Re: well, try here first...
On Nov 13, 2012, at 9:48 PM, Polytropon wrote: > That matches what I've learned in school, but it doesn't match > realitiy anymore. :-) > > A famous thing is "comma in lists": Unlike German, where "and" > substitutes a comma, in English it seems to be valid to put a > comma infront of "and": > > He bought a glass, a towel, a toothpick, and a nose. > > In German, that would be > > Er kaufte ein Glas, ein Handtuch, einen Zahnstocker > und eine Nase. This is interesting, because the comma before the "and" in a list is much more understandable, because it is open to less interpretation. This is where the "eats shoots and leaves" comes in, kind of. There are similar examples where ambiguity arises from the lack of a comma before "and" in a list. The comma before the "and" is traditional English. There are, however, lots of people who advocate for the lack of a comma before the "and" in a list and that is taught in some classes in some schools. I don't claim to be a great German speaker or writer. I have not visited there in 12 years nor lived there in almost 20 years. But people at least can understand me and I can get my point across. :) Most of my post was meant to support what you were saying, btw. As well as give examples and interesting tidbits. I agree that proper grammar is important in language, even when I don't always use it or do it; especially in informal speech like email lists, forums, etc. > But pleese pay atension too, the new englis orfograffy which > make`s every thing easyer to under stand and, more freedems > to mak punctation and les speeling errer's. > > Funkzionier't auch in, Deutsch! :-) You must really be taking a conniption fit with the changes (Verbilligen -- cheapening -- though the exact words I was searching for have failed me tonight) that have happened in German in the last 10 or so years ( striking of ß; to always be written with "ss" now, etc)... >> >> Und "Playboy alles was Maennern Spass macht" ist 100% verständlich >> auf deutsch, da es einen richtigen Dativ Kasus gibt, im Gegensatz >> zu englischer Sprache. > > It may be 100% understandable, but it's not correct, because it's > not a sentence or a grammatically valid construct. The translation > would have been (quite literally, I admit): > > Playboy everything what men fun makes Actually, no. A more correct translation would be:Playboy everything that to men fun makes. [Or, if you wanted the same mistake (lack of comma or hyphen) but proper English word order: Playboy everything that is fun for men.] "Männern" is dative case, which, when used without a preposition, is best translated as "to " where is written with dative case endings. > > Again, a hyphen after the 1st word would it much more readable. > > > >> (and "playboy -- everything that is fun for men" [in German] is >> 100% understandable in German, because there is a real dative case >> in German, unlike in english.) > > In _that_ translation, you've used the hyphen correctly (which was > missing in the german version discussed). > Yes, my bad. I was trying to write it the same but fixed it unconsciously. regards Chad
Re: well, try here first...
On Nov 13, 2012, at 7:58 PM, Polytropon wrote: > > Ouch. > > Unlike in English, the comma in German is an important symbol > in grammar. It brings structure to sentences. In English, there > is the "word order" that achieves this goal, and a comma is > mostly optional or "left to preferences". In German, there are > rules where to place a comma, and where not to. Those rules > are relatively easy to understand, and luckily they do not > leave much space for individual preferences. :-) > > In the above example, > > Playboy, alles was Maennern Spass macht > > or better using a hyphen > > Playboy - alles was Maennern Spass macht > > would have been correct, as it's shown on the current web page > in a correct manner. To be fair, a lot of the same rules exist for English. The comma is not optional or left to preferences in English, either. There are definite rules and it brings structure. Unfortunately, lots of people forget (or don't pay attention to) these rules, or, they are casual with them in the casual forms of communication, like email. (And there are some people who believe that the "text" language is English -- OMG, WTF, GR8, B4, LOL, etc -- http://en.wikipedia.org/wiki/Text_language ) Wie mit deutscher Sprache, man kann (mit englischer Sprache) vieles mit der Wortstellung machen. Und dazu, ist, natürlich, die richtige Anwendung (und Verständnis) der Grammatik wichtig. (Like with the German language, one can do a lot with word order (in English). And for that, the proper use and understanding of Grammar is important) http://en.wikipedia.org/wiki/Eats,_Shoots_%26_Leaves Und "Playboy alles was Maennern Spass macht" ist 100% verständlich auf deutsch, da es einen richtigen Dativ Kasus gibt, im Gegensatz zu englischer Sprache. (and "playboy -- everything that is fun for men" [in German] is 100% understandable in German, because there is a real dative case in German, unlike in english.) Gruss aus Utah Chad
Re: ZFS stats in "top" -- ZFS performance started being crappy in spurts
On Aug 11, 2012, at 5:33 PM, Chad Leigh - Pengar LLC wrote: > Hi > > I have a FreeBSD 9 system with ZFS root. It is actually a VM under Xen on a > beefy piece of HW (4 core Sandy Bridge 3ghz Xeon, total HW memory 32GB -- VM > has 4vcpus and 6GB RAM). Mirrored gpart partitions. I am looking for data > integrity more than performance as long as performance is reasonable (which > it has more than been the last 3 months). > > The other "servers" on the same HW, the other VMs on the same, don't have > this problem but are set up the same way. There are 4 other FreeBSD VMs, one > running email for a one man company and a few of his friends, as well as some > static web pages and stuff for him, one runs a few low use web apps for > various customers, and one runs about 30 websites with apache and nginx, > mostly just static sites. None are heavily used. There is also one VM with > linux running a couple low use FrontBase databases. Not high use database > -- low use ones. > > The troubleseome VM has been running fine for over 3 months since I > installed it.Level of use has been pretty much constant. The server > runs 4 jails on it, each dedicated to a different bit of email processing for > a small number of users. One is a secondary DNS. One runs clamav and > spamassassin. One runs exim for incoming and outgoing mail. One runs > dovecot for imap and pop. There is no web server or database or anything > else running. > > Total number of mail users on the system is approximately 50, plus or minus. > Total mail traffic is very low compared to "real" mail servers. > > Earlier this week things started "freezing up". It might last a few minutes, > or it might last 1/2 hour. Processes become unresponsive. This can last a > few minutes or much longer. It eventually resolves itself and things are > good for another 10 minutes or 3 hours until it happens again. When it > happens, lots of processes are listed in "top" as > > zfs > zio->i > zfs > tx->tx > db->db > > state. These processes only get listed in these states when there are > problems. What are these states indicative of? > Ok, after much reading of ZFS blog posts, forum postings, email list postings, and trying stuff out, I seem to have gotten stuff back down to normal and reasonable performance. In case anyone has similar issues in a similar circumstance, here is what I did. Some of these may have had little or no effect but this is what was changed. The biggest effect was when I did the following: vfs.zfs.zfetch.block_cap from default 256 down to 64 This was like night and day. The idea to try this from a post by user "madtrader" in the forum http://forums.sagetv.com/forums/showthread.php?t=43830&page=2 . He was recording multiple streams of HD video and trying to play HD video off a stream from the same server/ZFS file system. Also, setting vfs.zfs.write_limit_override to something other than the default disabled "0" seems to have had a relatively significant effect. Before I worked with the "block_cap" above, I was focussing on this and had tried everything from 64M to 768M. It is currently set to 576M and is around the area where I was having best results on my system with my amount of RAM (6GB). I tried 512M and had good results and then 768M, which was still good but not quite as good as far as I could tell from testing. So I went with 576M on my last attempt and then added in the block_cap and things really are pretty much back to normal. I turned on vdev caching vfs.zfs.vdev.cache.size form 0 to 10M. Don't know if it helped. I also lowered vfs.zfs.txg.timeout from 5 to 3. This seems to have had a slightly noticeable effect. I also adjusted vfs.zfs.arc_max The default of 0 (meaning system self set) seemed to result in an actual value of around 75-80% of RAM, which seemed high. I ended up setting it at 3072M, which for me seems to work well. Don't know what the overall effect on the problem was though. Thanks Chad
ZFS stats in "top" -- ZFS performance started being crappy in spurts
Hi I have a FreeBSD 9 system with ZFS root. It is actually a VM under Xen on a beefy piece of HW (4 core Sandy Bridge 3ghz Xeon, total HW memory 32GB -- VM has 4vcpus and 6GB RAM). Mirrored gpart partitions. I am looking for data integrity more than performance as long as performance is reasonable (which it has more than been the last 3 months). The other "servers" on the same HW, the other VMs on the same, don't have this problem but are set up the same way. There are 4 other FreeBSD VMs, one running email for a one man company and a few of his friends, as well as some static web pages and stuff for him, one runs a few low use web apps for various customers, and one runs about 30 websites with apache and nginx, mostly just static sites. None are heavily used. There is also one VM with linux running a couple low use FrontBase databases. Not high use database -- low use ones. The troubleseome VM has been running fine for over 3 months since I installed it.Level of use has been pretty much constant. The server runs 4 jails on it, each dedicated to a different bit of email processing for a small number of users. One is a secondary DNS. One runs clamav and spamassassin. One runs exim for incoming and outgoing mail. One runs dovecot for imap and pop. There is no web server or database or anything else running. Total number of mail users on the system is approximately 50, plus or minus. Total mail traffic is very low compared to "real" mail servers. Earlier this week things started "freezing up". It might last a few minutes, or it might last 1/2 hour. Processes become unresponsive. This can last a few minutes or much longer. It eventually resolves itself and things are good for another 10 minutes or 3 hours until it happens again. When it happens, lots of processes are listed in "top" as zfs zio->i zfs tx->tx db->db state. These processes only get listed in these states when there are problems. What are these states indicative of? Eventually things get going again, these states drop off and the system hums along. Based on some stuff I found in Google (for a person who had a different but somewhat similar problem) I tried setting zfs set primarycache=metadata zroot and zfs set primarycache=none zroot but the problem still happened with approximately the same severity and frequency. (Wanted to see if the system was "churning" with cache upkeep). What is strange is that this server ran fine for 3 months straight without interruption with the same level of work. Thanks for any hints or clues Chad some data points below --- # uname -a FreeBSD newbagend 9.0-STABLE FreeBSD 9.0-STABLE #1: Wed Mar 21 15:22:14 MDT 2012 chad@underhill:/usr/obj/usr/src/sys/UNDERHILL-XEN amd64 # --- # zpool status pool: zroot state: ONLINE scan: scrub repaired 0 in 6h13m with 0 errors on Fri Aug 10 19:33:23 2012 config: NAMESTATE READ WRITE CKSUM zroot ONLINE 0 0 0 mirror-0 ONLINE 0 0 0 gptid/f0da8263-8a52-11e1-b3ae-aa3efccd ONLINE 0 0 0 gptid/0f24ab58-8a53-11e1-b3ae-aa3efccd ONLINE 0 0 0 errors: No known data errors # --- representative data from doing a stats during a trouble period zfs-stats -a ZFS Subsystem ReportSat Aug 11 13:40:07 2012 System Information: Kernel Version: 900505 (osreldate) Hardware Platform: amd64 Processor Architecture: amd64 ZFS Storage pool Version: 28 ZFS Filesystem Version: 5 FreeBSD 9.0-STABLE #1: Wed Mar 21 15:22:14 MDT 2012 chad 1:40PM up 2:54, 3 users, load averages: 0.23, 0.19, 0.14 System Memory: 11.49% 681.92 MiB Active, 4.03% 238.97 MiB Inact 33.37% 1.93GiB Wired, 0.05% 3.04MiB Cache 51.04% 2.96GiB Free, 0.01% 808.00 KiB Gap Real Installed: 6.00GiB Real Available: 99.65% 5.98GiB Real Managed: 96.93% 5.80GiB Logical Total: 6.00GiB Logical Used: 46.76% 2.81GiB Logical Free: 53.24% 3.19GiB Kernel Memory: 1.25GiB Data: 98.38% 1.23GiB Text: 1.62% 20.75 MiB Kernel Memory Map: 5.68GiB
Re: Apache FCGI in a a jail under FBSD 9 won't start due to shared memory creation error
On Aug 9, 2012, at 9:41 AM, Fbsd8 wrote: > Chad Leigh Shire.Net LLC wrote: >> On Aug 7, 2012, at 10:31 AM, Mark Felder wrote: >>> jail_sysvipc_allow="YES" in rc.conf should do it. >> Hmm >> I added that and rebooted the jail host system. However, the setting in >> sysctl security.jail.sysvipc_allowed is still 0 after the reboot >> # sysctl -a | grep sysvipc >> security.jail.param.allow.sysvipc: 0 >> security.jail.sysvipc_allowed: 0 >> # >> I can set security.jail.sysvipc_allowed to 1 manually. However, even after >> doing that, the original fcgi problem happens when starting apache2.2 with >> mod_fcgid in the configuration and being loaded >> [Tue Aug 07 13:09:12 2012] [emerg] (78)Function not implemented: mod_fcgid: >> Can't create shared memory for size 1192488 bytes >> Thanks! >> Chad > Since you manually installed apache22 and mod_fcgid from up-stream sources > maybe you missed something. As a test create another jail and install the > package versions of apache22 and mod_fcgid and see if that will start ok. If > it does them you know you missed something in your hand job version. > Hi Thanks for the suggestion. I don't think, however, that anything is missing with my from-source compilations. I have been running self-compiled apaches for 15 years and have also done mod_fcgid in the past as well without issue (but not inside a jail). I don't think it is a matter of sw missing, but of system parameters or similar.' Thanks Chad
Re: Apache FCGI in a a jail under FBSD 9 won't start due to shared memory creation error
On Aug 7, 2012, at 10:31 AM, Mark Felder wrote: > jail_sysvipc_allow="YES" in rc.conf should do it. Hmm I added that and rebooted the jail host system. However, the setting in sysctl security.jail.sysvipc_allowed is still 0 after the reboot # sysctl -a | grep sysvipc security.jail.param.allow.sysvipc: 0 security.jail.sysvipc_allowed: 0 # I can set security.jail.sysvipc_allowed to 1 manually. However, even after doing that, the original fcgi problem happens when starting apache2.2 with mod_fcgid in the configuration and being loaded [Tue Aug 07 13:09:12 2012] [emerg] (78)Function not implemented: mod_fcgid: Can't create shared memory for size 1192488 bytes Thanks! Chad
Apache FCGI in a a jail under FBSD 9 won't start due to shared memory creation error
Hi. I'll try this again. I run systems using FreeBSD 9.0 FreeBSD utah.XXXcom 9.0-STABLE FreeBSD 9.0-STABLE #1: Wed Mar 21 15:22:14 MDT 2012 chad@underhill:/usr/obj/usr/src/sys/UNDERHILL-XEN amd64 and on those systems run a bunch of jails. I have Apache 2.2 built and running in the jail in question, and recently had need to add mod_fcgid to it. NOTE that the Apache and mod_fcgid were not installed through ports or packages. I download the source and build myself (for various reasons). Apache inside the Jail, with mod_fcgid enabled will not start: [Mon Jul 23 10:59:35 2012] [emerg] (78)Function not implemented: mod_fcgid: Can't create shared memory for size 1192488 bytes I did a search on this and found that I would probably need a system kernel parameter changed from 0 -> 1 security.jail.sysvipc_allowed So I did that. (And restarted the jail). However, I still get the same error when trying to start apache. I noticed a similar parameter security.jail.param.allow.sysvipc but cannot change this at run time and did not find anything useful about what this parameter is for using a search engine. (As an aside, how would I change security.jail.sysvipc_allowed and also security.jail.param.allow.sysvipc at boot time? I added them both to /boot/loader.conf but they did not get changed at boot and I had to do the security.jail.sysvipc_allowed one again on the command line -- I have some vfs type kernel state variables set there and they stick) I would appreciate some help with getting things set up so that I can run apache with mod_fcgid under my Jails on FBSD 9. Thanks! Chad
Apache FCGI in a a jail under FBSD 9 won't start due to shared memory creation error
