restore /usr dump on two hard disk parallel y
hello guys i'm trying to restore DUMP file for partition /usr on tow hard disk parallel y. these two hard are connected to my system (i have freebsd8.2). i use restore command and it uses /tmp directory to restore dump. in restoring dump process, two hard disks try to use /tmp directory of my system. therefore conflict happened and restore command return error. i try to use TMPDIR and define another tmp directory for one of my hard disk but it does not identify it and use my system tmp directory yet. please let me know if using TMPDIR is a good idea and how i can use it. if not, how i can restore /usr dump file on two hard disk parallel y? thanks in advance sam ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Diskless question
Hello list! I have set up a diskless machine with 8.3-stable and i as a user can log in, but when I try to log in as root it won't work. How to resolv that issue. I have tried with and without password but the computer said no. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
On Wed, 2013-04-24 at 10:18 +0200, Bernt Hansson wrote: I have set up a diskless machine with 8.3-stable and i as a user can log in, but when I try to log in as root it won't work. How to resolv that issue. I have tried with and without password but the computer said no. Do you want to start a X session as root? ~/.xinitrc? Or are you missing a root account and you even can't log in without X? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
On Wed, 24 Apr 2013 10:18:59 +0200 Bernt Hansson b...@bananmonarki.se wrote: Hello list! I have set up a diskless machine with 8.3-stable and i as a user can log in, but when I try to log in as root it won't work. How to resolv that issue. I have tried with and without password but the computer said no. Are you logging in on the console or by ssh ? By default ssh does not allow root login, it can be enabled but you should read up on the security implications carefully before enabling it. I would expect console login to work fine. As a general rule it is better to use sudo or su rather than logging in as root, although for a single user system this doesn't really make much difference. -- Steve O'Hara-Smith st...@sohara.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
On 04/24/13 09:18, Bernt Hansson wrote: Hello list! I have set up a diskless machine with 8.3-stable and i as a user can log in, but when I try to log in as root it won't work. How to resolv that issue. I have tried with and without password but the computer said no. How did it say no? What does the entry for root in /etc/passwd say? -- In the dungeons of Mordor, Sauron bred Orcs with LOLcats to create a new race of servants. Called Uruk-Oh-Hai in the Black Speech, they were cruel and delighted in torturing spelling and grammar. _Lord of the Rings 2.0, the Web Edition_ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
2013-04-24 10:36, Ralf Mardorf skrev: On Wed, 2013-04-24 at 10:18 +0200, Bernt Hansson wrote: I have set up a diskless machine with 8.3-stable and i as a user can log in, but when I try to log in as root it won't work. How to resolv that issue. I have tried with and without password but the computer said no. Do you want to start a X session as root? No. ~/.xinitrc? Or are you missing a root account and you even can't log in without X? No X, only cli. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
2013-04-24 12:12, Steve O'Hara-Smith skrev: On Wed, 24 Apr 2013 10:18:59 +0200 Bernt Hansson b...@bananmonarki.se wrote: Hello list! I have set up a diskless machine with 8.3-stable and i as a user can log in, but when I try to log in as root it won't work. How to resolv that issue. I have tried with and without password but the computer said no. Are you logging in on the console or by ssh ? By default ssh does not allow root login, it can be enabled but you should read up on the security implications carefully before enabling it. I would expect console login to work fine. I'm trying to login as root on the diskless machine. Console. As a general rule it is better to use sudo or su rather than logging in as root, although for a single user system this doesn't really make much difference. su does not work it sayes sorry. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
2013-04-24 12:30, Arthur Chance skrev: On 04/24/13 09:18, Bernt Hansson wrote: Hello list! I have set up a diskless machine with 8.3-stable and i as a user can log in, but when I try to log in as root it won't work. How to resolv that issue. I have tried with and without password but the computer said no. How did it say no? What does the entry for root in /etc/passwd say? $su Sorry root:*:0:0:Charlie :/root:/bin/csh ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
On Wed, 2013-04-24 at 12:52 +0200, Bernt Hansson wrote: su does not work it sayes sorry. polkit:*:562:root,$USER ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
On Wed, 2013-04-24 at 12:52 +0200, Bernt Hansson wrote: su does not work it sayes sorry. Is the user in a group that does fulfil special permissions? Regarding to Google results, the group for FreeBSD is wheel. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
On 04/24/13 11:55, Bernt Hansson wrote: 2013-04-24 12:30, Arthur Chance skrev: On 04/24/13 09:18, Bernt Hansson wrote: Hello list! I have set up a diskless machine with 8.3-stable and i as a user can log in, but when I try to log in as root it won't work. How to resolv that issue. I have tried with and without password but the computer said no. How did it say no? What does the entry for root in /etc/passwd say? $su Sorry root:*:0:0:Charlie :/root:/bin/csh That's not logging in directly as root, that's using su as a normal user. Only members of wheel group can use su. Try logging in directly on the console as root. That should work unless you've marked the console as insecure or have an impossible password in /etc/master.passwd. In the long run you need to add your normal user to wheel group so you can use su. Can you edit the diskless machine's /etc/group from the server that's supplying its disk(s)? In the days when I ran diskless systems I usually found it easier to work on the diskless systems' config files via the server. -- In the dungeons of Mordor, Sauron bred Orcs with LOLcats to create a new race of servants. Called Uruk-Oh-Hai in the Black Speech, they were cruel and delighted in torturing spelling and grammar. _Lord of the Rings 2.0, the Web Edition_ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
On Wed, 24 Apr 2013 12:55:08 +0200 Bernt Hansson b...@bananmonarki.se wrote: 2013-04-24 12:30, Arthur Chance skrev: On 04/24/13 09:18, Bernt Hansson wrote: Hello list! I have set up a diskless machine with 8.3-stable and i as a user can log in, but when I try to log in as root it won't work. How to resolv that issue. I have tried with and without password but the computer said no. How did it say no? What does the entry for root in /etc/passwd say? $su Sorry Some shoots in the dark, shield your feet. a)$su - b)exist /root ? c)can you boot in single user mode ? d)exist /bin/csh ? root:*:0:0:Charlie :/root:/bin/csh --- --- Eduardo Morras emorr...@yahoo.es ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: restore /usr dump on two hard disk parallel y
s m sam.gh1...@gmail.com writes: i'm trying to restore DUMP file for partition /usr on tow hard disk parallel y. these two hard are connected to my system (i have freebsd8.2). i use restore command and it uses /tmp directory to restore dump. in restoring dump process, two hard disks try to use /tmp directory of my system. therefore conflict happened and restore command return error. i try to use TMPDIR and define another tmp directory for one of my hard disk but it does not identify it and use my system tmp directory yet. please let me know if using TMPDIR is a good idea and how i can use it. if not, how i can restore /usr dump file on two hard disk parallel y? What do you want to do exactly? Do you want both disks together to be your new /usr/partition? In that case, you want to set up some kind of RAID system with the two disks. Start with the GEOM section in the handbook. Do you want to end up with two partitions, each holding part of what the /usr backup contains? If that's what you're after, then the best approach is probably to pick one subdirectory of /usr (/usr/local would be an obvious choice) and restore everything *but* that to one of your disks, then mount the other disk on the subdirectory and restore the rest onto there. If your problem is just that the two restore operations are stepping on each other's temporary files, then TMPDIR *should* take care of that. You could show us more detail of how you run the restore operations, or just run them one at a time instead of in parallel. I hope that helps. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
