configuring snmpd when setting up jailed environment
I am trying to make snmpd listen on a specific address for the JAIL HOST(aka physical server) and each jailed environment (aka JAIL). The server is server configured using the ezjail framework. As I read man (8) snmpd, I should be able to do this. I am trying to make the JAIL HOST listen on udp:161 192.168.222.90 and a JAIL to listen on udp:161 192.168.222.91 obviously, each JAIL alias IP would be distinct for each jailed environment. I have edited JAIL HOST /usr/local/etc/snmp/snmpd.conf to include agentaddress udp:161 192.168..90 Where do I profile this? How do I make this work? What am I doing wrong? I am humbly asking for assistance :) Thanks Don === Section: Net-SNMP (8) SNMPD SYNOPSIS snmpd [OPTIONS] [LISTENING ADDRESSES] -x ADDRESS Listens for AgentX connections on the specified address rather than the default /var/agentx/master. The address can either be a Unix domain socket path, or the address of a network interface. The format is the same as the format of listening addresses described below. == some of my notes === JAIL Host hier, separate partition for jails /usr/jails basejail newjail /usr/jails/basejail /usr/jails/newjails I did not modify the ezjail.conf file From JAIL HOST # mount_procfs proc /usr/jails/web/proc From within the JAIL I installed /usr/ports/net-mgmt/net-snmp # make # make install clean mkdir /snmp in /usr/local/etc create snmpd.conf file # cp /usr/local/share/snmp/snmpd.conf.example /usr/local/etc/snmp/snmpd.conf Made minial changes to snmpd.conf in JAIL Host and JAIL. # sec.name source community # com2sec local localhost public com2sec local 192.168.222.91 public com2sec mynetwork 192.168.222.0/24 public Added to JAIL rc.conf and JAIL HOST rc.conf # vi /usr/jails/web/etc/rc.conf snmpd_enable=YES snmpd_flags=-a snmpd_pidfile=/var/run/snmpd.pid restart the JAIL From JAIL # snmpwalk -c public -u com2sec -v 1 web system This does output allot of expected snmp data EXCEPT that it is listing the data for the JAIL HOST, not the JAIL. # less /var/log/snmpd.log init_kmem: kvm_openfiles failed: /dev/mem: No such file or directory ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ezjail on FreeBSD 6.2
Hello Dave...responses below On 4/4/07, Dave [EMAIL PROTECTED] wrote: Hello, Is anyone running ezjail on 6.2? Yes, 6.2-stable GENERIC. At install time I created a separate partition for, /usr/jails which makes it default to the ezjail-admin create jail default location. I've got to set up three similar jails and i'd like to run them off of one base. I'd like to create a jail flavor, where one jail has file x while the others do not. My limited understanding of Flavours...These are like templates to quick rebuild or create 'like' jail containers. While your maybe similiar, what x is (and how big) may make them different. Two problems i'm having with flavors is one adding packages such as shells Got me here. Something I need to learn as well. , and two adding users and giving them the shells just added? I would think the adding users could either be done from an ssh session into a running jail, or using # jexec JID adduser. I'm not sure how to do the shells, except to say that I know I read somewhere...where you can setup/change the default shell, then for each new user added, they would get this profile. I'd also like it if i could mount my host system's ports tree in the jail itself, so i wouldn't have to get multiple copies of the ports tree. The only way i've found thus far of doing this is via nullfs on the base system and was wondering if there was an easier method of doing this? Now this one I know can be done a couple of different ways. First is in the FAQ. The other is in a post I just made last week for the same reason. I read man ezjail-admin. Just issue the following # ezjail-admin update -p. This will update existing ezjails to have access to the host ports tree. From within a running jail, when you type # cd /usr/ports, your will really be going to /basejail/usr/ports. pkg_add -r and make/make install clean all work fine. Ezjail also has a list you can join, if interested...although it is not very active. Responses are reasonably quick, given the support is free :) Regards Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
problems installing perl-5.8.8
I am having problems installing perl5.8.8 on a up-to-date FreeBSD-6.2. After running... web# cd /usr/ports/lang/perl5.8 web# make scripts install perl... web# make test (8) tests fail with the following message ...something about you may need to set dynamic library search path, LD_LIBRARY_PATH to point to the build directory; setenv LD_LIBRARY_PATH `pwd`:$LD_LIBRARY_PATH; cd t; ./perl harness ### LD_LIBRARY_PATH=`pwd`:$LD_LIBRARY_PATH; export LD_LIBRARY_PATH; cd t; ./perl harness ### export LD_LIBRARY_PATH=`pwd`:$LD_LIBRARY_PATH; cd t; ./perl harness so I cd in t web# cd /varlang/perl5.8/work/perl-5.8.8/t web# ./perl harness web# /libexec/ld-elf.so.1: Shared object libperl.so not found, required by perl tried TEST too.. with same results web# ./TEST /libexec/ld-elf.so.1: Shared object libperl.so not found, required by perl web# pwd /var/ports/basejail/usr/ports/lang/perl5.8/work/perl-5.8.8/t web# ./perl -I../lib harness /libexec/ld-elf.so.1: Shared object libperl.so not found, required by perl web# I am really clueless to why this is failing or even how to setenv LD_LIBRARY_PATH I could really use some help. ps.. I have spent all day googling /libexec/ld-elf.so.1: Shared object libperl.so not found, required by perl as well as variation of this message. Thanks Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: problems installing perl-5.8.8