Hi I run systems using FreeBSD 9.0 FreeBSD utah.XXXcom 9.0-STABLE FreeBSD 9.0-STABLE #1: Wed Mar 21 15:22:14 MDT 2012 chad@underhill:/usr/obj/usr/src/sys/UNDERHILL-XEN amd64 and on those systems run a bunch of jails. I have Apache 2.2 built and running in the jail in question, and recently had need to add mod_fcgid to it. NOTE that the Apache and mod_fcgid were not installed through ports or packages. I download the source and build myself (for various reasons). Apache inside the Jail, with mod_fcgid enabled will not start: [Mon Jul 23 10:59:35 2012] [emerg] (78)Function not implemented: mod_fcgid: Can't create shared memory for size 1192488 bytes I did a search on this and found that I would probably need a system kernel parameter changed from 0 -> 1 security.jail.sysvipc_allowed So I did that. (And restarted the jail). However, I still get the same error when trying to start apache. I noticed a similar parameter security.jail.param.allow.sysvipc but cannot change this at run time and did not find anything useful about what this parameter is for using a search engine. (As an aside, how would I change security.jail.sysvipc_allowed and also security.jail.param.allow.sysvipc at boot time? I added them both to /boot/loader.conf but they did not get changed at boot and I had to do the security.jail.sysvipc_allowed one again on the command line -- I have some vfs type kernel state variables set there and they stick) I would appreciate some help with getting things set up so that I can run apache with mod_fcgid under my Jails on FBSD 9. Thanks! Chad ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: question on SYN_SENT
On May 11, 2012, at 6:06 PM, Robert Bonomi wrote: > > 'Should not' does not mean 'is not'. and unfortunately, it -is- attempting > to "go out". > > There are at least a couple of possible explanations, none of them "good". > 1) the jail is attempting a DoS (or participating in DDoS) against an > Israeli _government_ network/machine. > 2) the jail is 'owned' by a botnet, and is trying to 'phone home' for > instructions. Sorry for the delay in response. Did not mean to ignore this. Was busy figuring out and correcting this (and then the other normal day to day stuff that comes up). Yes, it looks like a customer's JBOSS installation had been hacked. It was running in its own jail with RO mounting of /usr (except /usr/local) and /bin /sbin and other system directories. It was basically scanning for more open JBOSS stuff. The attack had just barely happened (the server had just been installed). I disabled the JBOSS and cleaned everything up and scanned the jail for problem files etc. Customer fixed the JBOSS vulnerability (well known one) and decided to leave it off for now. Thanks for all the help on this Chad -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: question on SYN_SENT
On May 11, 2012, at 4:08 PM, Chuck Swiger wrote: > On May 11, 2012, at 2:09 PM, Chad Leigh Shire.Net LLC wrote: >> it is my understanding that SYN_SENT is when MY SIDE sends out a request and >> is awaiting a reply? > > That's right. > >> One of the jails we run for a customer had hundreds (if not thousands) of >> attempts to connect from the 147. address you see below. It was exhausting >> resources so that new tcp connections could not be made until some closed. > > You have/had your jail opening connections to the webserver at IP > 147.237.76.155, not that IP trying to connect to you. > >> I added that address to a "pf" block statement to stop it but now we get a >> rolling connections in a "netstat -a" as show below (host. being a generic >> name used in place of actual host on our side). I am wondering if this >> shows something on our side trying to connect out? That is what it appears >> to me to be, which does not make sense. >> >> >> tcp4 0 0 host.52562 147.237.76.155.httpSYN_SENT >> tcp4 0 0 host.52561 147.237.76.155.httpSYN_SENT > > Yes, your side is trying to connect out. > Unless you know better, it seems reasonable to gather that it's doing a DoS > attack against: Hi Chuck! Thanks. I am investigating as this side should not be going out at all, but the SYN_SENT made me think it was. Thanks Chad > > % whois 147.237.76.155 > [ ... ] > inetnum: 147.237.0.0 - 147.237.255.255 > netname: IL-GOVT-NET > descr:Israeli Government Network > country: IL > admin-c: AT979-RIPE > tech-c: TT441-RIPE > status: ASSIGNED PI > mnt-by: GOV-IL-DNS > mnt-lower:GOV-IL-DNS > mnt-routes: AS8867-MNT { ANY } > mnt-routes: AS9116-MNT { 147.237.232.0/24^24-24 } > source: RIPE # Filtered > > person: Admin Tehila > address:Israel Ministry Of Finance > address:1 Netanel Lorech st > address:Jerusalem Israel > phone: +972 2 6664666 > fax-no: +972 2 6664650 > remarks:For ABUSE and security issues please contact > remarks:email: ab...@tehila.gov.il > remarks:or contact CERT.gov.il at rep...@cert.gov.il > nic-hdl:AT979-RIPE > source: RIPE # Filtered > > Regards, > -- > -Chuck > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
question on SYN_SENT
it is my understanding that SYN_SENT is when MY SIDE sends out a request and is awaiting a reply? One of the jails we run for a customer had hundreds (if not thousands) of attempts to connect from the 147. address you see below. It was exhausting resources so that new tcp connections could not be made until some closed. I added that address to a "pf" block statement to stop it but now we get a rolling connections in a "netstat -a" as show below (host. being a generic name used in place of actual host on our side). I am wondering if this shows something on our side trying to connect out? That is what it appears to me to be, which does not make sense. tcp4 0 0 host.52562 147.237.76.155.httpSYN_SENT tcp4 0 0 host.52561 147.237.76.155.httpSYN_SENT tcp4 0 0 host.52560 147.237.76.155.httpSYN_SENT tcp4 0 0 host.52559 147.237.76.155.httpSYN_SENT tcp4 0 0 host.52558 147.237.76.155.httpSYN_SENT tcp4 0 0 host.52557 147.237.76.155.httpSYN_SENT tcp4 0 0 host.52556 147.237.76.155.httpSYN_SENT tcp4 0 0 host.52555 147.237.76.155.httpSYN_SENT tcp4 0 0 host.52554 147.237.76.155.httpSYN_SENT tcp4 0 0 host.52553 147.237.76.155.httpSYN_SENT tcp4 0 0 host.52552 147.237.76.155.httpSYN_SENT tcp4 0 0 host.52551 147.237.76.155.httpSYN_SENT tcp4 0 0 host.52550 147.237.76.155.httpSYN_SENT thanks Chad ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: recommendation(s) for new computer
On Apr 30, 2012, at 4:41 AM, Erich Dollansky wrote: > >>> - Enermax Platimax 600W > > I do not know about your location but at mine power supplies have the > tendency to have a short life due to lightning strikes in the area. Get a > cheaper model but buy two. I just ran into this problem but did not have a > second one for the affected machine. The new one fits only upside down into > the box with all the consequences. no. no. no. Get a quality power supply. And get a Brick Wall. www.brickwall.com Brick Wall surge suppressors are real surge suppressors, not the fake things you buy in the store for $25 with $0.10 worth of sacrificial MOVs that degenerate over time. And get a good UPS while you are at it as well. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Changes in Jails from FreeBSD 6 to FreeBSD 9 -- particularly, networking and routing
On Apr 13, 2012, at 4:58 PM, Mark Felder wrote: > On Fri, 13 Apr 2012 15:53:49 -0500, Chad Leigh Shire.Net LLC > wrote: > >> No NAT needed since they share the network stack under Jails v1 they share >> the routing tables. It works. Try it. > > You're clearly exploiting a bug in FreeBSD 6's jails. It was a documented behavior when I first started using jails ca. 2004 in FreeBSD 5. Which is why I did it that way. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Changes in Jails from FreeBSD 6 to FreeBSD 9 -- particularly, networking and routing
On Apr 13, 2012, at 1:50 PM, Mark Felder wrote: > Do I understand this right? > > > Working in FreeBSD 6.x: > > interface em0: 1.2.3.4/24 <-- public IP, host only > 192.168.1.1/24 <-- private IP, host only > 192.168.1.2/24 <-- Jail #1 > 192.168.1.3/24 <-- Jail #2 > > > With this configuration you had no problems accessing the internet from the > jails. correct. (not that it did not matter I don't think is the private IP, host only exists and ALL IP exist on the host in addition to whatever Jail they are assigned to) > > Is this correct? This seems bizarre; this should only be possible if you're > doing NAT somewhere in there and that is not possible with Jails v1 (which > share a network stack) and is only possible in Jails v2 (vnet). No NAT needed since they share the network stack under Jails v1 they share the routing tables. It works. Try it. The question is, is it possible to do something similar with FreeBSD 9 jails (v2 I guess) without the overhead of running NAT? The jail with the private IP *can* access the HOST's public services but not anyone else's Chad ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Changes in Jails from FreeBSD 6 to FreeBSD 9 -- particularly, networking and routing
Hi All OK, so I have a server that has been running FreeBSD 6.1 and a bunch of jails, providing a few limited services. I am migrating these from real hardware and FreeBSD 6.1 with jail running, to a Xen based VPS running FreeBSD 9.0-R with a kernel rebuild from a GENERIC kernel to GENERIC plus the Xen pci device. There is one network device on the new server and it shares all addresses and the default route goes out it. Because jails in FBSD 6 shared a network stack, I could have a public network x.x.x.0/24 and public address on the host machine, and a default route in that network as well, and use a 192.168.1.0/24 address aliased on the same network interface as the IP for my jail. When doing that, from inside the jail, I could still reach the internet since it shared the route with the underlying machine. That seems to have changed on FBSD 9. Now, if I add in the 192.168.1.0/24 address and run a jail on it, with the host machine in a public network/address/route as described above, from inside the jail I CANNOT reach the internet (it is not a resolver issue as services going to numeric addresses also fail). However, the jail with the private 192.168.1.0/24 address CAN reach the host machines services even if it cannot get out onto the internet. And the HOST machine can access services on the jail running on the private IP address. (The purpose of the jail is to provide services to other jails and hosts on the same public network [all VPS on the same public vlan] and NOT to provide services to the internet. Things like local ldap or a local dns etc. But the private jail still needs to reach the internet for things like name servers it needs to access that are outside of the public network the host lives in. So I don't care if the internet itself can reach the private jail, just the local jails and hosts it co-exists with. The answer shouldn't be natd etc (was not needed in 6.0 and I am not sharing one public address with a range of private jails behind it). If I launch the jail with an address from the same public range as the host, it works fine. The jail can access the internet fine and vice versa. The host can access the jail services as well. If I launch the jail with a private address, the jail cannot reach the internet. It can reach the host in the public network, but not other machines in the same public network (ie, the other VPS I have running which are all in the same public network). If I launch the jail with both a private address and a public address, it can reach the internet and other VPS on the same public network. I may have to end up doing that and just not having any services run on the public IP but I'd rather avoid using up an address like that. What changes happened in the jails between FBSD 6 and FBSD 9 that would give the symptoms I have been experiencing? Thanks Chad ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: HAL must die!
On Mar 16, 2011, at 12:29 AM, Matthew Seaman wrote: > > Microsoft may once have had 90% of the desktop market -- but is that > still true? Macs seem to be everywhere nowadays. It may have change a couple of percentage points. Apple marketshare has gone up a lot percentage wise but in the whole market just a little.___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Apple & FreeBSD relationship
On Mar 9, 2011, at 3:00 PM, Nerius Landys wrote: > This is not a technical question. > > Basically I have some cash sitting around. I'm thinking of investing > part of it with a company that I believe in. Apple came to mind. You > could say that I'd like to judge Apple's moral character before > investing money with them. Does anyone know how Apple reciprocates to > FreeBSD? After all a lot of MacOSX is borrowed from FreeBSD. I am > not seeing Apple's name on this page: > http://www.freebsdfoundation.org/donate/sponsors.shtml . Are there > other ways in which Apple might be reciprocating? There are some/a few/several people working at Apple that play or used to play a large role in FreeBSD. So they were basically paying these people's salaries for their day job which allowed them to be active in FreeBSD. Also, there is some code put-back I believe. Most of what Apple used from FreeBSD was the userland and the kernel interface so that the Darwin kernel could be used with FreeBSD userland utilities that affect the kernel etc.Mac OS X uses a totally different underlying kernel and architecture but made a FreeBSD like kernel interface in order to be able to use certain sets of FreeBSD stuff. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
IP traffic reporting -- simple aggregate bytes to each IP to a log
I have an older FreeBSD 6.x machine that I need to install some sort of IP traffic logging daemon on. (This machine is being updated soon to latest -STABLE). I had one once on another machine years ago but I forget the name. It basically just gave me a text file log with aggregate data to each IP address on the machine over time. Does anyone have any recommendations? I do not need web access to the data or fancy graphs or anything. I just need a simple way to see how much incoming traffic to each IP I get during a certain time period, written to a text log. I have been trying to build things like ntop and stuff but due to the age of this machine's installation that has not been possible due to ports being too new for it and problems installing latest tools (port errors in patches etc). Thanks Chad___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Nullfs Allows Jailbreaking
On Dec 22, 2010, at 7:56 PM, Jason C. Wells wrote: > Here is my file system scheme for a newly created jail as viewed from the > host: > > /usr/jail/template on /usr/jail/f1 (nullfs, local, read-only) > /usr/jail/f1-fs/etc on /usr/jail/f1/etc (nullfs, local) > /usr/jail/f1-fs/tmp on /usr/jail/f1/tmp (nullfs, local) > /usr/jail/f1-fs/var on /usr/jail/f1/var (nullfs, local) > /usr/jail/f1-fs/usr-local on /usr/jail/f1/usr/local (nullfs, local) > > As viewed from the jail: > > /usr/jail/template on / (nullfs, local, read-only) > > I like the idea of using a template for multiple jails that I plan to use > later. I like the ide of mounting the template read only. I had to splice > in the other nullfs filesystems so that things that need to be read-write can > be. > > But it seems kinda funky. Inside the jail it looks like EVERYTHING is > read-only and you have no way of knowing that /tmp is actually read-write. > There seems to be a violation of the segregation going on here. > > What pitfalls can you see in a file system scheme like this for my jails? Is > the above behavior by design or did I find a flaw? I have been doing this for years with great success. I don't understand your question. How does it look like everything is read only from inside the jail? The fact that a "df" only shows the root filesystem and not all your others file systems? (assuming that is still the truth -- my jails do this on older FBSD systems) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: FreeBSD and ECC memory?
If you can afford it, always buy the ECC. Saves your bacon more often than not in the long run. My Mac Pro personal desktop has it. It developed an issue in one of the sticks. The system detected that many errors were getting corrected, and disabled the whole stick. Sure I lost 2GB but the system did not go down. I can shut it down and replace the memory at my leisure. A Solaris 10 server I run has a memory stick creating many errors. System is still up and I can replace the stick when I can without a hard crash. ECC cannot necessarily protect you from every memory issue but it can protect you from many sorts of memory issues and can keep you from having hard crashes and allow you to fix problems on your schedule instead of in a panic. First time you have a hard crash due to memory issues you will wish you had ECC. (And a motherboard that supports ChipKill) Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: What price at the license of FreeBSD 7?
