Re: pkgng package repository tracking security updates
On 14/01/2013 22:44, n j wrote: One thing to think about would be the option of port maintainers uploading the pre-compiled package of the updated port (or if the size of the upload is an issue then just the hash signature of the valid package archive so other people with more bandwidth can upload it) to help the package building cluster (at least for mainstream architectures). The idea behind it being that the port maintainer has to compile the port anyway and pkg create is not a big overhead. The result would be a sort of distributed package building solution. Sorry. Distributed package building like this is never going to be acceptable. Too much scope for anyone to introduce trojans into packages. Building packages securely is a very big deal, and as recent events have shown, you can't take any chances. Cheers, Matthew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: pkgng package repository tracking security updates
On Tue, Jan 15, 2013 at 10:13 AM, Matthew Seaman matt...@freebsd.orgwrote: On 14/01/2013 22:44, n j wrote: One thing to think about would be the option of port maintainers uploading the pre-compiled package of the updated port (or if the size of the upload is an issue then just the hash signature of the valid package archive so other people with more bandwidth can upload it) to help the package building cluster (at least for mainstream architectures). The idea behind it being that the port maintainer has to compile the port anyway and pkg create is not a big overhead. The result would be a sort of distributed package building solution. Sorry. Distributed package building like this is never going to be acceptable. Too much scope for anyone to introduce trojans into packages. Building packages securely is a very big deal, and as recent events have shown, you can't take any chances. Cheers, Matthew I'd trust this system as far as I trust port maintainers right now. I understand that a port maintainer can submit arbitrary MASTER_SITES in a port Makefile which allows the maintainer to inject malware as they wish. If I trust the port maintainer to make me download and build something coming from e.g. http://samm.kiev.ua or http://danger.rulez.sk (just random picks, no offense intended), then I'd trust that maintainer to upload the package for me or submit a SHA256 hash that the correct package must have. So if somebody else were to build the package, the server would accept the upload only if it matches the hash. Am I overlooking something? Is there some kind of port verification by someone from the team prior to accepting the port submission? -- Nino ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
SSH on FreeBSD
CipherWave Fibre Broadband with FREE installation from only R8840/month Good day, I have just configured FreeBSD on my server. I would like to find out how can I be able to login to it via ssh? Looking forward to hear from you soon. Thank you -- Mannase Nyathi Support Technician sb: 011 541 9940 fax: 011 541 9920 web: www.cipherwave.co.za This email may be confidential or privileged, and CipherWave Storage Solutions Africa (Pty) Ltd does not waive any related rights and obligations, which may include the protection of intellectual property. Any distribution, use or copying of this email or the information it contains by other than an intended recipient is unauthorised. If you have received this email in error please delete it immediately. Due to the inherent uncertainties involved in modern email transmissions, CipherWave Storage Solutions Africa (Pty) Ltd cannot accept any responsibility or liability for any errors or omissions, loss or damage from either use or misuse of the content, including viruses. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SSH on FreeBSD
Hi, On Tue, 15 Jan 2013 10:10:16 + Mannase Nyathi mann...@cipherwave.co.za wrote: CipherWave Fibre Broadband with FREE installation from only R8840/month Good day, I have just configured FreeBSD on my server. I would like to find out how can I be able to login to it via ssh? Looking forward to hear from you soon. Thank you you must enable ssh in /etc/inetd.conf and then read man ssh If you could tell us more what you really want, we could give you a better answer. Erich ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SSH on FreeBSD
Hi, I have just configured FreeBSD on my server. I would like to find out how can I be able to login to it via ssh? Looking forward to hear from you soon. Thank you you must enable ssh in /etc/inetd.conf and then read Or better, in /etc/rc.conf sshd_enable=YES Olivier man ssh If you could tell us more what you really want, we could give you a better answer. Erich ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SSH on FreeBSD
On 15/01/2013 10:10, Mannase Nyathi wrote: I have just configured FreeBSD on my server. I would like to find out how can I be able to login to it via ssh? Start by editing /etc/rc.conf and add the line: sshd_enable=YES (anywhere in the file -- order doesn't matter) Then as root: /etc/rc.d/sshd start It should generate some host keys and then start the sshd daemon. That's all. sshd will restart automatically after any reboots. You should be able to log into any ordinary user account remotely using the account username and password. Note: if your system is exposed to the internet, it will be attacked by bots attempting to brute-force SSH username and passwords. Make sure you have good passwords on all user accounts -- see the archives of this list for many, many discussions of further steps you can take to prevent this activity filling up your logfiles... Cheers, Matthew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
