Re: Unable to upgrade packages on FreeBSD
On 1/30/2012 6:13 PM, freebsd-lists-e...@erikosterholm.org wrote: On Mon, Jan 30, 2012 at 03:28:28PM -0700, Chad Perrin wrote: You talk a lot about how easy it is to maintain a binary package system. I would like you to convince me that it is easy, keeping in mind that it should remain compatible with the ports system. I am willing to be convinced. -- Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] Oh come on, guys. David is the same person who said that FreeBSD was poorly documented. http://osdir.com/ml/freebsd-questions/2011-12/msg00684.html I really hate throwing around the 'T' word, but I'm starting to wonder. I'll give him the benefit of the doubt a bit longer. David, it's increasingly clear that FreeBSD is not going to fit your needs. If, for some reason, you are interested in the FreeBSD kernel, but binary packages, consider GNU/kFreeBSD. I'm finding this conversation very amusing. After playing with I don't know how many Linux distributions since the mid-90's, and running into the same problem of things breaking after updating binary packages, I moved to FreeBSD around 5.0 for my web server. Since that time, I've forced to do one reinstall due to a hardware failure, somewhere around 7.0. I am now running 8.2. After going through I can't remember how many upgrades and updates, I've only had a couple of minor issues over the years (most were resolved after reading Updating after the fact ;-) ). I'll give up the time savings of binary packages vs. the dependability of compiling stuff myself any day. Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: libcdio upgrade problems
Dr. Jennifer Nussbaum wrote: Hi, Im trying to upgrade some ports, and have a problem with libcdio. At least i think i do. When i try to upgrade, say, Nautilus (or a buncha other things), it dies in the end with a libcdio-0.78.2_2 is already installed. You may wish to make deinstall etc. message. But i did go to /usr/ports/sysytils/libcdio and make deinstall and make reinstall, and this was successful. I sync'd the ports collection again, but no luck. Nothing in UPDATING about this. Thanks! Jen ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] I've run into similar experiences with other ports, and what I have done to get it to work is to deinstall the complaining port (in this instance libcdio), and let the original port install it as a dependency instead of doing a make reinstall. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Recommendations? Small Department IM server
B. Cook wrote: Hello All, I am looking for an im server that runs on FreeBSD (preferably from ports) for ~20 people with SSL/TLS. I see there is jabberd and ejabberd (anything else to consider?) It seems that ejabberd needs java and all sorts of other things.. and that jabber needs mysql ;) Am I missing something here? I think I should use jabber (usr/ports/net-im/jabberd). Anyone have anything they would like to share? Thanks in advance ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] One of the requirements I had when setting this up in our office last year was that all communications had to be logged into a database. After trying everything out there I could lay my hands on, the only port at the time that would do this was ejabberd in conjunction with bandersnatch. Although bandersnatch is supposed to operate with jabberd, the code was not kept up to date with perl modules that were released at a later date. In order to get it to work with jabberd, you had to backport some perl modules. I think the other port I looked at at the time was wildfire, which had the same issue of a outdated plugin available to log communications that wouldn't work. I'm not sure if these issues have been corrected since I last delved into this, so you might want to check into it a little further if you need to. ejabberd is pretty painless to set up, has a web interface to manage users, and has worked well for us for a while now. If you need any assitance, send me an email directly, and I will answer any questions that I can. Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: buildkernel error going from 6.2-STABLE to 6.3-STABLE i386
Doug Poland wrote: Hello, I'm attempting to build a GENERIC kernel for 6.3-STABLE and am getting the following error message: cc -c -O -pipe -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -fformat-extensions -std=c99 -g -nostdinc -I- -c /usr/src/sys/i386/isa/clock.c: In function `DELAY': /usr/src/sys/i386/isa/clock.c:301: warning: implicit declaration of function `cpu_spinwait' /usr/src/sys/i386/isa/clock.c:301: warning: nested extern declaration of `cpu_spinwait' *** Error code 1 Stop in /usr/obj/usr/src/sys/GENERIC. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. This is a fresh cvsup using: *default release=cvs tag=RELENG_6 The buildworld step worked without issue. I've googled but have yet to find an answer. Any ideas? I'm having this same issue trying to build a custom kernel. I did a minimal install, and ran buildworld / buildkernel / installkernel / installworld without issue 3 days ago. However when I try to run buildkernel with either my custom config file, or the GENERIC file, I get this exact error. Any help greatly appreciated. Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD on a Mac
James Jeffery wrote: Was wondering. Can i put FreeBSD on a Quicksilver G4? I know it already has Tiger on it, which is BSD based, but i have no use for Tiger at the moment. At college were using Windows, and my old BSD box now has windows on it so that i can keep up with college assignments. I still have BSD on the box, but on another partition, i loved FreeBSD 7, was really getting the hang of it and testing out its web server capabilities, its a nightmare switching the PC on and off just to run a temp web server to test on. Is it possible or is there a better solution? Cheers http://www.freebsd.org/platforms/ppc.html I haven't tried it out yet, but I plan on installing it on an old G4 I have that's currently running Yellow Dog. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Problem updating proftpd
After updating from 6.1 to 6.2, I went and tried to update my installed ports. After running portsnap, I ran portmanager, which updated everything save proftpd. This was over a week ago. Since that time, I've tried to update proftpd on a few occasions with the same failed result. The issue doesn't seem to be my machine, but at the proftpd.org site. Running portsclean -C, portsclean -D, followed by portupgrade proftpd gives me the following: = proftpd-1.3.1rc2.tar.bz2 doesn't seem to exist in /usr/ports/distfiles/. = Attempting to fetch from ftp://ftp.proftpd.org/distrib/source/. fetch: ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.1rc2.tar.bz2: Unknown FTP error = Attempting to fetch from ftp://ftp.fastorama.com/mirrors/ftp.proftpd.org/distrib/source/. fetch: ftp://ftp.fastorama.com/mirrors/ftp.proftpd.org/distrib/source/proftpd-1.3.1rc2.tar.bz2: Operation timed out = Attempting to fetch from ftp://ftp.dataguard.no/ftp/pub/proftpd/distrib/source/. fetch: ftp://ftp.dataguard.no/ftp/pub/proftpd/distrib/source/proftpd-1.3.1rc2.tar.bz2: File unavailable (e.g., file not found, no access) = Attempting to fetch from ftp://spirit.bentel.sk/mirrors/Proftpd/distrib/source/. fetch: ftp://spirit.bentel.sk/mirrors/Proftpd/distrib/source/proftpd-1.3.1rc2.tar.bz2: File unavailable (e.g., file not found, no access) = Attempting to fetch from ftp://proftpd.networkedsystems.co.uk/distrib/source/. fetch: ftp://proftpd.networkedsystems.co.uk/distrib/source/proftpd-1.3.1rc2.tar.bz2: Unknown FTP error = Attempting to fetch from ftp://ftp.ethereal.com/mirrors/ftp.proftpd.org/distrib/source/. fetch: ftp://ftp.ethereal.com/mirrors/ftp.proftpd.org/distrib/source/proftpd-1.3.1rc2.tar.bz2: File unavailable (e.g., file not found, no access) = Attempting to fetch from ftp://mirror.cybercomm.nl/pub/proftpd/distrib/source/. fetch: ftp://mirror.cybercomm.nl/pub/proftpd/distrib/source/proftpd-1.3.1rc2.tar.bz2: File unavailable (e.g., file not found, no access) = Attempting to fetch from ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/. fetch: ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/proftpd-1.3.1rc2.tar.bz2: File unavailable (e.g., file not found, no access) = Couldn't fetch it - please try to retrieve this = port manually into /usr/ports/distfiles/ and try again. *** Error code 1 I've tried to download the file manually, but have only been able to connect to ftp://ftp.fastorama.com/mirrors/ftp.proftpd.org. When I download the file from that site, I get a checksum mismatch. Attempts to FTP to proftpd.org from multiple locations, using different ftp clients (including the command line), from different machines, in passive and active mode, all return an FTP error. Anyone else having these issues? Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problem updating proftpd
On 1/30/2007 9:37 AM, Gerard Seibert wrote: On Tuesday January 30, 2007 at 09:48:38 (AM) Greg Groth wrote: I've tried to download the file manually, but have only been able to connect to ftp://ftp.fastorama.com/mirrors/ftp.proftpd.org. When I download the file from that site, I get a checksum mismatch. Attempts to FTP to proftpd.org from multiple locations, using different ftp clients (including the command line), from different machines, in passive and active mode, all return an FTP error. Anyone else having these issues? I just downloaded the file without problem from: ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.1rc2.tar.bz2 If you cannot procure it yourself, contact me and I'll send it to you. Gave it another shot, command line didn't work, FTP client didn't work, however Internet Explorer did work (first time I gave it a try). I think that's a first. Problem sorted out, sorry for the noise. Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: small mail server
Robin Becker wrote: I'm looking for some advice on using one of our existing freebsd 6.x servers as a mail server for a small number (20) of users. Our existing provider gives us 1) pop3/IMAP for reading mail 2) SMTP for sending, but we need to read mail before using smtp; I guess this implies we don't need to authenticate directly. 3) web based interface for adding users and redirections etc etc 4) spam filtering (presumably based on their large user mail volume). 5) white/grey listing 1. If your users save a lot of mail on the server, check out Dovecot (or any of the IMAP servers that use Maildir). I started with IMAP-UW, but the response time on web frontends for users with large Inboxes was dismal. IMAP-UW is simple as an anvil as far as getting it up and running, Dovecot requires a tad more work. While setting up either one of these is trivial, converting existing formats to another (Mbox to Maildir) is not, choose wisely now, and save yourself a headache down the road. 2. Pick your poison. I've been using Sendmail for years and find it simple for small installations such as mine, and found Postfix confusing simply because of my familiarity with Sendmail, YMMV. 3. a. IMHO, simplest web front end for email - Squirrelmail b. My personal favorite web front end for email - Horde c. Web front end to add users, only Webmin comes to mind. (Webmin is for server administration only. There is a companion for users called Usermin that has an email frontend, but I didn't care for it all that much - YMMV) 45. spamassasin. White listing is a breeze. I never tried grey-listing, although it's my understanding that spamassasin can do this as well. A couple of other things that you may not have thought about regarding off-site access. Currently we need to allow our users to be able to send remotely. In order to do this, we needed to do two additional things, set up SASL for SMTP authentication was the first - so we didn't have an open relay. Second - we ran into an issue with the ISPs of certain users blocking the SMTP port. We installed stunnel for SMTPS, which isn't currently being blocked, and no issues so far. Another thought is to investigate any software you plan on installing with the email client your users have on their desktops. I currently have everyone using Thunderbird, which plays nice with everything I've installed on the server. Clients such as Outlook can have issues with certain software, and workarounds have to be implemented. Once you choose an MTA or IMAP server, google around and make sure you know what you're getting into in regards to your mail client. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Printing.
