jail vnet bug
Hi all,
Not sure if this is a bug, but I'm using 8.1-RELEASE-p4 with VIMAGE enabled and
am experiencing something odd.
I set sysctl security.jail.mount_allowed=1 and then fire up a jail, all is good
(jail has value of 1).
I then set sysctl security.jail.enforce_statfs=1 and then restart the jail.
Again, all is good (jail has value of 1).
I then fire up my vimage jails, and all is bad. Values still show 0
(mount_allowed) and 2 (enforce_statfs).
So I went into the kernel and forced their default values, which appeared to
work, but only partly.
The following [undesirable] patch was enough to get enforce_statfs working:
--- sys/kern/kern_jail.c.orig 2011-08-26 23:41:27.0 -0700+++
sys/kern/kern_jail.c2011-08-27 00:44:45.0 -0700
@@ -202,7 +202,7 @@
#defineJAIL_DEFAULT_ALLOW PR_ALLOW_SET_HOSTNAME
-#defineJAIL_DEFAULT_ENFORCE_STATFS 2
+#defineJAIL_DEFAULT_ENFORCE_STATFS 1
static unsigned jail_default_allow = JAIL_DEFAULT_ALLOW;
static int jail_default_enforce_statfs = JAIL_DEFAULT_ENFORCE_STATFS;
#if defined(INET) || defined(INET6)
However, the following [equally undesirable] patch was NOT enough to get
mount(8) to work:
@@ -4113,4 +4114,4 @@
SYSCTL_PROC(_security_jail, OID_AUTO, mount_allowed,
CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
-NULL, PR_ALLOW_MOUNT, sysctl_jail_default_allow, I,
+(void *)1, PR_ALLOW_MOUNT, sysctl_jail_default_allow, I,
Processes in jail can mount/unmount jail-friendly file systems);
Here's what I'm getting for an error...
vnettest# ifconfig
lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST metric 0 mtu 16384
options=3RXCSUM,TXCSUM
inet 127.0.0.1 netmask 0xff00
epair0b: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500
ether XX:XX:XX:XX:XX:XX
inet X.X.X.X netmask 0xff00 broadcast X.X.X.X
vnettest# sysctl security.jail.{jailed,mount_allowed,enforce_statfs}
security.jail.jailed: 1
security.jail.mount_allowed: 1
security.jail.enforce_statfs: 1
vnettest# mount build1:/repos /mnt
mount_nfs: /mnt, : Operation not permitted
Meanwhile, over in the jail (non-vnet):
vnettest# ifconfig -l
bge0 fxp0 plip0 ipfw0 lo0 epair0a bridge0
vnettest# sysctl security.jail.{jailed,mount_allowed,enforce_statfs}
security.jail.jailed: 1
security.jail.mount_allowed: 0
security.jail.enforce_statfs: 1
vnettest# mount build1:/repos /mnt
vnettest# df -Th
Filesystem Type SizeUsed Avail Capacity Mounted on
/dev/ad4s1fufs 137G4.1G122G 3%/
devfs devfs1.0K1.0K 0B 100%/dev
build1:/repos nfs 99G 63G 29G69%/mnt
vnettest# umount /mnt
vnettest# df -Th
Filesystem Type SizeUsed Avail Capacity Mounted on
/dev/ad4s1f ufs 137G4.1G122G 3%/
devfsdevfs1.0K1.0K 0B 100%/dev
Any advice would be helpful. The core issue is that we've finally achieved NFS
mounting within a jail (many thanks to Martin Matuska for his patch), but are
not able to replicate our success in a vnet jail.
--
Devin
_
The information contained in this message is proprietary and/or confidential.
If you are not the intended recipient, please: (i) delete the message and all
copies; (ii) do not disclose, distribute or use the message in any manner; and
(iii) notify the sender immediately. In addition, please be aware that any
message addressed to our domain is subject to archiving and review by persons
other than the intended recipient. Thank you.
