Setup for NIS master: make isn't seeing my sources

2010-07-23 Thread David Wolfskill 
[I'm not subscribed to -questions, so please include me in responses.
I've provided a valid Reply-To as a hint to your MUA.]

For the last 14 years or so, my NIS server on the home network has
been a SPARCstation 5/170 running Solaris 2.6; I'm finally getting
around to decommissioning it.

Accordingly, I'm configuring a new(-ish) machine running FreeBSD
8.1-PRERELEASE r210217 (as of Sunday last) as a new NIS master.  (I had
earlier configured it as a slave, so /var/yp/`domainname` was already
populated.)

The NIS domain is (for historical reasons) lmdhw.com.

The default in /var/yp/Makefile is for YPSRCDIR to be set to /etc; as I
prefer my NIS source files to be completely separate from the content of
/etc on any machine I fcreated /var/yp/Makefile.local:

albert# pwd  
/var/yp
albert# cat Makefile.local 
# Local tweaks to NIS make process

# $Id: Makefile.local,v 1.1 2010/07/23 18:51:37 root Exp $

# As long as we still have non-FreeSBD NIS clients on the local net...
UNSECURE = True

# Keep our NIS sources separate from any machine's /etc.
# While we're doing that, might as well make provision in case we want to
# work with more than one NIS domain at the same time.
YPSRCDIR =  $(YPDIR)/etc/$(DOMAIN)


I then populated /var/yp/etc/lmdhw.com by unpacking a tarball of the
sources from the SS5:

albert# domainname
lmdhw.com
albert# ls -lTa etc/lmdhw.com/
total 38
drwxr-xr-x  3 root  daemon   512 Jul 23 11:53:52 2010 .
drwxr-xr-x  3 root  wheel512 Jul 23 11:44:37 2010 ..
drwxr-xr-x  2 root  daemon   512 May 10 10:06:43 2010 RCS
-rw-r--r--  1 root  kmem  50 Jan 12 20:09:53 1997 auto_home
-rw-r--r--  1 root  kmem  94 Jan 12 20:10:08 1997 auto_master
-rw-rw-r--  1 root  daemon 0 Sep 14 11:53:16 1997 bootparams
-rw-rw-r--  1 root  daemon 0 Sep 14 11:53:16 1997 ethers
-r--r--r--  1 root  daemon   428 Sep  2 18:19:02 2001 group
-r--r--r--  1 root  daemon   273 Oct 25 15:33:32 2008 hosts
-rw-rw-r--  1 root  daemon 0 Sep 14 11:53:16 1997 netgroup
-r--r--r--  1 root  daemon   592 Aug 26 21:53:00 1999 netmasks
-r--r--r--  1 root  sys  372 Mar  4 21:46:19 1997 networks
-r--r--r--  1 root  daemon   855 Nov 30 21:51:03 2009 passwd
-rw-r--r--  1 root  daemon   892 May  3 19:11:13 1998 passwd.install
-r--r--r--  1 root  sys  980 Apr  4 18:14:32 1998 protocols
-r-xr-xr-x  1 bin   kmem 622 Mar  4 22:04:36 1997 publickey
-rw-r--r--  1 root  sys 1481 Mar  4 21:46:29 1997 rpc
-r--r--r--  1 root  daemon  2380 Jul 19 18:48:02 1998 services
-r  1 root  daemon   364 Oct  6 16:31:39 2006 shadow
-rw-r--r--  1 root  daemon   416 May  3 19:11:28 1998 shadow.install
-rw-r--r--  1 root  daemon21 Apr  4 23:32:06 1998 timezone
albert# 

But when I run make, I see whines about
/var/yp/etc/`/bin/domainname`/hosts being non-existent and having no
sources:

albert# make -d lm
Examining target...non-existent...non-existent and no sources...out-of-date.
if [ ! -d `/bin/domainname` ]; then mkdir `/bin/domainname`; fi;  cd 
`/bin/domainname` ; echo NIS Map update started on `date` for domain 
`/bin/domainname` ;  make -f ../Makefile all; echo NIS Map update completed.
NIS Map update started on Fri Jul 23 13:37:30 PDT 2010 for domain lmdhw.com
Examining /var/yp/ypservers...modified 11:53:28 Jul 23, 2010...up-to-date.
Examining ypservers...modified 11:53:55 Jul 23, 2010...up-to-date.
Examining servers...non-existent...modified before source 
(ypservers)...out-of-date.
update time: 13:37:30 Jul 23, 2010
Examining /var/yp/etc/`/bin/domainname`/hosts...non-existent...non-existent and 
no sources...out-of-date.
make: don't know how to make /var/yp/etc/`/bin/domainname`/hosts. Stop
*** Error code 2

Stop in /var/yp.
albert# 

I've run with additional debugging flags, but that seemed to merely
add to the clutter without actually providing useful information,
so I figured I'd skip subjecting y'all to that for now.