On Jul 20, 2008, at 1:24 AM, Gaye Abdoulaye Walsimou wrote: Mike Jeays a écrit : On July 19, 2008 04:21:03 pm Gonzalo Nemmi wrote: On Saturday 19 July 2008 15:40:53 Kris Kennaway wrote: ... or the equivalent in your local currency. Yes really :) Kris ROFL to death ! Sorry .. couldn't help it ... You made me spit my pepsi all over my desktop ! Thanks!! How many Zimbabwe dollars, I wonder? This seems to give the finest measurement for approximations to zero... Your comments are useless and stigmatizes people who suffers (Zimbabwe). Stigmatizes people in Zimbabwe? Huh? If anything it draws sympathy for them --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Apache 2 in 6.0 jails: Connection refused: connect to listener on0.0.0.0:80
Yes that is what I did. Change the jail Listen directive to have the actual IP address of the jail Chad On Jul 13, 2008, at 11:13 PM, Rudy wrote: Philippe, Ha, I had the same problem in 7.0 jails. :) So, here is a response to your email from 2 years ago: I made this change in httpd.conf and the problem seems gone: -Listen 80 +Listen 208.69.40.119:80 Rudy Your message from 2 years ago: > Hi, > > Every now and then, Apache 2.2.2 starts filling my > httpd-error.log with thousands of lines like: > > [Sat Jul 08 20:57:32 2006] [warn] (61)Connection refused: > connect to listener on 0.0.0.0:80 --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: segmentation fault in sqlite3 on 6.2R amd64
On Oct 2, 2007, at 7:07 AM, Maxim Khitrov wrote: On 10/2/07, Chad Leigh -- Shire. Net LLC <[EMAIL PROTECTED]> wrote: Hi In installing trac I ran across a segmentation fault in the initenv command. This seems to be the same problem as shown here: http://www.nabble.com/ports-116383%3A-sqlite3-%28from-databases- sqlite3%29-segfault-tf4449251.html#a12694631 Running it in gdb shows Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x50c000 (LWP 100331)] 0x000802f76869 in sqlite3Fts2InitHashTable () from /usr/public/ lib/libsqlite3.so.8 (gdb) backtrace #0 0x000802f76869 in sqlite3Fts2InitHashTable () from /usr/ public/lib/libsqlite3.so.8 Do you have the FTS extension installed? If so, remove it and try again. - Max Ok, that "fixed" the problem but now there is no FTS functionality. That may be ok with the current use, I am checking, but I would like to get to the bottom of this.I am rebuilding sqlite3 with debug to look in gdb. I am not a gdb whiz or anything :-) (doing most of my not often programming on OS X and Cocoa and their debugger frontend to gdb) but will try and see what I can. Thanks! Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
segmentation fault in sqlite3 on 6.2R amd64
Hi In installing trac I ran across a segmentation fault in the initenv command. This seems to be the same problem as shown here: http://www.nabble.com/ports-116383%3A-sqlite3-%28from-databases- sqlite3%29-segfault-tf4449251.html#a12694631 Running it in gdb shows Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x50c000 (LWP 100331)] 0x000802f76869 in sqlite3Fts2InitHashTable () from /usr/public/ lib/libsqlite3.so.8 (gdb) backtrace #0 0x000802f76869 in sqlite3Fts2InitHashTable () from /usr/ public/lib/libsqlite3.so.8 #1 0x000802f74f8f in sqlite3Fts2Init () from /usr/public/lib/ libsqlite3.so.8 #2 0x000802f41be5 in openDatabase () from /usr/public/lib/ libsqlite3.so.8 #3 0x000802e0bd91 in pysqlite_connection_init () from /usr/ public/lib/python2.5/site-packages/pysqlite2/_sqlite.so #4 0x0008006ab6fb in PyType_IsSubtype () from /usr/public/lib/ libpython2.5.so.1 #5 0x00080066ec83 in PyObject_Call () from /usr/public/lib/ libpython2.5.so.1 #6 0x000802e09f95 in module_connect () from /usr/public/lib/ python2.5/site-packages/pysqlite2/_sqlite.so #7 0x00080066ec83 in PyObject_Call () from /usr/public/lib/ libpython2.5.so.1 #8 0x0008006dc6da in PyEval_EvalFrameEx () from /usr/public/lib/ libpython2.5.so.1 #9 0x0008006dec34 in PyEval_EvalCodeEx () from /usr/public/lib/ libpython2.5.so.1 #10 0x0008006888be in PyFunction_SetClosure () from /usr/public/ lib/libpython2.5.so.1 #11 0x00080066ec83 in PyObject_Call () from /usr/public/lib/ libpython2.5.so.1 #12 0x0008006dc272 in PyEval_EvalFrameEx () from /usr/public/lib/ libpython2.5.so.1 #13 0x0008006de336 in PyEval_EvalFrameEx () from /usr/public/lib/ libpython2.5.so.1 #14 0x0008006dec34 in PyEval_EvalCodeEx () from /usr/public/lib/ libpython2.5.so.1 #15 0x0008006dd9fb in PyEval_EvalFrameEx () from /usr/public/lib/ libpython2.5.so.1 #16 0x0008006dec34 in PyEval_EvalCodeEx () from /usr/public/lib/ libpython2.5.so.1 I do the simple test command as shown in the nabble.com link above and get basically the same thing # gdb sqlite3 GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-marcel-freebsd"...(no debugging symbols found)... (gdb) r comments.db "CREATE TABLE comments (page, name, email, url, body);" Starting program: /usr/public/bin/sqlite3 comments.db "CREATE TABLE comments (page, name, email, url, body);" (no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)... Program received signal SIGSEGV, Segmentation fault. 0x000800698869 in sqlite3Fts2InitHashTable () from /usr/public/ lib/libsqlite3.so.8 (gdb) backtrace #0 0x000800698869 in sqlite3Fts2InitHashTable () from /usr/ public/lib/libsqlite3.so.8 #1 0x000800696f8f in sqlite3Fts2Init () from /usr/public/lib/ libsqlite3.so.8 #2 0x000800663be5 in openDatabase () from /usr/public/lib/ libsqlite3.so.8 #3 0x00403133 in open_db () #4 0x004053b8 in main () (gdb) Anyone else see this same thing or know about this problem? A Google search does not show this mentioned except at the above link. Thanks Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: RAID Controller Recommendations: ARC-1210 or 9650SE-4LPML
On Sep 6, 2007, at 5:59 AM, Johan Hendriks wrote: Do not go for the adaptec 1210! That was not one of the choices given. The ARC-1210 is a different device from a different manufacturer -- Areca. Chad I have the same model, and it always give errors on /dev/ad6 First I thought it was the drive itself but after swapping that one with another one still /dev/ad6 errors. Also swapping ad4 to ad6 /dev/ad6 errors out and freezes the system. Long story short it is an unstable product under FreeBSD Current and 6.x I use a 3ware card now and no problems what so ever. Regards, Johan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions- [EMAIL PROTECTED]" --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
buggy ACPI on board versus HW failure Re: no SMP without ACPI? (amd64)
On Sep 7, 2007, at 3:14 AM, Kris Kennaway wrote: Chad Leigh -- Shire.Net LLC wrote: On Sep 5, 2007, at 3:07 AM, Ted Mittelstaedt wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kris Kennaway Sent: Wednesday, September 05, 2007 1:57 AM To: Chad Leigh -- Shire.Net LLC Cc: User Questions Subject: Re: no SMP without ACPI? (amd64) Note that this may well be hardware related: without acpi you are only using one CPU, etc, so if one of the others is bad it will only fail when you have ACPI enabled -- even if ACPI itself is not to blame. Easily testable by running that Other Operating system on the thing which I would have expected Chad to have done. Sorry to be MIA for the last day. No, I did not test it with that OS which shall not be named. However, I did attempt to install Sol10 on it. Sol10 also relies on ACPI btw. Anyway, the same error happened a good way through the installation -- it rebooted itself during the high IO of installing the system onto the system array. Sol10 uses a 32bit kernel for the installation and I think, but am not sure, that it only activates 1 CPU core. Then something is wrong with your hardware. Sorry. Please explain how my conclusion, that ACPI is messed up on this board (BIOS is buggy) is not a as reasonable an assumption as your conclusion? If the BIOS is buggy, Sol10 could just as easily trigger the same state as FBSD based on bad ACPI info. That is NO indication that the HW is bad. (As an aside, I forgot to mention, that I tried another example of the same disk controller, to rule out HW problems with the disk controller, and the problem persisted) The facts so far point more to ACPI being buggy on this board than to HW failure in my estimation. Chad ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: no SMP without ACPI? (amd64)
On Sep 5, 2007, at 3:07 AM, Ted Mittelstaedt wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kris Kennaway Sent: Wednesday, September 05, 2007 1:57 AM To: Chad Leigh -- Shire.Net LLC Cc: User Questions Subject: Re: no SMP without ACPI? (amd64) Note that this may well be hardware related: without acpi you are only using one CPU, etc, so if one of the others is bad it will only fail when you have ACPI enabled -- even if ACPI itself is not to blame. Easily testable by running that Other Operating system on the thing which I would have expected Chad to have done. Sorry to be MIA for the last day. No, I did not test it with that OS which shall not be named. However, I did attempt to install Sol10 on it. Sol10 also relies on ACPI btw. Anyway, the same error happened a good way through the installation -- it rebooted itself during the high IO of installing the system onto the system array. Sol10 uses a 32bit kernel for the installation and I think, but am not sure, that it only activates 1 CPU core. I do not think, however, that it is a bad CPU. I can boot the system with ACPI and activate all 4 CPU cores and I can run CPU intensive things, so far, as long as they do not generate lots of IO, and processes run fine on all 4 CPUs and will run for hours. However, if I do something that generates IOs, like a build world on the FreeBSD source, about 75% of the time it does not make it all the way through with the build. It takes me about 45min on this system to do a "make buildworld" and it usually will happen 10-30 minutes into the build. 25% of the time it will make it through 1 build world, and once or twice has made it through 2, but always fails in the same way on a subsequent retry of the build. (Ie, I just keep doing builds over and over until it fails, which is 75% of the time in the first build, 24% of the time in the second, and 1% of the time in the third, roughly speaking). I also do not think it is the memory. For one, that would show up even with ACPI disabled, and 2, I ran multiple complete passes of the standalone memtest86 program without error. I do not think it is thermally related as the temperature never got very high and I had additional fans temporarily blowing or I also stuck it directly over my A/C floor register with the A/C on blowing cold air directly at the intake of the system. I monitored the Areca system while it was building and its temperatures never got anywhere near the limits Areca sets for their boards. (The Areca has its own ethernet port and I was directly attached to that from my powerbook during several tests when it failed). This machine is now in production with only the 1 CPU core. I cannot do extensive testing but I can get pieces of info or do a reboot with ACPI if there are data items for me to grab if people want to take a look at what it is doing etc. Thanks! Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
no SMP without ACPI? (amd64)
Hi I have a 6.2R system (amd64) with the latest patch level. The motherboard is a Tyan S5197 i3110 based board with a Core 2 Quad 2.4 ghz processor. There is 4GB of memory and an Areca ARC-1231ML raid card. The problem is that I have to boot without ACPI or the system will randomly reboot itself when doing something. It will sit idle for ages but if I do a system build (make buildworld for example), it usually will not make it through without rebooting. If I boot without ACPI support (#2 in the boot loader), then the system is fine, I can do a billion builds without incident, except that I only get 1 CPU. (Yes, the kernel has SMP option built in). I would really like to run with all 4 cores but cannot run with ACPI at the moment due to instability. Any suggestions? Any way to get "old-style" SMP detection working (ie, without ACPI)? Thanks Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Tyan S5197 and ACPI don't mix on 6.2 Re: 6.2-RELEASE amd64 system rebooting under heavy load with Areca ARC-1231ML
On Aug 21, 2007, at 2:53 AM, Chad Leigh -- Shire.Net LLC wrote: Hi I have a new system I am building. Tyan S5197 MB with Intel Core 2 Quad 2.4ghz, 4GB RAM Areca ARC-1231ML raid card. 5 320gb disks in a RAID6 with 1 320gb disk hot spare plus two 750gb in a raid1 mirror. Using the ARECA firmware, each raidset is subdivided into separate volumes that each appear to the OS as separate daN type disks. I read through Google about various problems that the Areca driver had as well as on the Areca website FAQ (on FreeBSD) I installed 6.2-RELEASE on this system. Under heavy IO load the system reboots itself. This happened both in trying to install the OS, and if I got that far, in trying to build cvsup tool or in building a new kernel. The machine could sit there idle for hours but you startup a large build and usually withing a few minutes or 10 minutes it would reboot itself. I tried installing the 6.2- STABLE snapshot (latest on in the downloads which is from June) but the whole system would lock up after a few minutes and I would get corruption on the console screen so I decided that was not a great plan. I also tried the 7-CURRENT as a test but that would not stay out of the kernel debugger. So I went back to 6.2-STABLE. I installed it and then copied the areca kernel driver source arcmsr.c/.h from the 6.2-STABLE snapshot from June (latest snapshot I could find) and used it to rebuild the kernel. I was then able to build cvsup and do a cvsup to the latest -RELEASE code and was a significant way through a buildworld when it happened again and rebooted itself. So it appears the problem is not yet solved. Is anyone out there running a form of 6.2 on an x64 type platform using an Areca controller? What is the latest 6.x compatible driver source for the Areca? I tried to copy the 7-CURRENT areca source back but it relies on the new CAM system and even if I added that option to my 6.2 there were a bunch of compilation errors that made it look like the 7.0-CURRENT IO or SCSI or whatever lower level it uses system has changed. Any help in figuring out how to get this up and running without these reboots under load would be greatly appreciated. After replacing the power supply with a beefier one, running memtest86 for a day, trying to install Solaris 10 with the same reboot issue, etc, I tried running with boot without ACPI and that seems to have cured the issue. So there seems to be an issue with the Tyan S5197 board and ACPI on 6.2-RELEASE (and on Solaris 10u3) Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
6.2-RELEASE amd64 system rebooting under heavy load with Areca ARC-1231ML
Hi I have a new system I am building. Tyan S5197 MB with Intel Core 2 Quad 2.4ghz, 4GB RAM Areca ARC-1231ML raid card. 5 320gb disks in a RAID6 with 1 320gb disk hot spare plus two 750gb in a raid1 mirror. Using the ARECA firmware, each raidset is subdivided into separate volumes that each appear to the OS as separate daN type disks. I read through Google about various problems that the Areca driver had as well as on the Areca website FAQ (on FreeBSD) I installed 6.2-RELEASE on this system. Under heavy IO load the system reboots itself. This happened both in trying to install the OS, and if I got that far, in trying to build cvsup tool or in building a new kernel. The machine could sit there idle for hours but you startup a large build and usually withing a few minutes or 10 minutes it would reboot itself. I tried installing the 6.2-STABLE snapshot (latest on in the downloads which is from June) but the whole system would lock up after a few minutes and I would get corruption on the console screen so I decided that was not a great plan. I also tried the 7-CURRENT as a test but that would not stay out of the kernel debugger. So I went back to 6.2-STABLE. I installed it and then copied the areca kernel driver source arcmsr.c/.h from the 6.2-STABLE snapshot from June (latest snapshot I could find) and used it to rebuild the kernel. I was then able to build cvsup and do a cvsup to the latest -RELEASE code and was a significant way through a buildworld when it happened again and rebooted itself. So it appears the problem is not yet solved. Is anyone out there running a form of 6.2 on an x64 type platform using an Areca controller? What is the latest 6.x compatible driver source for the Areca? I tried to copy the 7-CURRENT areca source back but it relies on the new CAM system and even if I added that option to my 6.2 there were a bunch of compilation errors that made it look like the 7.0-CURRENT IO or SCSI or whatever lower level it uses system has changed. Any help in figuring out how to get this up and running without these reboots under load would be greatly appreciated. Thanks Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Filesystem that both FreeBSD and OS X can read/write
On Apr 1, 2007, at 11:53 AM, mal content wrote: Hello. I have a small USB hard disk enclosure and would like to start using it to transfer files between OS X and FreeBSD machines. Have you tried FAT ? Chad Is there a filesystem that both OS X and FreeBSD can reliably read and write to? I've heard that OS X supports UFS, but there's no clear definition on what UFS actually is. I mean Free/Open/Net/ DragonFly all seem to have slightly differing definitions... Any ideas? MC (please cc: as I'm not subscribed) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions- [EMAIL PROTECTED]" --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: as i progress with jails...
On Apr 1, 2007, at 12:16 AM, James Long wrote: Date: Thu, 29 Mar 2007 19:14:16 -0600 From: "Chad Leigh -- Shire.Net LLC" <[EMAIL PROTECTED]> Subject: Re: as i progress with jails... To: Jonathan Horne <[EMAIL PROTECTED]> Cc: freebsd-questions@freebsd.org Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed [deleted] That needs to be updated per jail. I use a master jail I nullfs mount so I just ave to update userland once but if major etc changes happen still have to do that in each Chad And is mergemaster useful inside jails, or do changes to jails' /etc tree have to be handled manually? To be honest I have not yet tried. I tend to do it by hand when things break by not doing it :-) Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: as i progress with jails...