databases/postgresql: simple mirroring of a database or a whole server
Hello list. First, please set me CC, i do not subscribe this list. I'd like to ask for a mirroring solution of an important databse on my installations across at least three boxes. The setup is as follows. Operating system is FreeBSD 10.0/amd and 9.1-STABLE/amd64. A top of the OS there is on all machines in question port databases/postgresql92-server|client running. I have a database that needs to be synchronized/mirrored. A data consistency in a narrow timeframe isn't necessary. The database in question is a very important literature reference db which is maintained via a web interface and this is done mostly from a private box at home, which changes the local database set. This database is also used at the lab. Usually, I have to dump the db, send it via ssh/scp over the net to the target machine and restore it - and this at least three times. Since network connectivity isn't available for some technical reasons when I maintain the local db at home, this task is a pain, if I forget to dump/restore the database. The task maintaining the databases like that isn't appreciable. So, I looked out for a mirroring solution. I came across SLONY I/II, but I feel not very comfortable with the complicated setup. Although having had a howto, it dind't work properly. So I'm looking for something more simple. The data consistency within short timeframes isn't so important, so a mission critical mirroring isn't necessary. But I would be feel better having something more automatic that is synchronizing more than two or three machines automatically when network connectivity is available. Is there a solution - easy task - to handle such a scenario? Thanks in advance, Oliver signature.asc Description: OpenPGP digital signature
Re: SSH on FreeBSD
On 15/01/2013 10:52, Matthew Seaman wrote: That's all. sshd will restart automatically after any reboots. You should be able to log into any ordinary user account remotely using the account username and password. Note ordinary user account - sshd on FreeBSD disallows root logins by default. You can change that by editing /etc/ssh/sshd_config . -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Jails
- Original Message - From: Zyumbilev, Peter pe...@aboutsupport.com To: freebsd-questions@FreeBSD.org freebsd-questions@FreeBSD.org Cc: Sent: Tuesday, January 15, 2013 3:12 AM Subject: Re: Jails On 15/01/2013 02:10, Leonardo M. Ramé wrote: Yes, and also defined /etc/resolv.conf. Any hint? Leonardo M. Ramé http://leonardorame.blogspot.com This is my jail conf. jail_debian_rootdir=/jail/debian jail_debian_hostname=debian.bivol.net jail_debian_ip=192.168.30.12 jail_debian_interface=bge0 jail_debian_devfs_enable=YES jail_debian_devfs_ruleset=devfsrules_jail jail_debian_flags=-n debian #jail_debian_mount_enable=YES # mount YES|NO jail_debian_fstab=/jail/conf/fstab.debian you have ip interface settings correct ? Mine card is bge0, but your one might be different. Peter Peter, last night I finally used apt-get to install g++, so, it's working!. The only thing that doesn't work is ping, but I won't care about it. Leonardo M. Ramé http://leonardorame.blogspot.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: recommendation instead of portmanager
On Tue, 15 Jan 2013 01:16:15 + RW articulated: On Mon, 14 Jan 2013 16:23:08 -0800 David Brodbeck wrote: On Fri, Jan 11, 2013 at 2:07 PM, Artifex Maximus artife...@gmail.comwrote: Hello! I am using portmanager for updating my ports. I love its -p switch. Is there any similar program with such option? I am asking because portmanager is gone from ports tree. -p or --pristineUpdates a port if any dependency in it's /var/db/pkg/{port name}/+CONTENTS does not match what is installed. The effect is when a port is updated, any port who uses the updated port in it's dependency chain, no matter how deep, are rebuilt. Normally only ports one level up are rebuilt. I think portupgrade --recursive will do what you want. It doesn't The is one of the reasons I loved portmanager as opposed to portupgrade. The only way I think you can get some semblance of the same behavior in portupgrade is to use the f flag. 'portupgrade -fr port'. However, that also forces a rebuild of the port whether it requires it or not. Portmanager checked to make sure that the ports, both dependencies and those ports that depended on the named port were built consistently. You would probably have to use the R flag also with portupgrade to get that action. I really wish a real C programmer (I'm not) would update the program to make the program compatible with the present state of FreeBSD. Written in C, the program didn't require other languages to be installed and ran far faster than any of its competition. It was also, IMHO, far easier to configure. On more than one occasion it fixed problems that the other two port management applications failed to correct. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SSH on FreeBSD
