports by csup, error occurs: Fatal error 'kse_create() failed ' at line 469 in file /usr/src/lib/libpthread/thread/thr_kern.c (errno = 0) what should I do? thank you!! TFC ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FreeBSD and automountMap
Hi, I was wondering if anyone could point me in the right direction in regard to getting automounts working via LDAP-distributed automountMap-style maps? We are already using automountMap-style maps distributed via LDAP for a few thousand Linux, Mac and SunOS clients and I'd like to be able to use the same maps for my FreeBSD machines too, but I can't seem to find any clear documentation on how to set this up. I've Googled lots of different things - the word FreeBSD with autofo, autmount, automountMap, etc. I've found lots of stuff about amd, but amd does not appear to support automountMap-style maps. I also found a mount_autofs in /usr/src/sbin/mount_autofs, but that appears to not be installed by default, and when manually compiled it's non-functional. I did find one reference to someone that ported autofs to FreeBSD, but then was asked by Apple to take his code down. Please note that we're -not- talking about older NIS-style maps. We -were- using them for our Linux, Mac and SunOS clients until recently, and have been switching over to the newer automountMap style for a while now. I'm having a hard time believing that FreeBSD is the only UNIX-like OS that seems to be lacking this sort of autofs support. Is that really the case? Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
FreeBSD isn't much used within the University (I understand) and has a (comparatively) poor security record. Most recently, for example: http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.html Are you trying to make your infosec guy look like an idiot? Does he Give the infosec guy a break. he has been so busy fixing the other OSes that he never noticed how many FreeBSD system are in use in his own place, nor that they went with relatively satisfactory security level. Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
googleearth complains about file instance-running-lock
Hi, I am getting this fatal error: Unable to create symlink for lock '/home/yuri/.googleearth/instance-running-lock'. File exists. google-earth-5.1.3509.4636 8.0-STABLE Thanks, Yuri ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: googleearth complains about file instance-running-lock
On Thu, Dec 10, 2009 at 8:39 PM, Yuri y...@rawbw.com wrote: Hi, I am getting this fatal error: Unable to create symlink for lock '/home/yuri/.googleearth/instance-running-lock'. File exists. Remove the file? Or rename it? -- Glen Barber ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: googleearth complains about file instance-running-lock
Glen Barber wrote: Remove the file? Or rename it? I wouldn't ask this question if it was that easy. There is even no such directory: /home/yuri/.googleearth Yuri ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: googleearth complains about file instance-running-lock
On Thu, Dec 10, 2009 at 8:46 PM, Yuri y...@rawbw.com wrote: Glen Barber wrote: Remove the file? Or rename it? I wouldn't ask this question if it was that easy. There is even no such directory: /home/yuri/.googleearth Could you provide possibly important information such as this in future questions? Have you tried creating the directory? -- Glen Barber ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FIXED: idled not disconnecting idle users on 7.2
I enabled UseLogin in sshd_config. Scott ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: googleearth complains about file instance-running-lock
Glen Barber wrote: Have you tried creating the directory? Creating it doesn't help. But I solved the problem: when it talks about /home/yuri/~.googleearth it actually means /compat/linux/home/yuri/.googleearth/ Deleting file there fixes the problem. I guess it's a good idea to have a link /compat/linux/home -/home Yuri ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: fdisk/bsdlabel/disklabel: Class not found?