Is there any consensus on which method I should use to enable printing on my 6.1 desktop? The printer in question is an old HP Deskjet 500. I recall there being issues regarding cups in the not too distant past, and am wondering if I should look at something else. I'm running KDE (and sometimes Gnome), and looking to be able to print from Firefox, opera-linux, bluefish openoffice. I would also like to set it up to be able to be a network share via Samba. Any advice would be greatly appreciated. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Issues updating Audacious.
I'm attempting to update Audacious without much luck. Last time I ran into this issue, I simply had to do a make deinstall / make install, and it worked fine. This time, I'm unable to deinstall the old version. When running make deinstall from the ports directory I get: === Deinstalling for multimedia/audacious === audacious-1.1.2 has a different PREFIX: /usr/X11R6, skipping Any ideas on how I can deinstall this port? I checked /usr/ports/UPDATING, but didn't seem to find anything (unless I made a typo in my text search). Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Issues updating Audacious.
Beech Rintoul wrote: On Sunday 17 December 2006 07:31, Greg Groth wrote: I'm attempting to update Audacious without much luck. Last time I ran into this issue, I simply had to do a make deinstall / make install, and it worked fine. This time, I'm unable to deinstall the old version. When running make deinstall from the ports directory I get: === Deinstalling for multimedia/audacious === audacious-1.1.2 has a different PREFIX: /usr/X11R6, skipping Any ideas on how I can deinstall this port? I checked /usr/ports/UPDATING, but didn't seem to find anything (unless I made a typo in my text search). Portupgrade or portmaster are your friends. Beech It failed with portmanager, so I tried portupgrade to see what the problem was. When I ran portupgrade, I got the following: Note: Configure has discovered that you already have Audacious installed and it does not match with the given --prefix. You have Audacious installed in /usr/X11R6/bin and you chose /usr/local/bin. If you don't want two copies of Audacious installed, rerun configure with the --prefix option set to the location of the old Audacious, or uninstall the old Audacious. After compiling for a bit, it exited with the following error: playlist.c: In function `playlist_entry_get_info': playlist.c:181: error: structure has no member named `mtime' playlist.c:181: error: structure has no member named `mtime' playlist.c:191: error: structure has no member named `mtime' playlist.c:208: error: structure has no member named `mtime' playlist.c: In function `playlist_get_songtitle': playlist.c:1558: error: structure has no member named `mtime' playlist.c:1558: error: structure has no member named `mtime' playlist.c:1558: error: structure has no member named `mtime' playlist.c: In function `playlist_get_tuple': playlist.c:1602: error: structure has no member named `mtime' playlist.c:1602: error: structure has no member named `mtime' playlist.c:1602: error: structure has no member named `mtime' playlist.c: In function `playlist_get_songtime': playlist.c:1634: error: structure has no member named `mtime' playlist.c:1634: error: structure has no member named `mtime' playlist.c:1634: error: structure has no member named `mtime' playlist.c: In function `playlist_fileinfo': playlist.c:2092: error: structure has no member named `mtime' playlist.c:2093: error: structure has no member named `mtime' playlist.c:2093: error: structure has no member named `mtime' playlist.c: In function `playlist_read_info_selection': playlist.c:2635: error: structure has no member named `mtime' gmake[2]: *** [playlist.o] Error 1 gmake[1]: *** [build] Error 2 gmake: *** [build] Error 2 *** Error code 2 Stop in /usr/ports/multimedia/audacious. ** Command failed [exit code 1]: /usr/bin/script -qa /tmp/portupgrade.81965.0 env UPGRADE_TOOL=portupgrade UPGRADE_PORT=audacious-1.1.2 UPGRADE_PORT_VER=1.1.2 make ** Fix the problem and try again. I think I had similar issues in the past when I tried to update Audacious, and a make deinstall / make install clean fixed the problem. This is when I attempted to deinstall Audacious, and was unable to. I've never tried portmaster, but I'm thinking it only works if you install from packages (please correct me if I'm wrong), and I have everything compiled from source. Any ideas? Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Issues updating Audacious.
José G. Juanino wrote: El domingo 17 de diciembre a las 17:47:13 CET, Beech Rintoul escribió: On Sunday 17 December 2006 07:31, Greg Groth wrote: I'm attempting to update Audacious without much luck. Last time I ran into this issue, I simply had to do a make deinstall / make install, and it worked fine. This time, I'm unable to deinstall the old version. When running make deinstall from the ports directory I get: === Deinstalling for multimedia/audacious === audacious-1.1.2 has a different PREFIX: /usr/X11R6, skipping Any ideas on how I can deinstall this port? I checked /usr/ports/UPDATING, but didn't seem to find anything (unless I made a typo in my text search). Portupgrade or portmaster are your friends. In this case does not work, as audacious must be deinstalling before install the new version. Greg, try pkg_delete or pkg_deinstall audacious before upgrade. Regards Should have been more careful reading through my InBox before sending my last reply. pkg_deinstall worked perfectly. Thanks for the help. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Instant Messenger software
Robert Fitzpatrick wrote: Can anyone here recommend an IM client/server software that runs on FreeBSD? I'm looking at DBabble, but I see no port (which would be nice). We like BSD servers and are getting a lot of requests for this type of private service. But if BSD is not recommended, please tell. Thanks in advance! It might help to list any special requirements you might have. For instance, our specs required that we logged all messages on a mysql database backend. Also, the suggestion to visit this list: http://mail.jabber.org/mailman/listinfo/jadmin is a good one. Very helpful, knowledgeable people there. As far as BSD, AFAIK, there are 3 servers to choose from in the ports. jabber 1.4, jabberd2 ejabberd. When I went to install jabber 1.4, it was marked as ignore at the time because of a security issue which has since been fixed, so I didn't really get to do much with it. Jabberd2 required a plug-in named bandersnatch to get the mysql logging to work. Unfortunately the plug-in does not work with the current perl release, so if you want to get it up and running w/ jabberd2, you have to install older perl modules from backpan. Bandersnatch does work with ejabberd, however there's an issue that's been documented on the bandersnatch forum that it will suddenly quit working after a while for no reason. It doesn't appear that any further maintenance is being done on bandersnatch as some of these issues have been posted on the forum for 6 months or so with no response. There are other plug-ins to log messages for ejabberd in either xml or mnesia, but I haven't gotten around to trying them out yet. I'm not sure if bandersnatch currently works with jabber 1.4 or not. As far as wildfire, the same issue exists. There is a plug-in for message logging to sql called I-Ball, but from reading the forums, it isn't working with the current release. The open-source version does log to xml. Because of the plug-in issue, I've never tried wildfire. As far as ease of configuration, IMHO I found jabber 1.4 jabberd2 easier to set up that ejabberd. If I recall correctly, jabber 1.4 jabberd2 use xml config files that are easy to read (IMHO). ejabberd's config files were a little more difficut for me because I am unfamiliar with the syntax, and found the error reporting (when I made a mistake or two) to be somewhat cryptic. Overall I think the biggest issue I had with any of these was modifying the DNS record by adding an SRV record so that users could log in using [EMAIL PROTECTED] instead of [EMAIL PROTECTED] You also might want to check out jabber.org. They have a list comparing the various servers that are available, and give a nice chart that gives a feature score which is described as rough percentage of expected server features that each implementation claims to support. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SugarCRM
Michael S wrote: Good day all. I am looking into installing SugarCRM for a friend of mine. First of all, those who have installed and using this package on FreeBSD, I wanted to know their impressions on the installation and behaviour of the software. Second of all I saw on the FreeBSD ports page that SugarCRM requires the following: XFree86-libraries-4.5.0, expat-2.0.0_1, fontconfig-2.3.2_6,1, freetype2-2.2.1_1. I wanted to know what X libraries are for and whether they are necessary. I had assumed that it's a PHP/Apache/MySQL type of setup. Thanks in advance. Michael ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Can't say anything about the X libraries, but I attempted to install SugarCRM a couple weeks ago. I found out after running into a bunch of erros, and much digging around for answers, that the current FreeBSD port is incompatible with PHP5 MySQL5. The most current source that is available on the SugarCRM website is now compatible with MySQL5, but not yet compatible with PHP5. I believe the current FreeBSD SugarCRM port has been updated to recognize this issue. However I already had PHP5 MySQL5 installed on the server, and didn't feel like rolling them back to previous versions, and ended up installing vtiger instead. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cyrus-sasl sendmail compile error
Mike Spenard wrote: Following this doc on sendmail-auth... http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/smtp-auth.html I go to recompile sendmail after # cd /usr/src/usr.sbin/sendmail # make cleandir # make obj # make # make install and I get... cc: /usr/obj/usr/src/usr.sbin/sendmail/../../lib/libsmutil/libsmutil.a: No such file or directory cc: /usr/obj/usr/src/usr.sbin/sendmail/../../lib/libsm/libsm.a: No such file or directory *** Error code 1 Stop in /usr/src/usr.sbin/sendmail. /etc/make.conf is as the document specifies.. SENDMAIL_CFLAGS=-I/usr/local/include/sasl1 -DSASL SENDMAIL_LDFLAGS=-L/usr/local/lib SENDMAIL_LDADD=-lsasl -- Mike Spenard rebuild world, and the needed pieces will be installed. Nice step by step how-to here: http://dfwlpiki.dfwlp.org/index.php/Installing_FreeBSD_6.1 There's faster ways around this, but if you haven't already run the buildworld process, more than likely you have a version of sendmail that needs to be patched anyway. Running the buildworld process will fix both issues. Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: next episode, continuing saga
Mario Lobo wrote: On Friday 22 September 2006 02:33, Bill Moran wrote: jekillen [EMAIL PROTECTED] wrote: Hello again; With FreeBSD and in general, If the monitor is turned off is it safe to disconnect it from the machine while the machine is running? AMD64 socket 754 with separate PCI video card on ECS motherboard; no Xwindows installed. if it makes a difference. want to run the machine headless without shutting it down to switch the monitor to another machine. Yes. It's safe to do that with any OS I'm familiar with. And the keyboard mouse too. I've never had any issues, provided I set the option to NOT halt on keyboard errors at boot in the bios. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: next episode, continuing saga
hackmiester (Hunter Fuller) wrote: On 22 September 2006, at 09:24, Greg Groth wrote: Mario Lobo wrote: On Friday 22 September 2006 02:33, Bill Moran wrote: jekillen [EMAIL PROTECTED] wrote: Hello again; With FreeBSD and in general, If the monitor is turned off is it safe to disconnect it from the machine while the machine is running? AMD64 socket 754 with separate PCI video card on ECS motherboard; no Xwindows installed. if it makes a difference. want to run the machine headless without shutting it down to switch the monitor to another machine. Yes. It's safe to do that with any OS I'm familiar with. And the keyboard mouse too. The keyboard and mouse are NOT supposed to be hot plugged if they are PS/2 (although I must admit I haven't had any issues, but I wouldn't risk a dead PS/2 controller on a production box). USB ones don't care. The neat thing about that is you can have your machine boot with no keyboard, you can plug in a USB one and then hook up a monitor and have a head all of a sudden. This is handy when your box's sshd dies for some reason, which has happened to me once... I've never had any issues, provided I set the option to NOT halt on keyboard errors at boot in the bios. Best regards, Greg Groth I've never hot-swapped a keyboard, although I have unplugged one from a running machine with no issues. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
portmanager ftp question.