2013-04-24 13:21, Arthur Chance skrev: On 04/24/13 11:55, Bernt Hansson wrote: 2013-04-24 12:30, Arthur Chance skrev: On 04/24/13 09:18, Bernt Hansson wrote: Hello list! I have set up a diskless machine with 8.3-stable and i as a user can log in, but when I try to log in as root it won't work. How to resolv that issue. I have tried with and without password but the computer said no. How did it say no? What does the entry for root in /etc/passwd say? $su Sorry root:*:0:0:Charlie :/root:/bin/csh That's not logging in directly as root, that's using su as a normal user. Only members of wheel group can use su. Try logging in directly on the console as root. That should work unless you've marked the console as insecure or have an impossible password in /etc/master.passwd. I am a member of the wheel group. In the long run you need to add your normal user to wheel group so you can use su. Can you edit the diskless machine's /etc/group from the server that's supplying its disk(s)? In the days when I ran diskless systems I usually found it easier to work on the diskless systems' config files via the server. I have tried and my own password is easily changed via the server. if i try, on the diskless, Login: root Password: password or none Login incorrect ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
2013-04-24 13:04, Ralf Mardorf skrev: On Wed, 2013-04-24 at 12:52 +0200, Bernt Hansson wrote: su does not work it sayes sorry. Is the user in a group that does fulfil special permissions? Regarding to Google results, the group for FreeBSD is wheel. Yes the user is in the wheel group. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
Bernt Hansson b...@bananmonarki.se writes: 2013-04-24 12:30, Arthur Chance skrev: On 04/24/13 09:18, Bernt Hansson wrote: Hello list! I have set up a diskless machine with 8.3-stable and i as a user can log in, but when I try to log in as root it won't work. How to resolv that issue. I have tried with and without password but the computer said no. How did it say no? What does the entry for root in /etc/passwd say? $su Sorry root:*:0:0:Charlie :/root:/bin/csh ^ / \ Root has no valid password. You'll need to go into single-user mode and either give it one or install sudo and add your regular user to the sudoers file. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
On Wed, 24 Apr 2013 09:07-0400, Lowell Gilbert wrote: Bernt Hansson b...@bananmonarki.se writes: 2013-04-24 12:30, Arthur Chance skrev: On 04/24/13 09:18, Bernt Hansson wrote: Hello list! I have set up a diskless machine with 8.3-stable and i as a user can log in, but when I try to log in as root it won't work. How to resolv that issue. I have tried with and without password but the computer said no. How did it say no? What does the entry for root in /etc/passwd say? $su Sorry root:*:0:0:Charlie :/root:/bin/csh ^ / \ Root has no valid password. You'll need to go into single-user mode and either give it one or install sudo and add your regular user to the sudoers file. Why look at the /etc/passwd file when the key files are: * /etc/master.passwd * /etc/spwd.db * /etc/passwd * /etc/pwd.db -- +---++ | Vennlig hilsen, | Best regards, | | Trond Endrestøl, | Trond Endrestøl, | | IT-ansvarlig, | System administrator, | | Fagskolen Innlandet, | Gjøvik Technical College, Norway, | | tlf. mob. 952 62 567, | Cellular...: +47 952 62 567, | | sentralbord 61 14 54 00. | Switchboard: +47 61 14 54 00. | +---++___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
On 04/24/13 14:07, Lowell Gilbert wrote: Bernt Hansson b...@bananmonarki.se writes: 2013-04-24 12:30, Arthur Chance skrev: On 04/24/13 09:18, Bernt Hansson wrote: Hello list! I have set up a diskless machine with 8.3-stable and i as a user can log in, but when I try to log in as root it won't work. How to resolv that issue. I have tried with and without password but the computer said no. How did it say no? What does the entry for root in /etc/passwd say? $su Sorry root:*:0:0:Charlie :/root:/bin/csh ^ / \ Root has no valid password. You'll need to go into single-user mode and either give it one or install sudo and add your regular user to the sudoers file. No, that's from /etc/passwd which never shows any real password information. The true password field is in /etc/master.passwd and I'm not going to ask anyone to show that here. However, the OP should check it's got a valid looking field value rather than just a '*' -- In the dungeons of Mordor, Sauron bred Orcs with LOLcats to create a new race of servants. Called Uruk-Oh-Hai in the Black Speech, they were cruel and delighted in torturing spelling and grammar. _Lord of the Rings 2.0, the Web Edition_ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
Arthur Chance free...@qeng-ho.org writes: On 04/24/13 14:07, Lowell Gilbert wrote: No, that's from /etc/passwd which never shows any real password information. The true password field is in /etc/master.passwd and I'm not going to ask anyone to show that here. However, the OP should check it's got a valid looking field value rather than just a '*' Oops. Right. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
2013-04-24 15:07, Lowell Gilbert skrev: Bernt Hansson b...@bananmonarki.se writes: 2013-04-24 12:30, Arthur Chance skrev: On 04/24/13 09:18, Bernt Hansson wrote: Hello list! I have set up a diskless machine with 8.3-stable and i as a user can log in, but when I try to log in as root it won't work. How to resolv that issue. I have tried with and without password but the computer said no. How did it say no? What does the entry for root in /etc/passwd say? $su Sorry root:*:0:0:Charlie :/root:/bin/csh ^ / \ Root has no valid password. Well. The user can login, root can not. You'll need to go into single-user mode and either give it one or install sudo and add your regular user to the sudoers file. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
On 04/24/13 13:45, Bernt Hansson wrote: 2013-04-24 13:21, Arthur Chance skrev: On 04/24/13 11:55, Bernt Hansson wrote: 2013-04-24 12:30, Arthur Chance skrev: On 04/24/13 09:18, Bernt Hansson wrote: Hello list! I have set up a diskless machine with 8.3-stable and i as a user can log in, but when I try to log in as root it won't work. How to resolv that issue. I have tried with and without password but the computer said no. How did it say no? What does the entry for root in /etc/passwd say? $su Sorry root:*:0:0:Charlie :/root:/bin/csh That's not logging in directly as root, that's using su as a normal user. Only members of wheel group can use su. Try logging in directly on the console as root. That should work unless you've marked the console as insecure or have an impossible password in /etc/master.passwd. I am a member of the wheel group. Curious, I would have expected the su to work. Time for a quick look at the source. In the long run you need to add your normal user to wheel group so you can use su. Can you edit the diskless machine's /etc/group from the server that's supplying its disk(s)? In the days when I ran diskless systems I usually found it easier to work on the diskless systems' config files via the server. I have tried and my own password is easily changed via the server. if i try, on the diskless, Login: root Password: password or none Login incorrect As I mentioned in another post, have you got a valid looking password field in /etc/master.passwd or just a '*'? Valid fields tend to look something like $2a$04$XXX or $6$XXX where XXX is a lot of base64 encoded data. Looking in the source for su there are three places that generate Sorry. They all send messages to syslog. Is there a BAD SU entry in your /var/log/auth.log or a PAM related error in /var/log/messages and/or on the console? -- In the dungeons of Mordor, Sauron bred Orcs with LOLcats to create a new race of servants. Called Uruk-Oh-Hai in the Black Speech, they were cruel and delighted in torturing spelling and grammar. _Lord of the Rings 2.0, the Web Edition_ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Diskless question
2013-04-24 15:40, Lowell Gilbert skrev: Arthur Chance free...@qeng-ho.org writes: On 04/24/13 14:07, Lowell Gilbert wrote: No, that's from /etc/passwd which never shows any real password information. The true password field is in /etc/master.passwd and I'm not going to ask anyone to show that here. However, the OP should check it's got a valid looking field value rather than just a '*' Oops. Right. Ok this is master.password for root root:a lot of tokens.:0:0::0:0:Charlie :/root:/bin/csh ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Stop ifconfig high intensity message from master console
When I do a ifconfig bridge create or ifconfig epair create commands I get some high intensity messages on the hosts F1 session master console. I would like to suppress these messages. Is there any way to do that? Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FreeBSD-update?