Don Munyak wrote: I am having problems installing perl5.8.8 on a up-to-date FreeBSD-6.2. After running... web# cd /usr/ports/lang/perl5.8 web# make scripts install perl... web# make test (8) tests fail with the following message I can't explain why, but I was able to get perl-5.8.8 installed using the following; # echo ENABLE_SUIDPERL=true /etc/make.conf # make install clean Finished compiling and installed without any error stop codes This came from http://www.bsdguides.org/guides/freebsd/security/perl_setuid.php Once correction scripts install perl... Perl never actually installed. The install process halted with an error stop code Thanks for your suggestions :) Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: PowerApp 120/1550 Install problems
On 3/17/07, Minnesota Slinky [EMAIL PROTECTED] wrote: Hey list, I'm trying to install FreeBSD 6.2-RELEASE on a Dell PowerApp 120 (1550) I just purchased. The system claims to have an AIC 7899 SCSI host adapter. I've currently got a known-good 9GB Fujitsu hard disk in the system, as ID 0. During installation, the disk comes up as da0. After going through all the options for install, etc, I get an error when it tries to write the file systems: Unable to find device node for /dev/da0s1b in /dev! and mentions that installation is aborting. At first I thought it was a problem with the SCSI backplane, but RHEL and Window 2000 Server both install and operate without problems. Thanks for your advice! Eric Crist ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Don't know the answer, but have a suggestion. How about getting a live cd to boot from and then query /var/log for hardware spec's Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Fwd: IPF (ftp - pkg_add) help requested
On 3/1/07, Kelly D. Grills [EMAIL PROTECTED] wrote: On Thu, Mar 01, 2007 at 04:10:11PM -0500, Don Munyak wrote: As I hinted at in my original response, If you'd rather keep your firewall rules tighter, pkg_add(1) says: Note: If you wish to use passive mode ftp in such transfers, set the variable FTP_PASSIVE_MODE to some value in your environment. ahh... now I see what your saying. I have my server setup to disallow root login from console. I login as user, then su to root. When I run # printenv |sort, This dispalys the env varibale for me, not root. How do I set|view env for root?..., specifically FTP_PASSIVE_MODE=YES -- OT... Kelley, btw...Baxter is cool :) I had a Pekingese once. For Halloween, I shaved off all her hair except for a 2 mohawk head-2-tail. I'll have to find the picture to send you some day. Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPF (ftp - pkg_add) help requested
I am building a FreeBSD box to function as a FAMP server (LAMP) and hopefully replace our existing mail server. I am having an issue with IPF that I can't seem to figure out. *** When IPF is enabled, I can't run # pkg_add -r package name. {...snip from local console..} p0069# pkg_add -rv bash looking up ftp.freebsd.org connecting to ftp.freebsd.org:21 setting passive mode opening data connection Error: FTP Unable to get ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.1-release/Latest/bash.tbz: Network is unreachable pkg_add: unable to fetch 'ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.1-release/Latest/bash.tbz' by URL pkg_add: 1 package addition's) failed {...end-snip..} *** When I disable ipf -D, all works fine. IPF was compiled in the kernel when I did a buildworld. p0069# uname -a FreeBSD p0069.bm.local 6.1-RELEASE-p12 FreeBSD 6.1-RELEASE-p12 #0: Thu Feb 8 13:55:26 EST 2007 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/WEBSERVER i386 p0069# When I issue ipfstat -ho, after pkg_add -r, the following lines increment - pass out quick on em0 proto tcp from any to any port = 21 flags S keep state - pass out quick on em0 proto udp from any to any port = 53 keep state - block out log first quick on em0 all # -- # /etc/ipf.rules # logged to /var/log/firewall.log # 02/28/2007 # -- # -- # EGRESS filtering # -- # No restriction on Loopback Adapter pass in quick on lo0 all pass out quick on lo0 all # DHCP Bootp # pass out quick on em0 proto udp from any to any port = 67 keep state # pass out quick on em0 proto udp from any to any port = 68 keep state # ICMP pass out quick on em0 proto icmp from any to any keep state # Allow out http pass out quick on em0 proto tcp from any to any port = 80 flags S keep state pass out quick on em0 proto tcp from any to any port = 443 flags S keep state # Allow ftp out pass out quick on em0 proto tcp from any to any port = 20 flags S keep state pass out quick on em0 proto tcp from any to any port = 21 flags S keep state # Allow mail out pass out quick on em0 proto tcp from any to any port = 110 