So we are saying, that bsdlabel and fdisk are broken? This is *very* disappointing. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
XFCE4 Errors on FreeBSD 8.0 RELEASE
Have upgraded my 7.1 RELEASE clean install (no ports) to 8.0 RELEASE using freebsd-update upgrade -r 8.0-RELEASE and everything installed correctly and works fine. Updated the Ports tree using portsnap and then tried to Install usr/ports/x11-wm/xfce4 but to no avail... I get the following errors: Stop in /usr/ports/x11-wm/xfce4-wm. *** Error code 1 Stop in /usr/ports/x11-wm/xfce4-wm. *** Error code 1 Stop in /usr/ports/x11-wm/xfce4. *** Error code 1 Stop in /usr/ports/x11-wm/xfce4. Anyone encounter the same problem installing xfce4? Thanks in advance! Diego ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
Jerry wrote: Out of pure morbid curiosity, would you please answer this question for me. You work for a corporation that specifically requires the use of a specific OS, the OS itself is not material to this question. It also forbids the use of any unauthorized OS or equipment on the companies network. You decide to ignore their directives and eventually: 1) Get caught 2) Cause a problem with the company's network, etc. Now, when you get fired and possible charged with a crime, do you: 1) Cry and bitch that they are being unfair? 2) Accept the fact that you deserved to be dismissed? Accept, humbly. The majority of companies that I have worked for that have a 'policy', have a 'policy' that is extremely spread thin. Personally, I've never _breached_ policy... I've always expressed to the proper level of management as to *why* something needs to be done differently. With that said, again, in your case, I'll resign, gleefully, as my next contract picks me up for being diligent. Where I use to work, two or three employees were fired each year because they thought they knew more than everyone else. They failed to realize that they were being compensated to do what they were told and not what they thought they should be doing. Then the managers have the wrong attitude...completely. I will only allow myself to be hired as an employee or contractor if the person hiring me is doing so because they expect to gain something from my knowledge and experience. Only a monkey is paid to do what they are told. I don't do that. I couldn't do that. If that is what you do, I feel sorry for you. The bottom line is if they are not smart enough to follow company directives, they are certainly not capable of instigating their own protocol. ...companies that enforce their staff to do what they are told will collapse. People who take their pay cheque just because they sit there and do what they are told hate their job. I love my job, I love my work. I am underpaid, but I do what I *LOVE*. I direct our company through innovation, ingenuity, integrity and risk. If I had to sit at a desk and do the same thing every day because my company told me to, I'd rather. never mind... it'll be archived. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
upgraded to 8, no mouse is broken
I just updated my system from 7.2 to 8.0 STABLE. What do I need to do to make my mouse work in X again? This system has an unbroken chain of fbsd since 2.2.6, but I'm about to drop it due to this. This is horrible. Please respond directly. I dropped this list in the '90s. peace, -mpd ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: upgraded to 8, no mouse is broken
On Thu, Dec 10, 2009 at 9:55 PM, mpd m...@jesters-court.net wrote: I just updated my system from 7.2 to 8.0 STABLE. What do I need to do to make my mouse work in X again? This system has an unbroken chain of fbsd since 2.2.6, but I'm about to drop it due to this. This is horrible. Since you have given no information on what the symptoms are, nor on what you have tried, I'll take a long-shot here: Have a look ate the 20090124/20090123 entries of /usr/ports/UPDATING -- Glen Barber ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 8.0 installation doesn't contain X distributions