El día Tuesday, January 15, 2013 a las 05:45:36PM +0700, Erich Dollansky escribió: Hi, On Tue, 15 Jan 2013 10:10:16 + Mannase Nyathi mann...@cipherwave.co.za wrote: CipherWave Fibre Broadband with FREE installation from only R8840/month Good day, I have just configured FreeBSD on my server. I would like to find out how can I be able to login to it via ssh? Looking forward to hear from you soon. Thank you you must enable ssh in /etc/inetd.conf and then read In FreeBSD it is in rc.conf $ man rc.conf | col -b | fgrep -i ssh matthias -- Sent from my FreeBSD netbook Matthias Apitz | - No system with backdoors like Apple/Android E-mail: g...@unixarea.de | - No HTML/RTF in E-mail WWW: http://www.unixarea.de/ | - No proprietary attachments phone: +49-170-4527211 | - Respect for open standards ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SSH on FreeBSD
On Tue, 15 Jan 2013 10:52:04 + Matthew Seaman articulated: On 15/01/2013 10:10, Mannase Nyathi wrote: I have just configured FreeBSD on my server. I would like to find out how can I be able to login to it via ssh? Start by editing /etc/rc.conf and add the line: sshd_enable=YES (anywhere in the file -- order doesn't matter) Then as root: /etc/rc.d/sshd start It should generate some host keys and then start the sshd daemon. That's all. sshd will restart automatically after any reboots. You should be able to log into any ordinary user account remotely using the account username and password. Note: if your system is exposed to the internet, it will be attacked by bots attempting to brute-force SSH username and passwords. Make sure you have good passwords on all user accounts -- see the archives of this list for many, many discussions of further steps you can take to prevent this activity filling up your logfiles... You might want to consider using certificates rather than 'usernames' 'passwords' for logging in. Your system will be far more secure. As Matthew stated, you can check the archives. If needed, start a new thread and ask for assistance on the subject here. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: databases/postgresql: simple mirroring of a database or a whole server
On Tue, Jan 15, 2013 at 4:24 PM, O. Hartmann ohart...@zedat.fu-berlin.dewrote: Hello list. First, please set me CC, i do not subscribe this list. I'd like to ask for a mirroring solution of an important databse on my installations across at least three boxes. The setup is as follows. Operating system is FreeBSD 10.0/amd and 9.1-STABLE/amd64. A top of the OS there is on all machines in question port databases/postgresql92-server|client running. I have a database that needs to be synchronized/mirrored. A data consistency in a narrow timeframe isn't necessary. The database in question is a very important literature reference db which is maintained via a web interface and this is done mostly from a private box at home, which changes the local database set. This database is also used at the lab. Usually, I have to dump the db, send it via ssh/scp over the net to the target machine and restore it - and this at least three times. Since network connectivity isn't available for some technical reasons when I maintain the local db at home, this task is a pain, if I forget to dump/restore the database. The task maintaining the databases like that isn't appreciable. So, I looked out for a mirroring solution. I came across SLONY I/II, but I feel not very comfortable with the complicated setup. Although having had a howto, it dind't work properly. So I'm looking for something more simple. The data consistency within short timeframes isn't so important, so a mission critical mirroring isn't necessary. But I would be feel better having something more automatic that is synchronizing more than two or three machines automatically when network connectivity is available. Is there a solution - easy task - to handle such a scenario? Thanks in advance, Oliver Since you are using postgresql 9.2, why don't you use the inbuilt replication that comes with it. You might be interested in this page http://www.postgresql.org/docs/9.2/static/high-availability.html . In case you face any difficulties, u can always head over to pgsql mailing list. (pgsql-gene...@postgresql.org) Amitabh ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SSH on FreeBSD
15.01.2013 12:50, Matthias Apitz: El día Tuesday, January 15, 2013 a las 05:45:36PM +0700, Erich Dollansky escribió: Hi, On Tue, 15 Jan 2013 10:10:16 + Mannase Nyathi mann...@cipherwave.co.za wrote: CipherWave Fibre Broadband with FREE installation from only R8840/month Good day, I have just configured FreeBSD on my server. I would like to find out how can I be able to login to it via ssh? Looking forward to hear from you soon. Thank you you must enable ssh in /etc/inetd.conf and then read In FreeBSD it is in rc.conf $ man rc.conf | col -b | fgrep -i ssh In FreeBSD there are two ways of enabling sshd: default, fast and easy through rc.conf and a bit tricky and secure via inetd.conf. Everyone can select their own poison. I personally prefer the latter one. -- Sphinx of black quartz, judge my vow. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: databases/postgresql: simple mirroring of a database or a whole server