flags S keep state pass out quick on em0 proto tcp from any to any port = 143 flags S keep state pass out quick on em0 proto tcp from any to any port = 25 flags S keep state # Allow SSH Out pass out quick on em0 proto tcp from any to any port = 22 flags S keep state # Allow DNS pass out quick on em0 proto udp from any to any port = 53 keep state pass out quick on em0 proto tcp from any to any port = 53 flags S keep state # Allow CVSUP pass out quick on em0 proto tcp from any to any port = 5999 flags S keep state # Keeping time pass out quick on em0 proto tcp from any to any port = 37 flags S keep state pass out quick on em0 proto tcp from any to any port = 123 flags S keep state # Allow whois pass out quick on em0 proto tcp from any to any port = 43 flags S keep state # Razor Spamassasin # more later # Block and Log the first occurance of everything else block out log first quick on em0 all # - # INGRESS Filtering # # Block all inbound traffic from non-routable or reserved networks # block in quick on em0 from 192.168.0.0/16 to any block in quick on em0 from 172.16.0.0/12 to any block in quick on em0 from 10.0.0.0/8 to any block in quick on em0 from 127.0.0.0/8 to any block in quick on em0 from 0.0.0.0/8 to any block in quick on em0 from 169.254.0.0/16 to any # block in quick on em0 from 192.0.2.0/24 to any block in quick on em0 from 204.153.64.0/23 to any block in quick on em0 from 224.0.0.0/3 to any # Block in Nasties # stuff I don't want logged block in quick on em0 proto icmp all icmp-type 8 block in quick on em0 all with frags block in quick on em0 all with ipopts block in quick on em0 all with short # block return-rst in quick on em0 proto tcp all flags FUP # block return-rst in quick on em0 proto tcp from any to any # block return-icmp-as-digest(port-unr) in quick on em0 proto udp from any to any # Block all Netbios server. 137=name, 138=datagram, 139=session block in log first quick on em0 proto tcp/udp from any to any port = 137 block in log first quick on em0 proto tcp/udp from any to any port = 138 block in log first quick on em0 proto tcp/udp from any to any port = 139 block in log first quick on em0 proto tcp/udp from any to any port = 81 # Allow in http/https pass in quick on em0 proto tcp from any to any port = 80 flags S keep state pass in quick on em0 proto tcp from any to any port = 443 flags S keep state # allow incoming SSH pass in quick on em0 proto tcp from any to any port = 22 flags S keep state # SMTP/POP/IMAP pass in quick on em0 proto tcp from any to any port = 25 flags S keep state pass in quick on em0 proto tcp from any to any port = 110 flags S keep state pass in quick on em0 proto tcp from any to any port = 143 flags S keep state # Anit-Virus # more later # All the rest block in log first quick on em0 all # - EOF
Fwd: IPF (ftp - pkg_add) help requested
Apart from up dating to newer version, I don't see how upgrading to 6.2 will make a difference. Anyway, thanks for taking the time to reply. However, the solution is as follows. Incidentally, this had nothing to do with pkg_add And everything to do with FTP and IPFILTER. === Diagnosis... {IPMON results} # ipmon 01/03/2007 15:03:39.112348 em0 @0:17 b 192.168.222.69,63507 - 204.152.184.73,63471 PR tcp len 20 48 -S OUT 01/03/2007 15:04:09.128610 em0 @0:17 b 192.168.222.69,57187 - 62.243.72.50,59250 PR tcp len 20 48 -S OUT 01/03/2007 15:04:17.756186 em0 @0:17 b 192.168.222.69,59469 - 204.152.184.73,55984 PR tcp len 20 48 -S OUT 01/03/2007 15:04:23.832928 em0 @0:17 b 192.168.222.69,62647 - 62.243.72.50,58387 PR tcp len 20 48 -S OUT My server was opening an additional session using ports 1024, which I was not initially allowing. ipf was blocking outbound due to this rule. This is a known issue with ftp client sessions using active mode when behind a firewall. # Block and Log the first occurance of everything else block out log first quick on em0 all Solution http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipf.html section 26.5.21.1 IPNAT Rules {or} section 26.5.21.2 IPNAT FTP Filter Rules I chose 26.5.21.2 for simplicity. This proabably isn't a major issue for me, since the server will be located behind a border (LAN) firewall. Basically changed: # Allow ftp out pass out quick on em0 proto tcp from any to any port = 20 flags S keep state pass out quick on em0 proto tcp from any to any port = 21 flags S keep state { to...} # Allow ftp out pass out quick on em0 proto tcp from any to any port = 21 flags S keep state pass out quick on em0 proto tcp from any to any port 1024 flags S keep state { and added } #Allow Active mode data channel from ftp server pass in quick on em0 proto tcp from any to any port = 20 flags S keep state For good reading {Official IPF home page} http://coombs.anu.edu.au/~avalon/ip-filter.html Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: pkg_add problems
Thanks everyone. The issue seems to be related to IPF, which I am trying to sort out. Basically when ipf is enabled, the connectivity fails, although my pass out rule for ftp includes ports 20 21. With ipf -D disabled, no problems. I'll probably post to a new thread after I've tried some more first. Thanks again. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
