Re: freebsd list admins?
On Tue, 21 Jun 2011, Robert Simmons wrote: On Tuesday, June 21, 2011 06:03:23 PM Julian H. Stacey wrote: The traffic on questions@ has now become very heavy. Traffic too heavy in fact, a mess of themes, Some traffic would be better posted to hackers@ or current@ or other more specialist lists Also, one place that is lower traffic, nearly spam free, and has consistently decent answers is USENET comp.unix.bsd.freebsd.misc and it's not even official. However, I would assume this is due to the fact that September has permanently ended and will never return to USENET, so only serious users can be found lurking there. forums.freebsd.org doesn't require a news server and is far more active. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: freebsd list admins?
On 06/22/2011 08:31 AM, Warren Block wrote: On Tue, 21 Jun 2011, Robert Simmons wrote: On Tuesday, June 21, 2011 06:03:23 PM Julian H. Stacey wrote: The traffic on questions@ has now become very heavy. Traffic too heavy in fact, a mess of themes, Some traffic would be better posted to hackers@ or current@ or other more specialist lists Also, one place that is lower traffic, nearly spam free, and has consistently decent answers is USENET comp.unix.bsd.freebsd.misc and it's not even official. However, I would assume this is due to the fact that September has permanently ended and will never return to USENET, so only serious users can be found lurking there. forums.freebsd.org doesn't require a news server and is far more active. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org hello If anyone knows some free USENET servers I would be happy to know it in France it becomes VERY hard to find one and I would like to setup one BUT I need some feeders ! I don't care about alt.* but we need the big 8 *comp.* http://en.wikipedia.org/wiki/Comp.*_hierarchy* *humanities.* http://en.wikipedia.org/w/index.php?title=Humanities.*_hierarchyaction=editredlink=1* *misc.* http://en.wikipedia.org/w/index.php?title=Misc.*_hierarchyaction=editredlink=1* *news.* http://en.wikipedia.org/w/index.php?title=News.*_hierarchyaction=editredlink=1* *rec.* http://en.wikipedia.org/w/index.php?title=Rec.*_hierarchyaction=editredlink=1* *sci.* http://en.wikipedia.org/wiki/Sci.*_hierarchy** soc.* http://en.wikipedia.org/w/index.php?title=Soc.*_hierarchyaction=editredlink=1* *talk.* http://en.wikipedia.org/w/index.php?title=Talk.*_hierarchyaction=editredlink=1* Thanks and sorry for that offlist question ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Two Networks on one System
2011-06-21 13:28, Martin McCormick skrev: Here is what the issue is right now. The remote campus in question has been on number space that was part of our Class B network. They got a block of subnets for their DNS's and campus enterprises and work stations. We secured them their own number space and they are migrating from their portion of our network to their new network and both nets are presented routable from the rest of the world. If you do a whois query for their domain, you get the address on our network of their primary DNS. When one updates the whois data, there is a lag of some hours until new queries start going to the new address of their primary DNS. In the mean time, we don't really care but we would like for the new interface for the primary to be reachable so that the minute the information changes, we're answering lookups. After that point, we will permanently take down the old interface address on our network and probably reboot with the normal configuration now being the new IP address. The problem I have, probably due to a misunderstanding of what I need to do, is easy to describe. The defaultrouter statement in rc.conf or route add default x.x.x.x Have you tried route add netA netB or route add netB netA from the command line sets an interface to know that packets whose destinations or sources that are outside the subnet go to that default gateway. When I set up the secondary interface, I have not been able to come up with a statement or statements that tell fxp1 that it's default router is y.y.y.y so you can't ever reach it from outside the new subnet. Once traffic ever gets in to the system, it will probably stay together based on the interface where it came from, but it won't have to do it for hopefully more than a few hours. I have tried both a second physical connection and an alias and have ended up with the same behavior each time. Since we have the second NIC active, I prefer to use it if I can ever get it to use its router just like the primary interface does. Right now, I can get on to our secondary DNS which is in the same subnet as the new address for the primary and log right in to the primary through the new interface. From anywhere else on the Earth, that new address is as dead as a doornail. I certainly appreciate every posting so far as routing is one of the thorniest issues one can encounter in networking so the more one is aware of, the less head-scratching and frustration there is. Martin McCormick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Two Networks on one System