_
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: how can I use portmaster to update but skip a package
On Fri, Aug 26, 2011 at 11:08 PM, Warren Block wbl...@wonkity.com wrote: On Fri, 26 Aug 2011, Antonio Olivares wrote: Is there a way to update most packages except this one? See man portmaster | less +2/-x Running # portmaster -a -x libreoffice does the trick :) Thanks very much. I ran the man portmaster and could not find the right switch :( It has many options. This is why I asked to be sure. Thanks to all for replying. It makes things easier when there are nice folks that can provide help when one asks for it. Regards, Antonio ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: how can I use portmaster to update but skip a package
On Sat, Aug 27, 2011 at 6:01 AM, ajtiM lum...@gmail.com wrote: On Saturday 27 August 2011 00:56:20 Randal L. Schwartz wrote: I use: portmaster -ai I ask you if you want to install or not. Mitja Will it prompt me for every package? Or just for the ones that are failing? @all I succeeded in updating like 5 packages out of 21, but now gnome-mount does not compile :( gnome-mount.c:44:30: error: libnotify/notify.h: No such file or directory gnome-mount.c:1552: error: expected '=', ',', ';', 'asm' or '__attribute__' before '*' token gnome-mount.c:1558: error: expected ')' before '*' token gnome-mount.c: In function 'unmount_cache_timeout_func': gnome-mount.c:1578: error: 'unmount_note' undeclared (first use in this function) gnome-mount.c:1578: error: (Each undeclared identifier is reported only once gnome-mount.c:1578: error: for each function it appears in.) gnome-mount.c:1585: error: 'unmount_note_close_func' undeclared (first use in this function) gnome-mount.c: In function 'unmount_cache_timeout_start': gnome-mount.c:1604: error: 'unmount_note' undeclared (first use in this function) gnome-mount.c: In function 'unmount_cache_timeout_cancel': gnome-mount.c:1611: error: 'unmount_note' undeclared (first use in this function) gmake[3]: *** [gnome-mount.o] Error 1 gmake[3]: Leaving directory `/usr/ports/sysutils/gnome-mount/work/gnome-mount-0.8/src' gmake[2]: *** [all-recursive] Error 1 gmake[2]: Leaving directory `/usr/ports/sysutils/gnome-mount/work/gnome-mount-0.8/src' gmake[1]: *** [all-recursive] Error 1 gmake[1]: Leaving directory `/usr/ports/sysutils/gnome-mount/work/gnome-mount-0.8' gmake: *** [all] Error 2 *** Error code 1 Stop in /usr/ports/sysutils/gnome-mount. === make failed for sysutils/gnome-mount === Aborting update === Update for sysutils/gnome-mount failed === Aborting update === There are messages from installed ports to display, but first take a moment to review the error messages above. Then press Enter when ready to proceed. Regards, Antonio ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: how can I use portmaster to update but skip a package
On Saturday 27 August 2011 00:56:20 Randal L. Schwartz wrote: I use: portmaster -ai I ask you if you want to install or not. Mitja http://jpgmag.com/people/lumiwa ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: glabel, gmirror, and gpart
On Fri, Aug 26, 2011 at 11:04 PM, Warren Block wbl...@wonkity.com wrote: So it's cosmetic, but not really the kind of message that instills confidence. gptboot needs to be able to tell if it's reading from a gmirror. Or gmirror should provide one block less than it does, so it doesn't overwrite the GPT backup. I use the whole disk to gmirror setup on all my servers. And one day i thought i could try the gpart stuff. I also saw the message at startup, and disgarded it. This was on 8.1 But when i did an upgrade to 8.2 later on, the system could not boot. So i had to find another way. So i would not do it like you do now, it could turn against you in the long run. The thing i did was to mirror each partition. Like so http://unix-heaven.org/node/24 that way it worked. Do not forget to make your second disk bootable also regards, Johan Hendriks___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: glabel, gmirror, and gpart
On Sat, 27 Aug 2011, Johan Hendriks wrote: On Fri, Aug 26, 2011 at 11:04 PM, Warren Block wbl...@wonkity.com wrote: So it's cosmetic, but not really the kind of message that instills confidence. gptboot needs to be able to tell if it's reading from a gmirror. Or gmirror should provide one block less than it does, so it doesn't overwrite the GPT backup. I use the whole disk to gmirror setup on all my servers. And one day i thought i could try the gpart stuff. I also saw the message at startup, and disgarded it. This was on 8.1 But when i did an upgrade to 8.2 later on, the system could not boot. So i had to find another way. So i would not do it like you do now, it could turn against you in the long run. The thing i did was to mirror each partition. Like so http://unix-heaven.org/node/24 that way it worked. Do not forget to make your second disk bootable also That was the idea I had last night trying to go back to sleep. Use gpart to partition the disks, and use gmirror to mirror the partitions. A little more setup, because you have to create multiple mirrors instead of one with partitions inside it. It also addresses Adam's question. For two dissimilar disks, create partitions of the same size and mirror them instead of the whole disk. gmirror apparently doesn't keep a list of outstanding writes, so smaller mirrors should be faster to sync. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
wireless access point in FreeBSD 8.2p2