On Thu, 10 Dec 2009 08:57:44 -0500, Mike L jackoro...@gmail.com wrote: all I gotta say is I just spent 3 days compiling gnome2 for fbsd.. It shouldn't take that long or be that hard/complicated. I recognized increased compiling times since FreeBSD 7. I was told that this is due to much more optimization in the compiler. Okay, this is understandable, but why do the compiledprograms run much slower (on the same hardware)? Answer: Bloat and many dependency dependencies. At least that's what I think. The developers of the FreeBSD OS do an excellent job delivering a system that runs faster and better on the same hardware, but all these advantages seem to be taken away by modern applications. That's why compiling stuff myself is nearly a no-go for my desktop. Only mplayer and mencoder (due to options that HAVE to be set at compile time, mostly involving codecs to include, as well as optimization). If you say that you needed 3 days for Gnome 2 - and I assume you own recent hardware - what should I say then with my more than 5 years old P4 / 2GHz? Compiling bigger applications won't be possible (in reasonable time) anymore in the future unless you buy a new computer every year... What a discouraging idea, I hope I'm not right with this. Back to the gnome install let it run again until the next application configuration screen. There's an option for avoiding this ugly interactivity. You can go through all imaginabel confire screens and set them first, then let the process run without requiring your presence. You can't just do a make config in the meta port for the entire process.. That would be too easy.. I think it is make config-recursive... Last time I did a Xorg installed I just ended up doing a pkg_add because I grew tired of the problems I kept having with ports griping about this and that being outdated or whatever. Yes, pkg_add is very welcome to most users I know, incuding myself. The downside is that there are situations when there's no package for a port (e. g. due to legal reasons or the many different options). Can you imagine that in the past you could easily pkg_add -r de-openoffice to install the german version of OpenOffice? My intention with fbsd wasn't for a desktop though; but why install linux to get a feel for X(org) when we can do it on fbsd? Yet why should it feel like I'm a circus poodle trying to make it work? Allthough it's not uncomplicated, it's not THAT complicated. :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: upgraded to 8, no mouse is broken
On Thu, Dec 10, 2009 at 10:19:43PM -0500, Glen Barber wrote: On Thu, Dec 10, 2009 at 9:55 PM, mpd m...@jesters-court.net wrote: I just updated my system from 7.2 to 8.0 STABLE. What do I need to do to make my mouse work in X again? This system has an unbroken chain of fbsd since 2.2.6, but I'm about to drop it due to this. This is horrible. Since you have given no information on what the symptoms are, nor on what you have tried, I'll take a long-shot here: Have a look ate the 20090124/20090123 entries of /usr/ports/UPDATING Option AllowEmptyInput off was the fix. Thanks! -- Glen Barber -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: HP USB 2.0 Tape Drive
On Thu, 10 Dec 2009 09:50:56 -0500, Jerry McAllister jerr...@msu.edu wrote: I don't think you will have a problem using a USB2 interface. But, I really cannot recommend DAT. That type of system seems to have been pushed beyond its ability.The tapes fail frequently. What about Ultrium tape? Is it better? But, if you can't read what you thought you wrote, it doesn't matter how fast you can search for it. A backup not readable is NOT a backup. And because it isn't, your hard disks will fail. :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Temporarily halt boot process to enter encryption keys?
On Thu, 10 Dec 2009 14:54:11 +, RW rwmailli...@googlemail.com wrote: It's fairly trivial to write an rc.d script that pauses the boot process and waits for devices, but sshd runs after LOGIN, and nfs runs before, so you can't easily reorder then without maintaining modified rc.d scripts. I think it's possible to work with the PROVIDE, REQUIRE and BEFORE comments. But as you said, this will change the default rc.d scripts and may cause (minor?) trouble when upgrading the OS. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
--On December 10, 2009 2:11:31 PM -0600 Kevin Wilcox kevin.wil...@gmail.com wrote: 2009/12/10 Anton Shterenlikht me...@bristol.ac.uk: I was just stressed after being forced by him to explain why I wanted firewall exceptions for two ports to my FreeBSD portscluster nodes. I explained the reasons and that was settled. Anton, I don't know about the UK, Great Britain or England, but in US Universities, this is fairly common. It just serves as a sanity check for the many, many requests central IT tends to get regarding allowing ingress traffic for faculty/staff machines, and it gives the firewall guys documentation that such-and-such machine should be receiving inbound traffic on specific ports. I can confirm this, at least for us. Our practice is to only open ports for thoroughly justified business reasons, document thoroughly and audit regularly. The Uni is, of course, addicted to Microsoft, but having realised all the problems with that, lately the policy