When I issue 'freebsd-update fetch install I see this: Looking up update.FreeBSD.org mirrors... 3 mirrors found. Fetching metadata signature for 9.1-RELEASE from update5.freebsd.org... done. Fetching metadata index... done. Inspecting system... done. Preparing to download files... done. No updates needed to update system to 9.1-RELEASE-p2. No updates are available to install. So if 'No updates (are) needed to update system to 9.1-RELEASE-p2', how do I actually update to 9.1-RELEASE-p2? $ uname -r 9.1-RELEASE ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On Wed, 24 Apr 2013 16:00:47 + (UTC), Walter Hurry wrote: When I issue 'freebsd-update fetch install I see this: Looking up update.FreeBSD.org mirrors... 3 mirrors found. Fetching metadata signature for 9.1-RELEASE from update5.freebsd.org... done. Fetching metadata index... done. Inspecting system... done. Preparing to download files... done. No updates needed to update system to 9.1-RELEASE-p2. No updates are available to install. So if 'No updates (are) needed to update system to 9.1-RELEASE-p2', how do I actually update to 9.1-RELEASE-p2? $ uname -r 9.1-RELEASE The kernel's version message will only change if the _kernel_ has been receiving changes. So, for example, if you update from 9.1 to 9.1-p2, and _no_ change has been written to the kernel, it will still report 9.1, even though the updates for -p2 have been applied to other places (like system binaries or libraries). You can use the -r option to freebsd-update to explicitely specify a version to update to. See man freebsd-update for details. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On Wed, 24 Apr 2013 18:05:04 +0200, Polytropon wrote: The kernel's version message will only change if the _kernel_ has been receiving changes. So, for example, if you update from 9.1 to 9.1-p2, and _no_ change has been written to the kernel, it will still report 9.1, even though the updates for -p2 have been applied to other places (like system binaries or libraries). You can use the -r option to freebsd-update to explicitely specify a version to update to. See man freebsd-update for details. Thanks for the reply, but I'm still confused. -- # freebsd-update upgrade -r 9.1-RELEASE-p2 Looking up update.FreeBSD.org mirrors... 3 mirrors found. Fetching metadata signature for 9.1-RELEASE from update5.freebsd.org... done. Fetching metadata index... done. Inspecting system... done. The following components of FreeBSD seem to be installed: kernel/generic src/src world/base world/lib32 The following components of FreeBSD do not seem to be installed: world/doc world/games Does this look reasonable (y/n)? y Fetching metadata signature for 9.1-RELEASE-p2 from update5.freebsd.org... failed. Fetching metadata signature for 9.1-RELEASE-p2 from update4.freebsd.org... failed. Fetching metadata signature for 9.1-RELEASE-p2 from update3.freebsd.org... failed. No mirrors remaining, giving up -- Where am I going wrong? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On Wednesday, April 24, 2013, Walter Hurry wrote: On Wed, 24 Apr 2013 18:05:04 +0200, Polytropon wrote: The kernel's version message will only change if the _kernel_ has been receiving changes. So, for example, if you update from 9.1 to 9.1-p2, and _no_ change has been written to the kernel, it will still report 9.1, even though the updates for -p2 have been applied to other places (like system binaries or libraries). You can use the -r option to freebsd-update to explicitely specify a version to update to. See man freebsd-update for details. Thanks for the reply, but I'm still confused. -- # freebsd-update upgrade -r 9.1-RELEASE-p2 Looking up update.FreeBSD.org mirrors... 3 mirrors found. Fetching metadata signature for 9.1-RELEASE from update5.freebsd.org... done. Fetching metadata index... done. Inspecting system... done. The following components of FreeBSD seem to be installed: kernel/generic src/src world/base world/lib32 The following components of FreeBSD do not seem to be installed: world/doc world/games Does this look reasonable (y/n)? y Fetching metadata signature for 9.1-RELEASE-p2 from update5.freebsd.org... failed. Fetching metadata signature for 9.1-RELEASE-p2 from update4.freebsd.org... failed. Fetching metadata signature for 9.1-RELEASE-p2 from update3.freebsd.org... failed. No mirrors remaining, giving up -- Where am I going wrong? Hi Walter, Freebsd-update tool apply binary patches to your -RELEASE system and GENERIC kernel. Furthermore, sources are synced too (/usr/src) by default. If you want to see the -p# increased, you have to recompile your GENERIC kernel. If you are using a custom kernel, you must recompile it to apply patches as your sources are up-to-date. You will have the -p# increased too. Kind regards, Alexandre ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On Wed, 24 Apr 2013 16:00:47 + (UTC) Walter Hurry walterhu...@gmail.com wrote: When I issue 'freebsd-update fetch install I see this: Looking up update.FreeBSD.org mirrors... 3 mirrors found. Fetching metadata signature for 9.1-RELEASE from update5.freebsd.org... done. Fetching metadata index... done. Inspecting system... done. Preparing to download files... done. No updates needed to update system to 9.1-RELEASE-p2. No updates are available to install. So if 'No updates (are) needed to update system to 9.1-RELEASE-p2', how do I actually update to 9.1-RELEASE-p2? $ uname -r 9.1-RELEASE You have updated to 9.1-RELEASE-p2 - but since there have been no kernel changes since 9.1-RELEASE the kernel version message hasn't changed. This could very reasonably be regarded as bug in the update/version reporting process but I wouldn't hold my breath for a fix, as things stand the version reported only changes when the kernel is updated, or if you recompile it after the update. -- Steve O'Hara-Smith st...@sohara.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
gettext-0.18.1.1 issues
Hi, I have two boxes exhibiting issues with (updates or rebuilds to) gettext-0.18.1.1, (which obv affects lots of stuff) i had originally thought this was a problem with the port on jails on each box, but actually even each host won't rebuild this port. Both are amd64 and have recently been updated to 9.1-REL, but i have other boxes on 9.1-REL that are not showing same behavior. Rebuilds of gettext on hosts stop with: ./localename.c: In function '_nl_locale_name_thread_unsafe': ./localename.c:2607: error: 'locale_t' undeclared (first use in this function) ./localename.c:2607: error: (Each undeclared identifier is reported only once ./localename.c:2607: error: for each function it appears in.) ./localename.c:2607: error: expected ';' before 'thread_locale' ./localename.c:2608: error: 'thread_locale' undeclared (first use in this function) ./localename.c:2608: error: 'LC_GLOBAL_LOCALE' undeclared (first use in this function) *** Error code 1 There is a sed error earlier in the make process, but that seems to also be there on boxes that will rebuild gettext. After trying everything i know to fix this (including copying localename.c from working boxes) , i deinstalled the port on one box, but it won't clean install after that , this has led to various problems with anything linked to gettext, like bash etc. Help! thanks Paul. -- - Paul Macdonald IFDNRG Ltd Web and video hosting - t: 0131 5548070 m: 07970339546 e: p...