Re: Mother board compatibility and CF card usage as main storage device for small DNS server
Many thanks for the responses! On 01/10/2010 02:52, Paul Wootton wrote: On 09/30/10 14:54, Kaya Saman wrote: On 30/09/2010 17:54, Brent Bloxam wrote: Kaya Saman wrote: From what you mention it sounds like a bad idea as the system disk will have many R/W's going through it it seems as /tmp and Swap get written to all the time. You can skip swap altogether and use MFS (memory filesystem) like Brian mentioned for other high write partitions that don't need to be persistent (/tmp, /var/log). See the following article on the freebsd.org website about using solid state storage: http://www.freebsd.org/doc/en/articles/solid-state/article.html Keep in mind though that Brian's setup was for slave nameservers that would be caching from another master. If your nameserver is acting as master, you'll be storing your records on flash since you need persistent storage, but I don't imagine those files will be write intensive. Also, if you make /var/log MFS, you'll want to have an external syslog server set up ;) Thanks a lot so it should be ok then! :-) Yeah sounds like a good setup, and also a syslog server :- this is exactly what I need in order to check my IOS logs coming from my Cisco boxes. I had previously imagined it to be a simple tftpboot server but sounds like it's standalone. That's cool! I mean I really like having logwatch mailing me all necessary information anyway so that coupled with a syslog server should be pretty good :-) Nice ideas need to do some Google'ing now as I don't know what MFS is yet but I will :-D Cheers and best regards, Kaya I have been using a Soekris Net5501-70 box since June 2008 with a CF card running FreeBSD 7. This is being used for DNS, DHCP, NNTP, network firewall and a small asterisk server I have turned off writing messages to logs, and in June this year, I started using an MD for /var/db/dhcpd (as that was getting written to a fair amount) Im still on my original CF card, and as of yet, have not seen any problems (touch wood)... Its not the fastest box in the world, but it certainly does what I want it to do. Just takes a long time compiling a world and kernel Just another option for you... Paul I checked out the Soekris and looks more like a firewall style design with multiple LAN ports and kinda a bit more then what I need! Perhaps I'll just stick to my original SSD idea even though I'll pay a bit more but a 40GB Intel X.25 SSD should do the trick. - Am currently using this in another design for DNS where I'm using 2 BSD Jails for primary and secondary and is ultra fast :-) Just a bit more expensive but that's ok I guess Best Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Upgrading autoconf
On Thu, Sep 30, 2010 at 6:59 PM, Daniel Bye freebsd-questi...@slightlystrange.org wrote: On Thu, Sep 30, 2010 at 06:50:22PM +0300, Odhiambo Washington wrote: I am trying this out: #portupgrade -f 'autoconf*' 'automake*' Try upgrading the failing ports by hand. portupgrade tends to suppress full error output, making it difficult to ascertain exactly what's gone wrong. Alternatively, I would be tempted to just uninstall autoconf* and automake*, since they will get pulled in as dependencies whenever you come to build another port that requires them. Hi Dan, Turns out the culprit was m4. Once I did 'portupgrade m4' successfully, everything now compiled fine. The box is running FreeBSD 6.4-STABLE which I was ashamed to mention:-) Will migrate it to 8.x soon, by doing a new installation and migrating. Or should I wait for FreeBSD-9 ?? -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ If you have nothing good to say about someone, just shut up!. -- Lucky Dube ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: router / firewall with PF and carp.
On 30 September 2010 23:19, Patrick Lamaiziere patf...@davenulle.orgwrote: Hi, We are in the process to replace two Cisco Pix firewalls and one Cisco router with two servers running PF with carp. The network is large (it is an University) and all will depend on this two machines. We have made some tests with OpenBSD, PF and OpenBGPD and it looks to work (but we have to make a lot of more tests to validate this). I think that the support for an OpenBSD release is very small (only one year) and I'm suggesting to use FreeBSD instead (we can expect ~3/4 years of support if we follow a stable branch). I am an happy user of FreeBSD since some time - I mean that I know it is not perfect and there are some bugs! - but I dont have any experience running it as a router on a large network. So, are PF and carp expected to work fine on FreeBSD or are there some known problems? Do you think that OpenBSD suits better for this? Thanks, regards. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org In my experiance freebsd should work fine. However I would say openbsd is probably better suited to your needs, due to its tighter security model (auditing) You will also get a newer version of pf with openbsd. If you get issues with openBGP would could look at quagga. I have used it in the past but havent for a while so am not sure of the state of it now. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Upgrading autoconf
On Fri, Oct 01, 2010 at 12:13:28PM +0300, Odhiambo Washington wrote: On Thu, Sep 30, 2010 at 6:59 PM, Daniel Bye freebsd-questi...@slightlystrange.org wrote: On Thu, Sep 30, 2010 at 06:50:22PM +0300, Odhiambo Washington wrote: I am trying this out: #portupgrade -f 'autoconf*' 'automake*' Try upgrading the failing ports by hand. portupgrade tends to suppress full error output, making it difficult to ascertain exactly what's gone wrong. Alternatively, I would be tempted to just uninstall autoconf* and automake*, since they will get pulled in as dependencies whenever you come to build another port that requires them. Hi Dan, Turns out the culprit was m4. Once I did 'portupgrade m4' successfully, everything now compiled fine. The box is running FreeBSD 6.4-STABLE which I was ashamed to mention:-) Glad you fixed it! Will migrate it to 8.x soon, by doing a new installation and migrating. Or should I wait for FreeBSD-9 ?? I'd go for 8.x as soon as possible. It'll be a while before 9 is ready for production, and when it is released, it should be pretty straight forward to upgrade from 8.x using the standard buildworld cycle, provided your setup isn't too outlandish! Dan -- Daniel Bye _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ pgp7nxygb4Lhw.pgp Description: PGP signature
A command to check network transfer
Dear all, I cannot for the life of mine remember the command which allows me to check incoming and outgoing transfer on lo0 and re0. Can you please help? :) Thanks a lot! Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: A command to check network transfer
On Fri, Oct 1, 2010 at 11:59 AM, Zbigniew Szalbot zszal...@gmail.com wrote: Dear all, I cannot for the life of mine remember the command which allows me to check incoming and outgoing transfer on lo0 and re0. Can you please help? :) I use iftop[1] Cheers! [1] http://www.freebsdsoftware.org/net-mgmt/iftop.html Thanks a lot! Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: A command to check network transfer