pkg_add problems
I am having trouble using pkg_add -r some package. I keep getting the following error. --- p0069# pkg_add -r bash Error: FTP Unable to get ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.1-release/Latest/bash.tbz: Network is unreachable pkg_add: unable to fetch 'ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6.1-release/Latest/bash.tbz' by URL p0069# - I don't know if this has anything to do with it, but - I have rebuilt the kernel successfully - p0069# uname -a FreeBSD p0069.bm.local 6.1-RELEASE-p12 FreeBSD 6.1-RELEASE-p12 #0: Thu Feb 8 13:55:26 EST 2007 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/WEBSERVER i386 - And there is no ports tree installed.. ie /usr/ports does not exist. - I can ping ftp.freebsd.org - I can also ftpopen ftp.freebsd.org Any thoughts on trouble shooting this would be appreciated. Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: compiling error - /usr : filesystem full
Here's some additional Information I have been able to find. The narrative is just to further explain what I was doing. - I was in the process of rebuilding a new kernel for one of my laptops. I did the whole cvsup_without-gui. I created a new kernel called LAPTOP and commented all unnecessary drivers and options. When I ran make buildkernel KERNCONF=LAPTOP, the process eventually died with an error. I neglected to write down the exact error, but it was something like {objcopy) /usr : filesystem full As you can see /usr is choking. I have not turned off the laptop. Based on the information below, what can I delete to free up some space. I use the word delete in broad terms. Much like the windows world where you should 'uninstall' as opposed to simply deleting a folder...I am not sure what to do...ie how to free up space. The only thing I can think of is to simply # rm /usr/ports ... for lack of a better example. # du -ak /usr |sort -nr | /tmp/file2.txt This file had 24,000 lines so I deleted much of the file. Your thoughts/suggestions will be much appreciated. ### output from running # df -m /tmp/file1.txt ### where -m is MB Filesystem 1M-blocks Used Avail Capacity Mounted on /dev/ad0s1a 495 55 40012%/ devfs 00 0 100%/dev /dev/ad0s1e 495 10 445 2%/tmp /dev/ad0s1f 2300 2286 -170 108%/usr /dev/ad0s1d 1098 58 952 6%/var devfs 00 0 100%/var/named/dev ### output from running # du -ak /usr |sort -nr | /tmp/file2.txt ### where -a is 'display entry for each file in file hierarchy ### where -k is 'display block count in kilobyte' 2341378/usr 636728/usr/obj 636726/usr/obj/usr 636724/usr/obj/usr/src 428576/usr/src 402064/usr/ports 289070/usr/X11R6 273156/usr/local 232342/usr/obj/usr/src/sys 230268/usr/obj/usr/src/sys/LAPTOP 204636/usr/src/contrib 170340/usr/obj/usr/src/sys/LAPTOP/modules 170338/usr/obj/usr/src/sys/LAPTOP/modules/usr 170336/usr/obj/usr/src/sys/LAPTOP/modules/usr/src 170334/usr/obj/usr/src/sys/LAPTOP/modules/usr/src/sys 170332/usr/obj/usr/src/sys/LAPTOP/modules/usr/src/sys/modules 148210/usr/X11R6/lib 129236/usr/compat 129234/usr/compat/linux 116012/usr/compat/linux/usr 106724/usr/obj/usr/src/gnu 105986/usr/obj/usr/src/tmp 101880/usr/src/sys 100536/usr/obj/usr/src/tmp/usr 88956/usr/compat/linux/usr/lib 88856/usr/obj/usr/src/gnu/usr.bin 86464/usr/X11R6/share 83186/usr/local/share 79184/usr/local/lib 78854/usr/share 67228/usr/compat/linux/usr/lib/locale 61072/usr/obj/usr/src/lib 59326/usr/local/freebsd-update 59324/usr/local/freebsd-update/work 56616/usr/X11R6/lib/X11 52090/usr/obj/usr/src/tmp/usr/src 49418/usr/obj/usr/src/tmp/usr/src/gnu 49416/usr/obj/usr/src/tmp/usr/src/gnu/usr.bin 47864/usr/src/contrib/gcc 45808/usr/obj/usr/src/gnu/usr.bin/cc 44264/usr/X11R6/lib/X11/fonts 43932/usr/ports/distfiles 40422/usr/X11R6/share/doc 39098/usr/src/sys/dev 38956/usr/obj/usr/src/usr.sbin 37694/usr/obj/usr/src/tmp/usr/src/gnu/usr.bin/cc 33638/usr/share/doc 32104/usr/ports/devel 31654/usr/local/lib/perl5 31646/usr/lib 31414/usr/X11R6/lib/firefox 31082/usr/local/freebsd-update/work/4 30496/usr/compat/linux/usr/lib/locale/locale-archive 30218/usr/share/doc/en_US.ISO8859-1 28974/usr/local/lib/perl5/5.8.8 28080/usr/src/contrib/binutils 26840/usr/ports/www 26692/usr/src/crypto 26288/usr/local/share/doc 26166/usr/local/freebsd-update/work/3 25830/usr/X11R6/bin 24344/usr/bin 24190/usr/compat/linux/usr/share 24124/usr/X11R6/include 23604/usr/X11R6/share/doc/qt 23602/usr/X11R6/share/doc/qt/html 23142/usr/share/doc/en_US.ISO8859-1/books 21592/usr/X11R6/lib/firefox/components 21436/usr/local/bin 21240/usr/ports/games 20528/usr/obj/usr/src/usr.bin 19966/usr/src/lib 19820/usr/obj/usr/src/tmp/usr/lib 19572/usr/obj/usr/src/secure 19552/usr/ports/INDEX-6.db 19072/usr/obj/usr/src/sys/LAPTOP/kernel.debug 18534/usr/src/share 18488/usr/share/man 18464/usr/obj/usr/src/lib/libc 17866/usr/obj/usr/src/gnu/lib 16902/usr/src/contrib/bind9 16500/usr/obj/usr/src/secure/lib 16206/usr/src/sys/contrib 15788/usr/src/contrib/gdb 15758/usr/libexec 15666/usr/X11R6/include/firefox 15590/usr/obj/usr/src/gnu/usr.bin/cc/cc_int 15538/usr/local/freebsd-update/work/4/rollback 15538/usr/local/freebsd-update/work/4/install 15462/usr/obj/usr/src/tmp/usr/src/gnu/usr.bin/cc/cc_int 15348/usr/obj/usr/src/gnu/usr.bin/gdb 15312/usr/src/usr.sbin 15208/usr/ports/net 14984/usr/X11R6/lib/X11/fonts/100dpi 14934/usr/X11R6/share/locale 14688/usr/ports/graphics 14546