I seem to be missing something, possibly from reading too many HOWTOs. What I am trying to do is get a system with a wireless card to stand in as a wireless AP should my aging LinkSys base station develop a tragic smoke leak. It's an ath0-based card and the following steps suggest it should work (it has HOSTAP capabilities and offering robust encryption). ifconfig wlan0 create wlandev ath0 ifconfig wlan0 list caps drivercaps=6f85ed41STA,FF,IBSS,HOSTAP,AHDEMO,TXPMGT,SHSLOT,SHPREAMBLE,MONITOR,MBSS,WPA1,WPA2,BURST,WME,WDS,BGSCAN,TXFRAG cryptocaps=fWEP,TKIP,AES,AES_CCM But various permutations of rc.conf, hostap.conf and many iterations of /etc/rc.c/netif restart leave me with two ifconfig entries, one of the ath0 interface and one for wlan0. None of the examples show this so I suspect it's wrong. The IP address is pingable from the host it's installed in but not from anywhere else. And I can see the AP from another system and attach to it but it doesn't route any traffic. from /etc/rc.conf: wlans_ath0=wlan0 create_args_wlan0=wlanmode hostap ifconfig_wlan0=inet 192.168.0.26 netmask 255.255.255.0 ssid lower mode 11g channel 8 from hostap.conf: interface=wlan0 debug=1 ctrl_interface=/var/run/hostapd ctrl_interface_group=wheel ssid=lower wpa=0 redacted results of ifconfig: ath0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 2290 ether 00:0d:88:93:21:3a media: IEEE 802.11 Wireless Ethernet autoselect mode 11g hostap status: running wlan0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 ether 00:0d:88:93:21:3a inet 192.168.0.26 netmask 0xff00 broadcast 192.168.0.255 inet6 fe80::20d:88ff:fe93:213a%wlan0 prefixlen 64 scopeid 0x7 nd6 options=3PERFORMNUD,ACCEPT_RTADV media: IEEE 802.11 Wireless Ethernet autoselect mode 11g hostap status: running ssid lower channel 8 (2447 MHz 11g) bssid 00:0d:88:93:21:3a regdomain FCC indoor ecm authmode AUTO privacy OFF txpower 27 scanvalid 60 protmode CTS wme burst dtimperiod 1 -dfs Yes, I am trying it without any encryption until I see some packets being passed. It seems like a lot of people are getting this to work but I'm not able to follow how they did it. -- Paul Beard Are you trying to win an argument or solve a problem? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: A quality operating system
On Thursday 25 August 2011 01:39:54 Polytropon wrote: Last, suppose you issue a general invitation for people to go over to your house for a free dinner, with food that you know (because you helped in preparing it!) in your heart and taste to be excellent, well prepared and nutritious. And all of a sudden I storm at your door and yell for all the guests that already know what you know about the food, without even tasting anything, that a very good and knowledgeable friend of mine told me that the kitchen is as dirty as hell, the food tastes terrible and that all the guests will get diarrhea and probably die if they eat anything. What would you do? Wow, what a nice analogy! =^_^= Thanks Man. :) I can almost feel sorry for poor Evan. I think he doesn't know what he's missing here. -- Mario Lobo http://www.mallavoodoo.com.br FreeBSD since 2.2.8 [not Pro-Audio YET!!] (99% winblows FREE) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: A quality operating system
I can see this will be important here: http://en.wikipedia.org/wiki/False_dilemma On Wed, Aug 24, 2011 at 9:32 PM, Polytropon free...@edvax.de wrote: But allow me to say that _if_ you are interested in contributing in _that_ way, you should always bring examples and name _concrete_ points you're criticizing, instead of just mentioning wide ranges of this doesn't conform to my interpretation of what 'professional' should look like. The problem with your statement is that it does not allow for general critique, which is also needed. If something shows up in more than one place, it is a general critique. In most cases, documentation requires you to have a minimal clue of what you're doing. There's terminology you simply have to know, and concepts to understand in order to use the documentation. See the Wikipedia page above -- the problem isn't one of user competence, but of poorly-written documentation that is fundamentally disorganized. Have you looked at any of the documentation coming out of Redmond right now? How do you think FreeBSD's documentation stands up to that? Different kinds of users have different preferences. Some like to use the web, like to use Wikis and discussion boards. Others like to use structured web pages. Again, other like web pages too, but want to have as much information in _one_ (long) page. And there are those who do not want to depend on the web - those like man pages. The question isn't form, but content. If you're used to some specific _way_ of documentation, you will maybe value anything that's _different_ from that way as being inferior, non-professional, or less helpful. I think I'm talking about professional level documentation, not a specific style. Also keep in mind that especially for developers, the SOURCE CODE also is an important piece of documentation. Here FreeBSD is very good, compared to other systems. We're talking end-user documentation here. Here the one size fits all problem arises. It's really hard to make documentation for everybody. I disagree. It's very clear what must be done because multiple archetypes exist. Note the presence of :-) and the abilities of english native speakers who are much more able to express between the lines than I am, for example. If so, it's just them trying to cover up the inherently defensive and reactionary nature of their comments. Would they send such an email on a business list? You can predict that everywhere. Just go to any halfway specialized setting and make claims about something not meeting your requirements I've never had this problem when the claims have been stated professionally -- only here. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: A quality operating system
Quoth Evan Busch on Saturday, 27 August 2011: In most cases, documentation requires you to have a minimal clue of what you're doing. There's terminology you simply have to know, and concepts to understand in order to use the documentation. See the Wikipedia page above -- the problem isn't one of user competence, but of poorly-written documentation that is fundamentally disorganized. Have you looked at any of the documentation coming out of Redmond right now? How do you think FreeBSD's documentation stands up to that? Oh please. I have to use that crap that comes out of Redmond on a daily basis. They never think things through and only answer the most shallow questions, and their How tos make their little Was this helpful? seem sarcastic. -- .O. | Sterling (Chip) Camden | http://camdensoftware.com ..O | sterl...@camdensoftware.com | http://chipsquips.com OOO | 2048R/D6DBAF91 | http://chipstips.com pgp6mKqpPvBBw.pgp Description: PGP signature
Re: NFSv4 directory listing issues.