On 01/15/13 13:14, Amitabh Kant wrote: On Tue, Jan 15, 2013 at 4:24 PM, O. Hartmann ohart...@zedat.fu-berlin.dewrote: Hello list. First, please set me CC, i do not subscribe this list. I'd like to ask for a mirroring solution of an important databse on my installations across at least three boxes. The setup is as follows. Operating system is FreeBSD 10.0/amd and 9.1-STABLE/amd64. A top of the OS there is on all machines in question port databases/postgresql92-server|client running. I have a database that needs to be synchronized/mirrored. A data consistency in a narrow timeframe isn't necessary. The database in question is a very important literature reference db which is maintained via a web interface and this is done mostly from a private box at home, which changes the local database set. This database is also used at the lab. Usually, I have to dump the db, send it via ssh/scp over the net to the target machine and restore it - and this at least three times. Since network connectivity isn't available for some technical reasons when I maintain the local db at home, this task is a pain, if I forget to dump/restore the database. The task maintaining the databases like that isn't appreciable. So, I looked out for a mirroring solution. I came across SLONY I/II, but I feel not very comfortable with the complicated setup. Although having had a howto, it dind't work properly. So I'm looking for something more simple. The data consistency within short timeframes isn't so important, so a mission critical mirroring isn't necessary. But I would be feel better having something more automatic that is synchronizing more than two or three machines automatically when network connectivity is available. Is there a solution - easy task - to handle such a scenario? Thanks in advance, Oliver Since you are using postgresql 9.2, why don't you use the inbuilt replication that comes with it. You might be interested in this page http://www.postgresql.org/docs/9.2/static/high-availability.html . In case you face any difficulties, u can always head over to pgsql mailing list. (pgsql-gene...@postgresql.org) Amitabh Thank you very much for this hint! I'm new to the 9.X series, so I didn't realize that there is something new built-in. Valuable hint. Regards, Oliver signature.asc Description: OpenPGP digital signature
Re: SSH on FreeBSD
Volodymyr Kostyrko c.kw...@gmail.com writes: snip In FreeBSD there are two ways of enabling sshd: default, fast and easy through rc.conf and a bit tricky and secure via inetd.conf. Everyone can select their own poison. I personally prefer the latter one. You seem to imply that enabling sshd through inetd is more secure than directly through rc.conf. Care to elaborate on that? Regards, -- - Frank ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SSH on FreeBSD
El día Tuesday, January 15, 2013 a las 02:40:32PM +0200, Volodymyr Kostyrko escribió: In FreeBSD it is in rc.conf $ man rc.conf | col -b | fgrep -i ssh In FreeBSD there are two ways of enabling sshd: default, fast and easy through rc.conf and a bit tricky and secure via inetd.conf. Everyone can select their own poison. I personally prefer the latter one. Why it is more secure via inetd.conf? matthias -- Sent from my FreeBSD netbook Matthias Apitz | - No system with backdoors like Apple/Android E-mail: g...@unixarea.de | - No HTML/RTF in E-mail WWW: http://www.unixarea.de/ | - No proprietary attachments phone: +49-170-4527211 | - Respect for open standards ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SSH on FreeBSD
On 15/01/2013 12:51, Matthias Apitz wrote: Why it is more secure via inetd.conf? You can centralise access control via TCP Wrappers - http://www.freebsd.org/doc/handbook/tcpwrappers.html . -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SSH on FreeBSD
15.01.2013 14:48, Frank Staals: Volodymyr Kostyrko c.kw...@gmail.com writes: snip In FreeBSD there are two ways of enabling sshd: default, fast and easy through rc.conf and a bit tricky and secure via inetd.conf. Everyone can select their own poison. I personally prefer the latter one. You seem to imply that enabling sshd through inetd is more secure than directly through rc.conf. Care to elaborate on that? * there's no central process to target with attacks; * SSHv1 server key is regenerated every time new connection is created; * with inetd you can force max connections per minute rate or max connections per ip. -- Sphinx of black quartz, judge my vow. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
[no subject]
List, When I boot the FreeBSD 9.1-RELEASE install CD, everything boots as expected, except random letters appear in random colors. For example, a pink 'r' or a blue colon :, etc. What could be causing this? -Modulok- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: SSH on FreeBSD
Hi Guys, Thanks for your help. I have managed to sought it out. Will let you know if I require any further assistance. I have been receiving numerous emails. It's all fine now :) -Original Message- From: Matthias Apitz [mailto:g...@unixarea.de] Sent: 15 January 2013 02:51 PM To: Volodymyr Kostyrko Cc: Erich Dollansky; questi...@freebsd.org; Mannase Nyathi Subject: Re: SSH on FreeBSD El dÃa Tuesday, January 15, 2013 a las 02:40:32PM +0200, Volodymyr Kostyrko escribió: In FreeBSD it is in rc.conf $ man rc.conf | col -b | fgrep -i ssh In FreeBSD there are two ways of enabling sshd: default, fast and easy through rc.conf and a bit tricky and secure via inetd.conf. Everyone can select their own poison. I personally prefer the latter one. Why it is more secure via inetd.conf? matthias -- Sent from my FreeBSD netbook Matthias Apitz | - No system with backdoors like Apple/Android E-mail: g...@unixarea.de | - No HTML/RTF in E-mail WWW: http://www.unixarea.de/ | - No proprietary attachments phone: +49-170-4527211 | - Respect for open standards -- Mannase Nyathi Support Technician sb: 011 541 9940 fax: 011 541 9920 web: www.cipherwave.co.za This email may be confidential or privileged, and CipherWave Storage Solutions Africa (Pty) Ltd does not waive any related rights and obligations, which may include the protection of intellectual property. Any distribution, use or copying of this email or the information it contains by other than an intended recipient is unauthorised. If you have received this email in error please delete it immediately. Due to the inherent uncertainties involved in modern email transmissions, CipherWave Storage Solutions Africa (Pty) Ltd cannot accept any responsibility or liability for any errors or omissions, loss or damage from either use or misuse of the content, including viruses. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: change in buildworld output when gcc - clang