Hi there, 2010/10/1 Fernando Apesteguía fernando.apesteg...@gmail.com: I cannot for the life of mine remember the command which allows me to check incoming and outgoing transfer on lo0 and re0. Can you please help? :) I use iftop[1] No, this one is built into the system. I havent't used it for some time and cannot now recollect it. :( Thanks! Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: A command to check network transfer
On Fri, Oct 01, 2010 at 12:07:56PM +0200, Zbigniew Szalbot wrote: Hi there, 2010/10/1 Fernando Apesteguía fernando.apesteg...@gmail.com: I cannot for the life of mine remember the command which allows me to check incoming and outgoing transfer on lo0 and re0. Can you please help? :) I use iftop[1] No, this one is built into the system. I havent't used it for some time and cannot now recollect it. :( Try 'systat -if 1' or 'netstat -I re0 -w 1' / 'netstat -I lo0 -w 1'. One of them is probably what you are thinking of. -- Insert your favourite quote here. Erik Trulsson ertr1...@student.uu.se ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: A command to check network transfer
Try 'systat -if 1' or 'netstat -I re0 -w 1' / 'netstat -I lo0 -w 1'. One of them is probably what you are thinking of. systat -if This is what I was looking for. Many, many thanks! Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: A command to check network transfer
Zbigniew Szalbot wrote: Dear all, I cannot for the life of mine remember the command which allows me to check incoming and outgoing transfer on lo0 and re0. Can you please help? :) netstat -w 1 -i lo0 and netstat -w -l -i re0 for 1 second updates on each interface with packets/bytes in/out - Mark ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Upgrading autoconf
On Fri, 1 Oct 2010 12:13:28 +0300 Odhiambo Washington odhia...@gmail.com articulated: Or should I wait for FreeBSD-9 ?? Or Freebsd-10.x perhaps! -- Jerry ✌ freebsd.u...@seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Upgrading autoconf
On Fri, Oct 1, 2010 at 12:36 PM, Daniel Bye freebsd-questi...@slightlystrange.org wrote: On Fri, Oct 01, 2010 at 12:13:28PM +0300, Odhiambo Washington wrote: On Thu, Sep 30, 2010 at 6:59 PM, Daniel Bye freebsd-questi...@slightlystrange.org wrote: On Thu, Sep 30, 2010 at 06:50:22PM +0300, Odhiambo Washington wrote: I am trying this out: #portupgrade -f 'autoconf*' 'automake*' Try upgrading the failing ports by hand. portupgrade tends to suppress full error output, making it difficult to ascertain exactly what's gone wrong. Alternatively, I would be tempted to just uninstall autoconf* and automake*, since they will get pulled in as dependencies whenever you come to build another port that requires them. Hi Dan, Turns out the culprit was m4. Once I did 'portupgrade m4' successfully, everything now compiled fine. The box is running FreeBSD 6.4-STABLE which I was ashamed to mention:-) Glad you fixed it! Will migrate it to 8.x soon, by doing a new installation and migrating. Or should I wait for FreeBSD-9 ?? I'd go for 8.x as soon as possible. It'll be a while before 9 is ready for production, and when it is released, it should be pretty straight forward to upgrade from 8.x using the standard buildworld cycle, provided your setup isn't too outlandish! Update 6.4 to 8.x?? Or you mean some upgrade path like install 8.x and then migrate services?:-) -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ If you have nothing good to say about someone, just shut up!. -- Lucky Dube ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: router / firewall with PF and carp.
I can say that both of them are pretty good choice, in my personal experience I had the same configuration that you are planning to implement qith two servers on OpenBsd 4.6 + carp+ bgp as a router in a huge network , the only problem was some well know bug with carp and bgp..that for some reason some times one of the server nic (carp-backup) try to became master, when wasn't necesary... and the routes were screwed up. But now with the new openbsd 4.8, if i were you I would give it a try Jorge E. Espada On Fri, Oct 1, 2010 at 6:29 AM, krad kra...@gmail.com wrote: On 30 September 2010 23:19, Patrick Lamaiziere patf...@davenulle.org wrote: Hi, We are in the process to replace two Cisco Pix firewalls and one Cisco router with two servers running PF with carp. The network is large (it is an University) and all will depend on this two machines. We have made some tests with OpenBSD, PF and OpenBGPD and it looks to work (but we have to make a lot of more tests to validate this). I think that the support for an OpenBSD release is very small (only one year) and I'm suggesting to use FreeBSD instead (we can expect ~3/4 years of support if we follow a stable branch). I am an happy user of FreeBSD since some time - I mean that I know it is not perfect and there are some bugs! - but I dont have any experience running it as a router on a large network. So, are PF and carp expected to work fine on FreeBSD or are there some known problems? Do you think that OpenBSD suits better for this? Thanks, regards. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org In my experiance freebsd should work fine. However I would say openbsd is probably better suited to your needs, due to its tighter security model (auditing) You will also get a newer version of pf with openbsd. If you get issues with openBGP would could look at quagga. I have used it in the past but havent for a while so am not sure of the state of it now. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: router / firewall with PF and carp.
Both would probably be fine. However, I would recommend taking a look at pfsense if I were you. It is made to do what you want without as much of the overhead as a full blown *BSD install. It is easier to configure, update, the documentation is good, and you can get top notch paid support from the developers if you want. On 9/30/2010 6:19 PM, Patrick Lamaiziere wrote: Hi, We are in the process to replace two Cisco Pix firewalls and one Cisco router with two servers running PF with carp. The network is large (it is an University) and all will depend on this two machines. We have made some tests with OpenBSD, PF and OpenBGPD and it looks to work (but we have to make a lot of more tests to validate this). I think that the support for an OpenBSD release is very small (only one year) and I'm suggesting to use FreeBSD instead (we can expect ~3/4 years of support if we follow a stable branch). I am an happy user of FreeBSD since some time - I mean that I know it is not perfect and there are some bugs! - but I dont have any experience running it as a router on a large network. So, are PF and carp expected to work fine on FreeBSD or are there some known problems? Do you think that OpenBSD suits better for this? Thanks, regards. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: router / firewall with PF and carp.