On Mar 29, 2007, at 7:10 PM, Jonathan Horne wrote: to test the behavior of both buildworld and updating ports with portupgrade, i started my project over, and rebuilt my jail host as FreeBSD 6.2-RELEASE. within this, i configured 2 jails, and installed various ports that i run on other production systems (actually, i installed from a ports tree that i cvsup'd with date 2007.01.01.01.01.01, so that i could legitimately test upgrading to todays copy). today, i cvsup'd the sources on the host to 6.2- RELEASE-p3, and built world. i installed world, and rebooted, but did not update either of the jails, just to see what would happen with the host running p3, and the jails running RELEASE. to my surprise, both jails were running p3 when the host came back up. so what am i missing about jail theory here? how did that kernel get into my jails if i did not install it? Jails all run on the base kernel what about the rest of userland? That needs to be updated per jail. I use a master jail I nullfs mount so I just ave to update userland once but if major etc changes happen still have to do that in each Chad at what version should i expect that to be at, at this point? thanks, jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions- [EMAIL PROTECTED]" --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: started getting repeated "bge0: PHY read timed out" messages
On Mar 15, 2007, at 12:48 AM, Michael K. Smith - Adhost wrote: Have you considered hard-setting the speed/duplex to 1000/Full instead of 100/Full? There may be some issues in the autonegotiation happening between switch and server. We used to see some of this early on in inter-vendor GigE connections; perhaps the switch vendor and the FreeBSD devels are reading the standards differently. I thought of that. However, I thought that if that were the case, the problem would happen at boot and not start at some random time after boot and work for a while first. Is that not a valid thought? Chad Mike --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: started getting repeated "bge0: PHY read timed out" messages
On Mar 6, 2007, at 9:55 PM, Chad Leigh -- Shire.Net LLC wrote: On Mar 6, 2007, at 5:08 PM, Michael K. Smith - Adhost wrote: Have you looked at the output of 'netstat -i' to see if there are interface errors? Also, have you looked at the switch-side interface for errors, buffer problems, etc. (if that's possible)? Finally, have you swapped ports/cables on the switch? Regards, Mike Hi Mike Right now it seems to be behaving. netstat -i shows no issues and I have not had the problem recur again once I forced it from auto negotiation which ended up at 1000tx full duplex to now be 100tx at full duplex. I don't know if it is related to the problem or not or is a coincidence that once I did that the problem has not arisen. It happened about 3 times today before forcing the connection to be 100tx. OK, this problem has not resurfaced since I hardwired the settings on the port to 100tx and full duplex. I have another system with the same board that got the same problem last Fall when I upgraded from 5.4 to 6.0 or 6.1. The problem this time was on 6.2. I have another one of these boards running on a system with 5.4 without issue at gigabit speed. It appears that something happened in the bge driver from 5.x to 6.x at gigabit speeds, at least with some of the supported chipsets. Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
On Mar 13, 2007, at 9:30 PM, Christopher Sean Hilton wrote: Chad Leigh -- Shire.Net LLC wrote: On Mar 13, 2007, at 6:00 PM, Christopher Sean Hilton wrote: On Mon, 2007-03-12 at 12:00 -0400, Marcelo Maraboli wrote: I agree. callbacks are not enough, you can reach a false conclusion, that´s why I use SPF along with callbacks... on the same message, my MX concludes: "you are sending email "from [EMAIL PROTECTED]", but shire.net says YOUR IP address is not allowed to send email on behalf of that domain, therefore YOU ARE FAKE/FORGED" ..---> reject regards, I'm not sure what you mean by callbacks but if that involves talking to mx.example.com and trying to figure out if [EMAIL PROTECTED] is a valid address go ahead. I would consider a mailserver that answers that question a security risk as it is freely giving away information about your domain without notifying you. For a long time my mx servers would answer any such question in the affirmative regardless of whether or not the mail account existed. Address verification callbacks take various forms, but the way exim does it by default is to attempt to start a DSN delivery to the address and if the RCPT TO is accepted it is affirmative. It is not usually use VRFY. Most address verification is done by attempting to start some sort of delivery to the address. I'm assuming that DSN is Delivery Service Notification yes or return receipt. mp If it is or if it somehow relies on the ability to deliver a message via smtp to [EMAIL PROTECTED] then I don't see how it prevents spam. If the mail says it is from [EMAIL PROTECTED] but I cannot send a DSN to [EMAIL PROTECTED] then the account is most likely bogus sender and is refused. It works wonders for spam. DSN has a specific definition -- look in the RFCs as I don't remember which RFC it is offhand. But you are supposed to always accept a DSN from <> as part of the RFCs Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
On Mar 13, 2007, at 6:00 PM, Christopher Sean Hilton wrote: On Mon, 2007-03-12 at 12:00 -0400, Marcelo Maraboli wrote: I agree. callbacks are not enough, you can reach a false conclusion, that´s why I use SPF along with callbacks... on the same message, my MX concludes: "you are sending email "from [EMAIL PROTECTED]", but shire.net says YOUR IP address is not allowed to send email on behalf of that domain, therefore YOU ARE FAKE/FORGED" ..---> reject regards, I'm not sure what you mean by callbacks but if that involves talking to mx.example.com and trying to figure out if [EMAIL PROTECTED] is a valid address go ahead. I would consider a mailserver that answers that question a security risk as it is freely giving away information about your domain without notifying you. For a long time my mx servers would answer any such question in the affirmative regardless of whether or not the mail account existed. Address verification callbacks take various forms, but the way exim does it by default is to attempt to start a DSN delivery to the address and if the RCPT TO is accepted it is affirmative. It is not usually use VRFY. Most address verification is done by attempting to start some sort of delivery to the address. As the above poster says SPF is the way to go. SPF gives the receiving MTA a mechanism to vet inbound mail. For any combination of server> and there are three possible results from an SPF check: The server is allowed to send mail for the domain; The server is not allowed to send mail for the domain; And I cannot tell because the owner of the domain hasn't published an SPF record. The only problem with SPF is that it's not more widely implemented so the third response is sadly more common than the first two. I believe it also breaks when you have forwards. Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
On Mar 11, 2007, at 5:11 PM, Jeffrey Goldberg wrote: In this case the counter counter measures available to spammers is so much easier and cheaper than the verification system itself, that it's not really a good idea to try such verification. that is always true, at least with existing technology. The counter measures always cost more than the sending of the spam Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
On Mar 11, 2007, at 2:55 PM, John L wrote: I phrased it wrong. You are not responsible for the content, but you are responsible for the mail domain and that includes verifying that mail is validly from your domain you are responsible for. Oh, OK. So if someone sends pump and dump with a [EMAIL PROTECTED] return address, and I do a callback and your MTA says "yup! that's a 100% valid address!" then I turn you in to the SEC, rignt? You do know what the SEC is, right? You have now confirmed that the mail is from you, after all. No, it only confirms that the sender address is an actual address. Or if you haven't, what purpose did the callback serve? It served to identify that it is possible a valid email. A failure is almost definitely a non valid email. It is a test which helps determine whether to accept it. We have a policy of not accepting mail from people who cannot accept DSNs back. That does not mean we give a blanket pass to those who pass address verification. There is some reasonable validation technology coming along, most notably DKIM which which I presume you are familiar. But callbacks are not it. Callbacks are one tool in the toolbox. Maybe someday there will be better tools and we can retire address verification. Callbacks, at this point in time, work very well for differentiating a large amount of non valid mail from a smaller pool of possibly valid mail. DKIM is interesting and I am watching it.I am in the process of adding some support for it btw, both for our authorized senders, as well as in our receive phase. For example, we are considering not doing address verification on incoming mail that has a valid DKIM signature. and you are breaking the RFCs. (valid verification includes checking that the sender can accept a proper DSN back, which is required of the sender to do). Uh huh. Which RFC is this that says I have to permit a fake partial DSN transaction? If you have a DSN, send it. If you don't, don't. The RFCs require you to accept back DSNs. Testing that you do is a valid test to see if I am talking with a valid sender -- one who implements the RFCs and is not a rogue internet user who does not cooperate in the exchange of emails according to the agreed standards. Show me some real verifiable numbers that show that verification traffic to your box is a significant portion of the otherwise bad traffic of mail bombs, bounces, etc. On my system, and we support a lot of mail domains, some of which (now or in recent past) we "big name" domains that had a lot of exposure. Address verification traffic has always been small compared to our overall load. You are complaining about a non issue. I can say that address verification helps us reject the lion's share of spam we receive without having to process it further. Chad Don't forget that the From: line address need not be the same as the bounce address; in my mail it never is. R's, John --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
On Mar 11, 2007, at 2:08 PM, John Levine wrote: I have some fairly heavily forged domains, and on a bad day I see upwards of 300,000 connections from bounces, "validation", and the like attacking the little BSD box under my desk where the MTA is. Gee, thanks a lot. Verification has nothing to do with bounces and mail bombs. You may get some traffic from verification but you would need to separate that out from the rest which is unrelated before you have a meaningful statistic. I have, it's meaningful. Verizon is the worst offender, but at least they put their attack hosts in a separate easy to block IP range. Amazing, as I run mail for lots of domains, and replying to sender verification is almost a nonexistent load compared to the mail bombs and bounces etc. Show me your numbers. What planet have you been on? A few years back spam return addresses were typically complete fakes in nonexistent domains. Now they're picked out of the same victim lists as the targets. They have been doing that for ages. I run a hosting service and have had that problem way before sender verification became in vogue. Definitely different planets. Bye. When you come back to earth, let us know :-) R's, John PS: YOU are responsible for the mail sent with your domain on it. Oh, OK. So when someone sends out mail with your forged return address saying "buy this worthless stock, then get your kiddy porn here", you will report directly to jail without complaining, right? I phrased it wrong. You are not responsible for the content, but you are responsible for the mail domain and that includes verifying that mail is validly from your domain you are responsible for. email is a cooperative service where all people promise to expend resources to make it work, and to follow the RFCs. If you block valid verification, you are abrogating your responsibility to the rest of the net to cooperate in the exchange of email and you are breaking the RFCs. (valid verification includes checking that the sender can accept a proper DSN back, which is required of the sender to do). Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
On Mar 11, 2007, at 1:46 PM, Kris Kennaway wrote: On Sun, Mar 11, 2007 at 01:43:22PM -0600, Chad Leigh -- Shire.Net LLC wrote: On Mar 11, 2007, at 1:36 PM, Kris Kennaway wrote: On Sun, Mar 11, 2007 at 12:41:48PM -0600, Chad Leigh -- Shire.Net LLC wrote: On Mar 11, 2007, at 6:31 AM, Justin Mason wrote: for what it's worth, I would suggest *not* adopting this as an anti-spam technique. Sender-address verification is _bad_ as an anti-spam technique, in my opinion. Basically, there's one obvious response for spammers looking to evade it -- use "real" sender addresses. Where's an easy place to find real addresses? On the list of target addresses they're spamming! This is a red-herring. They already do that. They have been doing that for a long time. And it has nothing to do with sender verification. Sender verification works and works well. I hate sender verification because it forces me (the sender) to jump through hoops just for the privilege of sending email to you. No, it forces you to set up a correct RFC abiding system I send a lot of "courtesy" emails to e.g. port maintainers who have problems with their ports, and when I encounter someone with such a system I usually don't bother following up (their port just gets marked broken in the usual way, and they can follow up on it on their own if they want to). If your system is following the RFCs then you should have no problems. YOU should fix your broken system. Sending emails without a valid from address is disconsiderate. Why should I accept a mail from an account that violates the RFCs about accepting DSN back? Perhaps we are talking about different things, I am talking about systems which send me an email back requiring me to do steps a, b or c in order to complete delivery of the email. No, we are talking about the MTA verifying that the sender address is a real address that can accept either mail back or at least a properly formatted DSN back. The things you talk about ARE a PITA and I usually ignore them unless the person is wanting to give me money... (Ie a customer who placed an order with another business I run for example). Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
On Mar 11, 2007, at 1:44 PM, John Levine wrote: Sender verification works and works well. I suppose that if you define "works" to include mailbombing innocent third parties, then that might be true. I have some fairly heavily forged domains, and on a bad day I see upwards of 300,000 connections from bounces, "validation", and the like attacking the little BSD box under my desk where the MTA is. Gee, thanks a lot. Verification has nothing to do with bounces and mail bombs. You may get some traffic from verification but you would need to separate that out from the rest which is unrelated before you have a meaningful statistic. Sorry, but you conclusion does not follow. Sender verification has been around for a while and this has not happened in my experience. Ie, there is no greater use of real FROM addresses than there was before. What planet have you been on? A few years back spam return addresses were typically complete fakes in nonexistent domains. Now they're picked out of the same victim lists as the targets. They have been doing that for ages. I run a hosting service and have had that problem way before sender verification became in vogue. I've had to locally blacklist a few places specifically because of all of their abusive verification. If that's what you want, well ... That is up to you. If you claim to handle mail services for a certain domain, that includes verifying that mail is from you or not. YOU are responsible for the mail sent with your domain on it. Oh, and the way my MTA is set up, a verification callback doesn't work. But that doesn't keep the clueless from trying. That is your business. But you are in violation of the RFCs Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
On Mar 11, 2007, at 1:36 PM, Kris Kennaway wrote: On Sun, Mar 11, 2007 at 12:41:48PM -0600, Chad Leigh -- Shire.Net LLC wrote: On Mar 11, 2007, at 6:31 AM, Justin Mason wrote: for what it's worth, I would suggest *not* adopting this as an anti-spam technique. Sender-address verification is _bad_ as an anti-spam technique, in my opinion. Basically, there's one obvious response for spammers looking to evade it -- use "real" sender addresses. Where's an easy place to find real addresses? On the list of target addresses they're spamming! This is a red-herring. They already do that. They have been doing that for a long time. And it has nothing to do with sender verification. Sender verification works and works well. I hate sender verification because it forces me (the sender) to jump through hoops just for the privilege of sending email to you. No, it forces you to set up a correct RFC abiding system I send a lot of "courtesy" emails to e.g. port maintainers who have problems with their ports, and when I encounter someone with such a system I usually don't bother following up (their port just gets marked broken in the usual way, and they can follow up on it on their own if they want to). If your system is following the RFCs then you should have no problems. YOU should fix your broken system. Sending emails without a valid from address is disconsiderate. Why should I accept a mail from an account that violates the RFCs about accepting DSN back? Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Tool for validating sender address as spam-fighting technique?
On Mar 11, 2007, at 6:31 AM, Justin Mason wrote: for what it's worth, I would suggest *not* adopting this as an anti-spam technique. Sender-address verification is _bad_ as an anti-spam technique, in my opinion. Basically, there's one obvious response for spammers looking to evade it -- use "real" sender addresses. Where's an easy place to find real addresses? On the list of target addresses they're spamming! This is a red-herring. They already do that. They have been doing that for a long time. And it has nothing to do with sender verification. Sender verification works and works well. Hence, the spam recipients now get twice as much mail from each spam run -- spam aimed at them, *and* bounce blowback from hundreds of spams aimed at others, forged to appear to be from them. It's the obvious response to SAV, which is one reason why we never implemented something like that in SpamAssassin. Sorry, but you conclusion does not follow. Sender verification has been around for a while and this has not happened in my experience. Ie, there is no greater use of real FROM addresses than there was before. Most MTAs have in-built routines to do this, with exim having a particularly good facility for this. Technically, with exim's, you are actually validating the sending server's adherence to the RFCs about accept DSN replies back. Chad --j. Kelly Jones writes: To fight spam, I want to validate the address (not necessarily in real-time) of the a given email sender. Is there a Unix tool that does this? The basics are simple: to validate "[EMAIL PROTECTED]", I connect to the MX record of wnonline.net and go as far as "RCPT TO" as follows: host -t mx wnonline.net wnonline.net mail is handled by 5 wnspf.bayou.com. telnet wnspf.bayou.com. 25 Trying 209.209.192.75... Connected to wnspf.bayou.com.. Escape character is '^]'. 220 Welcome to Bayou mxfilter HELO domaintester.com 250 mxfilter.bayou.com MAIL FROM: <[EMAIL PROTECTED]> 250 Ok RCPT TO: <[EMAIL PROTECTED]> 550 <[EMAIL PROTECTED]>: Recipient address rejected: 5.1.1 <[EMAIL PROTECTED]>... User unknown QUIT 221 Bye Connection closed by foreign host. This tells me [EMAIL PROTECTED] is an invalid address and that mail from that address is probably bogus. A more sophisticated tool would cache results, handle temporary failures (eg, inability to connect to the MX server), handle multiple MX records, perhaps even publish results [carefully, to avoid giving spammers a source of legit email addresses!], etc. Plus, I'd prefer to use a tested tool vs hacking something up myself. I realize this technique is far from perfect: Spammers spoof legit addresses Bounces/Mailing lists/etc legitimately use "do not reply" addresses It could be considered unfriendly to the target MX servers Some mail servers incorrectly say "user unknown" when they see spam, figuring it's more of a deterrent than saying "you're a spammer" Some mail servers inefficiently accept mail for "[EMAIL PROTECTED]" (where xxx.com is one of their domains), figure out if foo exists later, and send a bounce back to the envelope sender, instead of rejecting email at the SMTP level (a really good tool would create throwaway addresses to catch these cases too) ... but I still think it might help. -- We're just a Bunch Of Regular Guys, a collective group that's trying to understand and assimilate technology. We feel that resistance to new ideas and technology is unwise and ultimately futile. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions- [EMAIL PROTECTED]" --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: The Best OS
On Mar 10, 2007, at 9:33 PM, Susanth K wrote: Dear Friends, Am a beginner to *BSD OS. Am interested in setting up intel / AMD based Free and Open Source Server ( No GUI required ) Prime area is Webserver With PHP/MySQL Support and Ruby On Rails. + PostgreSQL Which os Will be the BEST ? A) Debian Linux B) OpenBSD C) FreeBSD For what you are doing, any of them would work. All are well supported and have active development. Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Mounting into a jail
On Mar 9, 2007, at 3:11 PM, Troy Schultz wrote: Hello, I am running FreeBSD 6.2. I am currently mounting a smb share and then remounting the smb mount into a jail with nullfs. /etc/fstab # smbfs mount //@/ /path/to/smb/mount smbfs rw 0 0 # local mount /path/to/smb/mount /path/to/jail/directory nullfs rw,late 0 0 The main reason I am using this jail is for a webserver and I need to have the web developer be able to write to this samba share I originally tried mounting in fstab the smb share like this //@/ /path/to/smb/mount smbfs rw,uid=www 0 0 however, this did not work so I ended up making the share point owned by the user and group www this took care of it but I was wondering if there was a better way to do this as far as passing through to a jail and maybe getting the uid to actually work from within the fstab file. Any suggestions would be welcomed. I don't do this with smb but do do it with nfs. I don't know about uid with smb but I just mount it on the base server inside the jails path. Add the UID with no login capability to the base machine password file and then you can probably set uid in the base server as well. Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ps showing [appname] for some things -- how to get whole thing?