On Tue, Aug 23, 2011 at 01:11:52AM +0200, Leon Meßner wrote: Hi, i'm just testing a kerberized NFSv4 export of a ZFS-Filesystem. Both client and server are FreeBSD at the moment. I tried Linux clients, but could not mount with sec=krb5. If i mount an exported directory with -o sec=krb5(i|p)i, directory listings with ls do sometimes take a very long time (about 20times). Example output below. time ls -la total 8 drwxr-xr-x+ 3 rootwheel 4 Aug 16 13:27 . drwxr-xr-x 3 locadm locadm 512 Aug 22 23:46 .. drwxr-xr-x+ 2 rootwheel 2 Aug 16 13:27 testdir -rw-r--r-- 1 rootwheel 0 Aug 16 13:27 testfile 0.003u 0.003s 0:00.23 0.0% 0+0k 0+0io 0pf+0w time ls -la total 8 drwxr-xr-x+ 3 rootwheel 4 Aug 16 13:27 . drwxr-xr-x 3 locadm locadm 512 Aug 22 23:46 .. drwxr-xr-x+ 2 rootwheel 2 Aug 16 13:27 testdir -rw-r--r-- 1 rootwheel 0 Aug 16 13:27 testfile 0.000u 0.007s 0:04.27 0.0% 0+0k 0+0io 0pf+0w The share is mounted by a local user with a kerberos ticket by mount -t nfs -o nfsv4,sec=krb5 130.149.58.249:/home mount. Mounting with sec=sys does not produce this problem. Has anyone experienced similar issues ? It looks like this could be related to kern/158432 [1] although i'm using IPv4 and amd64. I can't test it at the moment because the testmachine is temp. out of service but i got the same error messages in my kdc's log file. Greetings, Leon [1] http://www.freebsd.org/cgi/query-pr.cgi?pr=158432cat=kern ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: A quality operating system
On Sat, Aug 27, 2011 at 01:56:16PM -0500, Evan Busch wrote: I can see this will be important here: http://en.wikipedia.org/wiki/False_dilemma On Wed, Aug 24, 2011 at 9:32 PM, Polytropon free...@edvax.de wrote: But allow me to say that _if_ you are interested in contributing in _that_ way, you should always bring examples and name _concrete_ points you're criticizing, instead of just mentioning wide ranges of this doesn't conform to my interpretation of what 'professional' should look like. The problem with your statement is that it does not allow for general critique, which is also needed. If something shows up in more than one place, it is a general critique. You haven't shown *one* example of inadequate or confusing documentation. In most cases, documentation requires you to have a minimal clue of what you're doing. There's terminology you simply have to know, and concepts to understand in order to use the documentation. See the Wikipedia page above -- the problem isn't one of user competence, but of poorly-written documentation that is fundamentally disorganized. Have you looked at any of the documentation coming out of Redmond right now? How do you think FreeBSD's documentation stands up to that? FreeBSD documentation blows away anything Redmond gives you. Where's the documentation for Windows Explorer for Vista on microsoft.com? A link will do. Different kinds of users have different preferences. Some like to use the web, like to use Wikis and discussion boards. Others like to use structured web pages. Again, other like web pages too, but want to have as much information in _one_ (long) page. And there are those who do not want to depend on the web - those like man pages. The question isn't form, but content. If you're used to some specific _way_ of documentation, you will maybe value anything that's _different_ from that way as being inferior, non-professional, or less helpful. I think I'm talking about professional level documentation, not a specific style. By your own admission you don't even use FreeBSD so how on earth can you constructively criticise? Answer: you can't. Also keep in mind that especially for developers, the SOURCE CODE also is an important piece of documentation. Here FreeBSD is very good, compared to other systems. We're talking end-user documentation here. In a lot of cases the source IS end-user documentation? BTW, how does that compare with Redmond? Here the one size fits all problem arises. It's really hard to make documentation for everybody. I disagree. It's very clear what must be done because multiple archetypes exist. Well do it. Put up or shut up. Note the presence of :-) and the abilities of english native speakers who are much more able to express between the lines than I am, for example. If so, it's just them trying to cover up the inherently defensive and reactionary nature of their comments. They're inherently defensive and reactionary because you're trolling. Would they send such an email on a business list? Who cares? It's not a business list. You can predict that everywhere. Just go to any halfway specialized setting and make claims about something not meeting your requirements I've never had this problem when the claims have been stated professionally -- only here. OK, so you'll be able to provide links then? Thought not. -- Frank Contact info: http://www.shute.org.uk/misc/contact.html pgpOyNBeZtNxw.pgp Description: PGP signature
Re: A quality operating system