@ifdnrg.com w: http://www.ifdnrg.com - IFDNRG 40 Maritime Street Edinburgh EH6 6SA High Specification Dedicated Servers from £100.00pm ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On Wed, 24 Apr 2013 14:34:30 -0500, Steve O'Hara-Smith st...@sohara.org wrote: You have updated to 9.1-RELEASE-p2 - but since there have been no kernel changes since 9.1-RELEASE the kernel version message hasn't changed. This could very reasonably be regarded as bug in the update/version reporting process but I wouldn't hold my breath for a fix, as things stand the version reported only changes when the kernel is updated, or if you recompile it after the update. It would be nice if the version of the OS itself was stored in something like /etc/freebsd-version so you know what the version of the OS as a whole is. I'd even accept some sort of output by freebsd-update. It just seems silly that there's no other way -- kern.osrelease is just the base release and kern.version is the same thing that uname -a outputs. It's hard to pick this up and monitor it accurately. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On Wed, 24 Apr 2013 19:35:01 +0200, Alexandre wrote: Freebsd-update tool apply binary patches to your -RELEASE system and GENERIC kernel. Furthermore, sources are synced too (/usr/src) by default. If you want to see the -p# increased, you have to recompile your GENERIC kernel. If you are using a custom kernel, you must recompile it to apply patches as your sources are up-to-date. You will have the -p# increased too. OK, thanks. The mists are beginning to clear. I've synced the source tree and recompiled the kernel, and all is well now. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On Wed, 24 Apr 2013 14:52:17 -0500, Mark Felder wrote: On Wed, 24 Apr 2013 14:34:30 -0500, Steve O'Hara-Smith st...@sohara.org wrote: You have updated to 9.1-RELEASE-p2 - but since there have been no kernel changes since 9.1-RELEASE the kernel version message hasn't changed. This could very reasonably be regarded as bug in the update/version reporting process but I wouldn't hold my breath for a fix, as things stand the version reported only changes when the kernel is updated, or if you recompile it after the update. It would be nice if the version of the OS itself was stored in something like /etc/freebsd-version so you know what the version of the OS as a whole is. I'd even accept some sort of output by freebsd-update. It just seems silly that there's no other way -- kern.osrelease is just the base release and kern.version is the same thing that uname -a outputs. It's hard to pick this up and monitor it accurately. I think I agree with this. It's somewhat confusing for a novice like me. Thanks to all for the helpful replies. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Home WiFi Router with pfSense or m0n0wall?
Alejandro Imass wrote: [snip] Most consider the answer to use WPA2, which I do use too. Many think it is 'virtually' unbreakable, but this really is not true; it just takes longer. I've done WPA2 keys in as little as 2-3 hours before. Are you saying that any WPA2 key can be cracked or or you simply referring to weak keys? I would also like to specifically if it's for weak keys or are all WPA2 personal keys crackable by brute force. Also is WPA2 Enterprise as weak also. Could anyone expand on how weak is WPA2 and WPA2 Enterprise or is this related to weak PSKs only?? I'm just a lowly sysadmin and not any kind of crypto expert. The problem is time and horsepower. While a ridiculously easy key of say 4 characters that is not salted may be doable on a PC, once you start to get to 8-9 characters or more the time it takes begins to get huge fast. It's a matter of can you tie up the resource long enough to wait it out. Throw salting into the mix and it gets longer again. What I do at home is concatenate 2 ham radio call signs of friends that I can remember. Then I sha256 that and select from the end backwards 15 characters. This won't actually defeat the inherent weakness of using a pre- shared key, but it will take longer for a simple brute force. You should also throw in additional characters from your character set beyond just alpha/numerics. Also, my little tinkertoy i5-3570K overclocked up to 4.5GHz is just that - a toy. I can use it to generate a trace file, which I then take to work and replay it using a z196 when they occasionally allow me to play for bit. I also have rainbow tables and dictionary word-lists pregenerated for cheating. Another thing people are playing with is stuffing 4 high end video cards in a box and using them for computation. This enhances the PC platform beyond just using the CPU. There are also people doing this in the cloud. And they will rent you compute time for a fee. :-) The pre-shared key is the weakest as compared to Enterprise. Enterprise WPA is stronger because it is a user account based system which authenticates using 802.1x via a Radius server. You can even assign certificates to user accounts and if they don't have the cert on the client they are trying to connect with, it won't. Throw Kerberos re-ticketing into the mix adds another layer to the onion. I seem to think recalling something about Kerberos re-ticketing something like every 900 seconds, or something like that. Switches and other network equipment that supports 802.1x can also filter out traffic that is not authorized. Bottom line is Enterprise is better than a simple pre-shared key. But it involves radius, dns/dhcp, windows domain controllers, active directory, a PKI infrastrucure and access points that are designed for use in this environment (and they cost more). So while it may be more secure than a simple pre-shared key, it is simply not practical for the home user as they won't have all the 'other' resources required to utilize it. -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On Wed, 24 Apr 2013 14:52:17 -0500 Mark Felder f...@feld.me wrote: On Wed, 24 Apr 2013 14:34:30 -0500, Steve O'Hara-Smith st...@sohara.org wrote: You have updated to 9.1-RELEASE-p2 - but since there have been no kernel changes since 9.1-RELEASE the kernel version message hasn't changed. This could very reasonably be regarded as bug in the update/version reporting process but I wouldn't hold my breath for a fix, as things stand the version reported only changes when the kernel is updated, or if you recompile it after the update. It would be nice if the version of the OS itself was stored in something like /etc/freebsd-version so you know what the version of the OS as a Yes it would. -- Steve O'Hara-Smith | Directable Mirror Arrays C:WIN | A better way to focus the sun The computer obeys and wins.|licences available see You lose and Bill collects. |http://www.sohara.org/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Home WiFi Router with pfSense or m0n0wall?