Alexandre writes: Before the installation of clang and the default system compiler, make buildworld ended with a nice little banner announcing the fact and the time the build completed. After, it ends like this: Your mail has been truncated. Could you please send us the end? Appended. Looking at current@, I see someone else has noticed this. Robert Huff /usr/src/lib/libwrap/../../contrib/tcp_wrappers/shell_cmd.c:79:9: warning: implicit declaration of function 'open' is invalid in C99 [-Wimplicit-function-declaration] if (open(/dev/null, 2) != 0) { ^ /usr/src/lib/libwrap/../../contrib/tcp_wrappers/shell_cmd.c:81:16: warning: implicit declaration of function 'dup' is invalid in C99 [-Wimplicit-function-declaration] } else if (dup(0) != 1 || dup(0) != 2) { ^ /usr/src/lib/libwrap/../../contrib/tcp_wrappers/shell_cmd.c:84:9: warning: implicit declaration of function 'execl' is invalid in C99 [-Wimplicit-function-declaration] (void) execl(/bin/sh, sh, -c, command, (char *) 0); ^ /usr/src/lib/libwrap/../../contrib/tcp_wrappers/shell_cmd.c:91:5: warning: implicitly declaring library function '_exit' with type 'void (int) __attribute__((noreturn))' _exit(0); ^ /usr/src/lib/libwrap/../../contrib/tcp_wrappers/shell_cmd.c:91:5: note: please include the header unistd.h or explicitly provide a declaration for '_exit' 7 warnings generated. /usr/src/lib/libwrap/../../contrib/tcp_wrappers/update.c:110:33: warning: implicit declaration of function 'getpid' is invalid in C99 [-Wimplicit-function-declaration] sprintf(request-pid, %d, getpid()); ^ 1 warning generated. cc: warning: argument unused during compilation: '-L/usr/obj/usr/src/lib32/usr/lib32' cc: warning: argument unused during compilation: '-L/usr/obj/usr/src/lib32/usr/lib32' cc: warning: argument unused during compilation: '-L/usr/obj/usr/src/lib32/usr/lib32' ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Hard drive LED always on
I've got an issue, that regarding to http://forums.freebsd.org/showthread.php?t=13467 is an issue for several users. Since I've got to fix many other issues, ALSA doesn't work, the GUI of QjackCtl does behave strange, Ardour 2 doesn't build, only 2 IOs are available for the sound card, by OSS using the snd_hdspe driver etc., I wonder if I can ignore the LED. As long as the LED only will give light and it shouldn't cause serious issues, such as data loss, it's ok for me. Until now it seems not to cause serious issues. Is it safe to ignore it, to keep i as is? Regards, Ralf -- FreeBSD 9.1-RELEASE amd64 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Starting the desktop environment doesn't work automatically
On Mon, 2013-01-14 at 21:03 +0100, Polytropon wrote: On Mon, 14 Jan 2013 17:54:55 +0100, Ralf Mardorf wrote: If I make mcedit the default editor, could this cause serious issues, perhaps if upgrading the kernel and world? I'm also using it regularly: % echo $EDITOR mcedit No problems so far. The only exception: The editor is not available when starting in SUM, and /usr (and therefor /usr/local) is not mounted. In such a situation where mcedit cannot be made available, /rescue/vi (residing on the / partition) is the best choice if you urgently need to edit something. The vi editor even works when terminal capabilities are not sufficiently provided. Thank you, I made it default for my FreeBSD too. I don't like vi and similar editors. You don't need to like vi, but you should know the most basic actions to use this editor in _worst case_. :-) In the _worst case_ I can handle vi basic actions even with a German keyboard using an us keymap ;). Regards, Ralf ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
assigning values to variables in the background
Hi, A bit of an OT question. I am writing a bourne shell script that collects data from a router. Since netstat vmstat can run for a numbers of iterations I thought I would use just that: stats() ( nstats=`netstat -I ng0 -q 1 60 | tail -1` rawdata=`vmstat -c 2 60 | tail -1` wait ... The logic was: 1. run the first process in the bg 2. run the second process 3. wait to make sure the first process has finished 4. continue further It makes perfect sense why this doesn't work. Both commands run in the foreground. I am going to split the time between netstat and vmstat. So, it will be 30 seconds of netstat and 30 seconds of vmstat. But I am still interested/curious how one should go for this using the shell. So, can this be done without files? Any thoughts? Thanks, Nikos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: pkgng package repository tracking security updates