On 6/22/11 9:16 AM, Bernt Hansson wrote: 2011-06-21 13:28, Martin McCormick skrev: Here is what the issue is right now. The remote campus in question has been on number space that was part of our Class B network. They got a block of subnets for their DNS's and campus enterprises and work stations. We secured them their own number space and they are migrating from their portion of our network to their new network and both nets are presented routable from the rest of the world. If you do a whois query for their domain, you get the address on our network of their primary DNS. When one updates the whois data, there is a lag of some hours until new queries start going to the new address of their primary DNS. In the mean time, we don't really care but we would like for the new interface for the primary to be reachable so that the minute the information changes, we're answering lookups. After that point, we will permanently take down the old interface address on our network and probably reboot with the normal configuration now being the new IP address. The problem I have, probably due to a misunderstanding of what I need to do, is easy to describe. The defaultrouter statement in rc.conf or route add default x.x.x.x Have you tried route add netA netB or route add netB netA No offense but please do not give random, untested advice. What you just wrote reads as: - if you want to go to network A, do that through network B - if you want to go to network B, do that through network A Now can you see some kind of a loop forming here ? Solutions to the OP's problem have been given already: - PF's reply-to option has been discussed at length. - FreeBSD's own setfib was also briefly discussed Note this requires a kernel option override as seen here: http://forums.freebsd.org/showthread.php?t=888 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
'mount -u' stumper
Environment is FreeBSD 7.2 i386 I have a Berkeley FFS filesystem that is mounted ro at boot time. If I do a 'mount -u' to make it writable, it _is_ made writable, but soft-updates' is also set. Incidentally, does anybody know _where_ the 'soft-updates' optioon is documented?? I've looked evereywhere I can think of, brute-force grepped wholee sections of the /usr/share/man directory tree, all without succeess. If I use 'mount -u -r' to return it to the readonly state, 'soft-updates' is *still* set. _HOW_ do I make'soft-updates' go away on a mounted filesystem ?? 'umount' and then 'mount' does the trick, but it is no a viable production' option. THe underlying situation -- the need to make the filesystem writable -- comes up only rarely, and it doesn't seem to hurt anything if the filesystem is left with soft-updates set, but I _would_ like to clear it, because it *is* logically inconsistant with the read-only status of the filesystem. Anybody got a bright idea I haven't thought of? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 'mount -u' stumper
From er...@midgard.homeip.net Wed Jun 22 06:51:47 2011 Date: Wed, 22 Jun 2011 13:51:00 +0200 From: Erik Trulsson ertr1...@student.uu.se To: Robert Bonomi bon...@mail.r-bonomi.com Cc: freebsd-questions@freebsd.org Subject: Re: 'mount -u' stumper On Wed, Jun 22, 2011 at 06:45:27AM -0500, Robert Bonomi wrote: Environment is FreeBSD 7.2 i386 I have a Berkeley FFS filesystem that is mounted ro at boot time. If I do a 'mount -u' to make it writable, it _is_ made writable, but soft-updates' is also set. Incidentally, does anybody know _where_ the 'soft-updates' optioon is documented?? I've looked evereywhere I can think of, brute-force grepped wholee sections of the /usr/share/man directory tree, all without succeess. If I use 'mount -u -r' to return it to the readonly state, 'soft-updates' is *still* set. _HOW_ do I make'soft-updates' go away on a mounted filesystem ?? 'umount' and then 'mount' does the trick, but it is no a viable production' option. THe underlying situation -- the need to make the filesystem writable -- comes up only rarely, and it doesn't seem to hurt anything if the filesystem is left with soft-updates set, but I _would_ like to clear it, because it *is* logically inconsistant with the read-only status of the filesystem. Anybody got a bright idea I haven't thought of? To change if a given filesystem should use soft-updates or not you use tunefs(8) on that filesystem. (Read the manpage to find exact syntax.) Note that this cannot be done on a filsystem which is mounted read/write - only on filesystems that are unmounted or mounted read-only. -- Insert your favourite quote here. Erik Trulsson ertr1...