Here's the situation, I have 3 BSD servers sitting behind a pfsense firewall. When I run portmanager on any of the 3 servers, inevitably it runs into a distfile that can't be downloaded from an FTP site. Although I haven't checked the log files on the firewall, I'm fairly positive this is an active / passive issue. My workaround right now is to download the required distfile to a machine on the LAN (sitting behind the pfsense firewall), and SCP it to the server, and restart portmanager. I've played around with the FTP helper settings on pfsense, to no avail. Is there a way to globally set active or passive FTP connections on the servers so portmanager will work correctly? I'll occasionally run into the same issue when building a new port as well. I'm not sure what app the machine is using to download the distfiles, wget? If this is the case, my question would be is there a way to set a configuration for wget to use either active or passive ftp connections all the time, no matter which process is calling it? Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: portmanager ftp question.
What does make -V FETCH_CMD say? The default is fetch -ApRr where -p means passive. /usr/bin/fetch -ARr Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: New to FreeBSD/UNIX
Edward and Nancy Powers wrote: I am new to UNIX, and want to download a basic UNIX system, just to run commands and become familiar with the system. I wish to use this system as a companion piece to a UNIX tutorial which I have on DVD. I do not want to replace Windows at this time. My PC has: Pentium III Processor at 1GHz, 128MB RAM at 133 MHz, Windows ME operating system. What course of action do you recommend that I take? Thanks. Ed Powers If you want to do it on the cheap, try a LiveCD. http://www.freesbie.org Not sure if this distro would let you do what your DVD is asking you to do, but you can run it on your machine without changing your existing system. If money isn't a big deal, if I were in your shoes I would buy a new machine with XP, install whatever you want to play with on the old machine, and buy a KVM switch. I found FreeBSD a lot easier to learn while I had a working Windows machine that I was familiar with at my fingertips. IMHO, the problem your most likely to run into when trying to run two OS's on a single machine is that if you run into a problem, you have to reboot to get on a working system to get on the Internet and find help. Another option would be vmware, but I don't know if it will run on ME. According to their site, it's only listed as a guest system, not a host system. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Upgrading our mail server
On 9/14/2006 10:32 AM, Odhiambo Washington wrote: * On 14/09/06 16:51 +0200, Frank Bonnet wrote: | Hello | | Our mailhub is actually a HP DL360 with one processor (Xeon 2.8 ghz) | with 2 Gb RAM and 120 Gb disks, it is 3 years old. | | It runs Postfix + imap + imaps + pop3 + pop3s + squirrelmail + vexira | antivirus + postgrey | and some small auxiliary services. | | We have approx 2500 users / mailboxes and the machine is often really loaded | | So I decided it is time to purchase a new server and I need some feedback | from | admins that could help me to choose a new hardware system that could runs | like | a charm with FreeBSD 6.1 ? | | I need SCSI Disks of course , budget is around 10K$ Your server is good enough to handle even 10k users. You just need to identify what is causing the overload. Adding one processor and 2GB extra RAM should be enough, I think. If what you want is to get a new server thinking it will be fast just because of the CPU and RAM, then your thinking is ill-advised. I have an HP ML350 with one 2.4GHz CPU, 1GB RAM, 2x146GB SCSI HDD and it runs Exim, courier-imap (pop3/imap), squirrelmail, spamassassin, ClamAv, MySQL with 8k individual mail accounts on it. The only thing I feel like updating on it is to double the CPU and double the RAM and I am sure to run it for longer. Do you see my line of thinking? -Wash Are any of the major server brands more FreeBSD friendly than others? I'm looking to purchase a server for some web apps. Our current config is running on a 6 year old Dell PowerEdge machine with SCSI RAID 5, 1 Ghz processor, 32 gig total disk capacity, and a gig of RAM. Upgrading this machine would cost more than it's worth. Boss insists on a name brand server (Dell, HP, Gateway, etc). Budget is in the $2K range. I'd rather stay away from SATA at this point due to the incredible amount of difficulty I experienced putting together a MythTV box earlier this year, and go with SCSI. If no one has specific recommendations, are there any specifics that are definite show stoppers that I should pay attention to when reviewing specs? Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Subversion GUI client
I'm probably missing something stupid, but I'm having trouble connecting to a subversion server using esvn kdesvn. The server is running svnserve, and I'm connecting with svn+ssh. When I try to connect using either app, they hang when browsing the repository tree. I then tried launching both from a terminal window, and after connecting, got a password prompt in the terminal window. Is there a way to pass the password info to a svn+ssh session within either of these apps? Or is there an app that can handle this? I've had no troubles connecting with TortiseSVN on an XP box, but both these apps seem to only handle passwords for http sessions. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Jabber server.
After trying out a couple of proprietary IM solutions, I have abandoned my search in frustration and have been trying out various jabber implementations. So far I have tested ejabberd jabberd2. My biggest issue thus far is that there is no way to archive IM traffic. Neither of the above software have this functionality built in. I'm not sure if jabberd 1.4 had this functionality or not, as it's been deprecated. I have attempted to use a third party component called bandersnatch, but ran into problems with deprecated POE code. I've also looked at Wildfire, but it appears that there are problems with the current version and the i-ball plugin, and that the plug-in is no longer being maintained. Any suggestions? Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Perl question.
I'm trying to install bandersnatch in conjunction with Jabber2 and running into some trouble. I'm following the how-to at: http://www.funkypenguin.co.za/bandersnatch_with_jabberd2 I've installed all of the listed sources from the ports, but when I run bandersnatch2.pl, I receive the following error: Can't locate POE/Preprocessor.pm in @INC It seems that Preprocessor.pm does not exist on my system. Can someone tell me which relevant port would have this module? Installing POE::Preprocessor from CPAN comes up with a blank, as well as searching the ports for anything with the same name. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Perl question.
Dan Nelson wrote: A quick web search shows that POE::Preprocessor was removed from POE in March. http://search.cpan.org/src/RCAPUTO/POE-0.3601/CHANGES : 2006-03-11 23:11:39 (r1887) by rcaputo poe/lib/POE/Preprocessor.pm D; poe/lib/POE/Macro D; poe/tests/10_units/01_preprocessor D; poe/mylib/preprocessor.perl A; poe/mylib/PoeBuildInfo.pm M Remove POE::Preprocessor. Replaced it with a simple, almost one-liner preprocessor that's run at Makefile.PL time. Thanks for finding this for me. A search on http://search.cpan.org for POE::Preprocessor brought up zilch, not sure why it couldn't locate this doc. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SMTP-AUTH woes.
Martin Schweizer wrote: Hello Greg I did installed an system sendmail/Cyrus imap/sasldb2 successfully. While these I run in a lot of troubles. If you're interessted I can send you my stuff about it. I ended up doing a reinstall, and got it working. I also went with Dovecot this time around, and got that up and running as well. Everything was running well with Maildir, however I then tried to install spamassassin which ended up screwing something up. Sendmail ended up placing everything in the mbox files in /var/mail, instead of ~/Maildir. Not sure what happened, but I could not fix it. I ended up going back to Postfix, and that is at least delivering to ~/Maildir. SASL is working as it should though. Just have to get spamassassin and luser_relay working now. Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix SASL Authentication
On 8/8/2006 9:20 AM, Gerard Seibert wrote: FreeBSD 6.1 STABLE I have SASL and Postfix installed and for the most part they seem to work all right together. However, there is one small problem. When attempting to send a message from one of the PC's on the network, actually any PC on the network except for the one with Postfix installed on it, this error message is inserted into the maillog file. Aug 8 10:11:32 scorpio postfix/smtpd[1310]: connect from boss.seibercom.net[192.168.0.4] Aug 8 10:11:32 scorpio postfix/smtpd[1310]: warning: SASL authentication failure: no user in db Aug 8 10:11:32 scorpio postfix/smtpd[1310]: 859B9BD6C: client=boss.seibercom.net[192.168.0.4], sasl_method=LOGIN, [EMAIL PROTECTED] All of the users are authenticated. Exactly what is it referring to and how do I correct it? The mail does get relayed however, so it is not a fatal warning. Which version of SASL? v1 or v2? The following is based on ym experience with v2, and I don't know if it applies to v1 or not. As far as the message in you log file, it's attempting to authenticate, but it's not connecting to the user database to verify the user. More than likely it's allowing you to send mail from the local server because you have Postfix configured to allow it to relay mail from localhost, and that this is allowing you to send the email even though authentication is failing. To determine which authentication methods Postfix will accept, telnet to localhost on port 25 and issue a EHLO: mail# telnet localhost 25 Trying ::1... Connected to localhost.domain.com. Escape character is '^]'. 220 mail.domain.com ESMTP Postfix EHLO localhost 250-mail.domain.com 250-PIPELINING 250-SIZE 1024 250-VRFY 250-ETRN 250-AUTH NTLM LOGIN PLAIN GSSAPI DIGEST-MD5 CRAM-MD5 250-AUTH=NTLM LOGIN PLAIN GSSAPI DIGEST-MD5 CRAM-MD5 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN In this instance, the AUTH line dictates which authentication mechanisms Postfix will accept. In this case: NTLM LOGIN PLAIN GSSAPI DIGEST-MD5 CRAM-MD5 Check your /usr/local/lib/sasl2/smtpd.conf file and make sure that you have the correct auth mechanism listed. For plain text login that's verified against your existing users, your smtpd.conf file would read as follows: pwcheck_method: saslauthd This will verify against your existing user accounts. There are other methods, such as pwcheck_method: sasldb, that will verify against SASL's own password database, which I've never used. Make sure that you have saslauthd running (which it appears you do). Issue the following: # /usr/local/sbin/testsaslauthd -u username -p password 0: OK Success. If saslauthd is operating correctly, you'll recieve the OK Success. If not, your problem is with saslauthd. If your AUTH line does not list the right AUTH mechanism, the problem is with Postfix. For instance, if you're trying to use SMTP-AUTH from a client on your network, and have pwcheck_method: saslauthd defined in your smtpd.conf file, you have to have PLAIN LOGIN appear in the AUTH line when telnetting. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix SASL Authentication