On Mar 7, 2007, at 11:34 AM, Chuck Swiger wrote: On Mar 7, 2007, at 2:49 AM, Chad Leigh -- Shire.Net LLC wrote: On my 6.1 system I have a script that launches some java programs [jdk142] and when I do a "ps -auxwww" I get the whole java command line that was used in launching. On my 6.2 system with jdk15 teh scame scripts launch the same java programs but I just get [java] in the ps output. Nothing in the ps manpage jumped out at me. I would like to be able to get the whole commandline when I do the ps From the manpage: When printing using the command keyword, a process that has exited and has a parent that has not yet waited for the process (in other words, a zombie) is listed as ``'', and a process which is blocked while trying to exit is listed as ``''. If the command vector cannot be located (usually because it has not been set, as is the case of system processes and/or kernel threads) the command name is printed within square brackets. The ps utility makes an educated guess as to the file name and arguments given when the process was created by examining memory or the swap area. The method is inherently somewhat unreliable and in any event a process is entitled to destroy this information, so the names cannot be depended on too much. The ucomm (accounting) keyword can, how- ever, be depended on. In other words, the process is allowed to over-write the environment (aka, the command line args & exported env variables) and that will prevent ps from reliably returning that info. All you can be sure of it getting argv[0], which is used for accounting in the ucomm variable It turns out the difference between my two installations is that with the jdk142 procfs is also mounted and ps shows the complete command. On the server with jdk15 procfs is not mounted and does not. jdk15 also has an issue if procfs is mounted such that the java command does not work. But I am running inside a jail so I could mount procfs on the base server outside the jail and do ps there and test this. These tests show that the procfs makes the difference. Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
ps showing [appname] for some things -- how to get whole thing?
On my 6.1 system I have a script that launches some java programs [jdk142] and when I do a "ps -auxwww" I get the whole java command line that was used in launching. On my 6.2 system with jdk15 teh scame scripts launch the same java programs but I just get [java] in the ps output. Nothing in the ps manpage jumped out at me. I would like to be able to get the whole commandline when I do the ps Thanks Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: started getting repeated "bge0: PHY read timed out" messages
On Mar 6, 2007, at 5:08 PM, Michael K. Smith - Adhost wrote: Have you looked at the output of 'netstat -i' to see if there are interface errors? Also, have you looked at the switch-side interface for errors, buffer problems, etc. (if that's possible)? Finally, have you swapped ports/cables on the switch? Regards, Mike Hi Mike Right now it seems to be behaving. netstat -i shows no issues and I have not had the problem recur again once I forced it from auto negotiation which ended up at 1000tx full duplex to now be 100tx at full duplex. I don't know if it is related to the problem or not or is a coincidence that once I did that the problem has not arisen. It happened about 3 times today before forcing the connection to be 100tx. If it starts to happen again I will try and log in to the console and do the netstat -i then... In the morning I will break out my powerbook and get the switch port assignments off a chart I have there so I can log in to the switch and check the port for errors. I have not swapped ports/cables on the switch this time around but have had the exact same symptoms on a server with the same HW that was using different cables and a different switch... I may swap cables but the machine is downtown and I am not so unless I cannot make progress I want to avoid going downtown :-) I may swap the mainboard if it happens again to see if it is HW. I have one or two spare mainboards of the same sort. Thanks! Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: started getting repeated "bge0: PHY read timed out" messages
On Mar 6, 2007, at 9:20 AM, Chad Leigh -- Shire.Net LLC wrote: Hi After running fine for a while, my new server running 6.2-RELEASE with latest security patches as of last Thursday or Friday started giving the message bge0: PHY read timed out and I found the following in the system log ok, it started happening again after about 1.5 hours after the last reboot. bge0 started going down and up a few times over about an hour, and then the read timedout messages started up again. Previous to the very first time that this started, the server had run for about 4 days since it was newly installed. Mar 6 09:09:23 server su: chad to root on /dev/ttyp0 Mar 6 10:26:29 server kernel: bge0: link state changed to DOWN Mar 6 10:26:31 server kernel: bge0: link state changed to UP Mar 6 10:42:33 server kernel: bge0: link state changed to DOWN Mar 6 10:42:35 server kernel: bge0: link state changed to UP Mar 6 11:31:19 server kernel: bge0: PHY read timed out Mar 6 11:31:19 server last message repeated 3 times Mar 6 11:31:19 server kernel: bge0: link state changed to DOWN Mar 6 11:31:21 server kernel: bge0: PHY read timed out Mar 6 11:31:52 server last message repeated 116 times Mar 6 11:33:53 server last message repeated 488 times Mar 6 11:43:54 server last message repeated 2356 times Mar 6 11:53:56 server last message repeated 2372 times Mar 6 12:03:57 server last message repeated 2368 times Mar 6 12:09:53 server last message repeated 1399 times Mar 6 12:09:53 server kernel: bge0: watchdog timeout -- resetting Mar 6 12:09:53 server kernel: bge0: PHY read timed out Mar 6 12:09:53 server last message repeated 4 times Mar 6 12:09:53 server kernel: bge0: RX CPU self-diagnostics failed! Mar 6 12:09:53 server kernel: bge0: flow-through queue init failed Mar 6 12:09:53 server kernel: bge0: initialization failure Mar 6 12:09:54 server kernel: bge0: PHY read timed out Mar 6 12:10:25 server last message repeated 152 times Mar 6 12:12:27 server last message repeated 616 times Mar 6 12:22:29 server last message repeated 2540 times Mar 6 12:32:30 server last message repeated 2452 times Mar 6 12:42:31 server last message repeated 2524 times Mar 6 12:46:27 server last message repeated 1127 times Mar 6 12:46:27 server login: ROOT LOGIN (root) ON ttyv0 Mar 6 12:46:29 server kernel: bge0: PHY read timed out Mar 6 12:46:41 server last message repeated 107 times Mar 6 12:46:40 server reboot: rebooted by root here is an ifconfig bge0: flags=8843 mtu 1500 options=1b inet 166.70.252.128 netmask 0xff00 broadcast 166.70.252.255 inet 166.70.252.120 netmask 0x broadcast 166.70.252.120 inet 166.70.252.199 netmask 0x broadcast 166.70.252.199 ether 00:e0:81:61:e9:a0 media: Ethernet autoselect (1000baseTX ) status: active and uname # uname -a FreeBSD server.shire.net 6.2-RELEASE-p2 FreeBSD 6.2-RELEASE-p2 #1: Sat Mar 3 13:11:00 UTC 2007 [EMAIL PROTECTED]:/usr/obj/usr/ src/sys/server i386 # It is a TYAN S2850 single opteron system with 2.4ghz single core opteron. Its dmesg ID is seen below in the quoted section. I had another machine with this same MB that ran for a long time fine until I upgraded it to 6.0 or 6.1 last Fall and then I started to have the same problem (a post about it is in the archives). I assumed it was a HW issue and turned off the port in the BIOS and used the other port until I took the machine offline as the customer using it no longer needed it. Now this machine is having the same symptoms and I remember reading in the lists something about PHY and bge and some driver problems a while back but cannot fnd it now in the archives. Could this be a SW problem or is it a HW issue? Could it be related to the port it is connected to or the cable or something? The other machine that had this problem was on a different switch brand. Thanks Chad This appears to be a HW problem at first look. But when the server boots, it works fine for a while (hours, days??) Here is the id in the boot message Mar 6 09:01:21 server kernel: bge0: rev. 0x3003> mem 0xfeab-0xfeab irq 16 at device 14.0 on pci1 Mar 6 09:01:21 server kernel: miibus0: on bge0 Mar 6 09:01:21 server kernel: brgphy0: PHY> on miibus0 Mar 6 09:01:21 server kernel: brgphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseTX, 1000baseTX-FDX, auto Mar 6 09:01:21 server kernel: bge0: Ethernet address: 00:e0:81:61:e9:a0 Is this some sort of SW driver issue or is it a HW issue at first glance? I remember kind of reading about some BGE issues a while back. Thanks Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: started getting repeated "bge0: PHY read timed out" messages
On Mar 6, 2007, at 9:20 AM, Chad Leigh -- Shire.Net LLC wrote: Hi After running fine for a while, my new server running 6.2-RELEASE with latest security patches as of last Thursday or Friday started giving the message Probably should have said i386 version # uname -a FreeBSD server.shire.net 6.2-RELEASE-p2 FreeBSD 6.2-RELEASE-p2 #1: Sat Mar 3 13:11:00 UTC 2007 [EMAIL PROTECTED]:/usr/obj/usr/ src/sys/server i386 # Tyan S2850 single opteron 2gb ecc new install from ISO then cvsup'ed to latest Chad bge0: PHY read timed out and I found the following in the system log Mar 6 02:59:33 server kernel: bge0: link state changed to DOWN Mar 6 02:59:36 server kernel: bge0: link state changed to UP Mar 6 03:00:27 server kernel: bge0: link state changed to DOWN Mar 6 03:00:29 server kernel: bge0: link state changed to UP Mar 6 05:09:27 server kernel: bge0: PHY read timed out Mar 6 05:09:27 server last message repeated 3 times Mar 6 05:09:27 server kernel: bge0: link state changed to DOWN Mar 6 05:09:29 server kernel: bge0: PHY read timed out Mar 6 05:09:50 server last message repeated 79 times Mar 6 05:09:50 server kernel: bge0: watchdog timeout -- resetting Mar 6 05:09:50 server kernel: bge0: PHY read timed out Mar 6 05:09:50 server last message repeated 4 times Mar 6 05:09:50 server kernel: bge0: RX CPU self-diagnostics failed! Mar 6 05:09:50 server kernel: bge0: flow-through queue init failed Mar 6 05:09:50 server kernel: bge0: initialization failure Mar 6 05:09:52 server kernel: bge0: PHY read timed out Mar 6 05:10:23 server last message repeated 140 times Mar 6 05:12:24 server last message repeated 616 times Mar 6 05:22:26 server last message repeated 2580 times Mar 6 05:32:28 server last message repeated 2460 times Mar 6 05:42:30 server last message repeated 2540 times Mar 6 05:52:32 server last message repeated 2572 times Mar 6 06:02:33 server last message repeated 2652 times Mar 6 06:12:34 server last message repeated 2532 times Mar 6 06:22:35 server last message repeated 2516 times Mar 6 06:32:37 server last message repeated 2452 times Mar 6 06:42:38 server last message repeated 2520 times Mar 6 06:52:39 server last message repeated 2544 times Mar 6 07:02:39 server last message repeated 2919 times Mar 6 07:12:41 server last message repeated 2521 times Mar 6 07:22:43 server last message repeated 2524 times Mar 6 07:32:44 server last message repeated 2440 times Mar 6 07:42:45 server last message repeated 2524 times Mar 6 07:52:48 server last message repeated 2528 times Mar 6 08:02:50 server last message repeated 2656 times Mar 6 08:12:51 server last message repeated 2552 times Mar 6 08:22:53 server last message repeated 2528 times Mar 6 08:32:55 server last message repeated 2436 times Mar 6 08:42:57 server last message repeated 2536 times Mar 6 08:52:58 server last message repeated 2544 times Mar 6 08:58:55 server last message repeated 1631 times This appears to be a HW problem at first look. But when the server boots, it works fine for a while (hours, days??) Here is the id in the boot message Mar 6 09:01:21 server kernel: bge0: rev. 0x3003> mem 0xfeab-0xfeab irq 16 at device 14.0 on pci1 Mar 6 09:01:21 server kernel: miibus0: on bge0 Mar 6 09:01:21 server kernel: brgphy0: PHY> on miibus0 Mar 6 09:01:21 server kernel: brgphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseTX, 1000baseTX-FDX, auto Mar 6 09:01:21 server kernel: bge0: Ethernet address: 00:e0:81:61:e9:a0 Is this some sort of SW driver issue or is it a HW issue at first glance? I remember kind of reading about some BGE issues a while back. Thanks Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions- [EMAIL PROTECTED]" --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
started getting repeated "bge0: PHY read timed out" messages
Hi After running fine for a while, my new server running 6.2-RELEASE with latest security patches as of last Thursday or Friday started giving the message bge0: PHY read timed out and I found the following in the system log Mar 6 02:59:33 server kernel: bge0: link state changed to DOWN Mar 6 02:59:36 server kernel: bge0: link state changed to UP Mar 6 03:00:27 server kernel: bge0: link state changed to DOWN Mar 6 03:00:29 server kernel: bge0: link state changed to UP Mar 6 05:09:27 server kernel: bge0: PHY read timed out Mar 6 05:09:27 server last message repeated 3 times Mar 6 05:09:27 server kernel: bge0: link state changed to DOWN Mar 6 05:09:29 server kernel: bge0: PHY read timed out Mar 6 05:09:50 server last message repeated 79 times Mar 6 05:09:50 server kernel: bge0: watchdog timeout -- resetting Mar 6 05:09:50 server kernel: bge0: PHY read timed out Mar 6 05:09:50 server last message repeated 4 times Mar 6 05:09:50 server kernel: bge0: RX CPU self-diagnostics failed! Mar 6 05:09:50 server kernel: bge0: flow-through queue init failed Mar 6 05:09:50 server kernel: bge0: initialization failure Mar 6 05:09:52 server kernel: bge0: PHY read timed out Mar 6 05:10:23 server last message repeated 140 times Mar 6 05:12:24 server last message repeated 616 times Mar 6 05:22:26 server last message repeated 2580 times Mar 6 05:32:28 server last message repeated 2460 times Mar 6 05:42:30 server last message repeated 2540 times Mar 6 05:52:32 server last message repeated 2572 times Mar 6 06:02:33 server last message repeated 2652 times Mar 6 06:12:34 server last message repeated 2532 times Mar 6 06:22:35 server last message repeated 2516 times Mar 6 06:32:37 server last message repeated 2452 times Mar 6 06:42:38 server last message repeated 2520 times Mar 6 06:52:39 server last message repeated 2544 times Mar 6 07:02:39 server last message repeated 2919 times Mar 6 07:12:41 server last message repeated 2521 times Mar 6 07:22:43 server last message repeated 2524 times Mar 6 07:32:44 server last message repeated 2440 times Mar 6 07:42:45 server last message repeated 2524 times Mar 6 07:52:48 server last message repeated 2528 times Mar 6 08:02:50 server last message repeated 2656 times Mar 6 08:12:51 server last message repeated 2552 times Mar 6 08:22:53 server last message repeated 2528 times Mar 6 08:32:55 server last message repeated 2436 times Mar 6 08:42:57 server last message repeated 2536 times Mar 6 08:52:58 server last message repeated 2544 times Mar 6 08:58:55 server last message repeated 1631 times This appears to be a HW problem at first look. But when the server boots, it works fine for a while (hours, days??) Here is the id in the boot message Mar 6 09:01:21 server kernel: bge0: 0x3003> mem 0xfeab-0xfeab irq 16 at device 14.0 on pci1 Mar 6 09:01:21 server kernel: miibus0: on bge0 Mar 6 09:01:21 server kernel: brgphy0: PHY> on miibus0 Mar 6 09:01:21 server kernel: brgphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseTX, 1000baseTX-FDX, auto Mar 6 09:01:21 server kernel: bge0: Ethernet address: 00:e0:81:61:e9:a0 Is this some sort of SW driver issue or is it a HW issue at first glance? I remember kind of reading about some BGE issues a while back. Thanks Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
gmake in jail from ports linking to ld-linux.so.2 ??? Re: building jdk15 in a jail -- __mb_cur_max Undefined Symbol