@student.uu.se From er...@midgard.homeip.net Wed Jun 22 06:51:47 2011 Date: Wed, 22 Jun 2011 13:51:00 +0200 From: Erik Trulsson ertr1...@student.uu.se To: Robert Bonomi bon...@mail.r-bonomi.com Cc: freebsd-questions@freebsd.org Subject: Re: 'mount -u' stumper On Wed, Jun 22, 2011 at 06:45:27AM -0500, Robert Bonomi wrote: Environment is FreeBSD 7.2 i386 I have a Berkeley FFS filesystem that is mounted ro at boot time. If I do a 'mount -u' to make it writable, it _is_ made writable, but soft-updates' is also set. Incidentally, does anybody know _where_ the 'soft-updates' optioon is documented?? I've looked evereywhere I can think of, brute-force grepped wholee sections of the /usr/share/man directory tree, all without succeess. If I use 'mount -u -r' to return it to the readonly state, 'soft-updates' is *still* set. _HOW_ do I make'soft-updates' go away on a mounted filesystem ?? 'umount' and then 'mount' does the trick, but it is no a viable production' option. THe underlying situation -- the need to make the filesystem writable -- comes up only rarely, and it doesn't seem to hurt anything if the filesystem is left with soft-updates set, but I _would_ like to clear it, because it *is* logically inconsistant with the read-only status of the filesystem. Anybody got a bright idea I haven't thought of? To change if a given filesystem should use soft-updates or not you use tunefs(8) on that filesystem. (Read the manpage to find exact syntax.) Note that this cannot be done on a filsystem which is mounted read/write - only on filesystems that are unmounted or mounted read-only. Agreed with all of that, but it doesn't directly address my issue. When I need the filesystem read/write, I don't mind having soft-updates on. When the filesysem is mounted RO from an _unmounted_ state, soft-updates are _not_ set, even if the filesystem 'tunable' has soft-updates enabled. This is well-and-good, since it it a 'meaningless' setting with regard to a RO filsystem. When that filesystm is remounted R/W, then softupdates are enabled. So far, so good. This is desirable for a R/W filesystem. However, when I revert the filesystem to RO, 'soft-updates' (now _meaningless_) is still displayed. Obviously, you can't do any updates, sync, async, OR 'soft', on a RO filesystem. So that 'dangling' flag is at the very least misleading, and _may_ lead to searching in the wrong direction in the event of other errors. Since it isn't set when the system is _mounted_ RO, it would be 'nice' if it were cleared, when the filesystem status is 'downgraded'(??:) to RO. 'mount(8)' currently doesn't do this on an 'update' mount, although it -does- do it on an initial mount. Inconsistent behavior. I was looking for an existing methodology to make the 'update' mount behavior with an initial mount. It may be that I'm going to have to hack the mount(8) source code to accomplish this. Should be a -minor- patch, only a couple of lines of code. wry grin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to
Re: 'mount -u' stumper
From owner-freebsd-questi...@freebsd.org Wed Jun 22 07:11:09 2011 Date: Wed, 22 Jun 2011 13:10:35 +0100 From: RW rwmailli...@googlemail.com To: freebsd-questions@freebsd.org Subject: Re: 'mount -u' stumper On Wed, 22 Jun 2011 06:45:27 -0500 (CDT) Robert Bonomi wrote: Environment is FreeBSD 7.2 i386 I have a Berkeley FFS filesystem that is mounted ro at boot time. If I do a 'mount -u' to make it writable, it _is_ made writable, but soft-updates' is also set. Incidentally, does anybody know _where_ the 'soft-updates' optioon is documented?? I've looked evereywhere I can think of, brute-force grepped wholee sections of the /usr/share/man directory tree, all without succeess. If I use 'mount -u -r' to return it to the readonly state, 'soft-updates' is *still* set. _HOW_ do I make'soft-updates' go away on a mounted filesystem ?? It's set because sysinstall uses newfs -U by default for non-root filesystems. You can turn it off with tunefs, although I don't see what difference it makes if it's mounted ro. That's a large part of why I want to make it 'go away'. It _is_ a lie on a RO system. Meaningless, and 'misleading' if you don't see the RO option as well. When the filesystem _does_ need to be RW, I _want_ softupdates enabled. It's a 'good thing' then;. When it's initially mounted RO softupdates are _visibly_ off. I just want to restore that precise situaion/presentation when i 'update' mount thefilesystem to RO. Looks like I'm going mount(8) and/or kernel hacking. a ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