n j nin...@gmail.com writes: On Tue, Jan 15, 2013 at 10:13 AM, Matthew Seaman matt...@freebsd.orgwrote: On 14/01/2013 22:44, n j wrote: One thing to think about would be the option of port maintainers uploading the pre-compiled package of the updated port (or if the size of the upload is an issue then just the hash signature of the valid package archive so other people with more bandwidth can upload it) to help the package building cluster (at least for mainstream architectures). The idea behind it being that the port maintainer has to compile the port anyway and pkg create is not a big overhead. The result would be a sort of distributed package building solution. Sorry. Distributed package building like this is never going to be acceptable. Too much scope for anyone to introduce trojans into packages. Building packages securely is a very big deal, and as recent events have shown, you can't take any chances. Cheers, Matthew I'd trust this system as far as I trust port maintainers right now. Well, almost. It would have to be cryptographically validated, which would be a bit of work to get right. I understand that a port maintainer can submit arbitrary MASTER_SITES in a port Makefile which allows the maintainer to inject malware as they wish. If I trust the port maintainer to make me download and build something coming from e.g. http://samm.kiev.ua or http://danger.rulez.sk (just random picks, no offense intended), then I'd trust that maintainer to upload the package for me or submit a SHA256 hash that the correct package must have. So if somebody else were to build the package, the server would accept the upload only if it matches the hash. It's easier to sneak something into a binary than a source code package, although you can never be *completely* sure either way (c.f., Ken Thompson's classic speech Reflections on Trusting Trust). In practice, some amount of subterfuge would be required for the attacker to keep from being found out too soon to do much good; possibly quite a lot of subterfuge, if the port gets run on TrustedBSD systems or other forms of system auditing. Once anyone notices a problem, the port will be shut down quickly. Am I overlooking something? Is there some kind of port verification by someone from the team prior to accepting the port submission? Well, a committer has to check the port in personally, but deliberate sabotage could probably sneak by the committer most of the time. - Lowell ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
time_t definition
I am attempting to recompile some code from an older version. uname -a FreeBSD ZD7000 9.1-STABLE FreeBSD 9.1-STABLE #1: Sun Jan 13 23:44:33 PST 2013 root@ZD7000:/usr/obj/usr/src/sys/GENERIC i386 make gcc47 -O2 -pipe -I../../include -std=gnu99 -fstack-protector -Wsystem-headers -Werror -Wall -Wno-format-y2k -Wno-uninitialized -Wno-pointer-sign -c data-collection.c data-collection.c: In function 'main': data-collection.c:214:4: error: format '%ld' expects argument of type 'long int', but argument 3 has type 'time_t' [-Werror=format] data-collection.c:234:4: error: format '%ld' expects argument of type 'long int', but argument 3 has type 'time_t' [-Werror=format] cc1: all warnings being treated as errors *** [data-collection.o] Error code 1 cat data-collection.c ... #include time.h/* time_t */ #include sys/time.h/* gettimeofday() */ ... gettimeofday(spi_stop, tz); / * line 211 */ printf(Loop %d, SPI %ld %ld\n, loop, spi_stop.tv_sec, spi_stop.tv_usec); ... gettimeofday(disk_stop, tz);/* line 231 */ printf(Loop %d, Disk %ld %ld\n, loop, disk_stop.tv_sec, disk_stop.tv_usec); ... time.h defines time_t #ifndef _TIME_T_DECLARED typedef __time_ttime_t; #define _TIME_T_DECLARED #endif sys/time.h includes sys/types.h which includes sys/_types.h which includes machine/_types.h where __time_t is defined typedef __int32_t __time_t; /* time()... */ Question: Why do I see the error? Tom Dean ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: assigning values to variables in the background
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 1/15/13 12:42 PM, Nikos Vassiliadis wrote: Hi, A bit of an OT question. I am writing a bourne shell script that collects data from a router. Since netstat vmstat can run for a numbers of iterations I thought I would use just that: stats() ( nstats=`netstat -I ng0 -q 1 60 | tail -1` rawdata=`vmstat -c 2 60 | tail -1` wait ... The logic was: 1. run the first process in the bg 2. run the second process 3. wait to make sure the first process has finished 4. continue further It makes perfect sense why this doesn't work. Both commands run in the foreground. I am going to split the time between netstat and vmstat. So, it will be 30 seconds of netstat and 30 seconds of vmstat. But I am still interested/curious how one should go for this using the shell. So, can this be done without files? Any thoughts? Thanks, Nikos Hi Nikos, As far as I can tell, the backticks are what's causing the problem. Even though you put the first command in the background (maybe with the inside the backticks, though), the assignment to the nstats variables causes the script to block. If you switch to using temp files, you may have more luck, e.g.: netstat -w 1 -I ng0 -q 60 | tail -1 /tmp/netstat.$$ npid=`echo $!` vmstat -w 2 -c 60 | tail -1 /tmp/vmstat.$$ vpid=`echo $!` wait $npid nstats=`cat /tmp/netstat.$$` rm -f /tmp/netstat.$$ wait $vpid rawdata=`cat /tmp/vmstat.$$` rm -f /tmp/vmstat.$$` Hope that helps, Greg - -- Greg Larkin http://www.FreeBSD.org/ - The Power To Serve http://www.sourcehosting.net/ - Ready. Set. Code. http://twitter.com/cpucycle/ - Follow you, follow me -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.13 (Darwin) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlD1rkAACgkQ0sRouByUApCQogCgwOWapKTe9Wl+EClhHZ8iHtn+ /hUAniKZZq1Se2DEtTe1+OAsxDw0f++Z =zCkZ -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