On Mar 3, 2007, at 5:18 PM, Bill Moran wrote: On Mar 3, 2007, at 4:01 PM, Chad Leigh -- Shire.Net LLC wrote: Hi I am trying to build jdk15 inside my jail with PREFIX set to /usr/ public (At one time I successfully got jdk 1.4 to build after much hacking) I have the option for builing inside a jail set. We get to the point where the linux java is installed and it is actually building the jdk # Start of jdk build /libexec/ld-elf.so.1: /usr/local/lib/libiconv.so.3: Undefined symbol "__mb_cur_max" *** Error code 1 Stop in /usr/ports/java/jdk15. # I am not exactly sure what it is doing at this point in order to hack round it.libiconv a fresh install from ports Turns out that the issue is that gmake cannot run. I have not figured out why yet, having removed and reinstalled libiconv and gmake and getting the same error. But it is not java related. I'll redirect this to -questions If anyone has an idea on why gmake would fail as above on a fresh install, 6.2-RELEASE from a day or two ago, I would appreciate it. Please CC me as I am not currently subscribed to -questions, though I am on -java Not a direct answer to your question, but when I needed to do this a few months ago, I just did a "make package" on my workstation, then shipped the package up to the jail system and installed it with pkg_add. Doesn't solve the problem, but if you're in a pinch, it's a handy workaround. Bill -- Thanks! That is an idea too. Maybe I will do that. - However, I want to figure why gmake is not working in the jail when I install from ports. Using the same directory tree on the base machine it works, but not in the jail. gmake gives the error /libexec/ld-elf.so.1: /usr/local/lib/libiconv.so.3: Undefined symbol "__mb_cur_max" when built and run inside the jail but not when built and run pn the base machine. doing an "ldd" on the base machine shows # ldd /usr/local/bin/gmake /usr/local/bin/gmake: libintl.so.6 => /usr/local/lib/libintl.so.6 (0x8809b000) libiconv.so.3 => /usr/local/lib/libiconv.so.3 (0x880a4000) libc.so.6 => /lib/libc.so.6 (0x88191000) # but in the jail it shows # ldd /usr/public/bin/gmake /usr/public/bin/gmake: libintl.so.6 => /usr/local/lib/libintl.so.6 (0x8809b000) libiconv.so.3 => /usr/local/lib/libiconv.so.3 (0x880a4000) libc.so.6 => /usr/local/lib/libc.so.6 (0x88191000) ld-linux.so.2 (0x882ae000) # and I can't see why this would be the case. Both are building from the same port, same os, everything (indeed same machine) Any ideas appreciated! I am trying things and googling as well etc but I appreciate insight others may have on this. Has been stumping me for several hours today already :-( Please CC on any responses for now. I am resubscribing to -questions but don't know how long it will take to come back at me thanks Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
gmake in jail from ports linking to ld-linux.so.2 ??? Re: building jdk15 in a jail -- __mb_cur_max Undefined Symbol
On Mar 3, 2007, at 5:18 PM, Bill Moran wrote: On Mar 3, 2007, at 4:01 PM, Chad Leigh -- Shire.Net LLC wrote: Hi I am trying to build jdk15 inside my jail with PREFIX set to /usr/ public (At one time I successfully got jdk 1.4 to build after much hacking) I have the option for builing inside a jail set. We get to the point where the linux java is installed and it is actually building the jdk # Start of jdk build /libexec/ld-elf.so.1: /usr/local/lib/libiconv.so.3: Undefined symbol "__mb_cur_max" *** Error code 1 Stop in /usr/ports/java/jdk15. # I am not exactly sure what it is doing at this point in order to hack round it.libiconv a fresh install from ports Turns out that the issue is that gmake cannot run. I have not figured out why yet, having removed and reinstalled libiconv and gmake and getting the same error. But it is not java related. I'll redirect this to -questions If anyone has an idea on why gmake would fail as above on a fresh install, 6.2-RELEASE from a day or two ago, I would appreciate it. Please CC me as I am not currently subscribed to -questions, though I am on -java Not a direct answer to your question, but when I needed to do this a few months ago, I just did a "make package" on my workstation, then shipped the package up to the jail system and installed it with pkg_add. Doesn't solve the problem, but if you're in a pinch, it's a handy workaround. Bill -- Thanks! That is an idea too. Maybe I will do that. - However, I want to figure why gmake is not working in the jail when I install from ports. Using the same directory tree on the base machine it works, but not in the jail doing an "ldd" on the base machine shows # ldd /usr/local/bin/gmake /usr/local/bin/gmake: libintl.so.6 => /usr/local/lib/libintl.so.6 (0x8809b000) libiconv.so.3 => /usr/local/lib/libiconv.so.3 (0x880a4000) libc.so.6 => /lib/libc.so.6 (0x88191000) # but in the jail it shows # ldd /usr/public/bin/gmake /usr/public/bin/gmake: libintl.so.6 => /usr/local/lib/libintl.so.6 (0x8809b000) libiconv.so.3 => /usr/local/lib/libiconv.so.3 (0x880a4000) libc.so.6 => /usr/local/lib/libc.so.6 (0x88191000) ld-linux.so.2 (0x882ae000) # and I can't see why this would be the case. Both are building from the same port, same os, everything (indeed same machine) Any ideas appreciated! I am trying things and googling as well etc but I appreciate insight others may have on this. Has been stumping me for several hours today already :-( Please CC on any responses for now. I am resubscribing to -questions but don't know how long it will take to come back at me thanks Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: building jdk15 in a jail -- __mb_cur_max Undefined Symbol
On Mar 3, 2007, at 4:01 PM, Chad Leigh -- Shire.Net LLC wrote: Hi I am trying to build jdk15 inside my jail with PREFIX set to /usr/ public (At one time I successfully got jdk 1.4 to build after much hacking) I have the option for builing inside a jail set. We get to the point where the linux java is installed and it is actually building the jdk # Start of jdk build /libexec/ld-elf.so.1: /usr/local/lib/libiconv.so.3: Undefined symbol "__mb_cur_max" *** Error code 1 Stop in /usr/ports/java/jdk15. # I am not exactly sure what it is doing at this point in order to hack round it.libiconv a fresh install from ports Turns out that the issue is that gmake cannot run. I have not figured out why yet, having removed and reinstalled libiconv and gmake and getting the same error. But it is not java related. I'll redirect this to -questions If anyone has an idea on why gmake would fail as above on a fresh install, 6.2-RELEASE from a day or two ago, I would appreciate it. Please CC me as I am not currently subscribed to -questions, though I am on -java Sorry Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Installing PHP5 alongside PHP4
On Dec 20, 2006, at 7:45 PM, Benjamin Kudria wrote: Hi, I admin a small web hosting server running 6.1-RELEASE-p10, and I have PHP4 working as a module with Apache 2.0.59. I have a PHP app that doesn't work with PHP4 and requires PHP5, along with the mysql and gd extensions. Is there a way to get PHP5 to run alongside PHP4 short of installing another Apache in a jail? I don't know if you can using ports but by compiling yourself you can. You have to have 2 separate modules you load (with different names) and then you have to have one respond to a different file extension. Ie, .php for php4 and .php5 for php5 or whatever. Chad Thanks, Benjamin Kudria ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions- [EMAIL PROTECTED]" --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net
Re: Major Version Upgrade 4.11 to 5.x
On Dec 11, 2006, at 3:59 PM, Gerard Seibert wrote: On Monday December 11, 2006 at 05:09:01 (PM) James Long wrote: By the way, that is why it is customary to Cc: both the person and and the list when replying. It doesn't do any good to send a response to the list if the person who asked the question isn't subscribed. Maybe it is just me, but I hate that Cc crap. I always end up with two copies of the same message. Unless the individual specifically requests to be Cc'd, I never utilize it. Besides, how hard is it to subscribe to a list, post your question and hopefully receive a satisfactory response and then terminate your association with the list if you are so inclined. I joined the 'Apache' forum just to get one simple answer, then exited. Not a big deal at all. I agree that the list should only accept mail from subscribed members. Mainly to keep spam and other crap off the list. Most lists I am on (which are technical) require you to be a list member to post. So in this case the FreeBSD policies are "not the norm." I am on one list for an MTA where if you CC the orig poster plus send to the list you get in trouble with some folks. Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net
Re: digression: There is no "ye" (was Re: what happened to groff?!!)
On Nov 4, 2006, at 2:36 PM, Gary Kline wrote: On Sat, Nov 04, 2006 at 08:53:21PM +, Bill Moran wrote: On Fri, 3 Nov 2006 20:56:07 -0800 Gary Kline <[EMAIL PROTECTED]> wrote: Guys, This roff script is in a directory with ye-olden-English font, There is no word "ye", and there never was. Word origins is a hobby of mine, and I found it pretty difficult to figure out where "ye" came from, because it never existed. What _did_ exist, was a letter in old English called a "thorne". The thorne looked a lot like a capital "Y" (with a horizontal line through it) and had the sound of "th". When the thorne fell into disuse, later readers would think sentences said "we went to Ye bar to drink wiY friends". Since "the" is liable to be the most common word in the English language, this fell into a more general belief that in olden times, the word "ye" was used instead of "the". Anyway, it's a bit of non-BSD trivia. Sorry for the noise to those who aren't interested, and sorry that I don't know enough about groff to help fix your problem. Well, maybe the gurus will be back on Monday. I'm no scholar of the English language, but yeah, you're right on the money re the thorn character. [ Ever watch Bergan Evans' broadcasts circa late-1950's? ] gary <http://en.wikipedia.org/wiki/Thorn_%28letter%29> --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net
Re: how to know what DNS server is being used
On Oct 27, 2006, at 8:56 PM, David Banning wrote: On my registrars site I have two DNS servers listing. How would I know that 1) both are working. 2) which one is being used. For #2, do you mean by the world at large? Which one is being used when people look up your domain and hosts in your domain? Both of them should get used. I don't know what algorithm is used but both will be used by people. Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net
Re: two NIC and nfs
On Oct 23, 2006, at 4:15 PM, Albert Shih wrote: For answer Leigh -- Shire.Net LLC" <[EMAIL PROTECTED]> no I can't do that (well easy do..) because my client have only on NIC and the client is XDM server. And all my user-client (connected by xdmcp) is on same subnet. It's very complicate if I want two subnet for my servers. I am not saying to get rid of your original single subnet. I am saying you can add additional subnets with IP ailases on your NIC(s) and do the nfs over these additional subnets. You can do this even with just one nic. Let's say that you have your normal subnet 10.0.1.0 Lets say you want to add in your nfs subnet 192.168.1.0 and 192.168.2.0 for server nic 1 and server nic 2 client 1 nic1 10.0.1.10 plus alias 192.168.1.10 client 2 nic1 10.0.1.11plus alias 192.168.2.11 server nic 110.0.1.100 plus alias 192.168.1.100 nic 210.0.1.101 plus alias 192.168.2.101 This will allow you to keep the xdm stuff (I am not familiar with xdm) on your normal subnet plus do each client on its own nic on the nfs server... Just make sure that client 1 uses an nfs server of server-nic1-192:/ someshare where server-nic1-192 is the name given in your hosts or dns tables to the alias 192 address on nic1 and the analog on nic2. best Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net
Re: two NIC and nfs
On Oct 23, 2006, at 3:40 PM, Albert Shih wrote: Le 23/10/2006 à 13:09:21-0800, Jeff Mohler a écrit Are nic1 and nic2 on the same network? Are client2 and nic2 on the same network? Yes all in same subnet, all connected on the same gigabits switch. The easiest thing is to set up a separate subnet for server nic 2 and client nic 2, perhaps as an alias on the existing one. Use a private netblock like 192.168.n to separate them out. I do this. I have a single nic in the client (but I have multiple clients) and the nfs server has 4 nics. nic 1 is 192.168.1.x and nic 2 is 192.168.2.x and nic 3 is 192.168.3.x and nic 4 is 192.168.4.x . I am actually running one of my clients with 1 nic with aliased addresses talking to 2 separate nics on the server, mainly for testing purposes to separate different share while I did some packet sniffing to solve an unrelated problems. Chad and all nfs traffic is in UDP. Hi all I've two NIC on my server. Until now I just use one. I want use the second interface to increase perfs. The server have only one purpose : nfsd. Suppose if I do nfs_nic_1 <---> client 1 nfs_nic_2 <---> client 2 well that's work but not... really because if incomming traffic from client_2 pass through nic_2, all output traffic pass through nic_1. How can I make the all traffic between client_2 and my server pass through nic_2 ? Regards. JAS -- Albert SHIH Universite de Paris 7 (Denis DIDEROT) U.F.R. de Mathematiques. 7 ième étage, plateau D, bureau 10 Heure local/Local time: Mon Oct 23 23:39:46 CEST 2006 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions- [EMAIL PROTECTED]" --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net
Re: 4 core Opteron performance
On Oct 21, 2006, at 2:29 AM, ke han wrote: I realize this is a bit open-ended. But I need some advice anyway as I need to make a final decision on using FreeBSD 6.1 on a production server. I have a new Sun x4100 server. 2 x dual core Opterons with 8 GB RAM. I need to run MySQL 5, a single threaded HTTP server, and a few other single threaded daemons. This server will have lots of long living sockets for one of the single threaded servers. Other than that, its not outside normal usage bounds. I would like feedback on overall performance from anyone who has used FreeBSD 6.1 with hardware similar to this. I'm not a guy who cares about getting the last 10% of performance out of a server. I am happy to trade performance for maintainability and a little peace of mind. I have a dual opteron 2.0ghz (not dual core) with 4GB ram running 6.1. It ran a very busy mysql 4 server (feeding three other dedicated apache server machines), plus it runs a few FrontBase databases that are not so busy (low -- med low usage), and about 30 instances of apache (ie, min of 30 jails, each running their own apache) and a couple of jails with roxen serving webpages, plus a bind daemon, a moderately busy exim mta, courier imap and pop daemons, and some other assorted stuff, like a bunch of java based WebObjects instance and some db stuff (like some low use mysql 4/5 etc). It rarely broke much of a heavy sweat in normal usage. The super busy mysql 4 server is now gone and the machine rarely even sweats at all now (all the rest is still there). I would google on x4100 and FreeBSD or search the archives for any machine-specific issues. I kind of remember some issues with some sort of Sun servers. best Chad btw, I'm not tried to start another "FreeBSD has poor SMP" flame-fest. any thoughts? thanks, ke han --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net
Re: Non English Spam
On Oct 13, 2006, at 7:12 PM, Beech Rintoul wrote: I'm getting a ton of spam every day that comes from China, Japan and Korea. Spam Assassin completely ignores it because it has all non-english characters I don't know what settings affect this but SpamAssassin actually catches most of the Japanese and Chinese language spam we get (have not seen Korean). (I have whitelisted a couple of Japan email addresses that send us legit email in Japanese but others that are not spam do not get flagged that often as spam -- don't ask me how it works). Chad and slows kmail to a crawl loading. Is there a way to filter on non- english either using Spam Assassin or procmail? Suggestions would be appreciated. Beech -- --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net
ports vs configure/make/make install Re: RE : Re: RE : Re: RE : Re: RE : Re: RE : Re: cheapskate webmail interface
On Oct 12, 2006, at 1:26 AM, Juha Saarinen wrote: On 10/11/06, Desmond Coughlan <[EMAIL PROTECTED]> wrote: Yeah. I used to do Solaris admin (Jesus, you'd never know it...), and usually prefer installing software the ./configure --> make && make install route. Especially since a ports install doesn't tell you anything about where the software is put It most certainly does, and also allows you to change the locations of the software to be installed. Have a look at the Makefile in the ports. While theoretically you can change the location where stuff is put using ports, it does not always work out that well (I admit I could have screwed up). Mainly, some ports rely on other ports. I installed a bunch of stuff (gnu build stuff) that some ports relied on in my own dir /usr/public as a prefix. The ports system should know about this (ie at later install time) but certain ports that rely on this stuff seem to have it hardwired that this stuff is in / usr/local and these ports fail. So may ports can easily be changed, some ports can't. I use ports for things like build tools, system tools, editors, compilers. and certain standard SW we use. I use configure/make etc for my MTA, apache, php, my imap and pop servers, and lots of my service level software that I find much easier to customize myself without jumping through ports. best Chad -- Juha ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions- [EMAIL PROTECTED]" --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net
Re: .dmg files?
On Oct 10, 2006, at 4:10 PM, Paul Schmehl wrote: --On Tuesday, October 10, 2006 13:51:46 -0500 Drew Sanford <[EMAIL PROTECTED]> wrote: Is there any way to unpack a .dmg file (mac) on FreeBSD? I have checked in ports/archivers and can't find anything that looks like it will do it, and google turns up nothing of any use that I've found yet. Have I missed something, or can this really not be done? Won't this do it? /usr/ports/archivers/stuffit Probably not. Stuffit is a "zip" like format. .dmg are like .iso more or less (mountable disk images) Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net
Re: Upgrading firmware on Areca RAID card?