NFS zfs serveur (hardware question)
Hi all, I'm planning to change my data NFS server. For 60 clients. I wanted to serv NFS for data over NFS and also for diskless host (http://projets.mathrice.org/faddef/cgi-bin/trac.cgi). Here is the harware I chose : a little proc : 1.6 Ghz Xeon 4 coeurs (mono) : It's seems that on a such server the proc is just Waiting for IO... !? a lot of Ram : 24 Go speedy disk : Sas 15K : to limit IO Wait What do you think of a such conf ? -- M ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: NFS zfs serveur (hardware question)
On Wed, 22 Jun 2011 08:41:58 -0500, Michel Le Cocq miconof80.l...@gmail.com wrote: speedy disk : Sas 15K : to limit IO Wait The more spindles the better. Get more disks if possible. Regards, Mark ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 'mount -u' stumper
On Wed, 22 Jun 2011 07:54:53 -0500 (CDT) Robert Bonomi wrote: That's a large part of why I want to make it 'go away'. It _is_ a lie on a RO system. Meaningless, and 'misleading' if you don't see the RO option as well. When the filesystem _does_ need to be RW, I _want_ softupdates enabled. It's a 'good thing' then;. When it's initially mounted RO softupdates are _visibly_ off. I just want to restore that precise situaion/presentation when i 'update' mount thefilesystem to RO. I'd argue the other way around, that mount should display what's configured even if some options do nothing in combination. noatime and async also do nothing in combination with ro, but mount will still display them: # mount -o ro,noatime,async /dev/md31 /mnt/t # mount | grep md31 /dev/md31 on /mnt/t (ufs, asynchronous, local, noatime, read-only) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: dnssec with freebsd's resolver(3)
On Mon, Jun 20, 2011 at 06:17:23AM +0100, Matthew Seaman wrote: On 20/06/2011 01:37, Leon Meßner wrote: does the freebsd resolver(3) support sending the DO bit in queries and thus do DNSSEC validation ? I tried using ssh with SSHFP RR's in a signed zone but i still get the insecure Key message from ssh on FreeBSD (works on some other OS). My understanding is that the stub resolver in the base system does not handle any DNSSEC functionality. It's not clear (at least to me) that DO bit processing in stub resolvers is very useful -- without support in the recursive resolver you use upstream, it won't work, but if your recursive resolver does DO processing, then you don't need it in your stub resolver. Ok, my recursive resolver does DO processing. How do i tell ssh to set the bit ? Doesn't ssh use my base system stub resolveer to query my in resolv.conf configured DNS ? thanks, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: dnssec with freebsd's resolver(3)
On 6/22/11 2:56 PM, Leon Meßner l.mess...@physik.tu-berlin.de wrote: On Mon, Jun 20, 2011 at 06:17:23AM +0100, Matthew Seaman wrote: On 20/06/2011 01:37, Leon Meßner wrote: does the freebsd resolver(3) support sending the DO bit in queries and thus do DNSSEC validation ? I tried using ssh with SSHFP RR's in a signed zone but i still get the insecure Key message from ssh on FreeBSD (works on some other OS). My understanding is that the stub resolver in the base system does not handle any DNSSEC functionality. It's not clear (at least to me) that DO bit processing in stub resolvers is very useful -- without support in the recursive resolver you use upstream, it won't work, but if your recursive resolver does DO processing, then you don't need it in your stub resolver. Ok, my recursive resolver does DO processing. How do i tell ssh to set the bit ? Doesn't ssh use my base system stub resolveer to query my in resolv.conf configured DNS ? I'm not sure what you mean by DO processing, but validation requires a little more than issuing queries w/ the DO bit set (that has been the default in BIND for a while). You need to have the root (or some other) trust-anchor configured, and you need to enable DNSSEC validation in your named.conf. Only after that will you see the AD bit at the stub. Eric ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD ZFS system
On 21 June 2011 21:23, Matthew Seaman m.sea...@infracaninophile.co.ukwrote: On 21/06/2011 20:01, Dick Hoogendijk wrote: I'd like to install FreeBSD (pcbsd) on a (zfs) mirror In OpenSolaris you can install directly to the zfs mirror, but how's this in this situation After all, an UFS partitin is also created. How can I get the equivalent of an OpenSolaris mirrored install for a FreeBSD system? http://wiki.freebsd.org/RootOnZFS/GPTZFSBoot/Mirror Cheers Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW its dead easy to do retrospective as well no need to rebuild or ditch the pcbsd install method. X = current boot drive Y = blank drive z = zfs partition/slice eg s1d, p3 etc gpart backup /dev/X | gpart restore /dev/Y gpart bootcode -b /zfsboot/pmbr -p /zfsboot/(gpt)*zfsboot -i 1 /dev/Y zpool attach pool /dev/Xz /dev/Yz ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD ZFS system