Arthur Chance wrote: [snip] What I was pondering is some form of L2TP tunnel, or some other form of IPSEC tunnel to form some kind of VPN like communication between the client and the wifi. Just never have begun to find the time to get anywhere with the idea. But basically it would resemble a VPN that only accepts connection from a tunnel endpoint client and not pass any traffic from any other client lacking this VPN-like endpoint. I think such a thing is very possible and have read some articles by people who have done very similar sounding things. Indeed, this is what SSL-VPN providers do via a subscription service so people surfing at open wifi coffee shops tunnel through the local open wifi and setup an encrypted VPN tunnel. A quick note: pfSense (I don't know about m0n0wall) has OpenVPN built in to it. Depending on whether all devices which are going to connect wirelessly can run the client end of OpenVPN, this might be a quick way to get greater security on the WiFi side. This is along the lines of what I was thinking. I am my own CA and can generate certs that no one else has the private keys to. The problem with buying certs from a provider is the gov't has access to the private keys on demand. This was mandated back during the Clinton administration for the US. I do things like turn password auth off on my SSH and only auth via certs. Extending this to other 'connectivities' is a way to make it harder for those with no approved cert to get in. The pairing of firewall and OpenVPN together sounds interesting. Will definitely check it out. Thanks for the pointer! -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Home WiFi Router with pfSense or m0n0wall?
Michael Powell wrote: [snip] Are you saying that any WPA2 key can be cracked or or you simply referring to weak keys? I would also like to specifically if it's for weak keys or are all WPA2 personal keys crackable by brute force. Also is WPA2 Enterprise as weak also. Could anyone expand on how weak is WPA2 and WPA2 Enterprise or is this related to weak PSKs only?? Oh, and BTW was going to include this in the last and forgot: http://www.aircrack-ng.org/doku.php?id=cracking_wpa -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Procmail Decoding Mime Messages
Is there a filter that one can run in procmail in which base64 encoded data go in and text comes out so one can allow procmailrc to do its work? I use bogofilter to filter spam and it does a very good job after one builds a core of spammishness, but legitimate messages are often-times filled with base64 sections that look like garbage to the regular expressions that one puts in .procmailrc for sorting mail. When searching for information, I found something called mimencode which both encodes and decodes these attachments, but there is no FreeBSD port called mimencode so it occurred to me that some other application might exist which is in the ports that does basically the same thing. Is there anything which will take a raw email message and spit out linear strings which can be processed like normal text? Thank you. Martin McCormick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Home WiFi Router with pfSense or m0n0wall?
On Wed, Apr 24, 2013 at 4:16 PM, Michael Powell nightre...@hotmail.com wrote: Alejandro Imass wrote: [snip] Most consider the answer to use WPA2, which I do use too. Many think it is 'virtually' unbreakable, but this really is not true; it just takes longer. I've done WPA2 keys in as little as 2-3 hours before. Are you saying that any WPA2 key can be cracked or or you simply referring to weak keys? I would also like to specifically if it's for weak keys or are all WPA2 personal keys crackable by brute force. Also is WPA2 Enterprise as weak also. Could anyone expand on how weak is WPA2 and WPA2 Enterprise or is this related to weak PSKs only?? I'm just a lowly sysadmin and not any kind of crypto expert. The problem is time and horsepower. While a ridiculously easy key of say 4 characters that is not salted may be doable on a PC, once you start to get to 8-9 characters or more the time it takes begins to get huge fast. It's a matter of can you tie up the resource long enough to wait it out. Throw salting into the mix and it gets longer again. What I do at home is concatenate 2 ham radio call signs of friends that I can remember. Then I sha256 that and select from the end backwards 15 [...] The pre-shared key is the weakest as compared to Enterprise. Enterprise WPA is stronger because it is a user account based system which authenticates using 802.1x via a Radius server. You can even assign certificates to user OK. So we are talking about weak PSKs, of course with enough computing power virtually anything is crackable by brute force. What I don't get is that I thought that mac address filtering at the wireless level meant that the router would not negotiate with a mac no listed in it's table. I haven't used Kismet but you are saying that with Kismet I can infer authorized macs that are connecting to a specific access point so I can spoof one and perform my brute force attack?? Honestly I don't know much about 802.11 but if that is so it's pretty retarded and mac address filtering really a joke then. Thanks again for such detailed responses. I know all this seems all OT but it's a security issue that I don't think that many people are aware of so I haven't changed the subject to OT because of this. Best, -- Alejandro Imass ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Procmail Decoding Mime Messages
Forgot to cc the list. On 04/24/2013 04:47 PM, Ryan Frederick wrote: I believe mimencode is in ports as converters/mmencode. It is also included as part of mail/metamail. Ryan On 04/24/2013 04:07 PM, Martin McCormick wrote: Is there a filter that one can run in procmail in which base64 encoded data go in and text comes out so one can allow procmailrc to do its work? I use bogofilter to filter spam and it does a very good job after one builds a core of spammishness, but legitimate messages are often-times filled with base64 sections that look like garbage to the regular expressions that one puts in .procmailrc for sorting mail. When searching for information, I found something called mimencode which both encodes and decodes these attachments, but there is no FreeBSD port called mimencode so it occurred to me that some other application might exist which is in the ports that does basically the same thing. Is there anything which will take a raw email message and spit out linear strings which can be processed like normal text? Thank you. Martin McCormick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Procmail Decoding Mime Messages
On Wed, 24 Apr 2013 16:07:35 -0500, Martin McCormick wrote: Is there a filter that one can run in procmail in which base64 encoded data go in and text comes out so one can allow procmailrc to do its work? [...] Is there anything which will take a raw email message and spit out linear strings which can be processed like normal text? I think this is possible with uudecode, in this case b64decode. See man uuencode for more information. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Stop ifconfig high intensity message from master console
On 04/25/13 01:53, Joe wrote: When I do a ifconfig bridge create or ifconfig epair create commands I get some high intensity messages on the hosts F1 session master console. I would like to suppress these messages. Is there any way to do that? You'd have to adjust your syslog.conf I'd imagine- look for /dev/console. Read the man page for syslog to know what to adjust on the line which tells it what to send to the console. I believe there might even be a 'not' setting. Correct me if I'm wrong guys. HTH ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On 04/25/13 06:31, Steve O'Hara-Smith wrote: On Wed, 24 Apr 2013 14:52:17 -0500 Mark Felder f...@feld.me wrote: On Wed, 24 Apr 2013 14:34:30 -0500, Steve O'Hara-Smith st...@sohara.org wrote: You have updated to 9.1-RELEASE-p2 - but since there have been no kernel changes since 9.1-RELEASE the kernel version message hasn't changed. This could very reasonably be regarded as bug in the update/version reporting process but I wouldn't hold my breath for a fix, as things stand the version reported only changes when the kernel is updated, or if you recompile it after the update. It would be nice if the version of the OS itself was stored in something like /etc/freebsd-version so you know what the version of the OS as a Yes it would. sysctl kern.version ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Home WiFi Router with pfSense or m0n0wall?