This is the contents of the smtpd.conf file: ## Global Values pwcheck_method: auxprop auxprop_plugin: sasldb log_level: 7 mech_list: PLAIN LOGIN From postfix.org: This will use the Cyrus SASL password file (default: /etc/sasldb in version 1.5.5, or /etc/sasldb2 in version 2.1.1), which is maintained with the saslpasswd or saslpasswd2 command (part of the Cyrus SASL software). On some poorly-supported systems the saslpasswd command needs to be run multiple times before it stops complaining. The Postfix SMTP server needs read access to the sasldb file - you may have to play games with group access permissions. With the OTP authentication mechanism, the SMTP server also needs WRITE access to /etc/sasldb2 or /etc/sasldb (or the back end SQL database, if used). Have you set up the SASL password file? If not, that's why you're getting the error. If you have, what happens when you test saslauthd on it's own? # /usr/local/sbin/testsaslauthd -u username -p password It should return: status 0: OK Success. If you'd rather authenticate against the exisiting system usernames passwords, change your smtpd.conf file to the following: pwcheck_method: saslauthd and delete the rest. You might have to restart both services if you update the smtpd.conf file: # /usr/local/etc/rc.d/saslauthd restart # postfix reload Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Sendmail Question; unable to send mail as normal user
I've gotten a bit further this weekend but I'm not 'there' yet. I could sucessfully send a e-mail by using 'mail' as normal user at my server. Allthough when I tried to send an e-mail from my laptop with my server as smtp server it kept prompting for my password and this is what was displayed in /var/log/maillog : Aug 5 11:40:36 FStaals sm-mta[101]: k759eEva000101: Riza.FStaals.LAN [192.168.2.5] did not issue MAIL/EXPN/VRFY/ETRN during connection to IPv4 When I googled if I could find a solution I came to this page : http://www.issociate.de/board/post/246978/did_not_issue_MAIL/EXPN/VRFY/ETRN_during_connection_to_MTA.html The solution oppered there was to add ' mech_list: login plain' to /usr/local/lib/sasl2/Sendmail.conf . So I did and it kind of worked, allthough now I can only send e-mail to other users at my server ( for example root ), when I try to mail to an external adress my log 'says' my message is rejected: Aug 5 13:10:30 FStaals sm-mta[1495]: k75BATko001495: ruleset=check_rcpt, arg1= [EMAIL PROTECTED], relay=Riza.FStaals.LAN [192.168.2.5], reject=550 5.7.1 fr [EMAIL PROTECTED]... Relaying denied Aug 5 13:10:34 FStaals sm-mta[1495]: k75BATko001495: lost input channel from Ri za.FStaals.LAN [192.168.2.5] to IPv4 after rcpt Aug 5 13:10:34 FStaals sm-mta[1495]: k75BATko001495: from=[EMAIL PROTECTED], size=373, class=0, nrcpts=0, proto=ESMTP, daemon=IPv4, relay=Riza.FStaals.LAN [1 92.168.2.5] I'm not sure what I have to do to get working correctly and I was hoping someone could give me some hints what I'm doing wrong. Also I'm not sure if it's a good idea to add the 'mech_list: login plain' to sasl2's Sendmail.conf ? Last but not least : I want sendmail to use SSL and listen to port 465. sockstat shows It isn't listening to that port, but I think it should, does anyone happen to know what it is I'm doing wrong at that point: [EMAIL PROTECTED] sockstat -4 | grep sendmail root sendmail 1410 3 tcp4 *:25 *:* root sendmail 1410 5 tcp4 *:587 *:* [EMAIL PROTECTED] cat /etc/mail/FStaals.net.cf | grep smtps O DaemonPortOptions=Port=smtps, Name=TLSMTA, M=s Many thanks, Telnet to port 25 on the mail server. Once connected, issue an EHLO command and look for the AUTH line - for example: # telnet localhost 25 Trying ::1... Connected to localhost.servername.com. Escape character is '^]'. 220 mail.servername.com ESMTP Sendmail 8.13.4/8.13.4; Mon, 7 Aug 2006 13:11:37 -0500 (CDT) EHLO localhost 250-mail.servername.com Hello localhost.servername.com [127.0.0.1], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-AUTH PLAIN LOGIN 250-DELIVERBY 250 HELP If you don't see PLAIN LOGIN, you have a problem in how Sendmail was compiled. As far as getting SSL up and running, I had better luck using stunnel instead of compiling SSL into each service. With one certificate to manage, I now have SSL encryption on IMAP, POP3, SMTP HTTP. Of course the sites that are being protected are for internal use at our company, so no one complains that we're using a self-signed certificate and the names don't match, YMMV. If Sendmail does return the right AUTH parameters, and you're still having issues, test saslauthd. Make sure you have the following in Sendmail.conf: pwcheck_method: saslauthd I have not needed to add 'mech_list: login plain' to Sendmail.conf to get this to work. Make sure saslauthd is running. If not then: /usr/local/etc/rc.d/./saslauthd start test the authentication: # /usr/local/sbin/testsaslauthd -u username -p password 0: OK Success. If you get an error with saslauthd at this point, the problem is there. If this works OK, but you're not getting the right AUTH response during your telnet connection, your problem is probably how Sendmail was compiled. HTH. If all seems to be in order, and you're still having issues, what other ports do you have on the machine? I've run into problems the same as yours with both Postfix and Sendmail after installing quite a few other ports. During my last rebuild, I installed Postfix and sasl2 out of the gate, and have had no issues. I think in my case, something else I installed before the MTA SASL2 screwed something up, but I could not determine where the fault was and ended up reinstalling. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Sendmail Question; unable to send mail as normal user
Hmm I guess that sould be the problem then: [EMAIL PROTECTED] telnet localhost 25 Trying ::1... Trying 127.0.0.1... Connected to localhost.eu.org Escape character is '^]'. 220 Fstaals.net ESMTP Sendmail 8.13.3/8.13.3; Mon, 7 Aug 2006 20:31:30 +0200 (CE ST) EHLO localhost 250-Fstaals.net Hello localhost.eu.org [127.0.0.1], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-DELIVERBY 250 HELP I compiled sendmail with the following options: [EMAIL PROTECTED] cat /etc/make.conf # SASL (cyrus-sasl v2) sendmail build flags... SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 SENDMAIL_LDFLAGS=-L/usr/local/lib SENDMAIL_LDADD=-lsasl2 # Adding to enable alternate port (smtps) for sendmail... SENDMAIL_CFLAGS+= -D_FFR_SMTP_SSL # added by use.perl 2006-03-02 22:35:07 PERL_VER=5.8.8 PERL_VERSION=5.8.8 What should I do fix this ? Appart from those lines in /etc/make.conf I didn't change anything regarding to the build of sendmail Regards, Need more info. How did you recompile Sendmail? For instance, I did a minimal install, updated my ports, installed cvsup-without-gui fastest-cvsup, cvsupped my sources, ran a buildworld to get the base system up to date, then added the following to make.conf: SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 SENDMAIL_LDFLAGS=-L/usr/local/lib SENDMAIL_LDADD=-lsasl2 installed sasl2 by compiling from the ports then I recompiled Sendmail as follows: cd /usr/src/usr.sbin/sendmail make clean make obj make depend make make install Once that was done, I went into /etc/mail and added the following to freebsd.mc define(`confAUTH_MECHANISMS',`PLAIN LOGIN')dnl TRUST_AUTH_MECH(`PLAIN LOGIN')dnl After saving the file, I ran the following in /etc/mail: make all make install make restart After which a telnet session showed the correct AUTH paramenters. In the instances I had a screwup in which I could not resolve, I've made the following bonehead moves: 1. Ran make installworld without dropping to single-user mode 2. cvsupped to the wrong source tree due to my ignorance of the tags in the cvsup file. My latest misadventures with getting PLAIN LOGIN working were on systems where I did everything correctly, but installed a number of ports prior to messing with the MTA. This included Apache, PHP, MySQL, Squirrelmail, XOrg, KDE-lite, and whatever dependencies were needed. The same issue occured with trying to get PLAIN AUTH working with Postfix, and on a second box with Sendmail. I ended up reinstalling, and focused on getting the MTA and SASL2 working immediately after getting the system up to date, and had no issues. IMHO, worry about getting PLAIN LOGIN working before messing with compiling SSL support into Sendmail. In my experience, configuring SSL can be a pain, making sure everything is where it's supposed to be. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SMTP-AUTH woes.
did you buildworld before you recompiled sendmail? ive found that if i buildworld, that before i recompile sendmail (to implement sasl2) that i have to make clean on my /usr/src, or else make will try to use what was already recompiled for sendmail during the buildworld. hth, jonathan This is a relatively fresh install, and I did update my ports with portsnap / portmanager, then cvsuped src-all and ran buildworld before playing around with this. I did not run make clean before the buildworld process though. I did attempt to rebuild just sendmail after I started having these problems: cd /usr/src/usr.sbin/sendmail make clean make depend make make install Nothing changed though. I was thinking on this a bit further, and although I don't have any of the error messages, I believe I was running into similar issues with Postfix last week. The box in question died on me, I don't have a battery backup and we had a brownout. While fscking the system because of the first brownout, we had a second, which rendered the box useless. I recall moving the unused sasl mechanisms out of /usr/local/lib/sasl2 into a deactivated directory (per some how-tos), and ended up with plain being the only mechanism left, and Postfix started giving error messages about no mechanisms available and couldn't seem to find plain text. I figured I screwed something up with Postfix, and went back to sendmail for this install until I had more time to play around with Postfix. I'll try the make clean / buildworld thing tonight to see if that helps, and post back if it doesn't. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
SMTP-AUTH woes.