So what silly thing am I overlooking here?  Is something doing a
chroot(2) behind the scenes?

Thanks

Peace,
david
-- 
David H. Wolfskill  da...@catwhisker.org
Depriving a girl or boy of an opportunity for education is evil.

See http://www.catwhisker.org/~david/publickey.gpg for my public key.


pgpzAkWz3EREZ.pgp
Description: PGP signature

Re: tar fails on FreeBSD 7 and passes on FreeBSD 6 for the same input

2009-01-20 Thread David Wolfskill 
On Tue, Jan 20, 2009 at 01:24:41PM +0530, chandra reddy wrote:
 Hi,
 
 I am getting the following error when i run tar on a directory.
 
 [chan...@home]$ tar  zcf config-xsl.tar  config-xsl/9.6
 
 tar: Cannot open directory
 config-xsl/9.6/configuration/protocols/mpls/label-switched-path/oam/bfd-liveness-detection/detection-time:
 No such file or directory
 tar: Cannot open directory
 ...
 FreeBSD chandra 7.1-RC1 FreeBSD 7.1-RC1 #0: Sun Dec  7 05:57:33 UTC 2008
 r...@logan.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  i386
 I have debugged libc and found that  system call fstafs is failing and
 returning -1.

I believe you will find that the system call is fstatfs.
 
 Can any one help me what is the real problem here and how to fix it?

A subsequent message of your verified that the hierarchy being read was
on an NFS-mounted file system.  Perchance, was that NFS mount managwed
by amd(8)?

If so, while I do not have a fix for you, I am relieved to see someone
else finally report these symptoms.  Please see
http://docs.FreeBSD.org/cgi/mid.cgi?20081203001538.GC96383 for an
archived copy of my initial message in a thread reporting this.

There is additional detail (including kernel trace information 
how-to-repeat instructions) in subsequent messages in the thread.  Also
mentioned is a circumvention -- basically, crippling amd(8) so it no
longer attempts to unmount() a file system.

However, I was unable to re-create the symptoms at home -- only at work.
A colleague at work was able to re-create the symptoms, and was
intending to experiment a bit more, but he's been busy with other things
recently.

Please contact me (off-list, if you prefer), and we can discuss
additional details.

Peace,
david
-- 
David H. Wolfskill  da...@catwhisker.org
Depriving a girl or boy of an opportunity for education is evil.

See http://www.catwhisker.org/~david/publickey.gpg for my public key.


pgpRgd7rWpQt3.pgp
Description: PGP signature

Re: switching bsdlabel's label

2009-01-20 Thread David Wolfskill 
On Tue, Jan 20, 2009 at 03:36:34PM -0200, Eduardo Meyer wrote:
 ...
  Why not simply use bsdlabel -e da0s1?
 
 Because I didnt know about that? ;-)
 
 Thank you for the hint.
 
 However I still have the same doubt. Since basically its the same
 task, Is it safe do relabel this way?

I have done it several times without any problems.

Do, however, ensure that your /etc/fstab entries match the result before
you reboot; attempting a mount by hand (merely specifying either the
mount point or the device, but not both) before your next reboot can
serve as a useful reality check.

Peace,
david
-- 
David H. Wolfskill  da...@catwhisker.org
Depriving a girl or boy of an opportunity for education is evil.

See http://www.catwhisker.org/~david/publickey.gpg for my public key.


pgpL5iCUbcJ8Z.pgp
Description: PGP signature

Shell scripts: variable assignment within read loops

2008-08-17 Thread David Wolfskill 
I am writing a (Bourne) shell script that is intended (among other
things) to obtain information from a command, such as:

netstat -nibd -f inet

by reading and parsing the output.