On 1 October 2010 05:29, krad kra...@gmail.com wrote: In my experiance freebsd should work fine. However I would say openbsd is probably better suited to your needs, due to its tighter security model (auditing) Krad, I was under the impression that 'audit' from TrustedBSD is built into FreeBSD. Is there a facility in OpenBSD that is better or is there something in 'audit' that is lacking? Thanks! kmw ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FW: How to check version of Make in FreeBSD
Hi All, I am working on some code porting activity that wants Some code to be ported on FreeBSD. I need to check the version of Make installed in FreeBSD. make -v does not help here. What is the similar command in FreeBSD ? Thanks Regards, Chetan DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
5.25 floppy drive
I'm in the need of reading some data from old 5.25 floppy media (1.2MB). I lent 2 drives from neighbour institutes at the university and after having recalled that the floppies have to be enabled in the BIOS I'm now seeing the fd0 device in dmesg (FreeBSD 8.0 RELEASE). I can do a dd if=/dev/fd0 of=/root/fd0.dmp The select light is lit, the head motor seems to get power but the spindle doesn't spin. I tried that with two TEAC drives to no avail. Any clues what I may have forgotten? The drive is connected with the edge connector and the end is open. Does it need to be terminated? -- Christoph ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Upgrading autoconf
On Fri, Oct 01, 2010 at 03:02:10PM +0300, Odhiambo Washington wrote: Will migrate it to 8.x soon, by doing a new installation and migrating. Or should I wait for FreeBSD-9 ?? I'd go for 8.x as soon as possible. It'll be a while before 9 is ready for production, and when it is released, it should be pretty straight forward to upgrade from 8.x using the standard buildworld cycle, provided your setup isn't too outlandish! Update 6.4 to 8.x?? Or you mean some upgrade path like install 8.x and then migrate services?:-) Since you're crossing two major versions, I'd go for a clean install. You could conceivably go straight to 8 using buildworld, but I think the safest and simplest course of action is to take good backups and start from scratch. As for going from 8.x to 9.x, that should be pretty easy, if, as I said, your setup isn't too far from the default. But of course, only you can make that call. Dan -- Daniel Bye _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ pgpH6dN2QDWf5.pgp Description: PGP signature
Re: router / firewall with PF and carp.
On Fri, Oct 01, 2010 at 09:40:56AM -0400, Kevin Wilcox wrote: On 1 October 2010 05:29, krad kra...@gmail.com wrote: In my experiance freebsd should work fine. However I would say openbsd is probably better suited to your needs, due to its tighter security model (auditing) Krad, I was under the impression that 'audit' from TrustedBSD is built into FreeBSD. Is there a facility in OpenBSD that is better or is there something in 'audit' that is lacking? I think krad is referring to the well-publicised code audit that the OpenBSD project conducts, rather than the TrustedBSD audit framework. As far as I know, OpenBSD doesn't have anything comparable, but it's a long time since I looked at it, so I might be typing out of me ear... Dan -- Daniel Bye _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ pgpu4rTdktZV6.pgp Description: PGP signature
Re: 5.25 floppy drive
On Fri, 01 Oct 2010 15:04:40 +0200, Christoph Kukulies k...@kukulies.org wrote: I'm in the need of reading some data from old 5.25 floppy media (1.2MB). I lent 2 drives from neighbour institutes at the university and after having recalled that the floppies have to be enabled in the BIOS I'm now seeing the fd0 device in dmesg (FreeBSD 8.0 RELEASE). Similat to this? % dmesg | grep ^fd fdc0: floppy drive controller port 0x3f2-0x3f3,0x3f4-0x3f5,0x3f7 irq 6 drq 2 on acpi0 fdc0: [FILTER] fd0: 1440-KB 3.5 drive on fdc0 drive 0 This is for a 3.5 drive of course, the 5.25's message should read similar. FreeBSD 7 here. I can do a dd if=/dev/fd0 of=/root/fd0.dmp The select light is lit, the head motor seems to get power but the spindle doesn't spin. I tried that with two TEAC drives to no avail. Strange, I would suspect drive electronics first... do you have a low end PC (DOS) to check the drives? The lowest level diagnosis tools are often the best. :-) Any clues what I may have forgotten? The drive is connected with the edge connector and the end is open. Sounds correct. Does it need to be terminated? No. The position on the cable selects which drive letter will be associated to a given drive; the one on the end is A:, the one on the middle is B:. A single drive is usually connected to the end of the cable. As the connector for 5.25 drive does have a gap, you can't wrongly connect it. The connector to the main board should also have a nose that prevents wrong cabling. Wrong cabling is indicated by a permanent (!) activity light on the drive. Instead of using dd, can you maybe access the drive using mount or the mtools (from ports)? If you encounter further problems, I can get a working drive and check here. I'm in a kind of working museum. :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: router / firewall with PF and carp.
On 1 October 2010 10:16, Daniel Bye freebsd-questi...@slightlystrange.org wrote: On Fri, Oct 01, 2010 at 09:40:56AM -0400, Kevin Wilcox wrote: Krad, I was under the impression that 'audit' from TrustedBSD is built into FreeBSD. Is there a facility in OpenBSD that is better or is there something in 'audit' that is lacking? I think krad is referring to the well-publicised code audit that the OpenBSD project conducts, rather than the TrustedBSD audit framework. As far as I know, OpenBSD doesn't have anything comparable, but it's a long time since I looked at it, so I might be typing out of me ear... Dan, that makes perfect sense. I'm working up a BSD presentation for the local LUG next week and the latest compare/contrast I was working on was SELinux/GrSecurity/Pax versus TrustedBSD; my brain immediately parsed auditing as an audit trail, not the immense code audit for the base system. Thanks for the reality check!! kmw ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Upgrading autoconf
On Fri, Oct 1, 2010 at 5:11 PM, Daniel Bye freebsd-questi...@slightlystrange.org wrote: On Fri, Oct 01, 2010 at 03:02:10PM +0300, Odhiambo Washington wrote: Will migrate it to 8.x soon, by doing a new installation and migrating. Or should I wait for FreeBSD-9 ?? I'd go for 8.x as soon as possible. It'll be a while before 9 is ready for production, and when it is released, it should be pretty straight forward to upgrade from 8.x using the standard buildworld cycle, provided your setup isn't too outlandish! Update 6.4 to 8.x?? Or you mean some upgrade path like install 8.x and then migrate services?:-) Since you're crossing two major versions, I'd go for a clean install. You could conceivably go straight to 8 using buildworld, but I think the safest and simplest course of action is to take good backups and start from scratch. As for going from 8.x to 9.x, that should be pretty easy, if, as I said, your setup isn't too far from the default. But of course, only you can make that call. My servers are pretty easy to migrate. It's just a case of a fresh install, install the applications, migrate the configs and data/databases since I try and keep up to date with the application versions as much as possible. The only thing that changes significantly is the base system. I will go for a clean install. Sometimes back I saw some instructions to upgrade upwards (6.x -7.x -8.x) but I cannot find them anymore, although the only time to do those are when the system is in the room next:-) -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ If you have nothing good to say about someone, just shut up!. -- Lucky Dube ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: router / firewall with PF and carp.