FreeBSD 6.1 saslauthd version 2.1.22 sendmail version 8.13.6 My problem is that sendmail is not authenticating plain text passwords. From my /etc/mail/hostname.mc file: define(`confAUTH_MECHANISMS',`PLAIN LOGIN')dnl TRUST_AUTH_MECH(`PLAIN LOGIN')dnl However when I telnet to the server I find the following: 250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5 From my /etc/make.conf: SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 SENDMAIL_LDFLAGS=-L/usr/local/lib SENDMAIL_LDADD=-lsasl2 From my /usr/local/lib/sasl2/Sendmail.conf file: pwcheck_method: saslauthd From my /var/log/maillog file: Jul 30 23:08:01 mail sendmail[4061]: NOQUEUE: connect from [EMAIL PROTECTED] Jul 30 23:08:01 mail sendmail[4061]: STARTTLS: ServerCertFile missing Jul 30 23:08:01 mail sendmail[4061]: AUTH: available mech=NTLM LOGIN ANONYMOUS PLAIN GSSAPI OTP DIGEST-MD5 CRAM-MD5, allowed mech=EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5 Jul 30 23:08:01 mail sendmail[4061]: k6V481s5004061: Milter: no active filter Everything seems to be in place. SASL is running, and is working fine with the included testing tools, but sendmail does not seem to be accepting plain text logins. This is the same setup I have up and running on a 6.0 box, but it doesn't seem to be working now. Any ideas on what I might have screwed up? TIA Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Replacing windows XP at home.
doug wrote: On Wed, 26 Jul 2006, RW wrote: On Wednesday 26 July 2006 16:23, Joshua Lewis wrote: KDE seems like it is bloated so I was considering Gnome. I have also been reading about enlightenment and it sounds interesting. I have looked into Fluxbox and it also seems like it would do the trick. Would I be better off just going with Gnome or KDE? I realize once I start installing apps that I will probably wind up installing something that uses Gnome or KDE libraries so I am going to wind up bloating my system any ways right? KDE is mostly application modules, which you don't need to install if you dont want them. These days, though, the avoidance of bloat is mostly just a fetish. I've not noticed any speed difference between KDE and the lighter window managers for years. And as far as disk space is concerned we are talking about pennies. I've tried fluxbox and the like off-and-on, but I always miss some KDE feature within minutes. Personally I don't like Gnome, it's less polished than KDE by a sustantial margin; and while upgrading KDE is always easy, Gnome's complex depencies mean that a special script has to be run, and even that doesn't always work. I agree with this thought. There is a wrapper port/package kde-lite. I run kde on a 400Mhz laptop and mostly can not tell the difference between using that and my new thinkpad. OpenOffice is much, much, ..., better the kdeoffice. The ultimate lightweight window manager is twm. It is built into X. I use it to install KDE. All of this is very personal. It is well worth finding the one you like. If kde-lite is too much, you can just install kde-base, kde-libs, kde-admin kde-utils and end up with kde having close to the functionality of new XP install. I think the only thing that's missing are the games, Media Player and a messenger client. Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Enabling sound?
I got a SoundBlaster Live! because it was listed as a known working piece of hardware. Apparently this is a newer version of the board that isn't supported yet. Getting it to work is becoming a PITA beyond what I have the time and willpower to put in right now. Is there a piece of sound hardware I can just run down to CompUSA and buy, that I can drop in here and get this thing working with *today*? Just ran into this getting MythTV running on Gentoo. In ALSA, it seems the new soundblaster cards don't use the emu10k1 driver, they use the ca0106 driver. Don't know if this exists for FreeBSD or not. In my case, the ca0106 driver produced static and a hint of something that sounded like sound. I gave up, and stole an older soundblaster from another system I had. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Subversion web development question.
Forgive me if this question is stupid or has been answered before, more than likely this info exists, but I'm not looking in the right place. I work in a small corporation that is heavily dependent on web apps in which I am the sole developer. Currently we're using ASP on Win2K with SQL Server 2000. We've used RedHat for years on our mail / DNS servers, and have migrated to FreeBSD for both. Since ASP has pretty much been rendered obsolete by .Net, we are eventually going to migrate our web apps. Rather than continue down the road of MS technology, we have decided to migrate to PHP MySQL based on the stability we've experienced with FreeBSD running mail and DNS. I've done my homework in this regard, and the needed functionality for our needs exists in PHP, and I am in the process of setting up a development server to start the process of recoding the apps. Our development infrastructure to date works in this manner. Since I am the sole developer, and will be for the long term future, there has never been any real need to incorporate SourceSafe. Instead we run a separate development server to do all the coding. An FTP site has been set up to repository on the server. I currently use HomeSite for it's built-in FTP client. Coding is done locally, saved back to the server, and tested on the server in a browser. Testing is not done locally because our needs are such that there is a large number of static text files need to be accessed by our apps. The parameters to access these files are hard to duplicate to a workstation, and it has proved (for us anyway) to be easier to test these apps on a server that is a mirrored environment of the live server. My question is can something like this be replicated on FreeBSD w/ Subversion? I would like to setup a versioning system, but am at a loss on how the development process would operate. I have found information on how to update files on the live server from the development server, but not much in the way of how to set up a development server to get Subversion to update the files in the Apache directories. It would be trivial for me to simply set up FTP sites that map to the Apache directories, and change the permission structure to allow access to these directories, but I'd rather not create a security headache for myself down the road. Can Subversion be set up to check out a file, commit it back to the server, and test it in a browser from a workstation? Or does the file need to be moved from the Subversion directories to the Apache directories by someone w/ root privileges every time a file has been edited? Sorry if this question has been answered somewhere else, it's just that most of the info I seem to be finding is based on application development for locally run binaries in which the app is tested locally before being committed back to the server. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Subversion web development question.
, although I personally hate having to FTP files back and forth. So do I, which is why HomeSite's built in FTP client was such a treat. I know Bluefish has some method of connectivity similar in nature using gnome-vfs, but I could never figure out how to get this to work. The only documentation I could find last time I looked was that there was support for remote file systems, depending on your gnome-vfs setup, but nothing on how to set it up. Search the net for books on subversion... there are a couple that are freely available. OReilly also has made their samba book free as well. Will do. I took a look at one already, but it was the full blown documentation. I was hoping someone had a toaster how-to for this type of setup, but no luck so far. I'll hit the mailing lists you suggested and see what I come up with. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Subversion web development question.
Why would you need to be root? Here's what we do at work: Because /usr/local/www/apache22/data is owned by root. I guess I mistakenly figured that this is where the files should go. I know that you can configure Apache to point to any directory, but was unsure of the consequences of pointing it at directories outside of /usr/local/www/apache22/data. The development server is at the data center (since we're all remote). Apache has been configured to run several name based virtual servers and looks for the document root in a 'cpr' in our home directory. (cpr is the initials of our project) For those of us that like the CLI and working directly on the server, the 'cpr' directory is also our subversion working directory. So I edit a file, test it, like it, commit it. repeat. Our designers don't like CLI. What we've done for them is to set them up with TortioseSVN on their workstations. They check out the repository on their desktop. They make changes. When they want to test, they run rsync (via cygwin and a shell script) that syncs only the files they've changed (and skips all the .svn sub dirs) up to the server. They test. They like, they commit using TortioseSVN. All of thise happens over a SSH tunnel. At no point in any of this do any of us need to be root If you can get your dev environment running locally it will be easier since you won't have to upload to test, but depending on your situation that might not be reasonable. -philip What you suggest makes perfect sense, I wasn't sure if you could point Apache directly at a directory within Subversion's structure or not. I do have one more question. From a security standpoint would it be safer to point to a symlink within Apache's existing directory structure that points to /usr/home/svnDirectory, or configure Apache to point directly to /usr/home/svnDirectory? It's probably a moot point, but I'm still unsure of myself when it comes to messing around with permissions within FreeBSD and don't like making changes to the defaults without asking first. Many thanks, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IMAP server alternatives
On 7/11/2006 9:29 AM, albi wrote: Erik Norgaard wrote: Regarding cyrus documentation: I think they have stopped maintaining the documentation and moved to use the wiki - unfortunately, you don't stumble into the wiki first :( i can happily recommend Dovecot, really easy to install (Cyrus really isn't), supports both Maildir and mbox, been using it for years without any problems (i used courier before that, but i like dovecot much better) see here : http://www.dovecot.org and http://wiki.dovecot.org/ I would like to ask a couple more in depth questions pertaining to this conversation. We recently switched from POP3 Outlook Express to IMAP using IMAP-UW Thunderbird. Personally I have had no issues with IMAP-UW, but the users in our office have had issues with the mbox format itself. Specifically they cannot store messages subfolders within a folder (referring to the Thunderbird definition of a folder). In mbox, since a given folder is not a directory, but a file, you cannot place a subfolder within that file. Outlook Express' POP3 implementation did not have this behavior. Right or wrong, my users have requested that I attempt to restore this functionality in IMAP. Am I correct in assuming that if I switch to a mdir format server, it will operate in the manner they are requesting? My next question is in regards to scalability, not so much in the way of users, but in the amount of mail they store. Currently we have about 20 email accounts, and for the most part the users keep their email to a reasonable amount. However I do have 5 users that insist they save everything, and do not clean out their InBoxes. Currently they retain email going back 5 years, and have mail folders in excess of a couple of gigs apiece. Since one of these people is the owner, I have little chance of changing this policy. However they are asking that I attempt to increase the response time of the IMAP server, which can be somewhat slow for them - especially through SquirrelMail. Would the mdir format help in this situation as well? Last question, how difficult is it to back up the mdir format? Currently I cron a tar job, nightly, to backup the mboxes to another server to allow for tape backups (the tape unit on the server in question doesn't want to play nice with FreeBSD), and have had no difficulty in accomplishing this. Can I accomplish the same style of backups when moving to mdir? I'm in the middle of setting up a server to try out various IMAP servers to test which would provide the best response for our specific needs (low number of users - high volume of saved email), and would appreciate any opinions on the matter as it would probably save considerable time picking the right software to begin with. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
sendmail vacation
Are there any tutorials available on how to set up vacation to operate with a whitelist? My users are requesting I add this functionality to our mail server, but I don't want to create an open bounce. What I wish to do is take a list of domain names of our customer base and allow vacation to only respond to that list. Googling brought back info on using whitelists to use in conjunction with spam blocking, but I haven't been able to weed through all of the results regarding spam to locate anything regarding whitelisting vacation. From the vacation man page, I see that there is an -x option that allows blacklisting, but nothing on whitelisting. Any ideas? Also, if this functionality is not available using vacation in conjunction with sendmail, would a different MTA offer this functionality? TIA Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
clarification of cvsup process.
I have a FreeBSD 6.0 server that I manage that is used as a DNS / mail server. In the wake of the recent sendmail security announcement, I'd like to make sure I'm keeping the thing up to date. I tried to run the patch as listed in the announcement, but the patch just seemed to hang, so I killed the process and decided to go the cvsup route. now I understand the whole cvsup process, as well as updating ports, but the whole release tag thing still has me confused. If possible could someone tell me if I'm doing this right or not, or have someone tell me what I'm doing wrong. I'm only interested in updating the system when a security need arises, and have no desire to live on the cutting edge. I handle the ports through portaudit/portsnap/portmanager, and am looking to only update the case system with cvsup. Here is the list of commands I run to update the system. # cvsup /usr/local/greg/cvsupfile Contents of cvsupfile: *default host=cvsup6.FreeBSD.org *default base=/var/db *default prefix=/usr *default release=cvs tag=RELENG_6_0 *default delete use-rel-suffix src-all *default tag=. # cd /usr/src # make buildworld # make buildkernel # make installkernel # reboot After rebooting into single user mode: # fsck -p # mount -u / # mount -a -t ufs # swapon -a # adjkerntz -i # mergemaster -p # make installworld # mergemaster # reboot After rebooting: # cd /etc/mail # make all # make install # make restart And that's it. I do the stuff in /etc/mail since I'm not sure running make buildworld will update the cf files. The last patch that came out, I did the same thing I outlined above, but I did not notice a change in the version number of Sendmail when telnetting to it. I did a search through the security notice, and took a look at all of the source files on my machine that were updated. Although I could not find a version number anywhere, I noticed that the timestamp for all of the affected files had changed to the date listed in the announcement. I'm not sure if Sendmail reports it's version from something hardcoded in the binary, or if it comes from the cf file. So does this look right? Or am I missing something obviously stupid? Is my cvsupfile correct for what I want it to do? TIA Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: clarification of cvsup process.