However, the obvious (to me) approach of piping the output of the
command to the standard input of a while read ... statement turns out
to be not very useful; it appears that while

foo=
while read bar ... ; do
 ...
  foo=$bar
 ...
done $filename
echo $foo

will assign to foo the value of the bar variable form the last record
read (in FreeBSD 6.3-STABLE, at least), the following fails to do so:

foo=
cat $filename | while read bar ... ; do
 ...
  foo=$bar
 ...
done
echo $foo

Well, that's not *quite* accurate:the assignment is done all right, but
in the latter case, it appears to be done in a subshell, so by the time
we get to the echo statement, any variable assignments from within the
read loop have vanished.

Here's a cut/pasted, somewhat contrived example:

#! /bin/sh

foo=0
echo 0 foo: $foo
while read line; do
  echo 1.0 foo: $foo
  foo=1$line
  echo 1.1 foo: $foo
done /etc/resolv.conf
echo 2 foo: $foo

echo 

foo=2
echo 3 foo: $foo
eval cat /etc/resolv.conf | grep '.'
cat /etc/resolv.conf | while read line; do
  echo 4.0 foo: $foo
  foo=3$line
  echo 4.1 foo: $foo
done
echo 5 foo: $foo

exit 0

and its output on my laptop:

0 foo: 0
1.0 foo: 0
1.1 foo: 1search catwhisker.org
1.0 foo: 1search catwhisker.org
1.1 foo: 1nameserver 172.16.8.12
1.0 foo: 1nameserver 172.16.8.12
1.1 foo: 1nameserver 172.16.8.11
1.0 foo: 1nameserver 172.16.8.11
1.1 foo: 1nameserver 172.16.8.1
2 foo: 1nameserver 172.16.8.1

3 foo: 2
search catwhisker.org
nameserver 172.16.8.12
nameserver 172.16.8.11
nameserver 172.16.8.1
4.0 foo: 2
4.1 foo: 3search catwhisker.org
4.0 foo: 3search catwhisker.org
4.1 foo: 3nameserver 172.16.8.12
4.0 foo: 3nameserver 172.16.8.12
4.1 foo: 3nameserver 172.16.8.11
4.0 foo: 3nameserver 172.16.8.11
4.1 foo: 3nameserver 172.16.8.1
5 foo: 2

Note that the 2 foo line shows a value read from the last line of
/etc/resolv.conf, while the 5 foo line fails to do so.  (In a Solaris
9 environment, the output from each stanza is the same as the output
from teh second stanza in FreeBSD.)

Now here's a copy of the in-development script:

#! /bin/sh

cmd=netstat -nibd -f inet
ctr=0
clist=
hlist=`$cmd | head -1`
for f in $hlist; do
  ctr=$(( $ctr + 1 ))
  eval c$ctr=\$f\
  eval h_$f=c$ctr
done
cmax=$ctr

t_file=`mktemp /tmp/X`
$cmd | tail +2 $t_file
while read $hlist dummy; do
  if [ $Name = lo0 ]; then
continue
  fi
  for f in $hlist; do
eval val=\\$$f\
case $val in
-) eval ${f}_$Name=0;;
*) eval ${f}_$Name=$val;;
esac;
  done
  nics=$Name $nics;
done/$t_file
rm $t_file
echo (end) NICs: $nics
for n in $nics; do
  for f in $hlist; do
eval echo ${f}_$n: \$${f}_$n
  done
done

exit 0

And its output on my laptop:

(end) NICs: ath0 
Name_ath0: ath0
Mtu_ath0: 1500
Network_ath0: 172.17
Address_ath0: 172.17.1.30
Ipkts_ath0: 725191
Ierrs_ath0: 0
Ibytes_ath0: 185144197
Opkts_ath0: 821917
Oerrs_ath0: 0
Obytes_ath0: 74260936
Coll_ath0: 0
Drop_ath0: 0

and (somewhat more interestingly) on my firewall machine:

(end) NICs: dc0 de0 fxp0 
Name_dc0: dc0
Mtu_dc0: 1500
Network_dc0: 172.16.8/24
Address_dc0: 172.16.8.1
Ipkts_dc0: 2501577
Ierrs_dc0: 0
Ibytes_dc0: 215386153
Opkts_dc0: 20269087
Oerrs_dc0: 0
Obytes_dc0: 2553930555
Coll_dc0: 0
Drop_dc0: 0
Name_de0: de0
Mtu_de0: 1500
Network_de0: 63.193.123/24
Address_de0: 63.193.123.122
Ipkts_de0: 5936847
Ierrs_de0: 0
Ibytes_de0: 734092787
Opkts_de0: 18557543
Oerrs_de0: 0
Obytes_de0: 2551089632
Coll_de0: 0
Drop_de0: 0
Name_fxp0: fxp0
Mtu_fxp0: 1500
Network_fxp0: 172.17
Address_fxp0: 172.17.0.1
Ipkts_fxp0: 10013
Ierrs_fxp0: 0
Ibytes_fxp0: 1366082
Opkts_fxp0: 1253115
Oerrs_fxp0: 0
Obytes_fxp0: 70429903
Coll_fxp0: 0
Drop_fxp0: 0