On 1 October 2010 15:34, Kevin Wilcox kevin.wil...@gmail.com wrote: On 1 October 2010 10:16, Daniel Bye freebsd-questi...@slightlystrange.org wrote: On Fri, Oct 01, 2010 at 09:40:56AM -0400, Kevin Wilcox wrote: Krad, I was under the impression that 'audit' from TrustedBSD is built into FreeBSD. Is there a facility in OpenBSD that is better or is there something in 'audit' that is lacking? I think krad is referring to the well-publicised code audit that the OpenBSD project conducts, rather than the TrustedBSD audit framework. As far as I know, OpenBSD doesn't have anything comparable, but it's a long time since I looked at it, so I might be typing out of me ear... Dan, that makes perfect sense. I'm working up a BSD presentation for the local LUG next week and the latest compare/contrast I was working on was SELinux/GrSecurity/Pax versus TrustedBSD; my brain immediately parsed auditing as an audit trail, not the immense code audit for the base system. Thanks for the reality check!! kmw ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org I know what you mean, whenever i have worked with SELINUX policies and the bsd MAC framework, it has fried my brain a little 8) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Updating bzip2 to remove potential security vulnerability
I have seen several notices on other forums regarding the update of bzip2 to correct a potential security problem. From the bzip2 web site: quote The current version is 1.0.6, released 20 Sept 2010. Version 1.0.6 removes a potential security vulnerability, CVE-2010-0405, so all users are recommended to upgrade immediately. /quote The version supplied on FreeBSD-8.1/amd64 is version 1.0.5, 10-Dec-2007. Are there any plans to update this supplied version? -- Jerry ✌ freebsd.u...@seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Updating bzip2 to remove potential security vulnerability
In the last episode (Oct 01), Jerry said: I have seen several notices on other forums regarding the update of bzip2 to correct a potential security problem. From the bzip2 web site: quote The current version is 1.0.6, released 20 Sept 2010. Version 1.0.6 removes a potential security vulnerability, CVE-2010-0405, so all users are recommended to upgrade immediately. /quote The version supplied on FreeBSD-8.1/amd64 is version 1.0.5, 10-Dec-2007. Are there any plans to update this supplied version? You must have missed http://security.freebsd.org/advisories/FreeBSD-SA-10:08.bzip2.asc ; patches for 6, 7, and 8 are available there, and freebsd-update has fixed binaries if you use that. -- Dan Nelson dnel...@allantgroup.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 5.25 floppy drive
On Fri, 1 Oct 2010, Christoph Kukulies wrote: I'm in the need of reading some data from old 5.25 floppy media (1.2MB). I lent 2 drives from neighbour institutes at the university and after having recalled that the floppies have to be enabled in the BIOS I'm now seeing the fd0 device in dmesg (FreeBSD 8.0 RELEASE). I can do a dd if=/dev/fd0 of=/root/fd0.dmp The select light is lit, the head motor seems to get power but the spindle doesn't spin. Possibly a drive select issue. Some drives had jumpers or switches, some cables have flipped-around wires so the connectors are specific to one drive or another. If your cabling is straight-through with no funny business at the connectors, set the drive to DS0. If the cable has split out and flipped-over sections, DS1 should be set in the jumpers --but then it depends on which connector is used. ...I think, anyway, it's been a few years since I've had to use a 5.25. I tried that with two TEAC drives to no avail. Any clues what I may have forgotten? The drive is connected with the edge connector and the end is open. Does it need to be terminated? None that I've seen. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
BIND: could not configure root hints from 'named.root': file not found
Hello, I noticed my email client was taking just over two minutes to start up, with the mail folder being accessed from a share on an NFS server. After rebuilding my workstation (due to h/w heating problems), I deleted my 50,000 emails from freebsd-questions, and ipfw folders. Now the email client opens the NFS share and starts up in under two seconds :) However, now I must use mmsearch at lists.freebsd.org to search mailing list archives. This gives me Internal Server Error on most of my searches, so I decided to post my question here. I have been running a FreeBSD server in my basement for nearly a decade, and like some on this email list, I also ran into trouble when rebuilding my bind environment in a new server environment. (Server ran out of space and my root partition was too small, so I decided to rebuild the box, only to be reminded BIND is tricky to configure.) The BIND files look like Greek to me (no offense intended to Grecians.) Its been at least eight years since I read much of DNS and Bind and my copy is now languishing at some former client or employer. I've been reading man pages, handbooks, and the like for days. Here's my immediate problem: After building the server, with jails, before putting BIND in the jail, I decided to get it working in the host FreeBSD environment. # uname -a FreeBSD www.mbpesecurity.com 8.1-RELEASE FreeBSD 8.1-RELEASE #0: Mon Jul 19 02:55:53 UTC 2010 r...@almeida.