Re: Problem with r-o access in jail
Want a nullfs filesystem to be read-only for tech people to search-only maillog files. host machine's files: /var/log/mx1/maillog* files the maillog files are all 644 and r bit is set all along the path using ezjail jail root is /var/jails jail name is fixit mkdir -p /var/jails/fixit/mx1 fixit/mx1 dir has 644 and r bit is set all along the path The directory permissions should have the execute bit set, it should be set to 755 instead of 644. mount_nullfs -o ro /var/log/mx1 /var/jails/fixit/mx1 ezjail-admin console fixit as fixit jail root user I add a user fixit:fixit ssh logon to fixit jail's ip as user fixit ll /mx1 gives nothing but: ls: maillog.45.bz2: Permission denied ls: maillog.46.bz2: Permission denied ls: maillog.47.bz2: Permission denied ls: maillog.48.bz2: Permission denied ls: maillog.49.bz2: Permission denied ls: maillog.5.bz2: Permission denied ls: maillog.50.bz2: Permission denied ls: maillog.51.bz2: Permission denied If your permissions are set to 644 on the directories, this is the result of 'ls'. After changing the directories permissions to 755, the 'Permission denied' errors will stop. ezjail-admin console fixit ...shows the /mx1/maillog* files all to be 644 If move the jail fixit user from group fixit to group wheel, user fixit has access to /mx1/maillog* files. suggestions? thanks, Len -- Regards, James Edwards ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: (mutt +) msmtp problem?
I use mutt (1.5.21) with msmtp (1.4.28) as MDA. Usually, everything goes smoothly, but every once in a while I lose network connectivity when sending email (I don't recall whether there is a correlation between this problem and my trying to send not-so-big but yet around 1mb files). Basically, what happens in trying to send an email is: May 16 10:01:17 wpa_supplicant[662]: CTRL-EVENT-DISCONNECTED bssid=**:**:**:**:**:** reason=0 ... May 16 10:02:27 wpa_supplicant[662]: CTRL-EVENT-CONNECTED - Connection to **:**:**:**:**:** completed (reauth) [id=0 id_str=] ... Then I try again, and the same thing happens. All msmtp's log shows is: errormsg='cannot write to TLS connection: Pipe Broken' exitcode=EX_IOERR Any ideas? Best, Ramiro Based on above, mutt and msmpt *appear* to be fine, but this seems to be a problem with the wireless driver, card, or router - you are being disconnected from the network, which in turn is causing the 'broken pipe'. You could feasibly work around it by using a wired connection, or take a look at what is going on with your wireless. -- Regards, James Edwards ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 8.2 fails to boot after install on Sun
On Tue, January 3, 2012 15:33, Miller, Leonard wrote: Hi, I have tried installing 8.2 Sparc on a Sun system multiple times, using different options, and each time I do, it takes me back to the initial options screen, where I have to exit the install, forcing it to halt. I am never prompted to install a boot manager or anything else. I always get through the install process, installing packages, adding users, network settings, etc. Your install experience sounds normal and successful. When you are finished and exit the installer, it should take you to the openboot prompt. All you *should* need to do is type in 'boot', the system will reboot and boot to disk. You don't need to worry about a boot manager as multibooting isn't supported on this platform. When I power cycle the machine and change the boot settings back to defaults, it fails to boot. If it fails to boot, I'm assuming it is stopping at the OpenBoot prompt? Can you elaborate further? What happens when you type 'boot disk' at the openboot prompt? If it boots, auto-boot may not be set correctly, which can be rectified by 'setenv auto-boot? true' at the openboot prompt. If that does not work, what is the output of 'printenv' - specifically what is 'boot-device' set to? Also, some further reading on installing FreeBSD on sparc64: http://www.freebsdwiki.net/index.php/Sparc_-_Installing_FreeBSD -and for more detail- http://www.freebsdwiki.net/index.php/Installation_on_Ultra_5 Hope this helps, James ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ZFS upgrade path
On Wed, December 28, 2011 12:18, James Edwards wrote: There are four disks, all in a single storage pool - tank. Here is the naming convention I planned on following after 9.0 is released: tank/9.0 tank/9.0/usr tank/9.0/var tank/9.0/tmp and so on This way, in theory at least, when 9.1 (or 10.0) is released, I can simply create tank/9.1 and the associated data sets, make my changes to /etc and /boot, change the zfs bootfs, reboot, and finally upgrade the ZFS pools. Is this feasible to do, or are there any caveats/gotchas I'm overlooking? It took some time to do, but I was able to demonstrate within VirtualBox that this can be done. I found it important when creating tank/8.2/usr and tank/8.2/var to specify 'canmount=off', this way the datasets below it inherit the correct mountpoints. After installing 8.2, I created tank/9.0-RC3, associated datasets and then installed 9.0-RC3 to it. From there, I had to create a loader.conf and rc.conf, copy the zpool.cache to the dataset, change the bootfs ('zpool set bootfs=tank/9.0 tank'), change the zfs mountpoints and reboot. After I rebooted, I was able to upgrade the zpool to v28. While this was done from a minimal clean install, it *should* work from a system that is using the user-land (as long as the daemons are stopped). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
ZFS upgrade path
Hello all, I currently have a FreeBSD server colocated and it isn't always physically accessible. I was trying to develop an upgrade path for my server, in hopes to mainly save a trip to the colo center. There are four disks, all in a single storage pool - tank. Here is the naming convention I planned on following after 9.0 is released: tank/9.0 tank/9.0/usr tank/9.0/var tank/9.0/tmp and so on This way, in theory at least, when 9.1 (or 10.0) is released, I can simply create tank/9.1 and the associated data sets, make my changes to /etc and /boot, change the zfs bootfs, reboot, and finally upgrade the ZFS pools. Is this feasible to do, or are there any caveats/gotchas I'm overlooking? Thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: BIND 9.8.1-P1 with OpenSSL 1.0.0 issues..