Re: rc.conf ...need help
On 2/6/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: On 06/02/07, Jerry McAllister [EMAIL PROTECTED] wrote: On Tue, Feb 06, 2007 at 03:58:06PM -0500, Don Munyak wrote: How can I edit rc.conf while in single user mode. I've tried vi ee, but system doesn't recognize either. Thanks to everyone. I actually had fixed the file 2 minutes after receiving first reply but was unable to respond until now. However, having 2-3 different approaches and/or alternatives is also quite helpful. Thanks Again, Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
compiling error - /usr : filesystem full
Hello, I was recompiling the kernel on my laptop when the process ended with errors. /usr : filesystem full I suspect that the HD is has too many files ?? can I simply remove/delete to ports from /usr/ports and try to recompile? btw...I have used pkg_add in the past. Will deleting the ports files tantamount to deleteing a folder in windows without uninstalling first ? Thanks Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
rc.conf ...need help
Hello, I was tweaking the /etc/rc.conf file and apparently had a typo. Now the system boots into single user mode. I know what my error is syslogd_enable=YES {left off the first } How can I edit rc.conf while in single user mode. I've tried vi ee, but system doesn't recognize either. Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
startup script with non-root user
Hello, I have an application I'd like to startup at boot, however, the script needs to be started by a non-user account. If I put the startup script in /usr/local/etc/rc.d/hobbit.sh How do I get it to start using the user account 'hobbit' Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: startup script with non-root user
Thanks so much Martin Greg. I give these a try. Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
How-to build / make / install
How-to build/make/install {disclaimer}...I've been using FreeBSD for about a year, so while I consider myself still a n00b, I'm just not a complete n00b :) OS: 6.1-RELEASE I really need some help building a package for install (if that's the correct terminology). hobbitmon is the next re-named version of big brother http://hobbitmon.sourceforge.net/ I have downloaded the tar.gz file into /usr/local/etc I extracted the tar using: don-bsd# tar xvfz file.tar.gz then I cd in to the directory don-bsd# cd /usr/local/etc/hobbit-4.2.0 The directory listing is as follows: don-bsd# pwd /usr/local/etc/hobbit-4.2.0 don-bsd# ls -la total 164 drwxr-xr-x 17 root wheel512 Jan 18 09:38 . drwxr-xr-x 20 root wheel 1536 Jan 18 09:48 .. -r--r--r-- 1 root wheel 17983 Aug 9 16:10 COPYING -r--r--r-- 1 root wheel 1585 Aug 9 16:10 CREDITS -r--r--r-- 1 root wheel 69402 Aug 9 16:10 Changes -r--r--r-- 1 root wheel 3303 Aug 9 16:10 README -r--r--r-- 1 root wheel 5063 Aug 9 16:10 README.CLIENT -r--r--r-- 1 root wheel 9290 Aug 9 16:10 RELEASENOTES drwxr-xr-x 2 root wheel 1024 Aug 9 16:10 bbdisplay drwxr-xr-x 2 root wheel 1024 Aug 9 16:19 bbnet drwxr-xr-x 2 root wheel512 Aug 9 16:10 bbproxy drwxr-xr-x 2 root wheel 1536 Jan 17 17:01 build drwxr-xr-x 2 root wheel 1024 Aug 9 16:10 client drwxr-xr-x 2 root wheel 1024 Aug 9 16:10 common -r-xr-xr-x 1 root wheel431 Aug 9 16:10 configure -r-xr-xr-x 1 root wheel 6005 Aug 9 16:10 configure.client -r-xr-xr-x 1 root wheel 14018 Aug 9 16:10 configure.server drwxr-xr-x 2 root wheel512 Aug 9 16:10 contrib drwxr-xr-x 3 root wheel 1024 Aug 9 16:10 debian drwxr-xr-x 2 root wheel512 Aug 9 16:10 demotool drwxr-xr-x 3 root wheel 1536 Aug 9 16:10 docs drwxr-xr-x 7 root wheel 1536 Aug 9 16:10 hobbitd drwxr-xr-x 2 root wheel512 Aug 9 16:10 include drwxr-xr-x 2 root wheel 2048 Aug 9 16:10 lib drwxr-xr-x 3 root wheel512 Aug 9 16:10 rpm drwxr-xr-x 2 root wheel 2048 Aug 9 16:10 web don-bsd# The README says to simply don-bsd# ./configure don-bsd# make don-bsd# make install However, when I type ./configure from /usr/local/etc/hobbit-4.2.0 don-bsd# ./configure Configuration script for Hobbit This script asks a few questions and builds a Makefile to compile Hobbit Checking your make-utility GNU make is required to build Hobbit. If it is available as gmake, run configure as: 'MAKE=gmake ./configure.server' don-bsd# * Help please, Thanks ~Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Fwd: WWW Proxy/Traffic Analyzer
-- Forwarded message -- From: Bachilo Dmitry [EMAIL PROTECTED] Date: Jan 10, 2007 10:54 PM Subject: Re: WWW Proxy/Traffic Analyzer To: freebsd-questions@freebsd.org We have an employee who spends quite a bit of time on the net and currently have no way of analyzing where they go. Are there any decent proxy servers that I can put them on to see where they are going? -Tom I have recently installed Dansguardian + Squid onto 6.1-REALEASE. My approach was not as an in-line, but rather transparent mode. Our proxy server is in the DMZ. All outbound http requests from the LAN are redirected at the firewall to the server in the DMZ. This approach eliminates users ability to by-pass the proxy, as no changes to browser settings are made. If the proxy dies, all I need to do (temporarily) is disable the redirector in the firewall. So far, this setup works rather well. There are plenty of free tools for analyzing the logs. The plus for us, by incorporating Dansguardian, is the ability to further customize what is acceptable and what's not. ~ Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How-to build / make / install