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386 From this dir: # pwd /var/named/etc/namedb (symlinked to /etc/namedb) When I start bind: # /etc/rc.d/named onestart Starting named. /etc/rc.d/named: WARNING: failed to start named # pwd /var/named/etc/namedb www# ls named.root named.root Syslogs Show: Oct 1 12:36:35 www named[4663]: starting BIND 9.6.2-P2 -t /var/named -u bind Oct 1 12:36:35 www named[4663]: built with '--prefix=/usr' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--enable-threads' '--disable-ipv6' '--enable-getifaddrs' '--disable-linux-caps' '--with-openssl=/usr' '--with-randomdev=/dev/random' '--without-idn' '--without-libxml2' Oct 1 12:36:35 www named[4663]: *could not configure root hints from 'named.root': file not found* Oct 1 12:36:35 www named[4663]: loading configuration: file not found Oct 1 12:36:35 www named[4663]: exiting (due to fatal error) Oct 1 12:36:35 www mpope: /etc/rc.d/named: WARNING: failed to start named This perplexes me since 'named.root' is in the starting dir: /etc/namedb, and the 'master' subdir: /etc/namedb/master. # pwd /var/named/etc/namedb (symlinked dir for /etc/namedb) www# ls -ald * drwxr-xr-x 3 root wheel 512 Oct 1 12:28 aborted drwxr-xr-x 2 bind wheel 512 Oct 1 12:33 dynamic drwxr-xr-x 2 root wheel 512 Oct 1 12:36 master -rw-r--r-- 1 root wheel 1783 Oct 1 12:29 named.conf -rw-r--r-- 1 named named 3082 Sep 30 17:44 *named.root* -rw--- 1 bind wheel97 Sep 30 17:20 rndc.key drwxr-xr-x 2 bind wheel 512 Oct 1 12:33 slave drwxr-xr-x 2 bind wheel 512 Oct 1 12:36 working # ls master 0.0.127.IN-ADDR.ARPAempty.db *named.root* 171.248.206.IN-ADDR.ARPAmbpesecurity.com db.bindnamed.localhost Perhaps BIND is actually starting from some other directory? Here is a list of all namedb hits. Since I'm not starting from the jail yet, the only other named dir is in /usr/src/etc/named, the build dir, see listing below. # pwd /var/named/etc/namedb # find / -name namedb /usr/src/etc/namedb == only other named dir /usr/home/j/mroot/usr/src/etc/namedb = START of JAIL Related dirs /usr/home/j/mroot/var/named/etc/namedb| /usr/home/j/skel/var/named/etc/namedb | /usr/home/j/ns/s/etc/namedb | /usr/home/j/ns/s/var/named/etc/namedb | /usr/home/j/ns/usr/src/etc/namedb | /usr/home/j/ns/var/named/etc/namedb | /usr/home/j/mail/s/var/named/etc/namedb | /usr/home/j/mail/usr/src/etc/namedb | /usr/home/j/mail/var/named/etc/namedb | /usr/home/j/www/s/var/named/etc/namedb| /usr/home/j/www/usr/src/etc/namedb| /usr/home/j/www/var/named/etc/namedb | /usr/home/js/ns/etc/namedb| /usr/home/js/ns/var/named/etc/namedb | /usr/home/js/mail/var/named/etc/namedbV /usr/home/js/www/var/named/etc/namedb = END of JAIL dirs /etc/namedb -Sym link dest /var/named/etc/namedb - Sym link src In the unlikely event BIND were running from the build dir (/usr/src/etc/named), there too the named.root file is found: # cd /usr/src/etc/namedb # pwd /usr/src/etc/namedb # ls -al named.root master/named.root -rw-r--r-- 1 root wheel 3082 Oct 1 13:27
Re: FW: How to check version of Make in FreeBSD
On 10/1/10, Chetan Shukla chetan.shu...@aricent.com wrote: Hi All, I am working on some code porting activity that wants Some code to be ported on FreeBSD. I need to check the version of Make installed in FreeBSD. make -v does not help here. What is the similar command in FreeBSD ? gmake. On serious side there is no way to find version and freebsd make havent changed much in years I belive that make is still compatible with other BSDs. (well maybe I'm wrong) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
dynamically generating install.cfg
Hello all, I would like to dynamically generate various settings that will be placed into the install.cfg file before sysinstall executes. I am PXE booting and have a mfsroot that contains a install.cfg with variables that will be applicable to all installs. Inside the mfsroot is a script that is supposed to download, via anon-ftp, a file that contains other variables which are set on per host basis. Inside the script, I run ifconfig to setup the interface then immediately run ftp to download the file from the PXE server. As soon as it gets the file, ifconfig runs and takes the interface down. During the install, the debug screen shows no errors when running ifconfig, yet when the script attempts to ftp to the PXE server, it gets a 'network unreachable'. As a result of this, I tried setting up the route as well, using route add default $gateway and get the same error. Running tcpdump on the PXE server confirms that there is not ftp attempt from the client. I am wondering if anyone has tried anything similar and had luck with it or if anyone might be able to provide direction in how I can troubleshoot. I'm not even sure if the interface is being setup properly. At the point where this fails, there is no holographic shell for me to get into and poke around. Thoughts? Ideas? -- Take care Rick Miller ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: BIND: could not configure root hints from 'named.root': file not found
On 10/01/2010 12:52 PM, Matthew wrote: I would be grateful for any pointers on how to resolve this. I suspect the error message may not be exactly descriptive of whats happening. Kinda. Here's a few points to keep in mind when working with bind in FreeBSD: * By default, named runs in a chroot jail rooted at /var/named/. * For security reasons, named cannot write to anything in that tree, except the dynamic, slave, and working directories. * named uses its current working directory to resolve relative pathnames in the configuration file. * With a recent change to ISC Bind 9, named started complaining if it couldn't write to its current working directory. At the time, this was (chroot)/etc/namedb/; this was subsequently changed to (chroot)/etc/namedb/working/ to make named happy without compromising security. When the working directory for named was (chroot)/etc/namedb/, everything was peachy. Since this was changed, relative pathnames no longer work as expected because the reference point is different. The easiest solution is to alter your configuration file to include only absolute pathnames, relative to the root of the jail. The default named config file (in /var/named/etc/namedb/named.conf) is an excellent source of examples for this. -- Fuzzy love, -CyberLeo Technical Administrator CyberLeo.Net Webhosting http://www.CyberLeo.Net cyber...@cyberleo.net Furry Peace! - http://.fur.com/peace/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Updating bzip2 to remove potential security vulnerability
On Fri, 1 Oct 2010 12:14:20 -0500 Dan Nelson dnel...@allantgroup.com articulated: You must have missed http://security.freebsd.org/advisories/FreeBSD-SA-10:08.bzip2.asc ; patches for 6, 7, and 8 are available there, and freebsd-update has fixed binaries if you use that. Never saw it. So I am assuming that simply using something like: csup -L2 -h cvsup.FreeBSD.org /usr/src/share/examples/cvsup/standard-supfile Then rebuild Kernel World is not going to work. Is that correct? -- Jerry ✌ freebsd.u...@seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ Last week a cop stopped me in my car. He asked me if I had a police record. I said, no, but I have the new DEVO album. Cops have no sense of humor. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Updating bzip2 to remove potential security vulnerability