ps you dont need the ufs file system just go zfs root. For recovery have a full install of bsd on a pen drive. On 22 June 2011 21:22, krad kra...@gmail.com wrote: On 21 June 2011 21:23, Matthew Seaman m.sea...@infracaninophile.co.ukwrote: On 21/06/2011 20:01, Dick Hoogendijk wrote: I'd like to install FreeBSD (pcbsd) on a (zfs) mirror In OpenSolaris you can install directly to the zfs mirror, but how's this in this situation After all, an UFS partitin is also created. How can I get the equivalent of an OpenSolaris mirrored install for a FreeBSD system? http://wiki.freebsd.org/RootOnZFS/GPTZFSBoot/Mirror Cheers Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW its dead easy to do retrospective as well no need to rebuild or ditch the pcbsd install method. X = current boot drive Y = blank drive z = zfs partition/slice eg s1d, p3 etc gpart backup /dev/X | gpart restore /dev/Y gpart bootcode -b /zfsboot/pmbr -p /zfsboot/(gpt)*zfsboot -i 1 /dev/Y zpool attach pool /dev/Xz /dev/Yz ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ZFS on Root
On 22 June 2011 01:47, Chris Brennan xa...@xaerolimit.net wrote: * Peter Toth free...@snap.net.nz [2011-06-22 12:16:11 +1200]: Did you set the bootfs property on your root pool? Example: zpool set bootfs=tank/root tank OK, I booted back to the livefs memostick, imported my zpool (tank) and zpool promptly tells me the following Fixit# zpool set bootfs=tank/root tank cannot set property for 'tank': no such pool or dataset. Fixit But ... there is! It was a great tip and a worthy try. But it didn't work, got any more idea's? -- Chris Brennan -- A: Yes. Q: Are you sure? A: Because it reverses the logical flow of conversation. Q: Why is top posting frowned upon? http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org I never have the os installed in the rootfs of the pool ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ZFS on Root
On 22 June 2011 21:31, krad kra...@gmail.com wrote: On 22 June 2011 01:47, Chris Brennan xa...@xaerolimit.net wrote: * Peter Toth free...@snap.net.nz [2011-06-22 12:16:11 +1200]: Did you set the bootfs property on your root pool? Example: zpool set bootfs=tank/root tank OK, I booted back to the livefs memostick, imported my zpool (tank) and zpool promptly tells me the following Fixit# zpool set bootfs=tank/root tank cannot set property for 'tank': no such pool or dataset. Fixit But ... there is! It was a great tip and a worthy try. But it didn't work, got any more idea's? -- Chris Brennan -- A: Yes. Q: Are you sure? A: Because it reverses the logical flow of conversation. Q: Why is top posting frowned upon? http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org I never have the os installed in the rootfs of the pool sorry finger fart, ill continue I have a separate tree for the os, as per below (modelled on opensolaris). Make sure the fs you boot off is also set to legacy mountpoint. Also make sure your bootloader is a zfs aware one [root@carrera /home/krad]# df / Filesystem SizeUsed Avail Capacity Mounted on system-4k/be/root20110604597G5.5G591G 1%/ [root@carrera /home/krad]# zfs list | grep be system-4k/be 55.0G 592G 180K /system-4k/be system-4k/be/current 1.51G 592G 1017M legacy system-4k/be/root20110226 2.80G 592G 882M legacy system-4k/be/root20110302 3.24G 592G 882M legacy system-4k/be/root20110306 1.32G 592G 882M legacy system-4k/be/root20110312 1.36G 592G 923M legacy system-4k/be/root20110416 1.47G 592G 1.14G /system-4k/be/root20110416 system-4k/be/root20110430 1.47G 592G 1.15G legacy system-4k/be/root20110505 2.11G 592G 1.78G legacy system-4k/be/root20110506 4.01G 592G 3.37G legacy system-4k/be/root20110604 6.23G 592G 5.50G /system-4k/be/root20110604 system-4k/be/tmp 900K 594G 384K /tmp system-4k/be/usr-local4.00G 592G 1.78G /usr/local/ system-4k/be/usr-obj 4.45G 592G 1.45G /usr/obj system-4k/be/usr-ports9.47G 592G 3.84G /usr/ports system-4k/be/usr-ports/distfiles 2.96G 592G 1.77G /usr/ports/distfiles system-4k/be/usr-src 1.56G 592G 1006M /usr/src system-4k/be/var 8.04G 592G 1.03G /var system-4k/be/var/log 6.68G 592G 4.76G /var/log system-4k/be/var/mysql82.5M 592G 33.9M /var/db/mysql [root@carrera /home/krad]# zpool get bootfs system-4k NAME PROPERTY VALUE SOURCE system-4k bootfssystem-4k/be/root20110604 local ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
List of Servers for FreeBSD and Ports Updates...