On Wed, 24 Apr 2013 16:16:32 -0400 Michael Powell wrote: Alejandro Imass wrote: [snip] Most consider the answer to use WPA2, which I do use too. Many think it is 'virtually' unbreakable, but this really is not true; it just takes longer. I've done WPA2 keys in as little as 2-3 hours before. Are you saying that any WPA2 key can be cracked or or you simply referring to weak keys? I would also like to specifically if it's for weak keys or are all WPA2 personal keys crackable by brute force. Also is WPA2 Enterprise as weak also. Could anyone expand on how weak is WPA2 and WPA2 Enterprise or is this related to weak PSKs only?? I'm just a lowly sysadmin and not any kind of crypto expert. The problem is time and horsepower. While a ridiculously easy key of say 4 characters that is not salted may be doable on a PC, once you start to get to 8-9 characters or more the time it takes begins to get huge fast. It's a matter of can you tie up the resource long enough to wait it out. Right, but if you were to strip-mine the earth's crust and turn all the silicon into GPU cores you still wouldn't even come close to brute-forcing AES256 before the sun turns into a red-giant. If you're saying that WPA is inadequate because weak keys can be bruteforced then the answer is don't use a weak key. If someone breaks such a key then that's pilot error, not an inherent weakness in WPA. Use a key with 100-256 bits of entropy. What I do at home is concatenate 2 ham radio call signs of friends that I can remember. Then I sha256 that and select from the end backwards 15 characters. 60 bits tops - assuming that there was 60 bit of entropy in the hashed data. My key is only twice as long, but about 40,000,000,000,000,000,000,000,000,000 times better at resisting a brute force attack. This won't actually defeat the inherent weakness of using a pre- shared key, but it will take longer for a simple brute force. You should also throw in additional characters from your character set beyond just alpha/numerics. That's good advice for natural language pass phrases where there is only about 1 bit of entropy per character. IMO it's easier to type a high entropy password using only characters that wont need shifting on any device i.e. random lower-case letters. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
Da Rock wrote: sysctl kern.version For me, that's the same info as in uname -a. Try this: grep -v # /usr/src/sys/conf/newvers.sh | head -4 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
LSI 2008 Contoller settings for ZFS?
Is there a recommended set of settings on LSI 2008 chips burned IT for ZFS? Looking at the Global Settings in the configuration utility there is a field labeled status whose value can be enabled/disable/error. I don't know what to put there or whether it matters. There are other configuration items across the controller. Other than boot order, I don't know if they matter but I/O Timeout for Block Devices might. Any recommendation? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Procmail Decoding Mime Messages
Polytropon wrote:
On Wed, 24 Apr 2013 16:07:35 -0500, Martin McCormick wrote:
Is there a filter that one can run in procmail in which
base64 encoded data go in and text comes out so one can allow
procmailrc to do its work?
Good question, I havent tried that yet, (but should),
but I have been demiming both to help majordomo on servers, via procmail
on local (to reduce bulk on my future archives of personal mail).
2 tools worth knowing in /usr/ports/mail/ : demime emil
A few notes from my
http://berklix.com/~jhs/src/bsd/fixes/freebsd/ports/jhs/mail/Makefile.local
(where I've also more notes on eg much hated quoted-printable )
SUBDIR += emil
# A candidate to be assesed for stripping quoted-printable from
# majordomo on server, to help cluless people.
# Something needed to replace demime as demime has been removed.
# SUBDIR += mime4j
# It won't do any decoding of base64 or quoted-printable
#encoded header fields and bodies.
SUBDIR += demime
# For majordomo on list servers,
# For all the many lazy incompetents who cant turn off sending
# HTML to mail lists, despite having had a decade to learn.
# ( for a few people who do understand they should, have tried to, but
# can''t find where to turn off their HTML, if their ISP even allows.
# Missing in FreeBSD-9.1-RELEASE so see also SUBDIR += mail/emil
Is there anything which will take a raw email message
and spit out linear strings which can be processed like normal
text?
See man emil ; man demime
PS Trying to get procmail to work with a macro with a pipe defined
after + $RCVSTOREUNSEEN, was a long pain I failed so I use a
longer version below which works, appended for syntax example.
RCVSTORE=/usr/local/libexec/nmh/rcvstore
RCVSTOREUNSEEN=$RCVSTORE -nounseen
# A 2nd copy, just text, stripped of MIME enclosures is
# stored in $PRI_MAIL by $RCVSTOREUNSEEN
# The 2nd copy is stored with $RCVSTORE -nounseen so I dont have to
# click the archive copy from within exmh.
NOMIME=/usr/local/bin/demime -8 -
# Demime is not in current after 9.1-RELEASE
# To not demime instead use NOMIME=cat
# NOMIME=cat
# NOMIME=/usr/local/bin/emil
# Emil converts a .jpg MIME to a uuencoded appended without MIME
# I can not seem to achieve something like this:
# XYZ=$NOMIME | $RCVSTOREUNSEEN
{
:0 cw
| $NOMIME | $RCVSTOREUNSEEN +$PRI_MAIL/my/archive
:0 wc
| $RCVSTORE +$INBOX_PLAIN
}
Cheers,
Julian
--
Julian Stacey, BSD Unix Linux C Sys Eng Consultant, Munich http://berklix.com
Reply below not above, like a play script. Indent old text with .
Send plain text. No quoted-printable, HTML, base64, multipart/alternative.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On Wed, Apr 24, 2013, at 18:07, Mike Brown wrote: Da Rock wrote: sysctl kern.version For me, that's the same info as in uname -a. Try this: grep -v # /usr/src/sys/conf/newvers.sh | head -4 Not useful if you don't have src on your servers, but that's good to know. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Home WiFi Router with pfSense or m0n0wall?