On Fri, Oct 01, 2010 at 04:59:40PM -0400, Jerry thus spake: On Fri, 1 Oct 2010 12:14:20 -0500 Dan Nelson dnel...@allantgroup.com articulated: You must have missed http://security.freebsd.org/advisories/FreeBSD-SA-10:08.bzip2.asc ; patches for 6, 7, and 8 are available there, and freebsd-update has fixed binaries if you use that. Never saw it. So I am assuming that simply using something like: csup -L2 -h cvsup.FreeBSD.org /usr/src/share/examples/cvsup/standard-supfile Then rebuild Kernel World is not going to work. Is that correct? The update instructions are in the announcement. Here is a snippet from it: a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-10:08/bzip2.patch # fetch http://security.FreeBSD.org/patches/SA-10:08/bzip2.patch.asc b) Execute the following commands as root: # cd /usr/src # patch /path/to/patch # cd /usr/src/lib/libbz2 # make obj make depend make make install NOTE: On the amd64 platform, the above procedure will not update the lib32 (i386 compatibility) libraries. On amd64 systems where the i386 compatibility libraries are used, the operating system should instead be recompiled as described in URL:http://www.FreeBSD.org/handbook/makeworld.html 3) To update your vulnerable system via a binary patch: Systems running 6.4-RELEASE, 7.1-RELEASE, 7.3-RELEASE, 8.0-RELEASE or 8.1-RELEASE on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FW: How to check version of Make in FreeBSD
On 10/1/10, Chetan Shukla chetan.shu...@aricent.com wrote: I need to check the version of Make installed in FreeBSD. make -v does not help here. What is the similar command in FreeBSD ? On Fri, 2010-10-01 at 18:33 +, Paul B Mahol wrote: gmake. On serious side there is no way to find version and -- Cheers, Devin Teske - CONTACT INFORMATION - Business Solutions Consultant II FIS - fisglobal.com 510-735-5650 Mobile 510-621-2038 Office 510-621-2020 Office Fax 909-477-4578 Home/Fax devin.te...@fisglobal.com - LEGAL DISCLAIMER - This message contains confidential and proprietary information of the sender, and is intended only for the person(s) to whom it is addressed. Any use, distribution, copying or disclosure by any other person is strictly prohibited. If you have received this message in error, please notify the e-mail sender immediately, and delete the original message without making a copy. - END TRANSMISSION - ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FW: How to check version of Make in FreeBSD
On 10/1/10, Chetan Shukla chetan.shu...@aricent.com wrote: I need to check the version of Make installed in FreeBSD. make -v does not help here. What is the similar command in FreeBSD ? On Fri, 2010-10-01 at 18:33 +, Paul B Mahol wrote: gmake. On serious side there is no way to find version and freebsd make havent changed much in years... On the command-line... strings `which make` | grep -B1 MAKE_VERSION Or in a makefile... /usr/tmp/Makefile: all: @echo MAKE_VERSION='$(MAKE_VERSION)' make MAKE_VERSION='5200408120' -- Cheers, Devin Teske - CONTACT INFORMATION - Business Solutions Consultant II FIS - fisglobal.com 510-735-5650 Mobile 510-621-2038 Office 510-621-2020 Office Fax 909-477-4578 Home/Fax devin.te...@fisglobal.com - LEGAL DISCLAIMER - This message contains confidential and proprietary information of the sender, and is intended only for the person(s) to whom it is addressed. Any use, distribution, copying or disclosure by any other person is strictly prohibited. If you have received this message in error, please notify the e-mail sender immediately, and delete the original message without making a copy. - END TRANSMISSION - ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Updating bzip2 to remove potential security vulnerability
On Fri, 1 Oct 2010 14:00:16 -0700 Jason jhelf...@e-e.com wrote: On Fri, Oct 01, 2010 at 04:59:40PM -0400, Jerry thus spake: On Fri, 1 Oct 2010 12:14:20 -0500 Dan Nelson dnel...@allantgroup.com articulated: You must have missed http://security.freebsd.org/advisories/FreeBSD-SA-10:08.bzip2.asc ; patches for 6, 7, and 8 are available there, and freebsd-update has fixed binaries if you use that. Never saw it. So I am assuming that simply using something like: csup -L2 -h cvsup.FreeBSD.org /usr/src/share/examples/cvsup/standard-supfile Then rebuild Kernel World is not going to work. Is that correct? The update instructions are in the announcement. Here is a snippet from it: Or yes, you can just update to the latest sources via csup - it's been fixed in all supported security branches as well as HEAD (see http://svn.freebsd.org/viewvc/base/releng/8.1/UPDATING?view=log for example). -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Updating bzip2 to remove potential security vulnerability
On Fri, 1 Oct 2010 14:00:16 -0700 Jason jhelf...@e-e.com articulated: On Fri, Oct 01, 2010 at 04:59:40PM -0400, Jerry thus spake: On Fri, 1 Oct 2010 12:14:20 -0500 Dan Nelson dnel...@allantgroup.com articulated: You must have missed http://security.freebsd.org/advisories/FreeBSD-SA-10:08.bzip2.asc ; patches for 6, 7, and 8 are available there, and freebsd-update has fixed binaries if you use that. Never saw it. So I am assuming that simply using something like: csup -L2 -h cvsup.FreeBSD.org /usr/src/share/examples/cvsup/standard-supfile Then rebuild Kernel World is not going to work. Is that correct? The update instructions are in the announcement. Here is a snippet from it: a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-10:08/bzip2.patch # fetch http://security.FreeBSD.org/patches/SA-10:08/bzip2.patch.asc b) Execute the following commands as root: # cd /usr/src # patch /path/to/patch # cd /usr/src/lib/libbz2 # make obj make depend make make install NOTE: On the amd64 platform, the above procedure will not update the lib32 (i386 compatibility) libraries. On amd64 systems where the i386 compatibility libraries are used, the operating system should