Hi, I am working on a network which uses a http/ftp proxy that prompts by default for user permission before downloading any file. In order to be able to keep my system up-to-date (FreeBSD and ports), I have to white list the FreeBSD servers and directories that need to be accessible, because otherwise I can only download files through a web browser, which is obviously extremely painful. Also only the HTTP and FTP protocols are allowed on my network, so CVSUP is not allowed. So my current plan is to update FreeBSD using the following tools: 1-Port directory update through portsnap 2-FreeBSD src update through CTM 3-Port updates through distfiles and/or packages I think 1- and 2- are quite straightforward. To allow 1- I need to white list the whole content of http://portsnap.freebsd.org/ . To allow 2- I need to white list the content of ftp://ftp.freebsd.org/pub/FreeBSD/CTM/ . That should be sufficient, right? The main issue I have though is with 3-. MASTER_SITE_BACKUP and MASTER_SITE_OVERRIDE variables are no longer recognized in /etc/make.conf, right? How can I force FreeBSD to pull distfiles and packages from ftp://ftp.freebsd.org/pub/FreeBSD/ports ? Also what is the difference between ftp://ftp.freebsd.org/pub/FreeBSD/distfiles and ftp://ftp.freebsd.org/pub/FreeBSD/ports/distfiles ? I guess one of the directories is aliased to point to the other, right? Thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Required HTTP/FTP Servers for FreeBSD and Ports Updates?
Hi, I am working on a network which uses a http/ftp proxy that prompts by default for user permission before downloading any file. In order to be able to keep my system up-to-date (FreeBSD and ports), I have to white list the FreeBSD servers and directories that need to be accessible, because otherwise I can only download files through a web browser, which is obviously extremely painful. Also only the HTTP and FTP protocols are allowed on my network, so CVSUP is not allowed. So my current plan is to update FreeBSD using the following tools: 1-Port directory update through portsnap 2-FreeBSD src update through CTM 3-Port updates through distfiles and/or packages I think 1- and 2- are quite straightforward. To allow 1- I need to white list the whole content of http://portsnap.freebsd.org/ . To allow 2- I need to white list the content of ftp://ftp.freebsd.org/pub/FreeBSD/CTM/ . That should be sufficient, right? The main issue I have though is with 3-. MASTER_SITE_BACKUP and MASTER_SITE_OVERRIDE variables are no longer recognized in /etc/make.conf, right? How can I force FreeBSD to pull distfiles and packages from ftp://ftp.freebsd.org/pub/FreeBSD/ports ? Also what is the difference between ftp://ftp.freebsd.org/pub/FreeBSD/distfiles and ftp://ftp.freebsd.org/pub/FreeBSD/ports/distfiles ? I guess one of the directories is aliased to point to the other, right? Thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 'mount -u' stumper
From owner-freebsd-questi...@freebsd.org Wed Jun 22 10:57:33 2011 Date: Wed, 22 Jun 2011 16:56:07 +0100 From: RW rwmailli...@googlemail.com To: freebsd-questions@freebsd.org Subject: Re: 'mount -u' stumper On Wed, 22 Jun 2011 07:54:53 -0500 (CDT) Robert Bonomi wrote: That's a large part of why I want to make it 'go away'. It _is_ a lie on a RO system. Meaningless, and 'misleading' if you don't see the RO option as well. When the filesystem _does_ need to be RW, I _want_ softupdates enabled. It's a 'good thing' then;. When it's initially mounted RO softupdates are _visibly_ off. I just want to restore that precise situaion/presentation when i 'update' mount thefilesystem to RO. I'd argue the other way around, that mount should display what's configured even if some options do nothing in combination. I wouldn't argue very hard about that. what I _really_ want is 'consistency', As it is, If I have updated mounted the RO filesystem as RW, and then update mount it again, _back_to_ RO, I get a security alert overnight because things aren't the same as they were previously. Insult to injury, next time I reboot -- even _months_ later -- I get *_another* bogus security alert, because 'soft-updates' has (finally!) disappeared from the mount listing.. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: dnssec with freebsd's resolver(3)