Hi-- On Apr 24, 2013, at 1:53 PM, Michael Powell nightre...@hotmail.com wrote: This is along the lines of what I was thinking. I am my own CA and can generate certs that no one else has the private keys to. So can someone who does not run their own CA...? The problem with buying certs from a provider is the gov't has access to the private keys on demand. Um, how does that work when they don't have your private keys? People generate a CSR which they send to a public CA like Verisign/Entrust/et al for signing. That CSR contains the RSA public key, and a matching signature created by the private key to authenticate the CSR request, but it does not contain the private key itself. Consider: openssl req -newkey rsa:2048 -keyout key.pem -out req.pem openssl req -in req.pem -text -verify -noout ls -l key.pem req.pem ...or even go through the explicit process of seeing the different data available: openssl rsa -in key.pem -pubout -out pubkey.pem openssl rsa -in key.pem -text -noout openssl rsa -pubin -in pubkey.pem -text -noout [ A CSR is about half of the size of the private+public key file; and the public key by itself is a quarter the size of the private+public key file. And even possessing key.pem doesn't disclose the private key, since there's a password needed. Unless you make an effort to export the key without a password, that is. ] Regards, -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Procmail Decoding Mime Messages
On Wed, 24 Apr 2013, Martin McCormick wrote: Is there a filter that one can run in procmail in which base64 encoded data go in and text comes out so one can allow procmailrc to do its work? I use bogofilter to filter spam and it does a very good job after one builds a core of spammishness, but legitimate messages are often-times filled with base64 sections that look like garbage to the regular expressions that one puts in .procmailrc for sorting mail. When searching for information, I found something called mimencode which both encodes and decodes these attachments, but there is no FreeBSD port called mimencode so it occurred to me that some other application might exist which is in the ports that does basically the same thing. Is there anything which will take a raw email message and spit out linear strings which can be processed like normal text? mail/maildrop has a reformime program which may be useful. maildrop itself is like a better and easier to use procmail. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On 04/25/13 09:07, Mike Brown wrote: Da Rock wrote: sysctl kern.version For me, that's the same info as in uname -a. Try this: grep -v # /usr/src/sys/conf/newvers.sh | head -4 That shows even less. But the point of the OP was having a file in etc with the info on version, which I fell could be redundant given the excessive detail available in sysctl which is what it is meant for. uname actually refers to the sysctl as a neat command for a shell user, doesn't it? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Unknown IP address shows FreeBSD server MAC in arp cache
Hi, I'm experiencing a weird problem and I have no idea where to begin with this one! Basically what's happening is that I did a host scan from my NetBSD box running Cacti in order to 'Auto Discover' machines on my network; a php script on the Cacti server added an IP address xxx.xxx.1.52. Seeing this as odd since I haven't configured any machine with this IP as it's in the DHCP range on my network and there aren't any machines running on DHCP on the particular VLAN either as everything is statically configured; I proceeded to check the arp cache of my NetBSD box which pointed to the MAC address of my FreeBSD server? Having a look round my network and servers each ping attempt to xxx.xxx.1.52 gives me a response and in the arp cache of each machine/device shows the FreeBSD server. Long ago I may have had this machine on xxx.xxx.1.52 but I can't recall and all settings in /etc/rc.conf for interfaces and Jails are fine and consistent with my Network Spec. My network has also had a massive overhaul since then as I've changed switches and router in the meantime too I have thought about arp poisoning but then again no other machine is connected to my network that I don't know about and since it's a home network there's really only me connected to it. Also I'm running OpenBSD as a firewall/router gateway which I've also checked thoroughly including Packet Filter and haven't found any issues. I also thought about RARP and bootparamd since I'm running a bunch of Sun SPARC systems in which I NetBooted but nothing on that front either showed any result. I additionally have checked the /etc/hosts files of all my systems and even my local DNS db files but nothing shows xxx.xxx.1.52 at all. The BSD version that I'm running on my FreeBSD server is 8.2 x64. Would anyone be able to help me out with this one? Basically why is a rogue or unknown IP address pointing to my FreeBSD box's NIC? Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Fwd: Unknown IP address shows FreeBSD server MAC in arp cache
Well I managed to find the answer!! Scanning through /etc/defaults/rc.conf I noticed this: dhclient_program=/sbin/dhclient # Path to dhcp client program. dhclient_flags= # Extra flags to pass to dhcp client. Then I went back to check my DHCP server's log files and indeed a DHCP request came through from the server even though the IP's are all statically configured on it. Now all I have to do is tell the system not to use the dhclient program and then all will be sorted :-) Few. Regards, Kaya Original Message Subject:Unknown IP address shows FreeBSD server MAC in arp cache Date: Thu, 25 Apr 2013 02:52:21 +0100 From: Kaya Saman kayasa...@gmail.com To: freebsd-questions@freebsd.org Hi, I'm experiencing a weird problem and I have no idea where to begin with this one! Basically what's happening is that I did a host scan from my NetBSD box running Cacti in order to 'Auto Discover' machines on my network; a php script on the Cacti server added an IP address xxx.xxx.1.52. Seeing this as odd since I haven't configured any machine with this IP as it's in the DHCP range on my network and there aren't any machines running on DHCP on the particular VLAN either as everything is statically configured; I proceeded to check the arp cache of my NetBSD box which pointed to the MAC address of my FreeBSD server? Having a look round my network and servers each ping attempt to xxx.xxx.1.52 gives me a response and in the arp cache of each machine/device shows the FreeBSD server. Long ago I may have had this machine on xxx.xxx.1.52 but I can't recall and all settings in /etc/rc.conf for interfaces and Jails are fine and consistent with my Network Spec. My network has also had a massive overhaul since then as I've changed switches and router in the meantime too I have thought about arp poisoning but then again no other machine is connected to my network that I don't know about and since it's a home network there's really only me connected to it. Also I'm running OpenBSD as a firewall/router gateway which I've also checked thoroughly including Packet Filter and haven't found any issues. I also thought about RARP and bootparamd since I'm running a bunch of Sun SPARC systems in which I NetBooted but nothing on that front either showed any result. I additionally have checked the /etc/hosts files of all my systems and even my local DNS db files but nothing shows xxx.xxx.1.52 at all. The BSD version that I'm running on my FreeBSD server is 8.2 x64. Would anyone be able to help me out with this one? Basically why is a rogue or unknown IP address pointing to my FreeBSD box's NIC? Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On Wed, Apr 24, 2013, at 20:41, Da Rock wrote: On 04/25/13 09:07, Mike Brown wrote: Da Rock wrote: sysctl kern.version For me, that's the same info as in uname -a. Try this: grep -v # /usr/src/sys/conf/newvers.sh | head -4 That shows even less. But the point of the OP was having a file in etc with the info on version, which I fell could be redundant given the excessive detail available in sysctl which is what it is meant for. uname actually refers to the sysctl as a neat command for a shell user, doesn't it? The point is that the uname and sysctl output is inaccurate. If the latest release is -p6 and the kernel hasn't been touched since -p4, both uname and the sysctl only show -p4. It's impossible to tell otherwise that the system is really -p6 if you don't have /usr/src/. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On Wed, 24 Apr 2013 21:13:56 -0500, Mark Felder wrote: The point is that the uname and sysctl output is inaccurate. If the latest release is -p6 and the kernel hasn't been touched since -p4, both uname and the sysctl only show -p4. It's impossible to tell otherwise that the system is really -p6 if you don't have /usr/src/. The src component can be updated using the appropriate entry in /etc/freebsd-update.conf so the information is there, no matter if the kernel has been touched or not. In my opinion, it could be helpful to have a somehow more precise information about what version of the OS is currently installed. I suggest having a text file in /etc that contains the currently installed version, maybe also a SVN revision number and a date. Updating via freebsd-update should not be that complicated. Also by updating from source (e. g. when following -STABLE where no X.Y-pZ version information is provided) this file could be installed properly. By checking this file the user could quickly retrieve the required information in a quickly understandable form. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On 4/24/2013 at 5:07 PM Mike Brown wrote: |Da Rock wrote: | sysctl kern.version | |For me, that's the same info as in uname -a. | |Try this: | |grep -v # /usr/src/sys/conf/newvers.sh | head -4 = If uname -r [-a] does not give the proper version of the OS, then it is either a bug, or the documentation for uname should be changed. Currently, the man page for uname gives the following option: -r Write the current release level of the operating system to stan- dard output. If you need to do grep -v # /usr/src/sys/conf/newvers.sh | head -4 in order to write the correct and current release level of the operating system to standard output, then perhaps uname should be fixed to accommodate freebsd update's partial update process of the OS. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On Wed, 24 Apr 2013 22:32:17 -0400, Mike. wrote: If uname -r [-a] does not give the proper version of the OS, then it is either a bug, or the documentation for uname should be changed. Currently, the man page for uname gives the following option: -r Write the current release level of the operating system to stan- dard output. Also the manpage of uname(3) would require a change to make clear that the version of the _kernel_ is provided, which _may_ stay the same during patchlevels of a given version. From that point of view, if we consider the patchlevel _not_ being part of the OS _version_, the statement (as it currently reads) makes sense. The understanding is: Version 9.1 is the OS version, and if a patch has been added, it's still 9.1 (even though the more precise information is 9.1-p5 for example). Similarly consider followint -STABLE: in this case, 9-STABLE or 9.1-STABLE is being reported, because no precise version numbers exist on that branch (at least not in the terms of patchlevels, instead a repository revision number or the date of the checkout could be considered for precision). The uname program relies on the uname system call to get the system identification, which queries the information stored in a (struct utsname *) data structure: The uname() function stores NUL-terminated strings of information identi- fying the current system into the structure referenced by name. The utsname structure is defined in the sys/utsname.h header file, and contains the following members: release Release level of the operating system. version Version level of the operating system. This part of documentation would, given the case, also require adjustment, refering to the kernel instead of the OS. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On 4/25/2013 at 4:47 AM Polytropon wrote: |On Wed, 24 Apr 2013 22:32:17 -0400, Mike. wrote: | If uname -r [-a] does not give the proper version of the OS, then it is | either a bug, or the documentation for uname should be changed. | Currently, the man page for uname gives the following option: | | -r Write the current release level of the operating system to | stan- | dard output. | |Also the manpage of uname(3) would require a change to make clear |that the version of the _kernel_ is provided, which _may_ stay the |same during patchlevels of a given version. From that point of |view, if we consider the patchlevel _not_ being part of the OS |_version_, the statement (as it currently reads) makes sense. |The understanding is: Version 9.1 is the OS version, and if |a patch has been added, it's still 9.1 (even though the more |precise information is 9.1-p5 for example). Similarly consider |followint -STABLE: in this case, 9-STABLE or 9.1-STABLE is being |reported, because no precise version numbers exist on that |branch (at least not in the terms of patchlevels, instead a |repository revision number or the date of the checkout could |be considered for precision). | |The uname program relies on the uname system call to get the |system identification, which queries the information stored in a |(struct utsname *) data structure: | | The uname() function stores NUL-terminated strings of information |identi- | fying the current system into the structure referenced by name. | | | The utsname structure is defined in the sys/utsname.h header file, |and | contains the following members: | | release Release level of the operating system. | | version Version level of the operating system. | |This part of documentation would, given the case, also require |adjustment, refering to the kernel instead of the OS. = On the other hand, maybe instead of changing the documentation of uname to accommodate a problem with freebsd update, maybe freebsd update should be changed to accommodate the historical and expected performance of uname. In other words, once I found out this problem with freebsd update (i.e., not properly refreshing the OS version), I stopped using it, as I was not able to ascertain the current state of my OS installation anymore. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On 04/25/13 13:32, Mike. wrote: On 4/25/2013 at 4:47 AM Polytropon wrote: |On Wed, 24 Apr 2013 22:32:17 -0400, Mike. wrote: | If uname -r [-a] does not give the proper version of the OS, then it is | either a bug, or the documentation for uname should be changed. | Currently, the man page for uname gives the following option: | | -r Write the current release level of the operating system to | stan- |dard output. | |Also the manpage of uname(3) would require a change to make clear |that the version of the _kernel_ is provided, which _may_ stay the |same during patchlevels of a given version. From that point of |view, if we consider the patchlevel _not_ being part of the OS |_version_, the statement (as it currently reads) makes sense. |The understanding is: Version 9.1 is the OS version, and if |a patch has been added, it's still 9.1 (even though the more |precise information is 9.1-p5 for example). Similarly consider |followint -STABLE: in this case, 9-STABLE or 9.1-STABLE is being |reported, because no precise version numbers exist on that |branch (at least not in the terms of patchlevels, instead a |repository revision number or the date of the checkout could |be considered for precision). | |The uname program relies on the uname system call to get the |system identification, which queries the information stored in a |(struct utsname *) data structure: | | The uname() function stores NUL-terminated strings of information |identi- | fying the current system into the structure referenced by name. | | | The utsname structure is defined in the sys/utsname.h header file, |and | contains the following members: | | release Release level of the operating system. | | version Version level of the operating system. | |This part of documentation would, given the case, also require |adjustment, refering to the kernel instead of the OS. = On the other hand, maybe instead of changing the documentation of uname to accommodate a problem with freebsd update, maybe freebsd update should be changed to accommodate the historical and expected performance of uname. In other words, once I found out this problem with freebsd update (i.e., not properly refreshing the OS version), I stopped using it, as I was not able to ascertain the current state of my OS installation anymore. Interesting. My only observation was that sysctl is supposed to be the 'system' database where all queries relate to. It is supposed to display everything about the system; therefore any of these data bits should be fixed here first. Anything else would be a 'feature' :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On Thu, 25 Apr 2013 08:43:59 +1000 Da Rock freebsd-questi...@herveybayaustralia.com.au wrote: On 04/25/13 06:31, Steve O'Hara-Smith wrote: On Wed, 24 Apr 2013 14:52:17 -0500 Mark Felder f...@feld.me wrote: On Wed, 24 Apr 2013 14:34:30 -0500, Steve O'Hara-Smith st...@sohara.org wrote: You have updated to 9.1-RELEASE-p2 - but since there have been no kernel changes since 9.1-RELEASE the kernel version message hasn't changed. This could very reasonably be regarded as bug in the update/version reporting process but I wouldn't hold my breath for a fix, as things stand the version reported only changes when the kernel is updated, or if you recompile it after the update. It would be nice if the version of the OS itself was stored in something like /etc/freebsd-version so you know what the version of the OS as a Yes it would. sysctl kern.version The problem under discussion is that the kernel version does not change when a freebsd-update update does not include a kernel change. -- Steve O'Hara-Smith st...@sohara.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD-update?
On Thu, 25 Apr 2013 13:43:03 +1000 Da Rock freebsd-questi...@herveybayaustralia.com.au wrote: Interesting. My only observation was that sysctl is supposed to be the 'system' database where all queries relate to. It is supposed to display everything about the system; therefore any of these data bits should be fixed here first. Anything else would be a 'feature' :) That would be nice - one way to achieve that would be to add a writable oid for patch level and not bump newvers.sh for patches. -- Steve O'Hara-Smith st...@sohara.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