instead be recompiled as described in URL:http://www.FreeBSD.org/handbook/makeworld.html 3) To update your vulnerable system via a binary patch: Systems running 6.4-RELEASE, 7.1-RELEASE, 7.3-RELEASE, 8.0-RELEASE or 8.1-RELEASE on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install I all ready read that. If you reread my post, I was inquiring about simply downloading the source tree and then rebuilding world. The portion regarding amd64 systems pertains to me. Notice: quote On the amd64 platform, the above procedure will not update the lib32 (i386 compatibility) libraries. On amd64 systems where the i386 compatibility libraries are used, the operating system should instead be recompiled as described in URL:http://www.FreeBSD.org/handbook/makeworld.html /quote Am I to infer that I could simply download the sources and rebuild world, or do I have to download the patches first? It would appear that I can simply update the sources and rebuild my kernel world. Your post failed to address the question I posed. -- Jerry ✌ freebsd.u...@seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Updating bzip2 to remove potential security vulnerability
On Fri, 1 Oct 2010 22:23:16 +0100 Bruce Cran br...@cran.org.uk articulated: On Fri, 1 Oct 2010 14:00:16 -0700 Jason jhelf...@e-e.com wrote: On Fri, Oct 01, 2010 at 04:59:40PM -0400, Jerry thus spake: On Fri, 1 Oct 2010 12:14:20 -0500 Dan Nelson dnel...@allantgroup.com articulated: You must have missed http://security.freebsd.org/advisories/FreeBSD-SA-10:08.bzip2.asc ; patches for 6, 7, and 8 are available there, and freebsd-update has fixed binaries if you use that. Never saw it. So I am assuming that simply using something like: csup -L2 -h cvsup.FreeBSD.org /usr/src/share/examples/cvsup/standard-supfile Then rebuild Kernel World is not going to work. Is that correct? The update instructions are in the announcement. Here is a snippet from it: Or yes, you can just update to the latest sources via csup - it's been fixed in all supported security branches as well as HEAD (see http://svn.freebsd.org/viewvc/base/releng/8.1/UPDATING?view=log for example). OK, I just updated my sources; however, this notation from the UPDATING file does NOT appear in the UPDATING file on my machine: 20100920: p1 FreeBSD-SA-10:08.bzip2 Fix an integer overflow in RLE length parsing when decompressing corrupt bzip2 data. I am using this as the tag, which is probably incorrect. default release=cvs tag=RELENG_8 This is the stock standard-supfile. The stock stable-supfile has the same tag. -- Jerry ✌ freebsd.u...@seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Updating bzip2 to remove potential security vulnerability
On Fri, 1 Oct 2010 17:49:29 -0400 Jerry freebsd.u...@seibercom.net wrote: OK, I just updated my sources; however, this notation from the UPDATING file does NOT appear in the UPDATING file on my machine: 20100920: p1 FreeBSD-SA-10:08.bzip2 Fix an integer overflow in RLE length parsing when decompressing corrupt bzip2 data. I am using this as the tag, which is probably incorrect. default release=cvs tag=RELENG_8 This is the stock standard-supfile. The stock stable-supfile has the same tag. Sorry, it seems stable/8 UPDATING hasn't been updated. Instead, check that you have rev 1.1.1.5.2.1 of contrib/bzip2/decompress.c . I guess that since -stable isn't a release branch that it doesn't get security issues logged in UPDATING? -- Bruce ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FW: How to check version of Make in FreeBSD
On 10/1/10, Devin Teske dte...@vicor.com wrote: On 10/1/10, Chetan Shukla chetan.shu...@aricent.com wrote: I need to check the version of Make installed in FreeBSD. make -v does not help here. What is the similar command in FreeBSD ? On Fri, 2010-10-01 at 18:33 +, Paul B Mahol wrote: gmake. On serious side there is no way to find version and freebsd make havent changed much in years... On the command-line... strings `which make` | grep -B1 MAKE_VERSION Or in a makefile... /usr/tmp/Makefile: all: @echo MAKE_VERSION='$(MAKE_VERSION)' make MAKE_VERSION='5200408120' Nice. -- Cheers, Devin Teske - CONTACT INFORMATION - Business Solutions Consultant II FIS - fisglobal.com 510-735-5650 Mobile 510-621-2038 Office 510-621-2020 Office Fax 909-477-4578 Home/Fax devin.te...@fisglobal.com - LEGAL DISCLAIMER - This message contains confidential and proprietary information of the sender, and is intended only for the person(s) to whom it is addressed. Any use, distribution, copying or disclosure by any other person is strictly prohibited. If you have received this message in error, please notify the e-mail sender immediately, and delete the original message without making a copy. - END TRANSMISSION - ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Updating bzip2 to remove potential security vulnerability
Jerry wrote: [snip]. OK, I just updated my sources; however, this notation from the UPDATING file does NOT appear in the UPDATING file on my machine: 20100920: p1 FreeBSD-SA-10:08.bzip2 Fix an integer overflow in RLE length parsing when decompressing corrupt bzip2 data. I am using this as the tag, which is probably incorrect. default release=cvs tag=RELENG_8 This is the stock standard-supfile. The stock stable-supfile has the same tag. The security tag for a release version is either RELENG_8_0 or RELENG_8_1, depending on which one you run. UPDATING has the entry wrt to these. -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: what is from [sic (wrong)] with this picture? -- Answer: It's Ubuntu, not FreeBSD