From owner-freebsd-questi...@freebsd.org Sat Aug 27 13:58:08 2011 Date: Sat, 27 Aug 2011 13:56:16 -0500 From: Evan Busch antiequal...@gmail.com To: freebsd-questions@freebsd.org freebsd-questions@freebsd.org Subject: Re: A quality operating system I can see this will be important here: http://en.wikipedia.org/wiki/False_dilemma On Wed, Aug 24, 2011 at 9:32 PM, Polytropon free...@edvax.de wrote: But allow me to say that _if_ you are interested in contributing in _that_ way, you should always bring examples and name _concrete_ points you're criticizing, instead of just mentioning wide ranges of this doesn't conform to my interpretation of what 'professional' should look like. The problem with your statement is that it does not allow for general critique, FALSE TO FACT. He did =not= say that _only_ cricicisms of specific points were allowed. One can point to a specific instance, or possibly a small number of them, and _then_ say something like ,'these are a few examples of this problem, it occurs _throughout_ the document. ... which is also needed. If something shows up in more than one place, it is a general critique. If you can't be botheed to identify _even_one_ specific instance of the 'general critique', you're part of the problem, not part of the solution. The latter types are _much_ more likely to get listened to than the former. Your choice. As one of the first-mentioned types, all you are doing it wasting the time of people who might have used that time to 'do something' about it. In most cases, documentation requires you to have a minimal clue of what you're doing. There's terminology you simply have to know, and concepts to understand in order to use the documentation. See the Wikipedia page above -- the problem isn't one of user competence, but of poorly-written documentation that is fundamentally disorganized. Feel free to demonstrate how you think it _should_ be done. grin Have you looked at any of the documentation coming out of Redmond right now? Yup. That which comes with the O/S. How do you think FreeBSD's documentation stands up to that? FAR more comprehensive. FAR more informative. FAR more _useful_. grin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: A quality operating system
On Saturday 27 August 2011 16:58:06 Frank Shute wrote: On Sat, Aug 27, 2011 at 01:56:16PM -0500, Evan Busch wrote: [Snip..] If so, it's just them trying to cover up the inherently defensive and reactionary nature of their comments. They're inherently defensive and reactionary because you're trolling. Would they send such an email on a business list? Who cares? It's not a business list. You can predict that everywhere. Just go to any halfway specialized setting and make claims about something not meeting your requirements I've never had this problem when the claims have been stated professionally -- only here. OK, so you'll be able to provide links then? Thought not. Well, I don't know about everybody else but I don't believe that the aim of this gentleman's OP was about being constructive, at all. Like somebody had already said here, he was just a kid that threw a rock on a wasp's nest, didn't have legs to run fast enough, and now he is crying all over the place because he got stung. So, to exhaust everything I have to say on this subject, I will try to translate the best I can, two popular sayings here in my country. I hope I can make their meaning get through. To his criticism on documentation: To a good 'understander', a half-word is enough. To his deliriously vague critique on FreeBSD in general: The dogs always bark. But the caravan steadily moves on. -- Mario Lobo http://www.mallavoodoo.com.br FreeBSD since 2.2.8 [not Pro-Audio YET!!] (99% winblows FREE) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: A quality operating system
On Sat, Aug 27, 2011 at 09:48:45PM -0300, Mario Lobo wrote: So, to exhaust everything I have to say on this subject, I will try to translate the best I can, two popular sayings here in my country. I hope I can make their meaning get through. I think both translations carried quite a lot of relevant meaning. Good job. To his criticism on documentation: To a good 'understander', a half-word is enough. That has a very Tao Te Ching feel to it. To his deliriously vague critique on FreeBSD in general: The dogs always bark. But the caravan steadily moves on. That has a very folk-wisdom feel to it. -- Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] pgpsxeSZ4OIKD.pgp Description: PGP signature
Re: wireless access point in FreeBSD 8.2p2
On 08/28/11 02:21, Paul Beard wrote:
I seem to be missing something, possibly from reading too many HOWTOs. What I
am trying to do is get a system with a wireless card to stand in as a
wireless AP should my aging LinkSys base station develop a tragic smoke leak.
It's an ath0-based card and the following steps suggest it should work (it
has HOSTAP capabilities and offering robust encryption).
ifconfig wlan0 create wlandev ath0
ifconfig wlan0 list caps
drivercaps=6f85ed41STA,FF,IBSS,HOSTAP,AHDEMO,TXPMGT,SHSLOT,SHPREAMBLE,MONITOR,MBSS,WPA1,WPA2,BURST,WME,WDS,BGSCAN,TXFRAG
cryptocaps=fWEP,TKIP,AES,AES_CCM
But various permutations of rc.conf, hostap.conf and many iterations of
/etc/rc.c/netif restart leave me with two ifconfig entries, one of the ath0
interface and one for wlan0. None of the examples show this so I suspect it's
wrong. The IP address is pingable from the host it's installed in but not
from anywhere else. And I can see the AP from another system and attach to it
but it doesn't route any traffic.