On 6/15/2006 2:42 PM, Bill Moran wrote: In response to Greg Groth [EMAIL PROTECTED]: I have a FreeBSD 6.0 server that I manage that is used as a DNS / mail server. In the wake of the recent sendmail security announcement, I'd like to make sure I'm keeping the thing up to date. I tried to run the patch as listed in the announcement, but the patch just seemed to hang, so I killed the process and decided to go the cvsup route. now I understand the whole cvsup process, as well as updating ports, but the whole release tag thing still has me confused. If possible could someone tell me if I'm doing this right or not, or have someone tell me what I'm doing wrong. I'm only interested in updating the system when a security need arises, and have no desire to live on the cutting edge. I handle the ports through portaudit/portsnap/portmanager, and am looking to only update the case system with cvsup. Here is the list of commands I run to update the system. # cvsup /usr/local/greg/cvsupfile Contents of cvsupfile: *default host=cvsup6.FreeBSD.org *default base=/var/db *default prefix=/usr *default release=cvs tag=RELENG_6_0 *default delete use-rel-suffix src-all *default tag=. Note that you set the tag=RELENG_6_0 ... which is what you want, then you reset it tag=. -- which will give you 6-STABLE -- not what you want. Remove the *default tag=. line. Out of curiosity, can you revert back to RELENG_6_0 from 6_STABLE? Obviously I already ran this process... # cd /usr/src # make buildworld # make buildkernel # make installkernel # reboot After rebooting into single user mode: # fsck -p # mount -u / # mount -a -t ufs # swapon -a # adjkerntz -i # mergemaster -p # make installworld # mergemaster # reboot After rebooting: # cd /etc/mail # make all # make install # make restart And that's it. I do the stuff in /etc/mail since I'm not sure running make buildworld will update the cf files. The last patch that came out, I did the same thing I outlined above, but I did not notice a change in the version number of Sendmail when telnetting to it. I don't know if the patch updates sendmail's internal version or not. What does uname -a tell you after the upgrade? mail# uname -a FreeBSD mail.domain.com 6.0-RELEASE-p6 FreeBSD 6.0-RELEASE-p6 #1: Tue Mar 28 13:46:24 CST 2006 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 (the real domain has been obfuscated) Thanks for the reply. Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: clarification of cvsup process.
On 6/15/2006 3:02 PM, Bill Moran wrote: In response to Greg Groth [EMAIL PROTECTED]: On 6/15/2006 2:42 PM, Bill Moran wrote: In response to Greg Groth [EMAIL PROTECTED]: [snip] Contents of cvsupfile: *default host=cvsup6.FreeBSD.org *default base=/var/db *default prefix=/usr *default release=cvs tag=RELENG_6_0 *default delete use-rel-suffix src-all *default tag=. Note that you set the tag=RELENG_6_0 ... which is what you want, then you reset it tag=. -- which will give you 6-STABLE -- not what you want. Remove the *default tag=. line. Out of curiosity, can you revert back to RELENG_6_0 from 6_STABLE? Obviously I already ran this process... I have successfully done this with other versions of FreeBSD, whether or not it works is dependent on exactly what version you're trying to back out of, and I can't say for sure about 6-STABLE to 6.0. What does uname -a tell you after the upgrade? mail# uname -a FreeBSD mail.domain.com 6.0-RELEASE-p6 FreeBSD 6.0-RELEASE-p6 #1: Tue Mar 28 13:46:24 CST 2006 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 Are you sure you completed the process successfully? If you'd had tag=., this would reports something like 6-STABLE. If you'd had 6_0_RELENG, it would report 6.0-RELEASE-p9. It looks as if the make install* steps weren't completed. (reiterating my original email for clarification) # cd /usr/src # make buildworld # make buildkernel # make installkernel # reboot After rebooting into single user mode: # fsck -p # mount -u / # mount -a -t ufs # swapon -a # adjkerntz -i # cd /usr/src (I forgot to list this last time around) # mergemaster -p # make installworld # mergemaster # reboot No errors reported during any of these steps, and each step appears to complete like it's doing exactly what it's supposed to. Can you see any steps I missed or overlooked? Any advice on how to determine where something might have gone wrong? All of a sudden I'm having this feeling that something might be broken somewhere... Many thanks, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: KDE + GNOME?
Perhaps I should be more clear. Is there anyone reading who currently has KDE 3.5.x and GNOME 2.12.x installed concurrently on their systems? Did you experience installation problems with respect to dependencies? Are you able to choose between running KDE and GNOME as simply as by running startkde or startgnome (or whatever the start gnome command is)? I like KDE and some of its applications and I don't necessarily wish to switch to using something else exclusively. I have many good things about GNOME and would like to try it out. I want to be able to switch back-and-forth whenever I want. Has anyone else tried this? Thanks for your responses. Sincerely, Duane Whitty I have both installed on a 6.0 box, had no real problems with dependencies that I can recall. I use KDM to switch between the two. Cheers. Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
re:saslauthd problems
I wrote a while back that I was having difficulty getting SMTP-AUTH running on a BSD box, and could not get it to work correctly. I happy to report that I have located the problem, and thought I'd post the solution in case anyone else runs into this. My configuration on one box worked fine, yet the second one wouldn't. The problem turned out to be nothing to do with the box at all, but the firewall. The server that worked is sitting behind IPCop, and the one that wouldn't is behind a pix box. Apparently Cisco has a smtp fix-up that mangles EHLO (http://tinyurl.com/nnovb). Once this feature was deactivated, everything worked just fine. I didn't catch this first time around because I didn't have the log options for sendmail set high enough to show the mangled EHLO command. Greg Groth _ Dont just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
password database error?
I rebuilt a box recently, and used pwd_mkdb to rebuild the databases using a backup of master.passwd. Along with having problems with getting saslauthd working, I seem to have stumbled on another problem that might be related. Today we had an employee quit, and I had to delete her account on the mail server. I logged onto the system, and did the following: ns1# rmuser Please enter one or more usernames: jdoe Matching password entry: jdoe:*:1010:500::0:0:John Doe:/home/jdoe:/bin/sh Is this the entry you wish to remove? y Remove user's home directory (/home/jdoe)? y Removing user (jdoe): home passwdpw: user 'jdoe' does not exist: No such file or directory . Logging in as jdoe does work, and has worked since I rebuilt the databases. There is a /home/jdoe directory. I checked, and there is a line item in master.passwd for jdoe. I ran pwd_mkdb again, but still cannot delete this user. I'm thinking that if rmuser can't verify a user, it's probably the same reason that salauthd cannot as well. Any ideas on what I have missed? Greg Groth _ Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
saslauthd problems
I am having great difficulty in getting SMTP-AUTH working on a mail server. I went through this not too long ago on another box, and was able to get it working (SSL is another story). On this box, when I try to send an email, I get the following in maillog: Feb 26 23:42:16 ns1 sm-mta[1783]: NOQUEUE: connect from node-40241be2.mdw.onnet.us.uu.net [64.36.27.226] Feb 26 23:42:16 ns1 sm-mta[1783]: AUTH: available mech=NTLM LOGIN ANONYMOUS PLAIN GSSAPI OTP DIGEST-MD5 CRAM-MD5, allowed mech=PLAIN LOGIN Feb 26 23:42:16 ns1 sm-mta[1783]: k1R5gGCB001783: Milter: no active filter Feb 26 23:42:17 ns1 sm-mta[1783]: k1R5gGCB001783: ruleset=check_rcpt, arg1=[EMAIL PROTECTED], relay=node-40241be2.mdw.onnet.us.uu.net [64.36.27.226], reject=550 5.7.1 [EMAIL PROTECTED]... Relaying denied. Proper authentication required. I checked to see if saslauthd was running: ns1# ps -aux | grep saslauthd root 532 0.0 0.4 2824 1884 ?? Is8:41PM 0:00.02 /usr/local/sbin/saslauthd -a pam root 533 0.0 0.3 2776 1604 ?? I 8:41PM 0:00.00 /usr/local/sbin/saslauthd -a pam root 534 0.0 0.3 2776 1604 ?? I 8:41PM 0:00.00 /usr/local/sbin/saslauthd -a pam root 535 0.0 0.3 2776 1604 ?? I 8:41PM 0:00.00 /usr/local/sbin/saslauthd -a pam root 536 0.0 0.3 2776 1604 ?? I 8:41PM 0:00.00 /usr/local/sbin/saslauthd -a pam The only other mention in any of the logs regarding sasl I could find was this: Feb 26 20:41:53 ns1 saslauthd[532]: detach_tty : master pid is: 532 Feb 26 20:41:53 ns1 saslauthd[532]: ipc_init: listening on socket: /var/state/saslauthd/mux System is FreeBSD 6.0 using a fresh install. System has latest ports of Sendmail, IMAP-UW, Cyrus-SASL2, Cyrus-SASL2-Auth I can relay without a problem if I add my IP to the Sendmail Access db, but it won't work with SMTP-AUTH. Sendmail was installed as part of the base install. I added the following commands to /etc/make.conf: SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 SENDMAIL_LDFLAGS=-L/usr/local/lib SENDMAIL_LDADD=-lsasl2 I then ran the whole make buildworld, make kernel, etc. deal, then recompiled Sendmail as follows: cd /usr/src/usr.sbin/sendmail make clean make depend make make install Added the following to my mc file: define(`confAUTH_MECHANISMS',`PLAIN LOGIN')dnl TRUST_AUTH_MECH(`PLAIN LOGIN')dnl ran make cf make install make restart I added saslauthd_enable=YES to /etc/rc.conf, and it appears to be starting at boot. I checked /usr/local/lib/sasl2/Sendmail.conf, and have the following: pwcheck_method: saslauthd I then went back through and checked all of the Makefiles and startup scripts as I saw a bug mentioned in the docs that said to check the library paths (if compiling from scratch), and everything seems to be pointing to where it should be. I've gone through both systems and cannot find a difference in either the way they were compiled or configured, yet I'm at a standstill. The only difference is that on the system that is giving me fits is I rebuilt the /etc/pwd.db and /etc/spwd.db from a backup of master.passwd using pwd_mkdb. I checked the password dbs on both systems thinking I might have some kind of db compatability problem, both files on both systems came back as follows: ns1# file /etc/pwd.db /etc/pwd.db: Berkeley DB 1.85 (Hash, version 2, native byte-order) ns1# file /etc/spwd.db /etc/pwd.db: Berkeley DB 1.85 (Hash, version 2, native byte-order) As far as I can figure out, saslauthd is configured to fall back to it's own database authentication scheme if other methods fail, and the Milter: no active filter error is probably it complaining that it can't find the database. Why isn't it checking the password file? Anyone have any ideas? I'm at my wit's end. TIA Greg Groth _ Is your PC infected? Get a FREE online computer virus scan from McAfee® Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Sendmail - IMAP-UW - Cyrus-SASL2 - SMTPAUTH problems