has been to deny (!) MS users admin access to their own desktops. The situation is just ridiculous - if a MS user wants to install a piece of software on their PC he/she has to ask for permission, and then wait until some computer officer would come and do install for them. Again, I don't know about the UK, Great Britain or England, but in the US this is also quite common, at least with regards to University owned hardware. The first responsibility is to protect the network and existing services. Sadly, many groups fail to provide the next step, that being a relatively quick, easy way to have approved software installed for users, and a method for having non-approved software scrutinised and either approved or rejected. This is less common at the universities that I'm familiar with. I think it becomes less common the larger and/or older a university is. The trend is to move in this direction, but we're also moving toward much stronger compliance controls. There are things about your computer's configuration and maintenance that you will no longer get to decide, regardless of the OS you run - password strength and length, for example, the ability to create local accounts, and other such things. These things aren't being done to harass or irritate users but because of long and bitter experience with a lack of controls. Our view is, if your computer is going to connect on our network it must be configured in certain ways and behave normally or you won't get a connection. Also recently, well.. about a year ago, no host (!) could be accessed from outside the Uni firewall. Special exception has to be obtained even for ssh. There is only one dedicated sun server which accepts only ssh. The users are supposed to dial to this frontend server first, and from there to hosts on the local net. Again, quite common. Most Universities here do not provide public-facing IP addresses without some sort of application and approval process. For example, we have a handful of machines that are public facing but most of our hardware sits inside site-only networks. To access those machines you either have to be on-campus or you have to connect via VPN (and yes, we support Windows, Mac, Linux, Solaris, *BSD). This mirrors our practice. You don't get a public address without being thoroughly vetted *and* agreeing to the terms of use, unscheduled and unannounced monitoring and immediate disconnection without prior notice if a problem is detected. Having an SSH proxy isn't an entirely bad idea, though I can see where performance may be hindered. I had to fight a long battle, well.. I had some support from other academics, to have a linux class in my Faculty. Here the opposition wasn't so much security, as why would any undegraduate need linux, as if MS solutions are a pinnacle of human thought. That's a pretty fair question and one that I hope you would have asked yourself before you made the push for the class. And from I understand it's going to get worse. Apparently the IT services are drawing up plans to completely forbid use of non-autorized OS. I imagine fbsd will not be authorized. So I'm anticipating another battle already. Does this extend to computers used for academic research, student owned computers being used on campus, etc? Perhaps it's because we're conditioned to think this way but a lot of us at universities in the US see a lot of this as being commonplace and to *not* do them is generally considered bad security practice. This last part is surprising to me. Not only are we not Windows-centric, the very idea of not allowing a diversity of OSes is foreign to our operation. We are a heavy Solaris shop (as are many universities), have a good amount of Suse and RHEL and far less Windows servers exposed to the Internet. At the desktop users may install whatever they want, so long as it's maintained properly (which we audit routinely) and used in an acceptable manner (which you agree to when you get
Re: upgraded to 8, no mouse is broken
On Thu, 10 Dec 2009, Glen Barber wrote: On Thu, Dec 10, 2009 at 9:55 PM, mpd m...@jesters-court.net wrote: I just updated my system from 7.2 to 8.0 STABLE. What do I need to do to make my mouse work in X again? This system has an unbroken chain of fbsd since 2.2.6, but I'm about to drop it due to this. This is horrible. Since you have given no information on what the symptoms are, nor on what you have tried, I'll take a long-shot here: Have a look ate the 20090124/20090123 entries of /usr/ports/UPDATING That information was current a year ago, but is outdated now. Please see the Handbook section on X11 configuration instead: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/x-config.html More specifically, AllowEmptyInput is a source of problems: http://lists.x.org/archives/xorg-devel/2009-December/003807.html -Warren Block * Rapid City, South Dakota USA ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: XFCE4 Errors on FreeBSD 8.0 RELEASE