from /etc/rc.conf:
wlans_ath0=wlan0
create_args_wlan0=wlanmode hostap
ifconfig_wlan0=inet 192.168.0.26 netmask 255.255.255.0 ssid lower mode 11g
channel 8
from hostap.conf:
interface=wlan0
debug=1
ctrl_interface=/var/run/hostapd
ctrl_interface_group=wheel
ssid=lower
wpa=0
redacted results of ifconfig:
ath0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 2290
ether 00:0d:88:93:21:3a
media: IEEE 802.11 Wireless Ethernet autoselect mode 11g hostap
status: running
wlan0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500
ether 00:0d:88:93:21:3a
inet 192.168.0.26 netmask 0xff00 broadcast 192.168.0.255
inet6 fe80::20d:88ff:fe93:213a%wlan0 prefixlen 64 scopeid 0x7
nd6 options=3PERFORMNUD,ACCEPT_RTADV
media: IEEE 802.11 Wireless Ethernet autoselect mode 11g hostap
status: running
ssid lower channel 8 (2447 MHz 11g) bssid 00:0d:88:93:21:3a
regdomain FCC indoor ecm authmode AUTO privacy OFF txpower 27
scanvalid 60 protmode CTS wme burst dtimperiod 1 -dfs
Yes, I am trying it without any encryption until I see some packets being
passed.
It seems like a lot of people are getting this to work but I'm not able to
follow how they did it.
--
Paul Beard
Are you trying to win an argument or solve a problem?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
8.2 RELEASE p2 (ath card, works dhcp wpa)
# /etc/rc.conf
wlans_ath0=wlan0
ifconfig_wlan0=WPA DHCP
# /etc/wpa_supplicant.conf
ctrl_interface=/var/run/wpa_supplicant
network={
ssid=BigPond455FC2
key_mgmt=WPA-PSK
proto=WPA
psk=B104264B61
}
I hope this helps
jason
signature.asc
Description: OpenPGP digital signature
Re: A quality operating system
On Sat, 27 Aug 2011 13:56:16 -0500, Evan Busch wrote: I can see this will be important here: http://en.wikipedia.org/wiki/False_dilemma On Wed, Aug 24, 2011 at 9:32 PM, Polytropon free...@edvax.de wrote: But allow me to say that _if_ you are interested in contributing in _that_ way, you should always bring examples and name _concrete_ points you're criticizing, instead of just mentioning wide ranges of this doesn't conform to my interpretation of what 'professional' should look like. The problem with your statement is that it does not allow for general critique, which is also needed. If something shows up in more than one place, it is a general critique. No. General critique would require to be general, means: it would have to apply in all (or at least most) places. To advance from specific to general critique, it would be useful to show at least _some_ examples where it would apply, and then say something like: There's more around the corner. But _before_ considering general statements, specific ones would have to be discussed, just to make sure the one that came to your mind wasn't an exception of the rule. From logic, you should know that allquantified statements (those including all, none, every, as well as none or never) are easy to disprove: Only one (!) counter- example is required. A = q ^ w ^ e ^ r ^ t ^ z ^ u ^ i - false === (at least) one of (q, w, e, r, t, z, u, i) is false, to put it into a formal expression. In most cases, documentation requires you to have a minimal clue of what you're doing. There's terminology you simply have to know, and concepts to understand in order to use the documentation. See the Wikipedia page above -- the problem isn't one of user competence, but of poorly-written documentation that is fundamentally disorganized. Oh again you put additional emphasize on it: fundamentally. This implies there's a general problem with the documentation. Could you please _name_ that problem, instead of just mentioning that there is one? Have you looked at any of the documentation coming out of Redmond right now? Oh god no! Why wouold I look into disorganized documentation that cannot even be received by blind users, and that invents arbitrary words for established technical terminology, changing all the time? :-) How do you think FreeBSD's documentation stands up to that? Wery well I'd say: It can be accessed offline, for free, and by all audiences (including exceptional ones such as blind or deaf users). Different kinds of users have different preferences. Some like to use the web, like to use Wikis and discussion boards. Others like to use structured web pages. Again, other like web pages too, but want to have as much information in _one_ (long) page. And there are those who do not want to depend on the web - those like man pages. The question isn't form, but content. Form and content have to be matching when you're talking quality. Would you accept a letter from your local tax administration that is correct by content, but written on used toilet paper? On the other hand, how would you think about a book that is pure crap, but written on golden paper with leather? If you're used to some specific _way_ of documentation, you will maybe value anything that's _different_ from that way as being inferior, non-professional, or less helpful. I think I'm talking about professional level documentation, not a specific style. Professional always implies a specific target audience which has the abilities to learn how to use a given kind of documentation. As I said, mainframe documentation is _very_ different from what you might know, but it is _extremely_ professional for those who deal with it - to solve problems. Also keep in mind that especially for developers, the SOURCE CODE also is an important piece of documentation. Here FreeBSD is very good, compared to other systems. We're talking end-user documentation here. Suddenly? I just thought we would talk professional documentation here... By the way, a thing like end-user documentation does not exist. End users do not need documentation. They don't read anything. At _most_, they'd look at colored pictures, but not act according to them. Documentation is the first thing they throw away (in many cases right before they throw away installation media), because they don't need what they don't know. Do I have a strange look at end users? Maybe, but according to my observations and experiences, it's a realistic look. Yours might be quite different. Here the one size fits all problem arises. It's really hard to make documentation for everybody. I disagree. It's very clear what must be done because multiple archetypes exist. Then, how would you suggest a one size fits all documentation should look like? Maybe you can point to a resource available on the Internet to show what you have in mind. I'd be interested in seeing if the