First, thank you for your reply. Second, I have figured out the problem of not being able to delete IMAP folders in Thunderbird. Apparently this is a client-side issue, not a server one. The answer is to unsubscribe the trash folder in Thunderbird. After unsubscribing, it still appears and operates normally, and you are then able to delete folders. I found the answer in forums regarding older versions of Mozilla Mail, which is why nothing turned up on a search for Thunderbird. Not sure of the exact cause, or if this indeed a bug or just something I missed in the documentation, but it works now. From: Ted Mittelstaedt [EMAIL PROTECTED] To: Greg Groth [EMAIL PROTECTED], [EMAIL PROTECTED] CC: freebsd-questions@freebsd.org Subject: RE: Sendmail - IMAP-UW - Cyrus-SASL2 - SMTPAUTH problems Date: Fri, 17 Feb 2006 04:11:15 -0800 Hi Greg, It is true there's a lot of software available but I have found over the years that a lot of the packages are good, and will work equally well on the back end. Most of the older ones have matured to the point that a rather common selection criteria is I chose that because that's what all my friends are running You really won't know what works the best unless you try all of the packages, and nobody has the time for that. So what you have to do is just pick one based on whatever sketchy research you turn up and spend some time on it, after a few months you will know if it's going to work for you or not. Most times it will work OK for you so your choice becomes one of which is better: knowing a few packages well, or a lot of packages not very well. A hobbiest/amateur is better off knowing a lot of packages not very well, because their fun is in trying out new things and learning how different things are done. But a manager of a production system is in the other boat, they need to know a few packages very, very well. You need to be aware of which kind of person your taking advice from. IMHO RedHat isn't much good unless you go the full meal deal and buy a support contract from RedHat. If you are upgrading from old 7/9 RH and you want to keep the RH universe, and you don't want to buy into support, then go to CentOS. RedHat was becoming a pain to deal with. It seemed to me, and this is just my opinion and worth the paper this email is printed on, that a lot of the software had been tweaked to where common solutions to common problems didn't work, and solutions had to be found for the specific version of RedHat I was using. Not that there's anything morally wrong with RedHat doing this, I just found it a pain when looking for answers to problems. Frankly I feel that one of the big problems with Linux right now is they are missing the boat on SATA RAID big time, and I mean really, really big time. Most server-quality motherboards these days come with RAID0/1 SATA chipsets, and disk drives are so cheap now that even people putting together little crummy servers are going mirrored SATA disks. But Linux has ignored this, claiming it's the responsibility of the manufacturers to write drivers, and most of them haven't. The Linux people all seem to think it's perfectly OK to go buy an Intel motherboard with onboard ICH7R RAID and disable that and drop $200 into a 3ware RAID card and plug that into the motherboard if you have the nerve to run RAID on anything other than a Real SCSI RAID array. Fine, let them delude themselves, it just puts Linux further and further away from the server arena. Most Linux distros have terrible or nonexistent support for Promise RAID cards as well, once again, really short-sighted. I don't know much on this subject I'm afraid, but I'm about to get into this because KnoppMyth apparently has issues running a SATA drive as a primary boot device. (Off the subject, but I tried getting MythTV running on RedHat FC4, and ran into too many issues getting it running to continue on that route). Anyway, getting back to your situation. We run SSL imap and pop3, with uw-imap. I recommend this route since it allows people to hit their maibox with both pop3 and imap and not get a lot of funny messages about popping down the placeholder message. uw-imap used to have a problem with really big e-mails years ago, it would swap itself to death building the tempfiles, this was fixed years ago. I did solve my SSL problem by recompiling UW-IMAP and Sendmail without SSL, and installing stunnel. Everything is working the way I want it configured. Hopefully there won't be any scalability issues, but I don't expect any in our tiny environment. We run SMTP AUTH but we don't run SSL SMTP. Why? Because way too many customers out there still run elderly versions of e-mail clients that can't handle SSL SMTP. If I was doing up a mailserver for a corporation I might consider SSL SMTP, but frankly, I think the idea that someone's going to sniff your password is highly overrated. Most people set their e-mail
RE: Sendmail - IMAP-UW - Cyrus-SASL2 - SMTPAUTH problems
From: Kirk Davis [EMAIL PROTECTED] To: Greg Groth [EMAIL PROTECTED] CC: freebsd-questions@freebsd.org Subject: RE: Sendmail - IMAP-UW - Cyrus-SASL2 - SMTPAUTH problems Date: Mon, 13 Feb 2006 14:25:04 -0700 Hi Greg, I'm trying to set up a FreeBSD 6.0 box as a mail server, and while everything seems to be working OK for the most part, I have run into two issues that I cannot resolve (I'm new to BSD, please bear with me). Install went as follows: Installed via FTP last night along with src - Sources for everything, IMAP-UW was compiled via ports with WITH_SSL_AND_PLAINTEXT enabled (same for cclient), OpenSSL, Cyrus-SASL2 Cyrus-SASL2-saslauthd were compiled via ports with no flags. Sendmail was installed with the base install and recompiled (after SASL2 was up and running) with the following options added to make.conf: # SASL (cyrus-sasl v2) sendmail build flags... SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 SENDMAIL_LDFLAGS=-L/usr/local/lib SENDMAIL_LDADD=-lsasl2 # Adding to enable alternate port (smtps) for sendmail... SENDMAIL_CFLAGS+= -D_FFR_SMTP_SSL I followed the instructions I found at http://www.bsdconspiracy.net/howto/sendmail.html, and had no problems with the install except for Sendmail. After recompiling sendmail, I added the following lines to the mail.server.mc file: define(`confAUTH_MECHANISMS',`PLAIN LOGIN')dnl TRUST_AUTH_MECH(`PLAIN LOGIN')dnl define(`CERT_DIR', `/etc/mail/certs')dnl define(`confCACERT_PATH', `CERT_DIR')dnl define(`confCACERT', `CERT_DIR/mycert.pem')dnl define(`confSERVER_CERT', `CERT_DIR/mycert.pem')dnl define(`confSERVER_KEY', `CERT_DIR/mykey.pem')dnl define(`confCLIENT_CERT', `CERT_DIR/mycert.pem')dnl define(`confCLIENT_KEY', `CERT_DIR/mykey.pem')dnl DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl This is your problem. The above line sets up the Sendmail daemon to listen on port 25 but the standard mc file distributed with FreeBSD also sets up a DAEMON port (it's at the end of the MC file). Here is what my DAEMON_OPTIONS lines look like. These should be the only DAEMON_OPTIONS lines in the mc file. dnl Enable for both IPv4 and IPv6 (optional) DAEMON_OPTIONS(`Name=IPv4, Family=inet') DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O') DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl That is what I was guessing, however I couldn't find a Sendmail for Dummies book that could explain The DAEMON_OPTIONS in language I understand. It's very easy to get lost in the online docs and the O'Reilly book, for me anyway. DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl After running (in /etc/mail) make clean, make cf, make install, make restart, SMTP no longer works, and I find the following in maillog and messages Feb 12 20:25:55 mail sm-mta[1213]: daemon IPv4: problem creating SMTP socket Feb 12 20:26:00 mail sm-mta[1213]: NOQUEUE: SYSERR(root): opendaemonsocket: daemon IPv4: cannot bind: Address already in use When I try and stop sendmail, I get a message that the pid for Sendmail cannot be found. I end up killing the missing Sendmail daemon using KSysGuard If I remove this line - DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl from the mail.server.mc file, make cf, make install, make restart, sendmail starts normally. When trying to access from another machine on my network, I can only connect on port 25 without a secure connection (I'm using Thunderbird for this), although SMTP-AUTH is working correctly. Have you tried to setup your mail client to connect to port 465? This is the smtps (SMTP SSL) port. Yes I have. The above mentioned How-To states to have MS products connect on port 25, which didn't make a whole lot of sense to me, so I tried both 25 and 465 using Thunderbird. Thunderbird returned with a message that the SMTP server was not accepting connections. Now that I know what's wrong with my MC file, I'm guessing I havge to take a stronger look at my certificates and make sure that they're working correctly. I might have a path screwed up somewhere. Seems that if it's listening on 465, everything should be OK with Sendmail, but there might be a problem with SSL. Any ideas on what I might need to do to get SSL / SMTP-AUTH working on SMTP? I took a look at the instructions in the handbook, but they were written for SASL1. Running netstat shows smtps listening on 465, but when I try to telnet to that port, the server drops the connection. Hmm... It should connect but you will not see anything since it is expecting an SSL connection. My second problem is rather simple, after I create an IMAP folder, I am unable to delete it using a remote client. Thunderbird responds with The mail server responded: RENAME failed: Can't create mailbox node /home/User/Trash/: File exists. Nothing shows up in any of the server logs though. I have not seen this problem although I have it setup for an office of Outlook users. I would check the permissions on the folders
RE: Sendmail - IMAP-UW - Cyrus-SASL2 - SMTPAUTH problems
From: Ted Mittelstaedt [EMAIL PROTECTED] To: Joe Auty [EMAIL PROTECTED], Kirk Davis [EMAIL PROTECTED] CC: Greg Groth [EMAIL PROTECTED], freebsd-questions@freebsd.org Subject: RE: Sendmail - IMAP-UW - Cyrus-SASL2 - SMTPAUTH problems Date: Tue, 14 Feb 2006 00:34:28 -0800 I'm sure glad that this message didn't pass through my work mailserver so that it's didn't see it, since my work e-mail inbox has 16383 messages in it (the limit that Outlook can display in IMAP mode) and is 412 megabytes in size, and performance is perfectly fine both with Outlook and Horde/IMP. I wouldn't want my mailserver reading it and thinking that it's OK to slack off. And yes I know I need to delete some messages, speak to the hand if your going to make that crack. This is imap-uw/sendmail. Perhaps you might consider that since you haven't run imap-uw in a while that your no longer qualified to make claims about it? Or perhaps you never had it setup properly? Or perhaps your hardware was slow? Nothing is wrong with Postfix / Courier-IMAP but nothing is wrong either with sendmail / uw-imap. Ted -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Joe Auty Sent: Monday, February 13, 2006 1:53 PM To: Kirk Davis Cc: Greg Groth; freebsd-questions@freebsd.org Subject: Re: Sendmail - IMAP-UW - Cyrus-SASL2 - SMTPAUTH problems Hey Greg, Sorry if this completely throws a monkey wrench into your plans, but I feel inspired to interject since I once had a nearly identical setup as you... I switched to Postfix and Courier-IMAP since I found that performance of large mailboxes in IMAP-UW was pretty poor, especially over web- based email where messages are not cached. I switched to Postfix because it is so much more simple and straight forward