As you see, I am circumventing the issue by writing to a transient file.
In the intended application, the script is to be used to gather
resource-utilization information; thus, I want its footprint to be
smaller, rather than larger.  Granted, in my case, I would be writing a
tiny text file to a swap-backed tmpfs, but in production, I won't have
the luxury of knowing that in advance: the intent is that the script
must run on a minimal FreeBSD system, with no ports or other 3rd-party
software installed.

Is there some other -- possibly better -- way to do this (using Bourne
shell scripting)?

Thanks!

(Please select recipients for your replies carefully: I'm not subscribed
to -questions.  I've provided a hint in the form of a Reply-To header,
though I realize that not all mailers honor it.  Please do include me in
replies.)

Peace,
david
-- 
David H. Wolfskill  [EMAIL PROTECTED]
Depriving a girl or boy of an opportunity for education is evil.

See http://www.catwhisker.org/~david/publickey.gpg for my public

Re: Shell scripts: variable assignment within read loops

2008-08-17 Thread David Wolfskill 
On Mon, Aug 18, 2008 at 06:29:03AM +0300, Giorgos Keramidas wrote:
 ...
 You are right that feeding data to a looping construct through a pipe
 may run in a subshell.  The ``Single UNIX Specification'' says
 

Ah; thanks for the confirmation.
 
...
 What I usually do in similar shell scripts is something like:
 
 cat ${filename} | sed -n -e '/foo/ s/bar/baz/' | \
 xargs -n1 blah
 
 This isn't exactly the same as assigning $foo to the results of the
 loop, but you can also use:
 
 foo=`cat $filename | while read bar ; do \
  stuff ...
  echo $bar
  more stuff...
  done`

Right; I had seen that type of construct in /etc/rc.d.* (which is where
I often look for samples of shell scripts that need to work reliably).

As you noticed, that won't quite do for what I'm trying to accomplish here.

 ...
  As you see, I am circumventing the issue by writing to a transient
  file.  In the intended application, the script is to be used to gather
  resource-utilization information; thus, I want its footprint to be
  smaller, rather than larger.  Granted, in my case, I would be writing
  a tiny text file to a swap-backed tmpfs, but in production, I won't
  have the luxury of knowing that in advance: the intent is that the
  script must run on a minimal FreeBSD system, with no ports or other
  3rd-party software installed.
 
  Is there some other -- possibly better -- way to do this (using Bourne
  shell scripting)?
 
 Ah, that's much better.  Now I see what you are trying to do.

:-)

 Would you be ok with an awk(1) script instead of /bin/sh?  It tends
 to be nicer for this sort of thing, i.e.:

Yes, awk(1) would be OK.  I'll be more inclined to use it if I can
figure out a way to use it instead of sed(1) for a very different part
of the script.  :-}

 $ expand david.awk | cat -n
  1  #
  2  # Gather the field names if this is a header-line.
  3  #
  4  $0 ~ /^Name/ {
  5  for (k = 1; k = NF; k++)
  6  tag[k] = $k;
  7  }
  8
  9  #
 10  # For all other lines, just print the tagged field values.
 11  #
 12  $0 !~ /^Name/ {
 13  name = $1;
 14  for (k = 1; k = NF; k++) {
 15  if ($k == -)
 16  $k = 0;
 17  printf %s_%s: %s\n, tag[k], name, $k;
 18  }
 19  }
 
 $ netstat -nibd -f inet | awk -f david.awk
 Name_re0: re0
 Mtu_re0: 1500
 Network_re0: 192.168.1.0/2
 ...

Very cool; thank you very much!  I will study that a bit

(I'd normally do this stuff in Perl, but in addition to the other issues
mentioned earlier, the script will be sleeping most of the time, but
wake up  spit out results periodically.  The usual case will be every 5
minutes, but I plan to make use of it with radically shorter periods in
certain specialized environments -- such as every 5 seconds.  And I
still want it to be low overhead.  I also note in passing that in its
production environments, the script's standard output will be
redirected to append to a file on a different machine via an SSH tunnel.)