On Oct 9, 2006, at 7:35 AM, Bob Willcox wrote: Hi All, I would like to upgrade the firmware on my Areca ARC-1210 SATA RAID card. Has anyone out there done this, and if so, do you have any advice on doing it? I have downloaded a program called archttp32 that appears to be a FreeBSD 4.2 32-bit version of the Arec http proxy server but I really need a 64-bit version (I suppose that would be called archttp64), preferably build on FreeBSD 6.1 (or thereabouts). Any tips, pointers, advice, or warnings would be greatly appreciated. I've done it but under Solaris 10. I basically followed the instructions that Areca has in the docs/website. My card was an 1120 8 port card (I also did an 1130 12 port card through its in-built ethernet port). I went just now to their downloads and they only show the 32 bit archttp server. Try that and see how it works since your amd should also run 32 bit programs, right?. Otherwise, maybe you will have to boot a liveCD in 32bit mode or something and run it from that Chad Thanks, Bob --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net
Re: RE : Re: RE : Re: RE : Re: cheapskate webmail interface
On Oct 9, 2006, at 8:21 AM, Desmond Coughlan wrote: Yes, I did everything mentioned in that HOWTO. Still no luck. Following someone else's advice, I tried to install Thunderbird on another machine, and connect to the server on port 143. It failed. You need to have an IMAP server running before roundcube can connect. It sounds like you do not have an IMAP server running on the system. Port 143 is the IMAP port. roundcube (horde/ squirrelmail, etc) are not IMAP servers, they are clients. Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net
apache in "strange" jail getting permissions errors
with all the same files and permissions, has no problems. Here are some examples from the virtual host error files: [Wed Oct 04 12:53:19 2006] [error] [client 67.171.127.191] (13) Permission denied: file permissions deny server access: /local/web/ leigh.org/www.leigh.org/index.html [Wed Oct 04 12:53:19 2006] [error] [client 67.171.127.191] File does not exist: /local/web/leigh.org/www.leigh.org/favicon.ico [Wed Oct 04 12:53:21 2006] [error] [client 67.171.127.191] (13) Permission denied: file permissions deny server access: /local/web/ leigh.org/www.leigh.org/index.html [Wed Oct 04 12:53:21 2006] [error] [client 67.171.127.191] File does not exist: /local/web/leigh.org/www.leigh.org/favicon.ico [Wed Oct 04 12:54:55 2006] [crit] [client 68.114.59.6] (13)Permission denied: /local/web/leigh.org/www.leigh.org/_derived/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable, referer: http://www.leigh.org/running/podcast.html [Wed Oct 04 12:54:56 2006] [crit] [client 68.114.59.6] (13)Permission denied: /local/web/leigh.org/www.leigh.org/_themes/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable, referer: http://www.leigh.org/running/podcast.html [Wed Oct 04 12:54:56 2006] [crit] [client 68.114.59.6] (13)Permission denied: /local/web/leigh.org/www.leigh.org/_themes/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable, referer: http://www.leigh.org/running/podcast.html [Wed Oct 04 12:54:58 2006] [crit] [client 68.114.59.6] (13)Permission denied: /local/web/leigh.org/www.leigh.org/_derived/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable, referer: http://www.leigh.org/running/podcast.html [Wed Oct 04 12:55:15 2006] [crit] [client 74.6.74.61] (13)Permission denied: /local/web/leigh.org/www.leigh.org/genealogy/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable Again, the user that apache is running as can access the files R/W no problem. I have confirmed this by running a shell as the same user (and the same apache when running on the md(4) back jail with the same local directorys tructure with same user and permissions etc runs fine). I also confirmed the permissions of everything visually. user and group are r(+x as appropriate) including all dirs. I am at a loss on why, when the apache virtual host document roots are living on an nfs mounted space this would happen. (Again, the LockFile and other things like that [SSLMutex, mod)rewrite stuff] is set to a local space that is not nfs mounted and apache is not giving and crazy errors to indicate otherwise in the apache wide error_log like it did when I first started my attempts). Any ideas or help would be appreciated. In case anyone wants to know why I want to do this jail on nfs thing: 1) I want to get rid of the md(4) backed devices as they seem to not be completely stable -- once in a while I get a lost I/O that leads to hanging the server. I cannot prove it is related to md(4) but it always starts in relation to a jail on the md(4) device (and when I try and do an ls of the file for example, once it starts, the ls of that file will hang while other ls won't). 2) More importantly, I don't want a jail to be tied to a specific HW server. I want to be able to move a jail easily around HW servers as needed. For example, if a specific server were to develop HW problems, I could easily shut it down and bring up its allotment of jails on another server or set of servers with very minimal downtime to my customers. Right now, with the md(4) backed devices, the jails live where their storage backing is and each server has their own set of disks/storage. If a server dies, I cannot easily bring up all my jails on another server without HW hacking. I know I have a single point of failure with the Solaris server and its large disk array but it is easier to throw money at a single file server and have a lot of smaller minimal front end servers than have to buy larger beefier front end servers in multiples. The solaris server has 2 areca raid 6 arrays (1 installed and 1 to be installed later this Fall) mirrored together using ZFS, has a 2+1 redundant power supply that will be spread across 2 circuits, battery backed raid arrays, etc. is on hospital grade power with UPS etc. with extra spare parts to quickly replace things that fail. Thanks Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net
Re: ezjails, jails
Hi On Sep 26, 2006, at 8:40 AM, Don Munyak wrote: re: ezjails, jails Hopefully a quick question. I am researching using EZJails from http://erdgeist.org/arts/software/ezjail/ But a little confused by the jail concept. I think I need to setup two jails, one(1) for email services and one(1) for www services, on a single server. That will work q. If I am running a webserver for more than one(1) domain, should I be using a single jail for each domain, or is one jail needed for 'ALL' www processing ? Up to you. Each jail requires its own IP address. There are things that people do with jails with private IPs and packet forwarding and stuff, but to keep it simple, consider that each jail needs an IP address (public). If you have lots of them, and if each domain is something someone else runs, or is based on totally different SW, then you might consider separating them. If you own and run each domain and they use a similar SW menu, then you may just run them out of one jail using apache virtual hosts. q. If I am using a jail for each domain, does this imply loading apache+php+mysql, for each www jail ? Yes. There are ways to share but until you are comfortable with jails and what you are doing, it is easier to just load each one up separately. We run a ton of jails, one for each customer, and we share SW across them in our own "/usr/public" read only area with each jail having its own /usr/local/etc but to get it to work requires some configuration work and understanding how it all works and some other trickery... q. Likewise with email and multiple domains, does multiple domains = multiple email jails, as well as multiple copies of smtp, pop3, webmail ?? You could but in most cases there is no reason to do that. Run them all in 1 jail using one set of SW. Set up your SMTP server to support multiple domains (I recommend exim). q. Email and WWW services both require MySQL. Would I be installing MySQL 'x' number of times? Depends on how the SW accesses mysql but you can run multiple mysql DBs out of one installation... Chad What I want to do is he following: We are a small company, so email traffic is minial..ie. less than 500 messages per day. Likewise, www traffic is also minimal. I want to build a single server to be located at a co-location facility. This server would support both email and www services. The email services would be built using instructions from http://www.tnpi.biz/internet/mail/toaster.shtml ...that being stuff like qmail, RBL, spamassassin, clamav...etc We have 5 separate domains for email services The www services would be functionally similiar to LAMP We have 5 separate domains for www I would greatly appreciate any links or advice towards achiving my goals. Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions- [EMAIL PROTECTED]" --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net
Re: Want to install RELEASE-6.1, have 5.3 disks
On Sep 23, 2006, at 2:34 PM, Jason Artz wrote: Hello, I want to install FreeBSD 6.1 on my system, but I only have a version 5.3 CD. I can tell sysinstall to get 6.1 instead of 5.3 via FTP (under "Options, Release name"), but I read that using an old sysinstall to install a new version is a bad idea. I cannot figure out how to obtain a new sysinstall without making boot floppies (I have no floppy drive nor a CDRW). Can I install 5.3 and then somehow upgrade via FTP to 6.1? Or download the new sysinstall to my 5.3 installation, run it, and install 6.1 instead? What's the best method? Can you just download the 6.1 iso disks and make new installer disks? Otherwise, you can install 5.3 and use cvsup to upgrade to 6.1 through a source upgrade. Just follow the instructions carefully. Chad Thanks, Jason ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions- [EMAIL PROTECTED]" --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: SCSI vs. SATA (was Re: Upgrading our mail server)
On Sep 14, 2006, at 10:28 AM, Derek Ragona wrote: SATA is still quite limited. To go beyond those limits use SAS, but SAS costs even more than SCSI and is brand new technology. Get a 12 or 16 or 24 port Areca card and have a few hot spares and you will see SATA fly for less money than SCSI with higher storage and as high or higher reliability (RAID 6 plus hot spares)... I used to be SCSI only but these new cards and drives offer a lot more for the money and you can make up for reliability by sheer mass and raid 6 and hot spares :-) Chad -Derek At 10:46 AM 9/14/2006, Bill Moran wrote: In response to Frank Bonnet <[EMAIL PROTECTED]>: > Gerard Seibert wrote: > > Frank Bonnet wrote: > > > > [...] > >> I need SCSI Disks of course , budget is around 10K$ > > > > Why the insistence on SCSI? Is there any reason that SATA or RAID with > > SATA is not acceptable? Just curious. > > Because I want it Has anyone every verified whether or not SATA has the problems that plagued ATA? Such as crappy quality and lying caches? Personally, I still demand SCSI on production servers because it still seems as if: a) The performance is still better b) The reliability is still better But I haven't taken a comprehensive look at the SATA offerings. It also seems as if SATA is more limiting. Most SCSI cards can support 16 devices, does SATA have similar offerings? I know it's not common, but if you need that many spindles, you need them! -- Bill Moran Collaborative Fusion Inc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions- [EMAIL PROTECTED]" -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions- [EMAIL PROTECTED]" --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Newbie Experience
On Sep 14, 2006, at 12:29 AM, Jonathan McKeown wrote: On Thursday 14 September 2006 01:21, Kevin Brunelle wrote: As for the GNU tools, yes most sysadmins use some of them (although not always). I know that BSD tar handles gzip and bzip2 just fine ( - z and -j respectively). So I know I wouldn't download gtar just for that feature. In fact, as I discovered a few days ago (after all, how often does one read tar(1)'s manpage?), you only need to use -z and -j when creating a tar archive. bsdtar(1) recognises bzip2 and gzip compression on reading an archive and handles them automatically. old habits die hard :-0 Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: bge0: PHY read timed out
On Sep 9, 2006, at 11:52 PM, Chad Leigh -- Shire.Net LLC wrote: I have a machine that is acting up. It was doing this a couple weeks ago and I replaced the motherboard thinking that maybe the physical ethernet port was going bad (connector or chip). The new motherboard is starting to act up the same way after a week or two of running fine and I am wondering if something else might be the issue. I forgot to mention that the MB at issue is the Tyan S2850 single opteron MB. This particular server had its MB replaced a week or two ago for the same sort of issue on bge1 that got progressively worse and I eventually turned it off in the BIOS. Then a while later it started seeming to freeze up with this same issue as listed below and I replaced the MB, which is starting to show the same issue. I have a few other servers with the same MB and they have never had any issues. Chad After the uname I list the stuff from the syslog before it goes off the net and my auto rebooter power strip thinks it has crashed and forces a reboot (which I have now turned off so I can go in and look more next time it happens). This did not happen for the last week or two and all of a sudden happened about 5 times today... # uname -a FreeBSD whitwell.shire.net 6.1-RELEASE FreeBSD 6.1-RELEASE #1: Fri May 19 01:50:39 MDT 2006 [EMAIL PROTECTED]:/usr/obj/usr/src/ sys/WHITWELL i386 # Sep 9 20:49:02 whitwell kernel: bge0: PHY read timed out Sep 9 20:49:02 whitwell last message repeated 3 times Sep 9 20:49:02 whitwell kernel: bge0: link state changed to DOWN Sep 9 20:49:04 whitwell kernel: bge0: PHY read timed out What does this message mean? PHY read timed out? I did a google on it but the issues were various other things. Could this be a bad cable? Thanks Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions- [EMAIL PROTECTED]" --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
bge0: PHY read timed out
I have a machine that is acting up. It was doing this a couple weeks ago and I replaced the motherboard thinking that maybe the physical ethernet port was going bad (connector or chip). The new motherboard is starting to act up the same way after a week or two of running fine and I am wondering if something else might be the issue. After the uname I list the stuff from the syslog before it goes off the net and my auto rebooter power strip thinks it has crashed and forces a reboot (which I have now turned off so I can go in and look more next time it happens). This did not happen for the last week or two and all of a sudden happened about 5 times today... # uname -a FreeBSD whitwell.shire.net 6.1-RELEASE FreeBSD 6.1-RELEASE #1: Fri May 19 01:50:39 MDT 2006 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/ WHITWELL i386 # Sep 9 20:49:02 whitwell kernel: bge0: PHY read timed out Sep 9 20:49:02 whitwell last message repeated 3 times Sep 9 20:49:02 whitwell kernel: bge0: link state changed to DOWN Sep 9 20:49:04 whitwell kernel: bge0: PHY read timed out What does this message mean? PHY read timed out? I did a google on it but the issues were various other things. Could this be a bad cable? Thanks Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: jail removal
On Sep 9, 2006, at 3:37 AM, Christopher Cowart wrote: I've partially removed a jail and I want to start over and recreate it differently, but I'm having trouble removing files. Getting permission denied on some files I am unable to chmod to +w. Try 'sudo chflags -R noschg /path/to/jail'. I'm thinking the immutable flag got set on something like var/empty. And if that doesn't work you may be at a secure level that doesn't allow the changes to immutable flags. Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD not popular in Asia?
On Sep 8, 2006, at 7:02 PM, Marc G. Fournier wrote: Check out http://www.bsdstats.org ... Republic of Korea is about to push the US out of first place, but there are *zero* FreeBSD boxes reporting from there ... DragonFly is first, then NetBSD and then OpenBSD ... Are there *really* no Korean FreeBSD hosts out there ... ? Or maybe the FreeBSD users in Korea use their systems for real work and don't read this list or play these sorts of games... The Open/ Net/DFly users are hobbyists who like to play these games. I am not knocking the bsdstats effort -- just that lots of serious users with machines in production won't report back (I know I am not). Your sample is probably statistically invalid. best regards Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: need a restricted shell
On Sep 7, 2006, at 7:35 AM, David Robillard wrote: I am looking for a shell that will allow Subversion to be run over ssh but not allow interactive login or if it allows interactive login, will only allow Subversion commands to be run... Any ideas on how to accomplish this? Hi Chad, You could install the shells/scponly port and build it with it's chroot option. (i.e. sudo make -DWITH_SCPONLY_CHROOT install) Don't run the `make clean` just yet, because you will need the "setup_chroot.sh" script which is inside the work/scponly- directory. Thanks to David and all who responded. I will give this a shot. Thanks Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DL 380/G5 with 16G of ram
On Sep 7, 2006, at 3:26 PM, Marc G. Fournier wrote: On Thu, 7 Sep 2006, Josef Grosch wrote: Hello, I've got a DL 380/G5 as an evalu unit. It has 16 gig of ram. I compiled a PAE kernel but I'm finding that it is not very stable. It crashes during heavy disk activity, ie. portupgrade -rav. Does anyone have experience with this sort of machine and would you care to share your kernel config file and/or advice. Have you tried a non-PAE kernel? If its a new unit, I imagine its 64bit, which, as far as I'm aware, doesn't require PAE ... ? I would second this. Try the amd64 version of FreeBSD (which also supports the EMT64, or whatever it is called, Intel 64bit processors). Based on HPs website, this is the possible processor list: Intel Xeon Processor 5160 – Dual core / 3.00 GHz / 1333MHz FSB Intel Xeon Processor 5150 – Dual core / 2.67 GHz / 1333MHz FSB Intel Xeon Processor 5140 – Dual core / 2.33 GHz / 1333MHz FSB Intel Xeon Processor 5130 – Dual core / 2.00 GHz / 1333MHz FSB Intel Xeon Processor 5120 – Dual core / 1.87 GHz / 1066MHz FSB Intel Xeon Processor 5110 – Dual core / 1.60 GHz / 1066MHz FSB Intel Xeon Processor 5080 – Dual core / 3.73 GHz / 1066MHz FSB Intel Xeon Processor 5060 – Dual core / 3.20 GHz / 1066MHz FSB Intel Xeon Processor 5050 – Dual core / 3.00 GHz / 667MHz FSB They all seem recent enough to have the 64bit extensions. Thanks Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
need a restricted shell
I am looking for a shell that will allow Subversion to be run over ssh but not allow interactive login or if it allows interactive login, will only allow Subversion commands to be run... Any ideas on how to accomplish this? I have been looking at various shell lists in ports but nothing popped out as obvious to me Thanks Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: solaris
On Sep 6, 2006, at 8:41 AM, White Hat wrote: Most of these can be far more easily done on a WinXP machine then anything now available in the *nix family. OS X will do it as easily or more easily for the average person than WinXP. OS X is a unix based OS. Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: solaris
On Sep 4, 2006, at 8:57 AM, dick hoogendijk wrote: On 03 Sep Chad Leigh -- Shire.Net LLC wrote: I am not sure about installing Solaris into an existing partition. I remember one of the FBSD's (a RC, but still) destroying my partition table. That's the reason I ask. I know that I don't have to use the main option (that's for the whole disk). But if there are no problems know of with the sol installer, than I'm a little less worried. I have no space to backup my XP and FBSD disk parts (at the moment). btw there is a Solaris X86 mail list at http://groups.yahoo.com/ group/solarisx86/ They might be better able to help out in determining the danger of installing in your situation. best Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: time to come clean... .