ffmpef 1.1
Hi, Does anybody know if there soon be port of ffmpeg 1.1 to FreeBSD ? Thanks, Peter ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ffmpef 1.1
On Tue, 15 Jan 2013 13:47:49 -0600, Zyumbilev, Peter pe...@aboutsupport.com wrote: Hi, Does anybody know if there soon be port of ffmpeg 1.1 to FreeBSD ? I assume multimedia/ffmpeg1 just needs an update ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ffmpef 1.1
On Tue, Jan 15, 2013 at 8:53 PM, Mark Felder f...@feld.me wrote: On Tue, 15 Jan 2013 13:47:49 -0600, Zyumbilev, Peter pe...@aboutsupport.com wrote: Hi, Does anybody know if there soon be port of ffmpeg 1.1 to FreeBSD ? I assume multimedia/ffmpeg1 just needs an update Hi, You might consider compiling it from source instead since it often takes some time for the ports to be up to date with the development of ffmpeg. Here is how I did it a while back: Download the latest ffmpeg from GIT. Extract .tgz file # cd ffmpeg-0.10 # bash # export LIBRARY_PATH=/usr/local/lib # export CPATH=/usr/local/include # ./configure --enable-gpl --enable-nonfree --enable-shared --enable-libdirac --enable-libfaac --enable-libschroedinger --enable-libvorbis --enable-libtheora --enable-libvpx --enable-libx264 --enable-libxvid --cc=gcc47 #gmake #gmake install ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ffmpef 1.1
On 15/01/2013 21:53, Mark Felder wrote: On Tue, 15 Jan 2013 13:47:49 -0600, Zyumbilev, Peter pe...@aboutsupport.com wrote: Hi, Does anybody know if there soon be port of ffmpeg 1.1 to FreeBSD ? I assume multimedia/ffmpeg1 just needs an update 1.1 has REALLY cool features - burn subtitles for example. Also I am crossing fingures to solve some strange problems I experience 1.0. Peter ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ffmpef 1.1
On Tue, 15 Jan 2013 14:22:56 -0600, Zyumbilev, Peter pe...@aboutsupport.com wrote: 1.1 has REALLY cool features - burn subtitles Hardcoded subs are the worst :( ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: problem compiling X11 ports under 9.1-RELEASE
Walter Hurry wrote: On Sun, 13 Jan 2013 22:01:25 +, Will Parsons wrote: I've recently installed 9.1-RELEASE on a laptop and am in the process of installing the ports that I want. On several now, I've encountered error messages that I don't know how to deal with and for which I don't see anything in the UPDATING file that seems to be relevant. For example, trying to build both graphics/xv and x11-clocks/wmclock results failure with the primary error message being: imake -DUseInstalled -I/usr/local/lib/X11/config Imakefile.c:16: error: Imake.tmpl: No such file or directory followed by: make: don't know how to make all. Stop This happens both using portmaster (my usual method of installing ports) and installing manually (cd /usr/ports/x/y; make). Imake seems to be installed (pkg_version reports imake-1.0.4,1) so I don't know where to go from here. I tried x11-clocks/wmclock and it compiled successfully in seconds. $ locate Imake.tmpl /usr/local/lib/X11/config/Imake.tmpl $ pkg which /usr/local/lib/X11/config/Imake.tmpl /usr/local/lib/X11/config/Imake.tmpl was installed by package xorg-cf- files-1.0.4 I re-installed devel/imake and compilation problems seem to be solved. -- Will ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: assigning values to variables in the background
On 1/15/2013 9:30 PM, Greg Larkin wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 1/15/13 12:42 PM, Nikos Vassiliadis wrote: Hi, A bit of an OT question. I am writing a bourne shell script that collects data from a router. Since netstat vmstat can run for a numbers of iterations I thought I would use just that: stats() ( nstats=`netstat -I ng0 -q 1 60 | tail -1` rawdata=`vmstat -c 2 60 | tail -1` wait ... The logic was: 1. run the first process in the bg 2. run the second process 3. wait to make sure the first process has finished 4. continue further It makes perfect sense why this doesn't work. Both commands run in the foreground. I am going to split the time between netstat and vmstat. So, it will be 30 seconds of netstat and 30 seconds of vmstat. But I am still interested/curious how one should go for this using the shell. So, can this be done without files? Any thoughts? Thanks, Nikos Hi Nikos, As far as I can tell, the backticks are what's causing the problem. Even though you put the first command in the background (maybe with the inside the backticks, though), the assignment to the nstats variables causes the script to block. If you switch to using temp files, you may have more luck, e.g.: netstat -w 1 -I ng0 -q 60 | tail -1 /tmp/netstat.$$ npid=`echo $!` vmstat -w 2 -c 60 | tail -1 /tmp/vmstat.$$ vpid=`echo $!` wait $npid nstats=`cat /tmp/netstat.$$` rm -f /tmp/netstat.$$ wait $vpid rawdata=`cat /tmp/vmstat.$$` rm -f /tmp/vmstat.$$` Yes, this looks probably like something I will use too. Just for the fun of it and using a separator(Robert's idea), I came up with this: delay=10 a=$( ( echo netstat `netstat -I ng0 -q 1 $delay | tail -1` netstat ) ( echo vmstat `vmstat -c 2 $delay | tail -1` vmstat ) ) echo $a If someone else has something else to add I'll be glad to hear it, no matter how crazy! Thanks for your answers Greg Robert, Nikos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: assigning values to variables in the background