On Wed, November 23, 2011 08:18, Matthew Seaman wrote: I've been using the attached patch with the dns/bind98 port and openssl-1.0.x from ports for months. This disables using the GOST cipher plugins -- which is no big deal as far as I'm concerned. GOST ciphers are only supplied as plugin modules unlike all other ciphers in openssl, which is a new thing with version 1.0.0 in ports. It's that libgost.so plugin shlib not playing well with chroot that apparently causes named to crash. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW You, sir, are correct about the chroot. Bind 9.8.1 and OpenSSL 1.0.0 don't play nicely in a chroot environment. This also isn't limited to FreeBSD, as I experienced the problem on Solaris 10. James ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Serial console with incorrect terminal set
Hi All, I have two servers currently colocated, one running FreeBSD 8.2/amd64 , and the other is a Sun Netra T1 that I am attempting to install FreeBSD 8.2 on, over serial. When the system booted up, I was presented with a list of console options and I chose the first option, I believe to be ANSI (I have a knack for never picking the right one). The keyboard mapping was a bit screwed up, but somehow I managed to get to the Fixit shell. In order to test that I had my secondary NIC setup correctly, I just ran 'ping 10.0.0.2' and now it wont stop. If I hit 'Ctrl+C', it keeps going. I tried 'Ctrl+Z' in order to attempt to suspend it so I can kill the process, but that brings up the 'Abort, Restart, Continue' screen, but it gets interrupted by ping. I tried sending a break command using '~#', but I can't get to the OpenFirmware to restart in attempt to pick the correct terminal settings. IIRC, the break is not supported without a kernel that supports it. It could be easier to call my ISP and have someone power down the machine for me, as the Netra has LOM. In a worse case scenario, I can swing by and do it myself after work. My question is, is there another way to either 1) Stop ping or 2) Get to the openfirmware console? Thanks, James ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Serial console with incorrect terminal set
On Wed, November 16, 2011 14:52, J65nko wrote: You can stop ping with : $ pkill -TERM ping From the ping man page: -c count Stop after sending (and receiving) count ECHO_RESPONSE packets. If this option is not specified, ping will operate until inter- rupted. So with something like ping -c4 10.0.0.2 , it would stop after 4 pings. Good luck ;) Adriaan Hello Adriaan, Thanks for the response, but unfortunately, that's not really what I was looking for, as it was not feasible - I was unable to open another terminal in order to kill the ping process. I probably should have elaborated more, but I was running this from a fixit live cd, but do you know if it is possible to open more than one terminal over serial? I ended up having it powered off earlier today, and when I powered it back on, I made sure to have the correct console keyboard layout, and CTRL + C was working correctly. Thanks, James ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Can't log in as toor since package update
On 9/9/2011 8:52 AM, Paul Keusemann wrote: I use the toor login on my FreeBSD systems to log in with the korn shell. Since August 22, When I try to log in as toor or even when I try to su - toor, I get logged in as root. For example: ushers# ssh -l toor woodstock Password: Last login: Fri Sep 9 06:30:23 2011 from 172.16.175.216 Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 8.2-RELEASE-p1 (WOODSTOCK) #1: Mon Jul 11 09:05:07 CDT 2011 woodstock# who am i root 0Sep 9 07:46 woodstock# su - toor woodstock# who am i root 0Sep 9 07:47 Unfortunately, I haven't tried to log in since a package update I did around August 22, so I didn't notice this problem until now. Does anybody have any idea what might be causing this? That seems to be the normal behavior, because toor has the id of root. I'm running 8.2-RELEASE, and that seems to be normal behavior. On one of my systems: [root@mail01]~# who am i root 1Sep 9 09:26 [root@mail01]~# su - toor [toor@mail01]~# who am i root 1Sep 9 09:26 [toor@mail01]~# ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org