On Sep 3, 2006, at 10:35 PM, Gary Kline wrote: Folks, How can I automate the backup via rsync to other servers? I believe the default for rsync is to use ssh as a transport. That is how I am using it with ssh certificates. Read up on rsync and if you want to create some cron jobs that would be an easy automation. Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: migrating user and web files to new server
On Sep 3, 2006, at 8:59 PM, Noah wrote: hackmiester (Hunter Fuller) wrote: On 3 September 2006, at 20:34, Noah wrote: hackmiester (Hunter Fuller) wrote: I find it incredibly interesting that, while you REFUSE SPECIFY exactly what you want, you find it necessary to deem certain commands unacceptable! No one is going to freaking spoon feed you this stuff! What you just pasted will do basically THE SAME THING as tarring and scping it over, so what's the problem? The only difference is there is no intermediate tar file. If that's what you wanted, why can't you just SAY THAT?! cool. it is different though. ssh and scp are quite different syntax. thank you. Obviously they are different syntax, but the two commands posted give you the same end result. Why are you rejecting the syntax?! Hi there, I never saw any syntax for the scp way of doing it. Also after I received the ssh command I was happy to see that moving files could be performed on one line you mean like % tar cf newfile.tar mydirtotar; scp newfile.tar [EMAIL PROTECTED]: ? that is one command line Chad and want to share it with the list and soon google. please lets drop the issue it seems too nitpicky. cheers, Noah cheers, Noah ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions- [EMAIL PROTECTED]" --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: solaris
On Sep 3, 2006, at 9:20 PM, P.U.Kruppa wrote: On Sun, 3 Sep 2006, dick hoogendijk wrote: I have a 3-part disk: (a) XP for games (b) FreeBSD-6.1 (my main OS) (c) FreeBSD-6.1 (a backup) I want to replace the third partition with solaris 10, mainly for studying this OS. I burned the DVD. Will it install solaris on this third partition without trouble? Will I be able to continue to use the FreeBSD bootloader or do I need to isntall sol's grub? The documentation on SUN and solaris is huge. Many many pdf files.. Are there better ways then these pdf's? Good books on solaris 10? Starting points on the net? I ask here because I know lot of you guys here have also installed solaris 10 (at least I remember seeing it here) Hope to get some advice and reading points. I have years of experience with linux and FreeBSD and like to explore new (OS) challences. I did something like that (WIN2k instead of XP) last year - no problem. You might feel better if you had some kind of bootloader disk at hand (something like GAG (my favourite), grub or whatever). At that time I was very disappointed of solaris: - very slow - very old versions of software Tell me if that has improved. I decided to test Debian instead, and am very satisfied with it. I am not sure about installing Solaris into an existing partition. The new U2 of Solaris 10 uses grub though. But I find Solaris 10 much faster than FreeBSD for some things (java, threaded apps, etc). It has its quirks and I am sure that FreeBSD has its advantages (for me I use FreeBSD on most of my servers but have a few Solaris 10 based ones for java, ZFS, etc). I am not trying to get into a mud- slinging match -- both are good. But I wanted to mention that Solaris is a very mature OS. It is a hyrbid BSD/SVR4 system in terms of commands (I believe in ancietnt history SunOS was a VSD variant that switched to a SVR4 variant when it became Solaris). And FreeBSD has the upper hand in my estimation in terms of normal userland stuff like an updated tar and update apps in many cases (userland utils) so a lot of things you normally do will be frustrating at first until you learn that he command flags are different on Solaris than on FreeBSD. Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: migrating user and web files to new server
On Sep 2, 2006, at 11:15 PM, Noah wrote: Chad Leigh -- Shire.Net LLC wrote: On Sep 2, 2006, at 11:09 PM, Noah wrote: Chad Leigh -- Shire.Net LLC wrote: On Sep 2, 2006, at 10:59 PM, Noah wrote: Hi there, might somebody recommend a good way to migrate user and web files to our new server? ??? tar and scp work well for me okay might you recommend a good command structure? Sorry I am dense but I just tar up whatever directories (user, web, whatever) and then use scp to copy them to the new server where I use tar to undue them. I don't quite understand your question man tar man scp % tar cpf archive.tar scp over % tar xpf archive.tar there are cooler ways of doing this. there will be people on this list that know what I am talking about. I will await their responses. things like rdiff-backup could be useful since I can prep everything and periodically move things over and then on a flag day switch the IPs. Well, if you want to make it complicated etc you can. If you don't want to migrate all at once, yes, there are other ways of doing that. That was not specified. I would just stay up late one night and tar it all over and get it over with. KISS. good luck! best regards Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: migrating user and web files to new server
On Sep 2, 2006, at 11:09 PM, Noah wrote: Chad Leigh -- Shire.Net LLC wrote: On Sep 2, 2006, at 10:59 PM, Noah wrote: Hi there, might somebody recommend a good way to migrate user and web files to our new server? ??? tar and scp work well for me okay might you recommend a good command structure? Sorry I am dense but I just tar up whatever directories (user, web, whatever) and then use scp to copy them to the new server where I use tar to undue them. I don't quite understand your question man tar man scp % tar cpf archive.tar scp over % tar xpf archive.tar Cheers, Noah --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: migrating user and web files to new server
On Sep 2, 2006, at 10:59 PM, Noah wrote: Hi there, might somebody recommend a good way to migrate user and web files to our new server? ??? tar and scp work well for me Chad thank you in advance, Noah ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions- [EMAIL PROTECTED]" --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
shared cache -- Re: SMP detection
On Aug 30, 2006, at 12:12 PM, backyard wrote: with HT disabling in FreeBSD is more for the security issues about a potential exploit whereby one process in one pipe can access the priveledged information of a process in another pipe because the two cores share one processor cache and thus one cache table. To my knowledge this hasn't been exploited yet. How is this any different than say an Intel Core Duo or Core 2 Duo? I believe they have a shared cache as well for each (real) processor core. Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: AMD 64 3000
On Aug 18, 2006, at 2:00 PM, Nikolas Britton wrote: On 8/18/06, Jerry McAllister <[EMAIL PROTECTED]> wrote: > > Anybody have any strong opinions on this for a freebsd 6.1 web server? We > are currently using a 2.40GHz celeron which is fairly slow. I'm hesitant > to switch to 64 bits, are there any gotchas for freeBSD? What are you doing that would make that seem slow? Are you sure it is the processor and not some other part that is the bottleneck, such as disk or NIC or your pipe to the outside world (ISP)? He's probably running a big PHP web app... If so try eaccelerator first, it's in ports under www/eaccelerator. It's an opcode cache for PHP... should give you a major speed boost. Yes, I have this running. Made a HUGE difference. If it is indeed a PHP thing. Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: AMD 64 3000
On Aug 18, 2006, at 11:09 AM, Robin Becker wrote: Anybody have any strong opinions on this for a freebsd 6.1 web server? We are currently using a 2.40GHz celeron which is fairly slow. I'm hesitant to switch to 64 bits, are there any gotchas for freeBSD? You can always run the 32bit FreeBSD on this if it makes you more comfortable. That is what I do with all my Opteron machines. What sort of webserving are you doing that the Celeron is slow? Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: JDK 1.5 in a Jail
On Aug 18, 2006, at 10:54 AM, Bret J Esquivel wrote: Hi Chad, Yeah I've tried below inside the master: mount -t linprocfs linprocfs /usr/jails/ox1.immense.net/compat/ linux/proc with df containing: linprocfs 4 40 100% /usr/jails/ox1.immense.net/compat/linux/proc Still no joy. Hmm. I have not done 1.5 but I did build 1.4 inside a jail and it had the same message and my remembrance was that I had done what you did above and it worked. But it was over a year ago so I don't remember any details or gotchas. Sorry Chad -Original Message----- From: Chad Leigh -- Shire.Net LLC [mailto:[EMAIL PROTECTED] Sent: Friday, August 18, 2006 11:54 AM To: Bret J Esquivel Cc: freebsd-questions@FreeBSD.org Subject: Re: JDK 1.5 in a Jail On Aug 18, 2006, at 10:45 AM, Bret J Esquivel wrote: ox1# make install ===> Building for jdk-1.5.0p3_3 ERROR: You must have LINPROCFS mounted before starting to build the native JDK 1.5.0. You may do it with the following commands: # kldload linprocfs and # mount -t linprocfs linprocfs /compat/linux/proc *** Error code 1 Any insight? Did you try what it says above (in the master)? (mounting a linprocfs inside the jail while in the master)? Chad Thank you --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: JDK 1.5 in a Jail
On Aug 18, 2006, at 10:45 AM, Bret J Esquivel wrote: ox1# make install ===> Building for jdk-1.5.0p3_3 ERROR: You must have LINPROCFS mounted before starting to build the native JDK 1.5.0. You may do it with the following commands: # kldload linprocfs and # mount -t linprocfs linprocfs /compat/linux/proc *** Error code 1 Any insight? Did you try what it says above (in the master)? (mounting a linprocfs inside the jail while in the master)? Chad Thank you --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: rsync on Freebsd 5.3
On Aug 18, 2006, at 10:40 AM, Lisa Casey wrote: Anyone know what might be wrong? Or can anyone suggest a better way of moving these mail boxes? I don't know what might be wrong with rsync but can't you just tar up the mail, move the tar file, and untar at the new place? Simple fast etc. That is how I do these sorts of things Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Cacti & FreeBSD Jail CPU & RAM monitoring
On Aug 15, 2006, at 9:16 AM, Philippe Lang wrote: Hi, Based on answers of my first post, I wrote a small perl script in order to find out the CPU and MEMORY used by each jail. Here it is: -- - jls.ps -- #!/usr/bin/perl @jails = `jls`; $title = shift @jails; chomp $title; print $title . "\t\t%CPU\t%MEM\n"; foreach (@jails) { my ($jid) = /\s+(\S+)\s/; @jexec = `jexec $jid ps -afxu`; @mem = map {/\S+\s+\S+\s+\S+\s+(\S+)\s/} @jexec; shift @mem; $tot_mem = 0; foreach (@mem) { $tot_mem = $tot_mem + $_; } @cpu = map {/\S+\s+\S+\s+(\S+)\s/} @jexec; shift @cpu; $tot_cpu = 0; foreach (@cpu) { $tot_cpu = $tot_cpu + $_; } chomp $_; print $_ . "\t$tot_cpu\t$tot_mem\n"; } -- What are the units on the MEM? Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Cacti & FreeBSD Jail CPU & RAM monitoring
On Aug 14, 2006, at 10:28 AM, pete wright wrote: On 8/14/06, Philippe Lang <[EMAIL PROTECTED]> wrote: Hi, I'd like to use Cacti for CPU and RAM usage monitoring on my FreeBSD Server. Is there a way to do monitoring for each jail independently? I guess the answer is "no" for CPU usage, but is there a way maybe to get the RAM usage of the processes of each jail? using cacti's scripting ability you actually may be able to get some sort of usefull info. for example, you can use "ps auxwl" to get some pretty detailed info on process which are in jails (third filed is %CPU, fourth %MEM). it may take a little work to sort out which jail a process resides in - . this method will only work from the master as well. similar tricks can be used inside a jail as well. Remember you can do things like % jexec NUM /bin/ps from the master to do a ps command inside jail NUM you can get the jail number from the % jls command inside the master. Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: How to remotely check an Adaptec 2100S RAID array status under FreeBSD 5.2.1?
There is an adaptec raiodctl package (I think that is the name). I recently retired my last 2100s so I no longer can go check it. However, there is a freebsd program that can be used to report on and manage your raid on a 2100s. Google frebsd and adaptec 2100s Besides being able to run it at will, I also had a cron job that would run it periodically and email me the results. (I also do that with my amr devices and my aac devices with the appropriate raid management programs). Chad On Aug 14, 2006, at 5:57 AM, Olaf Greve wrote: Hi all, I hope someone can answer the following question for me (which may be trivial). In my fall-back server I use an Adaptec 2100S SCSI RAID controller, with two (identical) drives attached to it. This morning I recieved the dreaded phonecall (from the server farm) that that machine is emitting a loud beep,which I remember to be the RAID controller's alarm in case a drive has failed. Now, the above is clear and all, and I will replace the broken drive asap, so no question there. However, I am about to go on a 3 week holiday to South America, and as I'll then be on an entirely different continent, I was wondering if there are any ways to remotely check the status of hardware RAID arrays. :D In this case I tried dmesg (and checking the /var/log/messages file) and I couldn't find a single error message from the RAID controller (which can be deemed 'desirable' behaviour, as one of the two drives still works fine). Are there any software tools for FreeBSD that can be used to check this remotely from an SSH terminal (no X), or better yet, is there support in FreeBSD itself for checking the status of hardware RAID arrays? Tnx in advance, and cheers! Olafo PS: I am wondering about the same question for the 3ware 9600 SATA RAID controller too. It would be great to be able to monitor that remotely as well. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions- [EMAIL PROTECTED]" --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Undelete for UFS2?
On Aug 12, 2006, at 1:11 PM, Martin Tournoij wrote: On Sat, 12 Aug 2006 18:29:20 +0200, Chad Leigh -- Shire.Net LLC <[EMAIL PROTECTED]> wrote: On Aug 12, 2006, at 7:26 AM, Martin Tournoij wrote: On Sat, 12 Aug 2006 12:13:49 +0200, Andreas Davour <[EMAIL PROTECTED]> wrote: On Sat, 12 Aug 2006, Daniel Gerzo wrote: Hello Chris, Saturday, August 12, 2006, 3:48:28 AM, you wrote: Lastly surely someone has implemented a trash folder mechanism for freebsd... what is it called so I can look up how to install it? maybe something like: mkdir ~/.trash alias rm 'mv -iv \!* ~/.trash/' You don't have a handy solution for the lack of file version numbering as well? That's something I'd love to see in ext4 or UFS3! /andreas Snapshots? Isn't a snapshot a filesystem wide thing? Sounds to complicated for file-level versioning without something on top of it like the new Apple Time Machine business I agree it would be nice to have file versioning in the FS like VMS does. Chad Yeah, snapshots are FS-wide. If you make one once a day it's almost the same as a FS VMS feature. No, VM creates a new version of a file for each edit. So you would have to create a snapshot after each edit, so you only get 20 edits. And using the versioned files is not easy or intuitive since you have to play around with a new "FS" for each one, the snapshot. Chad ex-DECcie You can have a total of 20 snapshots, so that's 20 days... Snapshots really aren't that complicated, take a look at the handbook entry: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ snapshots.html Basicly it's just: # mknap_ffs /usr 20060812 And you have a snapshot of /usr named 20060812 Also, there's a port which offers some usefull scripts sysutils/freebsd-snapshot --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Undelete for UFS2?
On Aug 12, 2006, at 7:26 AM, Martin Tournoij wrote: On Sat, 12 Aug 2006 12:13:49 +0200, Andreas Davour <[EMAIL PROTECTED]> wrote: On Sat, 12 Aug 2006, Daniel Gerzo wrote: Hello Chris, Saturday, August 12, 2006, 3:48:28 AM, you wrote: Lastly surely someone has implemented a trash folder mechanism for freebsd... what is it called so I can look up how to install it? maybe something like: mkdir ~/.trash alias rm 'mv -iv \!* ~/.trash/' You don't have a handy solution for the lack of file version numbering as well? That's something I'd love to see in ext4 or UFS3! /andreas Snapshots? Isn't a snapshot a filesystem wide thing? Sounds to complicated for file-level versioning without something on top of it like the new Apple Time Machine business I agree it would be nice to have file versioning in the FS like VMS does. Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Large File System?
On Aug 8, 2006, at 1:01 PM, Freminlins wrote: Yes, I had all that. It is of absolutely no use in the event of an unclean shutdown (on FreeBSD). If the file system itself is dirty, it will need to fsckd. The bigger the file system, the longer it takes (generall). That is what journalling saves you. To give you some indication of what this means in real life, I'll refer (again, sorry) to a power outage we suffered in our colo. This is FreeBSD on modern hardware: Jul 23 17:52:05 weeble kernel: WARNING: /var was not properly dismounted Jul 23 17:55:52 weeble fsck: /dev/aacd0s1f: 1352 files, 956469 used, 13988364 free (1484 frags, 1748360 blocks, 0.0% fragmentation) I've snipped out the logs in between. But that's nearly 4 minutes to get itself sorted out. That file system has only 1.9GB of data. Our Solaris boxes came up straight away. Right now, if no fsck is really really important to you for your data store, then get an OpenSolaris system and put ZFS on it. Never fsck again as it is ALWAYS (they claim) in a coherent state. Or wait for ZFS to show up on FreeBSD Not just for the above reasons, I am implementing a Solaris server with 1.7TB on ZFS and sharing it to a bunch of FreeBSD machines over nfs on dedicated gigabit with jumbo frames on separate interfaces from the standard default interface. (My main reason was to not have storage tied to an individual worker server) Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: 4TB filesystem
On Aug 6, 2006, at 11:51 PM, Igor Robul wrote: On Sat, Aug 05, 2006 at 08:35:31PM +0100, Martin Hepworth wrote: Softupdates removes the issue if havinh to fsck filesystems after and unclean umount. Background fsck does not work well with big filesystems, it can literaly make server useless for long period of time, sometimes I just boot server in single user mode and do "fsck -y" because while it means downtime, but after this downtime server will work ... while background fsck eats all server memory and most of CPU. I'm very happy, that I dont need do this often :-) If I remember the postings or news from a while back right, someone is porting ZFS from OpenSolaris to FreeBSD(?). I will be glad when this happens. I have been playing with ZFS on a Solaris machine and it is majorly cool. Goodbye fsck and Hello ease of use and performance. <http://www.opensolaris.org/os/community/zfs/intro/> Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"