Re: A quality operating system
On Sun, Aug 28, 2011 at 05:09:26AM +0200, Polytropon wrote: On Sat, 27 Aug 2011 13:56:16 -0500, Evan Busch wrote: I've never had this problem when the claims have been stated professionally -- only here. But the claims HAVEN'T been stated professionally. You didn't bring _one_ example, not for unprofessional documentation, not for professional documentation. You're missing the basic structure of a professional argumentation, which consists of making a statement or a claim, then offering arguments that backup the claim, and additionally bring examples for those arguments. I've decided to provide the professional response Evan claims to crave: Dear Evan, We appreciate your feedback on the quality, scope, and focus of our software and documentation. We always strive to provide the highest quality products and service to all of our customers, and constantly seek new ways to improve on perfection. The input of our customers is a key element of our strategy to consistently provide what they need in a timely and responsible fashion. Your ticket number is d3b07384d113edec49eaa6238ad5ff00. Your case worker is Robert Jones. Your ticket is: [ ] Pending Action [ ] Open [X] Closed: Complete Your account has been charged $14.99 for successful completion. Note that this special 25% reduced support pricing will only apply for actions until September 15th. Take advantage of the discounts now! If you have any further questions, do not hesitate to use the support form on the Website. Thank you for your business. -- Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] pgpexUTkHQxQ5.pgp Description: PGP signature
enabling usb modem onda msa 190 up on FreeBSD-8.2
I´m trying to enable my usb modem msa 190 up and I don´t find any driver on ifconfig just a lo0, plip0 and eth0. This is a 3G broadband mobile connection. Why eth0 is detected if I have just a 3G broadband usb modem Onda msa 190 up in a usb port? Regards ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: A quality operating system
Quoth Chad Perrin on Saturday, 27 August 2011: On Sun, Aug 28, 2011 at 05:09:26AM +0200, Polytropon wrote: On Sat, 27 Aug 2011 13:56:16 -0500, Evan Busch wrote: I've never had this problem when the claims have been stated professionally -- only here. But the claims HAVEN'T been stated professionally. You didn't bring _one_ example, not for unprofessional documentation, not for professional documentation. You're missing the basic structure of a professional argumentation, which consists of making a statement or a claim, then offering arguments that backup the claim, and additionally bring examples for those arguments. I've decided to provide the professional response Evan claims to crave: Dear Evan, We appreciate your feedback on the quality, scope, and focus of our software and documentation. We always strive to provide the highest quality products and service to all of our customers, and constantly seek new ways to improve on perfection. The input of our customers is a key element of our strategy to consistently provide what they need in a timely and responsible fashion. Your ticket number is d3b07384d113edec49eaa6238ad5ff00. Your case worker is Robert Jones. Your ticket is: [ ] Pending Action [ ] Open [X] Closed: Complete Your account has been charged $14.99 for successful completion. Note that this special 25% reduced support pricing will only apply for actions until September 15th. Take advantage of the discounts now! If you have any further questions, do not hesitate to use the support form on the Website. Thank you for your business. -- Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] Perfect, except you didn't charge enough -- and you didn't ask him to complete a survey. -- .O. | Sterling (Chip) Camden | http://camdensoftware.com ..O | sterl...@camdensoftware.com | http://chipsquips.com OOO | 2048R/D6DBAF91 | http://chipstips.com pgpsGadxArr2u.pgp Description: PGP signature
Re: wireless access point in FreeBSD 8.2p2
On 08/27/2011 11:21 AM, Paul Beard wrote: I seem to be missing something, possibly from reading too many HOWTOs. What I am trying to do is get a system with a wireless card to stand in as a wireless AP should my aging LinkSys base station develop a tragic smoke leak. It's an ath0-based card and the following steps suggest it should work (it has HOSTAP capabilities and offering robust encryption). I just finished something almost exactly like this a little while ago. But various permutations of rc.conf, hostap.conf and many iterations of /etc/rc.c/netif restart leave me with two ifconfig entries, one of the ath0 interface and one for wlan0. None of the examples show this so I suspect it's wrong. The IP address is pingable from the host it's installed in but not from anywhere else. And I can see the AP from another system and attach to it but it doesn't route any traffic. snip redacted results of ifconfig: ath0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 2290 ether 00:0d:88:93:21:3a media: IEEE 802.11 Wireless Ethernet autoselect mode 11g hostap status: running wlan0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 ether 00:0d:88:93:21:3a inet 192.168.0.26 netmask 0xff00 broadcast 192.168.0.255 inet6 fe80::20d:88ff:fe93:213a%wlan0 prefixlen 64 scopeid 0x7 nd6 options=3PERFORMNUD,ACCEPT_RTADV media: IEEE 802.11 Wireless Ethernet autoselect mode 11g hostap status: running ssid lower channel 8 (2447 MHz 11g) bssid 00:0d:88:93:21:3a regdomain FCC indoor ecm authmode AUTO privacy OFF txpower 27 scanvalid 60 protmode CTS wme burst dtimperiod 1 -dfs This looks correct so far, for an unsecured wireless access point. The wlan0 device is the interface you will use for communicating; the ath0 device exists solely as a target for wlan0 creation. Things to keep in mind: tcpdump(1) is your friend; it seems cryptic and obtuse at first glance, but it will help immensely wlan0 itself will not assign v4 addresses to clients; you need a DHCP server for that The hostap machine must be explicitly told to route packets, by setting gateway_enable=YES in rc.conf and adding the appropriate routes If you're intending this to be a home gateway, you will likely also need NAT. Yes, I am trying it without any encryption until I see some packets being passed. Good idea. Hope this helps! -- Fuzzy love, -CyberLeo Technical Administrator CyberLeo.Net Webhosting http://www.CyberLeo.Net cyber...@cyberleo.net Furry Peace! - http://.fur.com/peace/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: wireless access point in FreeBSD 8.2p2
On Aug 27, 2011, at 8:48 PM, CyberLeo Kitsana wrote: tcpdump(1) is your friend; it seems cryptic and obtuse at first glance, but it will help immensely I wasn't sure there was any reason to use that yet: I can't even ping it from another host. wlan0 itself will not assign v4 addresses to clients; you need a DHCP server for that I plan to use static addresses as I do already (this is just a backup in case my WRT54G develops any issues). The hostap machine must be explicitly told to route packets, by setting gateway_enable=YES in rc.conf and adding the appropriate routes I have that and the existing wired interface has the route set (I am connecting through that to make this work). This raises the question of whether I am expecting the functionality of a bridge without having specifically made one. If you're intending this to be a home gateway, you will likely also need NAT. I think NAT is handled by the telco hardware (on cable) for now. Hmm, starting to think this may not work as I expect. It might be fine as an additional AP but not as a replacement without some configuration changes that I will have forgotten how to make by then. The WRT box runs the PPPoE connection for DSL which I should be switching back to. I'm sure it can be done with this but I think I'm asking for trouble. So maybe this is a solution in search of a problem. Might be to just find a spare WRT54G or its modern equivalent. But that doesn't mean I don't want to figure this out. -- Paul Beard Are you trying to win an argument or solve a problem? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Identifying disk activity
Since I have installed my new system (FreeBSD/i386 8.2-STABLE), I have found some kind of disk activity I've never had before on my home system. As this PC is a very cheap product, it doesn't have a HDD LED. Instead I have to listen to the disk. This is the strange sound: four groups of short bt sounds within a second, with a short pause between them. #-#-#-#- = 1 s This can be heared over several seconds, then silence. From time to time, a brrrt sound appears for 3 seconds in one long rush. I am not sure this is related to a program, but I'd like to find it out. As FreeBSD's I/O subsystem does not work in real-time, I cannot conclude from actual program file I/O to physical disk I/O. Is there a way to force synchronous disk activity? I don't mind if this makes the system run slower, because it's just for diagnostics, but I'd like file I/O done by a program to cause immediate disk activity. My idea is to watch open files and running programs as precise as possible (as root: top -St -s 0). Which tools (e. g. top, htop, lsof) would you suggest to narrow down _which_ program is accessing _which_ file, causing the sound? I already do suspect Opera (due to opera-linuxplugins-11.50, linux-f10-flashplugin-10.3r183.5, nspluginwrapper-1.4.4 maybe), but I'd like to know _where_ exactly this strange sound came from, as there is no 1:1 relation (running Opera does not imply the sound to appear). I have already checked smartctl -a /dev/ad4 which doesn't show any malicious behaviour of the disk itself (sometimes also the reason for strange sounds). -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Identifying disk activity
On Sun, 28 Aug 2011, Polytropon wrote: Since I have installed my new system (FreeBSD/i386 8.2-STABLE), I have found some kind of disk activity I've never had before on my home system. As this PC is a very cheap product, it doesn't have a HDD LED. Instead I have to listen to the disk. This is the strange sound: four groups of short bt sounds within a second, with a short pause between them. #-#-#-#- = 1 s This can be heared over several seconds, then silence. From time to time, a brrrt sound appears for 3 seconds in one long rush. That could be a t-cal, thermal calibration. Depends on the age and model of the drive, some drives don't do it. Could be other internal drive activity. WD drives like to park heads often, loudly, and for no good reason. Is there a way to force synchronous disk activity? Turning off soft updates will help, but not make disk writes totally synchronous. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