On Wed, Sep 29, 2010 at 09:44:43PM -0400, Greg Larkin wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jon Radel wrote: On 9/29/10 4:24 PM, Gary Kline wrote: Yes! changing the line in main.cf lets things get thru to my server cleanly, thanks for the tip. I still don't understand what's wrong with my DNS files. Hopefully, other folk on-list will see what's messed up. Your domain registrar is having your dns delegated to 3 nameservers: thought.org.86400INNSns1.thought.org. thought.org.86400INNSns1.silvertree.org. thought.org.86400INNSns1.twisted4life.com. ;; Received 142 bytes from 2001:500:48::1#53(b2.org.afilias-nst.org) in 32 ms The last of the 3, ns1.twisted4life.com, is of the opinion that your domain doesn't exist, given that it has no authoritative data and refuses to do recursive lookups for the Internet at large. I would suspect that this would result in the coming and going visibility that others have reported. Basically, you don't exist a third of the time. You need to make sure that all the nameservers you list with your registrar are actually admitting to your existence and are getting up-to-date data. I recall having this conversation with you before. The first thing I would do is check the results of the DNS scan here (http://www.dnscog.com/report/thought.org) and fix all of the listed problems. Keep iterating until the report is clean, or at least doesn't have any red flags on it. I've used this service successfully for a while now to debug DNS problems. Hope that helps, Greg - -- Greg Larkin Well, long-story-short, yes and no. I changed the IP addr to the same as my firewall's and was able to ping ns1.thought.org but that created other errors that I didn't understand. Plus, it disabled mail both incoming and outgoing. Back to square 0. gary -- Gary Kline kl...@thought.org http://www.thought.org Public Service Unix The 7.83a release of Jottings: http://jottings.thought.org/index.php http://journey.thought.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Freebsd-update not working for me
Weird little problem here... I've got a 7.1-RELEASE box I'm trying to get to 8.1-RELEASE. I was able to do 'freebsd-update -install' and get the security patches and all, but 'freebsd-update -r 8.1-RELEASE upgrade' fails - see output below. Can anyone point me in the right direction to start troubleshooting this? I don't see anything in /var/log/messages. Kurt netmon/root 23:47 2010-09-30 root 0# freebsd-update -r 8.1-RELEASE upgrade Looking up update.FreeBSD.org mirrors... 4 mirrors found. Fetching metadata signature for 7.1-RELEASE from update2.FreeBSD.org... done. Fetching metadata index... done. Fetching 1 metadata patches. done. Applying metadata patches... done. Fetching 1 metadata files... done. Inspecting system... done. The following components of FreeBSD seem to be installed: kernel/generic src/base src/bin src/cddl src/contrib src/crypto src/etc src/games src/gnu src/include src/krb5 src/lib src/libexec src/release src/rescue src/sbin src/secure src/share src/sys src/tools src/ubin src/usbin world/base world/catpages world/dict world/doc world/games world/info world/manpages The following components of FreeBSD do not seem to be installed: world/proflibs Does this look reasonable (y/n)? y Fetching metadata signature for 8.1-RELEASE from update2.FreeBSD.org... done. Fetching metadata index... done. Fetching 1 metadata patches. done. Applying metadata patches... done. Fetching 1 metadata files... done. Inspecting system... done. Fetching files from 7.1-RELEASE for merging... done. Preparing to download files... done. Fetching 16008 patches.. done. Applying patches... done. Fetching 36199 files... failed. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD on Compaq mini CQ10 anyone?
El 26/09/2010 01:32 p.m., BernardL escribió: Le 05/09/2010 06:04, Gonzalo Nemmi a écrit : I just got one and was wondering if anyone was running FreeBSD on it and how well does it work out of the box. All comments are welcome. I have one with FreeBSD 8.1. Some difficulties to install X11 (I had to use Driver vesa instead of intel in the section Device of xorg.config). And the internal Wifi device is not recognized by FreeBSD. Regards Bernard Lecuire Hi there Bernard and thanks for your comment! Can you tell me if suspend to ram (acpiconf -s3) works on the mini CQ10-120?, although I presume it doesn´t work that well, or at all, if you had to use vesa instead of the intel driver ... I would expect that would cause the screen not to come back after suspend and ACPI is my main concern in my netbook. Are you loading the i915 driver in your /boot/loader.conf? Thanks a lot and my best regards Gonzalo Nemmi ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Freebsd-update not working for me
On Fri, Oct 01, 2010 at 04:45:46PM -0700, Kurt Buff thus spake: Weird little problem here... I've got a 7.1-RELEASE box I'm trying to get to 8.1-RELEASE. I was able to do 'freebsd-update -install' and get the security patches and all, but 'freebsd-update -r 8.1-RELEASE upgrade' fails - see output below. Can anyone point me in the right direction to start troubleshooting this? I don't see anything in /var/log/messages. You may want to see how many files you have downloaded under /var/db/freebsd-update. The patches were applied. It appears it was only an issue of getting more files. As the program is running you can do an ls under /var/db/freebsd-update to see how many files are being downloaded. Have you tried running the command again? -jgh Kurt netmon/root 23:47 2010-09-30 root 0# freebsd-update -r 8.1-RELEASE upgrade Looking up update.FreeBSD.org mirrors... 4 mirrors found. Fetching metadata signature for 7.1-RELEASE from update2.FreeBSD.org... done. Fetching metadata index... done. Fetching 1 metadata patches. done. Applying metadata patches... done. Fetching 1 metadata files... done. Inspecting system... done. The following components of FreeBSD seem to be installed: kernel/generic src/base src/bin src/cddl src/contrib src/crypto src/etc src/games src/gnu src/include src/krb5 src/lib src/libexec src/release src/rescue src/sbin src/secure src/share src/sys src/tools src/ubin src/usbin world/base world/catpages world/dict world/doc world/games world/info world/manpages The following components of FreeBSD do not seem to be installed: world/proflibs Does this look reasonable (y/n)? y Fetching metadata signature for 8.1-RELEASE from update2.FreeBSD.org... done. Fetching metadata index... done. Fetching 1 metadata patches. done. Applying metadata patches... done. Fetching 1 metadata files... done. Inspecting system... done. Fetching files from 7.1-RELEASE for merging... done. Preparing to download files... done. Fetching 16008 patches.. done. Applying patches... done. Fetching 36199 files... failed. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org