than Sendmail. You should have no problems switching to Postfix, since it is basically Sendmail with a nicer wrapper/configuration. Just food for thought. I appreciate both of your comments, as I have stated I am new to BSD. Part of my problem is the huge amount of software available, and no good way to determine what will work better for my situation. Perhaps if I explain my situation, it would help some. We've been running Sendmail and a POP-Before-SMTP script for the last 6 years on a Redhat box. I think it started out on 5.2, and was up to 7.3 when it crashed 3 weeks ago. I had been planning to upgrade the server, and had a new box ready to go, but I had stalled on the OS. I didn't want to go down the Redhat route because of strictly personal issues that are more opinions than fact, and a friend suggest FreeBSD. The server crash pretty much forced my hand, and my goal was to replicate what we had in place ASAP. Because of my (limited) knowledge of Sendmail, I went that route as I know nothing of the alternatives. I went with IMAP-UW because not because of anything I had read, but because I was attempting to get the POP-Before-SMTP port to work (which it didn't - long story), and IMAP-UW seemed a good alternative as it is a POP and IMAP server and was easily configured in POP-Before-SMTP. Since I could not find a POP-Before-SMTP solution that I could get to operate (I had problems with POP-Before-SMTP, and DRAC before throwing in the towel), I decided to switch to SMTP-AUTH. So here's my situation, we have about 25 users on the server. I need POP and IMAP that will operate with and without SSL, and SMTP that can handle SMTP-AUTH with and without SSL. Out of the 25 users, I have 3 that are email packrats, and have between 2-4 gigs of email apiece. They are currently using POP on Outlook Express, but will be switching over to IMAP on Thunderbird in the near future (I also have 5 users that I'm not sure what client they are using, we're hosting their domain - long story). Our office peronnel will be migrating to IMAP, using SSL when out of the office, and plain text when in. The five users in which we are hosting their email will remain on POP, and although SSL would be nice, I want the ability to offer plain text in case I run into client issues. Similar circumstances for SMTP, I can relay by domain for users on our network, and would like to use SMTP-AUTH for off-ste users. SSL preferred, but offer plain text in case of client issues. Last issue would be something that will play nice with SquirrelMail. Although I'm very familiar with administering Sendmail (starting, stopping, backing up, running makemaps), configuring is another story. While SMTP is pretty much running as stable as it ever has, I still have issues from time to time. For instance I am sending this from Hotmail as this list is currently bouncing email from my server because of some error I have not investigated yet. At this moment I am pretty much open to anything, but I don't have a good way of evaluating different options other than trial and error (and I'm kind of short on time). I know that a lot of times it comes
RE: Sendmail - IMAP-UW - Cyrus-SASL2 - SMTPAUTH problems
Sorry for the double submission, I totally screwed up. I have added my response this time... From: Ted Mittelstaedt [EMAIL PROTECTED] To: Joe Auty [EMAIL PROTECTED], Kirk Davis [EMAIL PROTECTED] CC: Greg Groth [EMAIL PROTECTED], freebsd-questions@freebsd.org Subject: RE: Sendmail - IMAP-UW - Cyrus-SASL2 - SMTPAUTH problems Date: Tue, 14 Feb 2006 00:34:28 -0800 I'm sure glad that this message didn't pass through my work mailserver so that it's didn't see it, since my work e-mail inbox has 16383 messages in it (the limit that Outlook can display in IMAP mode) and is 412 megabytes in size, and performance is perfectly fine both with Outlook and Horde/IMP. I wouldn't want my mailserver reading it and thinking that it's OK to slack off. And yes I know I need to delete some messages, speak to the hand if your going to make that crack. This is imap-uw/sendmail. Perhaps you might consider that since you haven't run imap-uw in a while that your no longer qualified to make claims about it? Or perhaps you never had it setup properly? Or perhaps your hardware was slow? Nothing is wrong with Postfix / Courier-IMAP but nothing is wrong either with sendmail / uw-imap. Ted -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Joe Auty Sent: Monday, February 13, 2006 1:53 PM To: Kirk Davis Cc: Greg Groth; freebsd-questions@freebsd.org Subject: Re: Sendmail - IMAP-UW - Cyrus-SASL2 - SMTPAUTH problems Hey Greg, Sorry if this completely throws a monkey wrench into your plans, but I feel inspired to interject since I once had a nearly identical setup as you... I switched to Postfix and Courier-IMAP since I found that performance of large mailboxes in IMAP-UW was pretty poor, especially over web- based email where messages are not cached. I switched to Postfix because it is so much more simple and straight forward than Sendmail. You should have no problems switching to Postfix, since it is basically Sendmail with a nicer wrapper/configuration. Just food for thought. I appreciate both of your comments, as I have stated I am new to BSD. Part of my problem is the huge amount of software available, and no good way to determine what will work better for my situation. Perhaps if I explain my situation, it would help some. We've been running Sendmail and a POP-Before-SMTP script for the last 6 years on a Redhat box. I think it started out on 5.2, and was up to 7.3 when it crashed 3 weeks ago. I had been planning to upgrade the server, and had a new box ready to go, but I had stalled on the OS. I didn't want to go down the Redhat route because of strictly personal issues that are more opinions than fact, and a friend suggest FreeBSD. The server crash pretty much forced my hand, and my goal was to replicate what we had in place ASAP. Because of my (limited) knowledge of Sendmail, I went that route as I know nothing of the alternatives. I went with IMAP-UW because not because of anything I had read, but because I was attempting to get the POP-Before-SMTP port to work (which it didn't - long story), and IMAP-UW seemed a good alternative as it is a POP and IMAP server and was easily configured in POP-Before-SMTP. Since I could not find a POP-Before-SMTP solution that I could get to operate (I had problems with POP-Before-SMTP, and DRAC before throwing in the towel), I decided to switch to SMTP-AUTH. So here's my situation, we have about 25 users on the server. I need POP and IMAP that will operate with and without SSL, and SMTP that can handle SMTP-AUTH with and without SSL. Out of the 25 users, I have 3 that are email packrats, and have between 2-4 gigs of email apiece. They are currently using POP on Outlook Express, but will be switching over to IMAP on Thunderbird in the near future (I also have 5 users that I'm not sure what client they are using, we're hosting their domain - long story). Our office peronnel will be migrating to IMAP, using SSL when out of the office, and plain text when in. The five users in which we are hosting their email will remain on POP, and although SSL would be nice, I want the ability to offer plain text in case I run into client issues. Similar circumstances for SMTP, I can relay by domain for users on our network, and would like to use SMTP-AUTH for off-ste users. SSL preferred, but offer plain text in case of client issues. Last issue would be something that will play nice with SquirrelMail. Although I'm very familiar with administering Sendmail (starting, stopping, backing up, running makemaps), configuring is another story. While SMTP is pretty much running as stable as it ever has, I still have issues from time to time. For instance I am sending this from Hotmail as this list is currently bouncing email from my server because of some error I have not investigated yet. At this moment I am pretty much open to anything, but I don't have a good way of evaluating different options other
Sendmail - IMAP-UW - Cyrus-SASL2 - SMTPAUTH problems
I'm trying to set up a FreeBSD 6.0 box as a mail server, and while everything seems to be working OK for the most part, I have run into two issues that I cannot resolve (I'm new to BSD, please bear with me). Install went as follows: Installed via FTP last night along with src - Sources for everything, IMAP-UW was compiled via ports with WITH_SSL_AND_PLAINTEXT enabled (same for cclient), OpenSSL, Cyrus-SASL2 Cyrus-SASL2-saslauthd were compiled via ports with no flags. Sendmail was installed with the base install and recompiled (after SASL2 was up and running) with the following options added to make.conf: # SASL (cyrus-sasl v2) sendmail build flags... SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 SENDMAIL_LDFLAGS=-L/usr/local/lib SENDMAIL_LDADD=-lsasl2 # Adding to enable alternate port (smtps) for sendmail... SENDMAIL_CFLAGS+= -D_FFR_SMTP_SSL I followed the instructions I found at http://www.bsdconspiracy.net/howto/sendmail.html, and had no problems with the install except for Sendmail. After recompiling sendmail, I added the following lines to the mail.server.mc file: define(`confAUTH_MECHANISMS',`PLAIN LOGIN')dnl TRUST_AUTH_MECH(`PLAIN LOGIN')dnl define(`CERT_DIR', `/etc/mail/certs')dnl define(`confCACERT_PATH', `CERT_DIR')dnl define(`confCACERT', `CERT_DIR/mycert.pem')dnl define(`confSERVER_CERT', `CERT_DIR/mycert.pem')dnl define(`confSERVER_KEY', `CERT_DIR/mykey.pem')dnl define(`confCLIENT_CERT', `CERT_DIR/mycert.pem')dnl define(`confCLIENT_KEY', `CERT_DIR/mykey.pem')dnl DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl After running (in /etc/mail) make clean, make cf, make install, make restart, SMTP no longer works, and I find the following in maillog and messages Feb 12 20:25:55 mail sm-mta[1213]: daemon IPv4: problem creating SMTP socket Feb 12 20:26:00 mail sm-mta[1213]: NOQUEUE: SYSERR(root): opendaemonsocket: daemon IPv4: cannot bind: Address already in use When I try and stop sendmail, I get a message that the pid for Sendmail cannot be found. I end up killing the missing Sendmail daemon using KSysGuard If I remove this line - DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl from the mail.server.mc file, make cf, make install, make restart, sendmail starts normally. When trying to access from another machine on my network, I can only connect on port 25 without a secure connection (I'm using Thunderbird for this), although SMTP-AUTH is working correctly. Any ideas on what I might need to do to get SSL / SMTP-AUTH working on SMTP? I took a look at the instructions in the handbook, but they were written for SASL1. Running netstat shows smtps listening on 465, but when I try to telnet to that port, the server drops the connection. My second problem is rather simple, after I create an IMAP folder, I am unable to delete it using a remote client. Thunderbird responds with The mail server responded: RENAME failed: Can't create mailbox node /home/User/Trash/: File exists. Nothing shows up in any of the server logs though. Hopefully this is the right list for these questions, if not, could someone please direct me to the correct one? Any advice anyone can give me on either of these problems would be greatly appreciated. Greg Groth _ Is your PC infected? Get a FREE online computer virus scan from McAfee® Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]