On Thu, 10 Dec 2009, Diego Montalvo wrote: Have upgraded my 7.1 RELEASE clean install (no ports) to 8.0 RELEASE using freebsd-update upgrade -r 8.0-RELEASE and everything installed correctly and works fine. Updated the Ports tree using portsnap and then tried to Install usr/ports/x11-wm/xfce4 but to no avail... I get the following errors: Stop in /usr/ports/x11-wm/xfce4-wm. *** Error code 1 You need to post the actual error, which happened right above those lines. Anyone encounter the same problem installing xfce4? Not for me, and I've put xfce4 on FreeBSD-8 on several computers. My guess is that you missed a step with portsnap, but it's difficult to tell without knowing exactly what you did and what errors were shown. -Warren Block * Rapid City, South Dakota USA ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
FreeBSD isn't much used within the University (I understand) and has a (comparatively) poor security record. unlike linux or windoze, rofl randy ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: error when updating ports in 8.0
On Thu, Dec 10, 2009 at 06:44:16PM -0500, Tsu-Fan Cheng wrote: Hi, Just update to release 8.0 a few days ago, then when update ports by csup, error occurs: Fatal error 'kse_create() failed ' at line 469 in file /usr/src/lib/libpthread/thread/thr_kern.c (errno = 0) At a guess, your userland and kernel are out of sync. -- Jonathan Chen j...@chen.org.nz -- The things we know best are the things we haven't been taught. - Marquis de Vauvenargues ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Downloading and Burning Free BSD
I clicked the ISO link and I was brought to a directory, this to be exact ( ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/ISO-IMAGES/7.2/) Once I have downloaded all Iso Images do I burn the 'boot only.iso' file on one DVD or CD only? or do I burn that along with 'disc1.iso', and how do I go about burning the rest of the files in that directory once I have downloaded them? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: upgraded to 8, no mouse is broken
On Thu, 10 Dec 2009 21:38:04 -0700 (MST), Warren Block wbl...@wonkity.com wrote: Please see the Handbook section on X11 configuration instead: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/x-config.html Just a side question: 5.4.2 Note 2 § 5 states: You will have to reboot your machine to force hald to read this file. which refers to /usr/local/etc/hal/fdi/policy/x11-input.fdi that re-enables Ctrl+Alt+Backspace to kill X. Is it really, really needed to reboot the machine? Can't HAL just be restarted? I always thought reboot to make a minor setting work was the domain of Windows... -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Downloading and Burning Free BSD
On Thu, Dec 10, 2009 at 09:46:38PM -0800, Roger Agraviador wrote: I clicked the ISO link and I was brought to a directory, this to be exact ( ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/ISO-IMAGES/7.2/) Once I have downloaded all Iso Images do I burn the 'boot only.iso' file on one DVD or CD only? or do I burn that along with 'disc1.iso', and how do I go about burning the rest of the files in that directory once I have downloaded them? You should burn the disc1.iso at a minimum. The boot-only.iso is for testing. The other iso images contain packages that you may want to install. -- Jonathan Chen j...@chen.org.nz -- I don't want to achive immortality through my works.. I want to achieve it through not dying - Woody Allen ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: won't boot after 8.0-RELEASE upgrade
Can someone give me a clue what went wrong in so described upgrade and what made Kernel 8.0 REL not to see either disklabel nor even partition of my gmirror? I need some advice prior starting upgrade process of the rest of my servers. As you see in my previous posts the problem is NOT in DD mode! Ivo Karabojkov wrote: As I guessed, I am using standard, not DD mode. Despite of this I was unable to boot, and even more: FreeBSD 8.0 sysinstall did not find any partitions neither on the (g)mirror, hardware RAID I described above or any individual disks part of the RAID. I had to use FreeBSD 7.2 livefs to copy my data after I formatted one of the disks with new 8.0 sysinstall. I think this makes our problem totally unexplained. As an example I'll show you my unable to boot system with gmirror fstab: # DeviceMountpoint FStype Options Dump Pass# /dev/mirror/gm0s1b noneswapsw 0 0 /dev/mirror/gm0s1a / ufs rw 1 1 /dev/mirror/gm0s1d /usrufs rw 2 2 /dev/mirror/gm0s1e /varufs rw,acls 2 2 /dev/acd0 /cdrom cd9660 ro,noauto 0 0 Something I've noticed: when formatting an entire disk with sysinstall prior 7.0 its partition looks like this: Offset Size(ST)End Name PType Desc Subtype Flags 0 63 62- 12 unused0 63 781417602 781417664ad4s1 8freebsd 165 781417665 2990 781420654- 12 unused0 When formatted with later versions of sysinstall it looks like this: Offset Size(ST)End Name PType Desc Subtype Flags 0 63 62- 12 unused0 63 625142385 625142447ad4s1 8freebsd 165 I notice that the free part at the end is missing. My hardware raid, described above in this thread, stores its metadata in the beginning of the disk. Writes in the first sectors result in mirror break and the error I wrote already. I know all of this because I did a lot of tests to help all of you to find our problem out. I have to say that my problems occured with system initially installed with FreeBSD 5 or 6. One system with single drive installed with 7.2 (second example) upgraded with no problems. I hope my tests will help to find out what happens wit our older disklabelled systems. Polytropon wrote: On Tue, 8 Dec 2009 14:09:16 -0800 (PST), Ivo Karabojkov i...@kit-bg.com wrote: So I'd like to know how to distinguish mode of my current filesystems - is it standard or dangerously dedicated? If you've first created a slice on the disk, and then partitions inside the slice, it's standard mode, e. g. ad0 ab d e f g { [ (/) (swap) (/tmp) (/var) (/usr) (/home) ] } s1 If you've omitted the slice, and created the partitions on the disk device itself, it's dangerosly dedicated mode, e. g. ad0 { (/) (swap) (/tmp) (/var) (/usr) (/home) } ab d e f g You can tell by the existence of ad0s1[adefg] vs. ad0[adefg] in /dev, or by trying to print the disks's slice table. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- View this message in context: http://old.nabble.com/won%27t-boot-after-8.0-RELEASE-upgrade-tp26628661p26739396.html Sent from the freebsd-questions mailing list archive at Nabble.com. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: googleearth complains about file instance-running-lock
Yuri wrote: Glen Barber wrote: Remove the file? Or rename it? I wouldn't ask this question if it was that easy. There is even no such directory: /home/yuri/.googleearth Check /compat/linux/home/yuri/ Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
OT: XML newbie
I am a relative XML newbie (i.e. our backend does spit out some XML I wrote but it just slapped together with no knowledge of the underlaying structure of XML)... Now I am going back and actually learning XML... our main application is to insert XML directly into XHTML documents and use either CSS or XSLT (don't know enough to pick yet) to style them without resorting to javascript... Now my question what is a good/reasonable set of command line tools for working with/debugging/testing all this in such a way I do not need to rely on the browser... specifically what types (and specific ones if there is a preference) tools do I need and are there any recommended procedures for dealing with XML from the command line in the future we may want to also do Java parsing of XML but that seems to be well handled already in the JDK (1.6) API thanks in advance ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
I think democracy is a choice of freedom. Freedom what to use, AND, in such cases - freedom where to work! If you are marketing specialist probably you should NOT touch much of your computer's control gear. If you are an IT specialist or support such treatment is similar to treat you as a cattle. It's only up to you to allow or forbid such treatment. The freedom has it's price, of course. I always choose to pay it. If someone hires me to manage something he should listen to my or my team's advices. Otherwise he spends money for nothing and I earn headache and broken nerves! And as for academic battle: If universities deny to make tests, experiments and cutting edge implementations then who would??? If IT or computing science, or telecommunication departments are treated in such manner probably they should be dismissed for not letting them to damage our future specialists! It's a sin to read just one book, even if it is the Holly Bible! God, forgive me for comparing М$ with the Bible, it's just for conviction ;-)! In fact I won partially such a battle in 2002-2003, and even if I don't work for our University they still relay on FreeBSD for major part of their IT infrastructure. I wish you all freedom and success! Jerry-107 wrote: On Thu, 10 Dec 2009 20:21:26 +0100 Julian H. Stacey j...