Thanks, here's the latest attempts I've made... Have you had a look in the ports tree to see if you can find Hobbit there? Yes, no port is available. Otherwise, gmake is available from ports/devel/gmake, just do cd ports/devel/gmake and make install clean and then you've got it. added gmake before hand. # make, then # make install clean gcc and g++ are also installed. Then you do MAKE=gmake ./configure-server or whatever in the source catalog for hobbit. Not sure what the source catalog is?? from /hobbit-4.2.0 folder don-bsd# ./configure Configuration script for Hobbit This script asks a few questions and builds a Makefile to compile Hobbit Checking your make-utility GNU make is required to build Hobbit. If it is available as gmake, run configure as: 'MAKE=gmake ./configure.server' don-bsd# I can see that this message is from the file configure.server. Snip of code below. {snip from configure.server file} echo Checking your make-utility MAKEVER=`$MAKE -version 21 | head -n 1 | awk '{print $1 $2}'` if test $MAKEVER != GNU Make then echo GNU make is required to build Hobbit. echo If it is available as \gmake\, run configure as: 'MAKE=gmake $0' exit 1 fi echo Checking pre-requisites for building Hobbit echo . build/fping.sh echo ; echo . build/rrd.sh echo ; echo . build/pcre.sh echo ; echo {...end-snip} But seems to bail right after the echo If it is available as \gmake\... Thanks Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ping: sendto: Can't assign requested address
On 1/18/07, Questions [EMAIL PROTECTED] wrote: Hello, Let me preface this mail by saying: I'm an idiot. Now that we've gotten that out of the way, you don't have to say it! I have a piece of networking equipment that does not have a factory defaults button on it. it has to be RMA'd and returned to the manufacturer if you can't remember login credentials (forgot username,pass/IP, etc) I was assigning the unit an IP address of 172.20.1.x but I typod it. 127.20.1.x and as you can guess, I can't connect to the unit from any other device now. 127.x is loopback. I have tried assigning a 127.20.1.x address to an ethernet interface in a FreeBSD box, and removinging the 127.0.0.1/8 on localhost. I've also gone into the routing table, and removed all traces of routes for 127.x and finally, *tried* creating a route for 127.20.1.x to go out the ethernet interface (link #2) The problem with everything above is: no matter what ip/subnet combination I use, I get a message (when adding the route) that the network is unreachable. Then, when I try to ping the device from the fbsd box, I get ping: sendto: Can't assign requested address My question is: Is it possible in any way, to change the 127 routing to pass out my ethernet card long enough to re-ip this device? I haven't yet come up with a decent solution. Thanks for any thoughts, Jeff ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] What's the piece of equipment? Is there a serial(comm) port ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Cacti -vs- mrtg
Also check out CactiEZ . its a distribution package of sorts that will load a complete system on a spare box. Basically a quick and dirty for those not wanting to take all the steps of installing an OS first and then the packages and plug-ins. http://cactiusers.org/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
xfce panel install external plugin
Hello, I have a laptop loaded with freebsd + Xfce 4.2.x I want to install the xfce4-battery-plugin http://goodies.xfce.org/projects/panel-plugins/start I presume this will add a battery monitor to the panel. What do I need to do to install this or any other plugin Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ezjails, jails
re: ezjails, jails Hopefully a quick question. I am researching using EZJails from http://erdgeist.org/arts/software/ezjail/ But a little confused by the jail concept. I think I need to setup two jails, one(1) for email services and one(1) for www services, on a single server. q. If I am running a webserver for more than one(1) domain, should I be using a single jail for each domain, or is one jail needed for 'ALL' www processing ? q. If I am using a jail for each domain, does this imply loading apache+php+mysql, for each www jail ? q. Likewise with email and multiple domains, does multiple domains = multiple email jails, as well as multiple copies of smtp, pop3, webmail ?? q. Email and WWW services both require MySQL. Would I be installing MySQL 'x' number of times? What I want to do is he following: We are a small company, so email traffic is minial..ie. less than 500 messages per day. Likewise, www traffic is also minimal. I want to build a single server to be located at a co-location facility. This server would support both email and www services. The email services would be built using instructions from http://www.tnpi.biz/internet/mail/toaster.shtml ...that being stuff like qmail, RBL, spamassassin, clamav...etc We have 5 separate domains for email services The www services would be functionally similiar to LAMP We have 5 separate domains for www I would greatly appreciate any links or advice towards achiving my goals. Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ezjails, jails