On 22/06/2011 20:02, Osterweil, Eric wrote: On 6/22/11 2:56 PM, Leon Meßner l.mess...@physik.tu-berlin.de wrote: On Mon, Jun 20, 2011 at 06:17:23AM +0100, Matthew Seaman wrote: On 20/06/2011 01:37, Leon Meßner wrote: does the freebsd resolver(3) support sending the DO bit in queries and thus do DNSSEC validation ? I tried using ssh with SSHFP RR's in a signed zone but i still get the insecure Key message from ssh on FreeBSD (works on some other OS). My understanding is that the stub resolver in the base system does not handle any DNSSEC functionality. It's not clear (at least to me) that DO bit processing in stub resolvers is very useful -- without support in the recursive resolver you use upstream, it won't work, but if your recursive resolver does DO processing, then you don't need it in your stub resolver. Ok, my recursive resolver does DO processing. How do i tell ssh to set the bit ? Doesn't ssh use my base system stub resolveer to query my in resolv.conf configured DNS ? I'm not sure what you mean by DO processing, but validation requires a little more than issuing queries w/ the DO bit set (that has been the default in BIND for a while). You need to have the root (or some other) trust-anchor configured, and you need to enable DNSSEC validation in your named.conf. Only after that will you see the AD bit at the stub. Actually, typically with a correctly configured validating resolver, as an end user issuing queries from the system's stub resolver, you'll only see responses with data that is either: -- completely unsigned -- signed, and that validates correctly Data that doesn't validate correctly is discarded. Better make sure your DNSSEC setup is correctly maintained and updated, or your domains may effectively disappear from the net. validates correctly is a function of how your recursive resolver is configured: for instance, you will probably want to trust DLV secured data until authentication paths up to the root become more prevalent in all corners of the DNS. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: Embedding a RCS token in uname -i
On Tue, 21 Jun 2011 20:21:46 -0600 (MDT), Dennis Glatting free...@penx.com said: D My goal is to provide a mechanism where I can identify that kernels D built on a group of machines are running the same kernel built from a D configuration under RCS. How can I customized the current config and D build mechanisms to accomplish this? Make your changes to the file GENERIC.in, run a small script to create GENERIC with the stuff you want, and then do your build. D Is it a dumb idea? I don't think so. See below for one way to do it; the script includes a sanity check to make sure your build config file has been checked in. -- Karl Vogel I don't speak for the USAF or my company Mr. Rogers was an ordained minister.--item for a lull in conversation --- me% cat -n GENERIC.in 1 # $Revision: 1.2 $ $Date: 2011/06/22 18:13:14 $ 2 3 cpu HAMMER 4 ident GENERIC 5 ... me% ./mkgen me% cat -n GENERIC 1 # THIS FILE WAS AUTOMATICALLY GENERATED. GENERIC.in is under 2 # revision control, so please make your changes there. 3 # 4 # $Revision: 1.2 $ $Date: 2011/06/22 18:13:14 $ 5 6 cpu HAMMER 7 ident GENERIC-1.2-20110622 8 ... me% cat mkgen #!/bin/ksh #mkgen: Get version and date info from GENERIC.in, write GENERIC export PATH=/usr/local/bin:/bin:/usr/bin in=GENERIC.in out=GENERIC if rcsdiff -q $in /dev/null; then echo updating $out else echo $in needs to be checked in exit 0 fi nawk -v ifile=$in 'BEGIN { warn1 = # THIS FILE WAS AUTOMATICALLY GENERATED. warn2 = # revision control, so please make your changes there.\n# } { if ($0 ~ /Revision:/) { print warn1, ifile, is under print warn2 print gsub(/, ) id = sprintf(%s-%s%s%s, $3, $6, $7, $8) } else if ($0 ~ /^ident/) { print $0 - id } else print }' $in $out exit 0 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
gpu support for modern systems