In the last episode (Jan 16), Nikos Vassiliadis said: On 1/15/2013 9:30 PM, Greg Larkin wrote: On 1/15/13 12:42 PM, Nikos Vassiliadis wrote: A bit of an OT question. I am writing a bourne shell script that collects data from a router. Since netstat vmstat can run for a numbers of iterations I thought I would use just that: stats() ( nstats=`netstat -I ng0 -q 1 60 | tail -1` rawdata=`vmstat -c 2 60 | tail -1` wait ... The logic was: 1. run the first process in the bg 2. run the second process 3. wait to make sure the first process has finished 4. continue further It makes perfect sense why this doesn't work. Both commands run in the foreground. I am going to split the time between netstat and vmstat. So, it will be 30 seconds of netstat and 30 seconds of vmstat. But I am still interested/curious how one should go for this using the shell. So, can this be done without files? Any thoughts? As far as I can tell, the backticks are what's causing the problem. Even though you put the first command in the background (maybe with the inside the backticks, though), the assignment to the nstats variables causes the script to block. If you switch to using temp files, you may have more luck, e.g.: netstat -w 1 -I ng0 -q 60 | tail -1 /tmp/netstat.$$ npid=`echo $!` vmstat -w 2 -c 60 | tail -1 /tmp/vmstat.$$ vpid=`echo $!` wait $npid nstats=`cat /tmp/netstat.$$` rm -f /tmp/netstat.$$ wait $vpid rawdata=`cat /tmp/vmstat.$$` rm -f /tmp/vmstat.$$` npid=$! is cleaner (no need to fork a subshell just to echo a variable), but you don't even need that. You can use just a single wait command to wait for both processes to finish, then extract the output of both tempfiles. Yes, this looks probably like something I will use too. Just for the fun of it and using a separator(Robert's idea), I came up with this: delay=10 a=$( ( echo netstat `netstat -I ng0 -q 1 $delay | tail -1` netstat ) ( echo vmstat `vmstat -c 2 $delay | tail -1` vmstat ) ) echo $a This works, but now you have both lines of info in a single variable, and it may be more work to split the lines back out (also note that you can't predict which line will be first). If you want to stick with shell, either zsh or bash would make short work of parsing this. -- Dan Nelson dnel...@allantgroup.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
absurd I/O perf with ZFS: hangs on zfs-cv)
Hi all. Running FreeBSD 9.1-Release, I am seeing some absurd hangs (10 minutes or more to open a file) with SIGINFO informing me that the process is stuck on zio-io_cv. Does anyone have any suggestions for what I want to look at to tune this? This is on a newly bought laptop with large amounts of RAM and almost nothing else running. Please CC me as I am not subscribed. -- Eitan Adler ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FreeBSD-9.1-RELEASE-i386 geom mirror+stripe question.
Hi. Is it possible to configure geom mirror+stripe (looks like RAID10)? Trying to do it in VirtualBox: gmirror label -v gm11 /dev/ada0s2 /dev/ada1s2 gmirror label -v gm12 /dev/ada2s2 /dev/ada3s2 gstripe label -v gs0 /dev/mirror/gm11 /dev/mirror/gm12 newfs -U /dev/stripe/gs0 mount /dev/stripe/gs0 /mnt 'shutdown -r now' stucks in 'GEOM_MIRROR: cannot destroy gm11' I also tried to BSD label /dev/stripe/gs0: gpart create -s BSD /dev/stripe/gs0 gpart add -t freebsd-ufs /dev/stripe/gs0 after newfs -U /dev/stripe/gs0a got GEOM_PART: partition 1 has end offset beyond last LBA: 4193919 2097079 GEOM_PART: integrity check failed (mirror/gm11, BSD) mount /dev/stripe/gs0a /mnt 'shutdown -r now' stucks in 'GEOM_MIRROR: cannot destroy gm11' Any idea? --- Best regards, Alexander. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ffmpef 1.1
On Jan 15, 2013 12:59 PM, Zyumbilev, Peter pe...@aboutsupport.com wrote: On 15/01/2013 22:27, Mark Felder wrote: On Tue, 15 Jan 2013 14:22:56 -0600, Zyumbilev, Peter pe...@aboutsupport.com wrote: 1.1 has REALLY cool features - burn subtitles Hardcoded subs are the worst :( I will wait a little before going the compile route... For subs,I am with Samsung which works like charm with sepate srt file, however I want to build such setup who is with Sony and Sony supports only burned subtitles :( did you try multimedia/ffmpeg-devel, its pulls from svn. for subtitles I think you are talking about libass? its been in svn head for awhile. Waitman Gobble San Jose California ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Anyone else seeing problems with dtrace and cyclic in 9.1-stable???
Greetings all, Has anyone else seen these errors during 9.1-stable boot... Jan 16 08:12:05 sleipnir kernel: link_elf_obj: symbol cyclic_clock_func undefined Jan 16 08:12:05 sleipnir kernel: KLD file cyclic.ko - could not finalize loading Jan 16 08:12:05 sleipnir kernel: KLD file dtrace.ko - cannot find dependency cyclic This began around 14th - 15th Jan 2013. I have no recollection of seeing these symptoms before. Cheers, // jau .--- ..- -.- -.- .-.- .-.-.-..- -.- -.- --- -. . -. /Jukka A. Ukkonen, Oxit Ltd, Finland /__ M.Sc. (sw-eng cs)(Phone) +358-500-606-671 / Internet: Jukka.Ukkonen(a)Oxit.Fi /Internet: jau(a)iki.fi v .--- .- ..- ...-.- .. -.- .. .-.-.- ..-. .. + + + + My opinions are mine and mine alone, not my employers. + + + + ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org