Thanks a bunch Chad and Chris. Good stuff to digest. Chris, If you have some links to good howto's and don't mind posting, I'd be greatful Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ezjails, jails
Thanks, I have no actual deadline. Just something I want/need to do in the near future. The tearing down and restarting is also something I was planning on. Somewhat off-topic, but have you thought about using vmware, specifically vmplayer. There have been many a propellar-head that have reverse engineered the process of creating vmware templates. There are several places on the web that you can either create a blank template or download a preconfigured template. Then just install the OS. You can even link the virtual CD drive to an ISO image so that during the startup of the image, the VM is running from what it thinks is a live cd. This is how I am doing some of my practice build/tear down stuff here some of my links http://www.easyvmx.com/ http://www.easyvmx.com/tutorial.html http://www.ffnn.nl/pages/articles/linux … eation.php http://www.virtualization.info/2005/12/ … mware.html http://www.hackaday.com/entry/1234000153064739/ http://sanbarrow.com/ http://www.brunofreitas.com/portal/viewtopic.php?t=41 Thanks again Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Fwd: Using BSD as filter
If you want a freebsd firewall that works well with comcast, try m0n0wall http://m0n0.ch/wall/ It is well supported worldwide, from home users to corporate environments. It's small enough to run from compact flash, hard drive, even a live ISO with floppy. AND it's as easy to setup as any linkysys home router. Been using it for over a year in a corp environment as well as home. Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
rebuild any statically linked ports
I am following the instructions for keeping my freebsd system upto date from http://www.taosecurity.com/keeping_...up-to-date.html After running, # freebsd-update fetch # /usr/local/sbin/freebsd-update install A message states Don't forget to rebuild any statically linked ports to use the updated libraries after you install them. what does this mean and how do I complish rebuilding statically linked ports? Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: rebuild any statically linked ports
Thanks for the info. Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: apache Jails
On 8/25/06, albi [EMAIL PROTECTED] wrote: On Fri, 25 Aug 2006 01:15:52 -0400 Don Munyak [EMAIL PROTECTED] wrote: I want to build a FreeBSD webserver to replace a M$ IIS web server. I've started researching using Jails but am a little confused. Given I am hosting four(4) websites, would I have four separate jails. each jail having a separate install of apache + php + mysql ? or would I be installing apache + php + mysql at the base system, and then have four separate jails for each web site and database files ?? there are even more possibilities : - 1 host, 1 jail, apache with virtual hosts - 1 host, 1 build-jail, 4 apache-jails - 1 host, apache with virtual hosts do you have different ip-addresses for those websites ? No for different IP's. Each will share a common IP. Apache would do hostname redirecting for incoming requests...I presume. I guess in this case the following would be the direction I'm headed - 1 host, 1 jail, apache with virtual hosts Thanks again ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
apache Jails
I want to build a FreeBSD webserver to replace a M$ IIS web server. I've started researching using Jails but am a little confused. Given I am hosting four(4) websites, would I have four separate jails. each jail having a separate install of apache + php + mysql ? or would I be installing apache + php + mysql at the base system, and then have four separate jails for each web site and database files ?? Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Permission to Distribute OS and Demon Logo
The overwhelming majority of argentine PC users run un-licensed Microsoft Sytems and software. The remainder have licenses or use Linux. FreeBSD is unknown to the average PC user. For the desktop pc, check out: http://www.desktopbsd.org/ http://www.pcbsd.org/ Both are using FreeBSD as the OS. DesktopBSD uses KDE for GUI desktop. I just started using dektopbsd and really like it, although I have been using FreeBSD on a separate machine for about a year now. The install for desktopBSD could get any easier. Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Virtual Private Servers???
disclaimer...I have no personal experience with VM's...But, one of the list services I belong to has mentioned this before. See if Qemu might be of use. http://fabrice.bellard.free.fr/qemu/ Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Replacing windows XP at home.