hi there, modern systems with their suffisticated gpus provide quite a potential for moving some of the workload from cpu to gpu. for certain stuff gpus are much faster than cpus, like number crunching or encoding/decoding multimedia contents. anybody who is using mplayer(1) in combination with nvidia cards and vdpau has probably experienced how much faster and less cpu intensive things can work out when decoding HD video stuff e.g. since opencl/cuda isn't available under freebsd, it doesn't seem possible to somehow hook the nvidia gpu into the every day freebsd workload that easily. however the newer generations of CPUs, like intel sandybridge include hardwired gpus (quick sync?) and i guess intel provides an open api for that. it would be really great to do something like: `kldload intel_gpu.ko` ...and have the kernel offload certain computations to the gpu. maybe, with the gpu serving as a second cpu, it would be even possible to ensure 100% uptime with loading a copy of the kernel to the gpu, pointing the instruction pointer at it, loading a new kernel version onto the cpu and switching to the new kernel. :) cheers. alex ps: sorry for not being that accurate here and there, just reading up on sandybridge cpus and the z68 chipset, because i'm in the middle of upgrading my box. ;) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: gpu support for modern systems
On Thu, Jun 23, 2011 at 6:43 AM, Alexander Best arun...@freebsd.org wrote: hi there, modern systems with their suffisticated gpus provide quite a potential for moving some of the workload from cpu to gpu. for certain stuff gpus are much faster than cpus, like number crunching or encoding/decoding multimedia contents. anybody who is using mplayer(1) in combination with nvidia cards and vdpau has probably experienced how much faster and less cpu intensive things can work out when decoding HD video stuff e.g. since opencl/cuda isn't available under freebsd, it doesn't seem possible to somehow hook the nvidia gpu into the every day freebsd workload that easily. PathScale has HMPP and partial CUDA support on FreeBSD now. Some caveats to this 1) Non-free (We could possibly make the tools free for FreeBSD community, but I'd have to get approval for it) 2) CUDA support isn't complete (Basic core is there and HMPP C/Fortran works) 3) Tesla 20xx series only We offer real support for FreeBSD and it's not using any linux emulator hacks. Let me know if anyone is interested. (If we get enough positive feedback I'll pursue some resolution to #1) ./C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Any working SIP-phone on FreeBSD?
On Jun 20, 2011, at 10:46 AM, Chad Perrin wrote: . . . and, somehow, social convention tells me it would be rude to let this person know (for next time) that everything will be much easier for everyone if the data is just left in its original format. Oh, I'd have sent an email saying sorry, your data is not in the required format. See the requirements at (url, or other way where it's specified.). If you didn't specify the format, well, stop bitching, because it's your own fault. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: pw buggy behaviour
I feel summer creepin' in and I'm tired of this town again, freebsd-questions! 2011/06/20 13:37:13 +0300 Коньков Евгений kes-...@yandex.ru = To Коньков Евгений : КЕ #cat /etc/master.passwd | grep quagga КЕ quagga:*:101:101::0:0:Quagga КЕ # pw user show quagga КЕ pw: no such user `quagga' the command pwd_mkdb /etc/master.passwd resolves the problem, but why this happen is strange... This is because FreeBSD reads its users from /etc/pwddb* database 73! Peter pgp: A0E26627 (4A42 6841 2871 5EA7 52AB 12F8 0CE1 4AAC A0E2 6627) -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Any working SIP-phone on FreeBSD?
On Wed, Jun 22, 2011 at 10:08:59PM -0500, David Scheidt wrote: On Jun 20, 2011, at 10:46 AM, Chad Perrin wrote: . . . and, somehow, social convention tells me it would be rude to let this person know (for next time) that everything will be much easier for everyone if the data is just left in its original format. Oh, I'd have sent an email saying sorry, your data is not in the required format. See the requirements at (url, or other way where it's specified.). If you didn't specify the format, well, stop bitching, because it's your own fault. You appear prone to leaping to assumption and being kind of an asshole. I specified the format. This is not, however, a strictly business relationship -- so different social rules apply, much to my dismay. -- Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] pgpJRC8WHvOU7.pgp Description: PGP signature