 With a bit of preprocessing, it may be possible to extract the network
 names and print the (end) NICs: XXX XXX part too.

Right -- much of the output I demonstrated was strictly for debugging/
expository purposes.

Thanks again, Giorgos!

Peace,
david
-- 
David H. Wolfskill  [EMAIL PROTECTED]
Depriving a girl or boy of an opportunity for education is evil.

See http://www.catwhisker.org/~david/publickey.gpg for my public key.


pgpQZk6NuCeRc.pgp
Description: PGP signature

Re: IPFW Problems?

2006-04-17 Thread David Wolfskill 
On Mon, Apr 17, 2006 at 06:29:13PM -0400, Charles Swiger wrote:
 ...
 [ ...redirected to freebsd-questions... ]

Thanks for doing that!

 ...

 You don't have a check-state rule anywhere, so you either need to add  
 one or a rule to pass established traffic to and from port 22.

I thought check-state was fairly optional; ref:

 These dynamic rules, which have a limited lifetime, are checked at the
 first occurrence of a check-state, keep-state or limit rule, and are typ-
 ically used to open the firewall on-demand to legitimate traffic only.
 See the STATEFUL FIREWALL and EXAMPLES Sections below for more informa-
 tion on the stateful behaviour of ipfw.

(from man ipfw on a 4.11 system).

Peace,
david
-- 
David H. Wolfskill  [EMAIL PROTECTED]
Mail filters, like sewers, need to be most restrictive at the point of entry.

See http://www.catwhisker.org/~david/publickey.gpg for my public key.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

What's so special about /dev/vn0a?

2003-11-19 Thread David Wolfskill 
Seems that I can't refer - explicitly -- to partition a of a
partitioned vnode disk if it's assigned /dev/vn0.  If I assign it
/dev/vn1, no problem.  If I change the name of the partition to b, no
problem.  I can even just refer to it as /dev/vn0, and /dev/vn0a gets
selected.

So I'm a tad puzzled.  This isn't the End Of The World As We Know It,
but the apparent lack of consistency is ... curious, at least.

I'm running 4.9-R, recompiled mostly to get device vn in the kernel:

%uname -a
FreeBSD frecnocpc10.noc.egation.com 4.9-RELEASE FreeBSD 4.9-RELEASE #0: Thu Nov 13 
13:17:27 PST 2003 [EMAIL PROTECTED]:/usr/src/sys/compile/MADCASTER  i386
%sudo vnconfig -s labels -c vn0 vn_jail
%sudo disklabel -r vn0 | tail
Password:
track-to-track seek: 0  # milliseconds
drivedata: 0 

8 partitions:
#size   offsetfstype   [fsize bsize bps/cpg]
  a:1600004.2BSD 2048 16384   107   # (Cyl.0 - 7*)
  c:  26624000unused0 0 # (Cyl.0 - 1299)
  e:16000160004.2BSD 2048 16384   107   # (Cyl.7*- 15*)
  g:  400320004.2BSD 2048 16384   107   # (Cyl.   15*- 15*)
  h:  263324004.2BSD 2048 1638490   # (Cyl.   15*- 1299*)
%sudo df /dev/vn0
Filesystem 1K-blocks  UsedAvail Capacity  Mounted 
on
/dev/vn07822  6572  62691%
%sudo df /dev/vn0a
df: /dev/vn0a: Device not configured
%sudo vnconfig -u vn0
%sudo vnconfig -s labels -c vn1 vn_jail
%sudo df /dev/vn1
Filesystem 1K-blocks  UsedAvail Capacity  Mounted 
on
/dev/vn17822  6572  62691%
%sudo df /dev/vn1a
Filesystem 1K-blocks  UsedAvail Capacity  Mounted 
on
/dev/vn1a   7822  6572  62691%
%sudo vnconfig -u vn1
%

I admit that I've done but the most cursory of reality checks, but come
up empty-handed.  Is this intentional?

I'm certainly willing to submit a PR if it's broken;  indeed, I'm
willing to go poke around in the code and try to understand where
things are going wrong -- but I'd rather avoid that exercise if this
really is working as designed.

Thanks,
david
-- 
David H. Wolfskill [EMAIL PROTECTED]
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]