On 7/26/06, Joshua Lewis [EMAIL PROTECTED] wrote: I have a hard question to ask and I realize that there are a thousand answers to this question. I am replacing my XP system with a FreeBSD 6.1 system. I finished installing it last night and cvsuped. Now I need to choose a window manager. http://www.osnews.com/story.php?news_id=3064 search google for window manage comparisons I have used xfce. It's light weight, GUI and customiseable http://www.xfce.org/ ~Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD 6.1 - Web Mail Serve
On 7/21/06, Andrew Pantyukhin [EMAIL PROTECTED] wrote: On 7/19/06, Allen D. Tate [EMAIL PROTECTED] wrote: I am preparing to setup a FreeBSD 6.1 machine with Apache/MySQL/PHP for my web server and I am curious as to your thoughts on the best mail server to install and why. Any mail server I should steer clear from at all costs? Thanks in advance for your input. Mail::Toaster http://www.tnpi.biz/internet/mail/toaster.shtml I have no personal opinion, just a reccomendation from a colleague. I am about to setup a mail server using the Mail::Toaster config. I have spent a lot of time at the site and have seen relatively fee negative impressions ~don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Creating_a_Stable_Secure_FreeBSD_Mailserver.pdf
re: Creating_a_Stable_Secure_FreeBSD_Mailserver.pdf The title of this thread references a document created several years ago. The author wrote the article and posted in a forum at www.screamingelectron.org/ http://www.screamingelectron.org/forum/showthread.php?t=725page=1pp=10 He also posted an alternate location for pdf download. http://bsdhound.com/downloads/Creating_a_Stable_Secure_FreeBSD_Mailserver.pdf. Well...that link is broken. Googling turned up some hopeful leads, but alas...also broken. http://lists.freebsd.org/pipermail/freebsd-questions/2004-June/050783.html ~LINK~ http://gene.wins.uva.nl/~jmsteggi/Creating_a_Stable_Secure_FreeBSD_Mailserver.pdf http://www.littleblackdog.com/viewtopic.php?t=17294start=15 ~LINK~ http://bsdhound.com/downloads/Creating_a_Stable_Secure_FreeBSD_Mailserver.pdf Also did a google on this cat's username soup4you2. There are several forums likewise with broken links as well as a yahoo account, but no reply yet. Does anyone have access to this updated pdf file. I'd really like to get my hands on it. btw...for anyone else looking for a like or similiar solution, check out http://www.tnpi.biz/internet/mail/toaster.shtml [mail::toaster] Thanks ~Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Creating_a_Stable_Secure_FreeBSD_Mailserver.pdf
On 7/20/06, Grant [EMAIL PROTECTED] wrote: I don't know how updated this one is but i found a .pdf version here: http://wumber.net/books/Creating_a_Stable_Secure_FreeBSD_Mailserver.pdf Bye. Grant. On 20 Jul 2006, at 15:59, Don Munyak wrote: re: Creating_a_Stable_Secure_FreeBSD_Mailserver.pdf The title of this thread references a document created several years ago. The author wrote the article and posted in a forum at www.screamingelectron.org/ http://www.screamingelectron.org/forum/showthread.php? t=725page=1pp=10 He also posted an alternate location for pdf download. http://bsdhound.com/downloads/ Creating_a_Stable_Secure_FreeBSD_Mailserver.pdf. Well...that link is broken. Googling turned up some hopeful leads, but alas...also broken. http://lists.freebsd.org/pipermail/freebsd-questions/2004-June/ 050783.html ~LINK~ http://gene.wins.uva.nl/~jmsteggi/ Creating_a_Stable_Secure_FreeBSD_Mailserver.pdf http://www.littleblackdog.com/viewtopic.php?t=17294start=15 ~LINK~ http://bsdhound.com/downloads/ Creating_a_Stable_Secure_FreeBSD_Mailserver.pdf Also did a google on this cat's username soup4you2. There are several forums likewise with broken links as well as a yahoo account, but no reply yet. Does anyone have access to this updated pdf file. I'd really like to get my hands on it. btw...for anyone else looking for a like or similiar solution, check out http://www.tnpi.biz/internet/mail/toaster.shtml [mail::toaster] Thanks ~Don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions- [EMAIL PROTECTED] Thanks Grant...Much Thanks Downloaded my copy for safe keeping ~don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]