@berklix.com replied: Fortuantely, I had no problem setting up a black FreeBSD box to preserve my sanity. A tip for those threatened with no BSD box at work: FreeBSD runs fine _inside_ a box that looks like a multi sheet scanner. OK, slow, but invisible to managers who require MS only. These scanners often lie abandoned in company junk rooms ( cheap on web), as people know they used to need MS's abandoned NT (= Not There) operating system. Well they do ... until one installs BSD. Credit to David M. who did the FreeBSD work. Pictures of hardware to look for in junk rooms: http://www.berklix.com/scanjet/ Cheers, Julian Out of pure morbid curiosity, would you please answer this question for me. You work for a corporation that specifically requires the use of a specific OS, the OS itself is not material to this question. It also forbids the use of any unauthorized OS or equipment on the companies network. You decide to ignore their directives and eventually: 1) Get caught 2) Cause a problem with the company's network, etc. Now, when you get fired and possible charged with a crime, do you: 1) Cry and bitch that they are being unfair? 2) Accept the fact that you deserved to be dismissed? Where I use to work, two or three employees were fired each year because they thought they knew more than everyone else. They failed to realize that they were being compensated to do what they were told and not what they thought they should be doing. The bottom line is if they are not smart enough to follow company directives, they are certainly not capable of instigating their own protocol. -- Jerry ges...@yahoo.com |=== |=== |=== |=== | Grandpa Charnock's Law: You never really learn to swear until you learn to drive. [I thought it was when your kids learned to drive. Ed.] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- View this message in context: http://old.nabble.com/Root-exploit-for-FreeBSD-tp26728358p26739505.html Sent from the freebsd-questions mailing list archive at Nabble.com. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
On Thu, Dec 10, 2009 at 8:51 AM, Bill Moran wmo...@potentialtech.com wrote: In response to Anton Shterenlikht me...@bristol.ac.uk: From my information security manager: FreeBSD isn't much used within the University (I understand) and has a (comparatively) poor security record. Most recently, for example: http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.html Are you trying to make your infosec guy look like an idiot? Does he realize that FreeBSD has a grand total of 16 security problems for all of 2009? Hell, Microsoft has that many in an average month. If he can find something (other than OpenBSD) with a better record than that, I'd love to hear about it. Either your infosec guy is close to incompetent or this is flame bait. I have tried looking around and OpenBSD appears to be the undisputed #1 track record in terms of security and FreeBSD is #2 (I didn't count dragonflyBSD) Linux is Just horrible, and Windows well enough said :) Sam Fourman Jr. Fourman Networks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Root exploit for FreeBSD
From my information security manager: FreeBSD isn't much used within the University (I understand) I sometimes wonder the validity of such statements, since we use it on 99% of our servers, the work-stations run Linux. Then again, we are concidered a more theoretical than practical school :-) and has a (comparatively) poor security record. Most recently, for example: http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.html as many have explained, connecting a computer to the network has its risks, and FreeBSD has a great security record. my 2c. danny -- Daniel Braniss e-mail: da...@cs.huji.ac.il Manager of Computing Facilities The Selim and Rachel Benin School ofphone: +972 2 658 4385 Engineering and Computer ScienceFax:+972 2 561 7723 The Hebrew University of Jerusalem Edmond Safra Campus, Givat Ram, Israel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: googleearth complains about file instance-running-lock
On Fri, 11 Dec 2009 06:44:26 + Matthew Seaman wrote: Yuri wrote: Glen Barber wrote: Remove the file? Or rename it? I wouldn't ask this question if it was that easy. There is even no such directory: /home/yuri/.googleearth Check /compat/linux/home/yuri/ ...and remove /compat/linux/home if it exists. -- WBR, Boris Samorodov (bsam) Research Engineer, http://www.ipt.ru Telephone Internet SP FreeBSD Committer, http://www.FreeBSD.org The Power To Serve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org