Problems with a shared library (I think)
Hi Since I made at buildworld that failed my computer has been quite weird. There was a problem with ld-elf.so.1 which I solved by copying another version of the file from the live filesystem freebsd cd. But after this my compiler refused to compile any C++ program. Eventually I builded another world which was installed without any errors. I figured this would solve my previous problems and it did to some extend. But when I tried to upgrade KDE things went wrong. kdebase wouldn't compile and all of sudden kedinit stopped working saying it could not fint libtq-mt.so.3 Though the file exists in /usr/X11R6/lib/. I decided to try and recompile the whole XFree86 server but that did not solve the problem. At the moment kde refuses to compile showing the error error: Qt (= 3.2) (library qt-mt) not found. When I try to compile /usr/ports/x11-toolkits/qt33 I get this error: /usr/libexec/ld-elf.so.1: /usr/lib/libstdc++.so.3: Undefined symbol 'mbsrtowcs' These errors and the ones that made the system fail to begin with makes me believe there are some kind of commonly used library missing in my system. It frustrates me that buildworld didn't solve this since I can't figure out any other sollution. Unfortunately this machine is the one I'm using as a workstation contating all my e-mails and other stuff that I can't live without. I'm afraid the contenc on the disk will be overwritten if I reinstall FreeBSD from scratc. I really hope someone knows how to help since this is the computer I use every day. Please send your reply cc to me since I'm not subscribed to the list. Thank you. - Mikkel ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Suexec with Apache 1.3.29
On Monday 03 May 2004 08:26, Mikkel Christensen wrote: On Friday 30 April 2004 07:58, Mikkel Christensen wrote: On Thursday 29 April 2004 19:54, Mikkel Christensen wrote: On Thursday 29 April 2004 18:20, Marty Landman wrote: At 01:13 PM 4/29/2004, Mikkel Christensen wrote: On Thursday 29 April 2004 14:22, Marty Landman wrote: Hmm may there is a way to get what I want. If apache's user is add'ed to all the groups that the users are member of this would work. Eg. user1 is member of the group user1. So is the www-user. Now setting permissions 644 would give access to everyone. Setting permissions 640 would deny all other users on the server access to the files. Setting permissions 600 would completely deny everyone from reading the files. This is what I wanted from the beginning. Setting www as group owner of the files would be a lot easier in my oppinion than adding the www-user so every user's group. But it will do. Now I'm happy:-) Hmm not that happy after all. The concept of making the apache user member of many groupt works fine to begin with. But when the number of memberships apache has exceeds a certain number it refuses to start. The number of memberships is not specific but lies around 15-25. Lines like theese are written multiple times (usually about 10 times) to the apache error log: [Mon May 3 10:13:29 2004] [alert] (22)Invalid argument: initgroups: unable to set groups for User www and Group 80 Then these lines follows: [Mon May 3 10:13:29 2004] [notice] Apache/1.3.29 (Unix) PHP/4.3.4 configured -- resuming normal operations [Mon May 3 10:13:29 2004] [notice] suEXEC mechanism enabled (wrapper: /usr/local/sbin/suexec) [Mon May 3 10:13:29 2004] [notice] Accept mutex: flock (Default: flock) [Mon May 3 10:13:29 2004] [alert] Child 51086 returned a Fatal error... Apache is exiting! My test setup is FreeBSD 5.2.1 and Apache 1.3.29 with suexec. I guess this might be an issue for an Apache mailinglist unless initgroups is part of the FreeBSD system. Does anyone know this? I didn't find a sollution to that specific problem, but I did found a workaround. Instead all users joins the user nobody's group. Afterwards nobody joing www's group. www now has access to all users files through nobody if the group flag allows it. And because Apache doesn't have to initialize many users upon start it doesn't shutdown. Actually this is kind of cheating in my oppinion but it works great!:) I just wanted to let averybody know in case of somebody is having the same trouble as I did. My tanks to anyone who participated in this thread:-) - Mikkel ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Patching ports
Hi How do I add a patch to a certain port? Usually I would use the patch program to add the patch to the source code. But when using ports the system begins compiling right after rewtrieving the source. Thus not giving me a change to apply the patch. I've seen a folder named files in which patches part of the port seem to be located. But just adding the patchfile here apperently wont do much good. I've tried using the PATCHFILES variable in the Makefile but then the system complains the my patchfile does not have a matching MD5 hash. Does anyone know how to handle this issue? - Mikkel ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Patching ports
On Wednesday 05 May 2004 12:29, Matthew Seaman wrote: On Wed, May 05, 2004 at 12:11:22PM +, Mikkel Christensen wrote: How do I add a patch to a certain port? Usually I would use the patch program to add the patch to the source code. But when using ports the system begins compiling right after rewtrieving the source. Thus not giving me a change to apply the patch. I've seen a folder named files in which patches part of the port seem to be located. But just adding the patchfile here apperently wont do much good. I've tried using the PATCHFILES variable in the Makefile but then the system complains the my patchfile does not have a matching MD5 hash. Does anyone know how to handle this issue? When building a port you can type: # make extract which will download any sources, check the size and checksums, unpack the sources into the work directory and apply any patches that come with the port. And then stop. At this point you can make whatever modifications you wish to yourself, and then finish off the build by # make So long as your patch doesn't add or delete files from the expected packing list then just doing a: # make install will work. It is also possible to put your patch file into the port's files directory and have it automatically applied, but you need to take care to account for the order that patch files get applied. Thank you both for a quick and explaning reply. The last par of your answer brings up a short question though. Will patch-files automatically be run if they are placed in the files folder? It did not seem that way when I tried but I might have done something wrong:) - Mikkel ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Suexec with Apache 1.3.29
On Friday 30 April 2004 07:58, Mikkel Christensen wrote: On Thursday 29 April 2004 19:54, Mikkel Christensen wrote: On Thursday 29 April 2004 18:20, Marty Landman wrote: At 01:13 PM 4/29/2004, Mikkel Christensen wrote: On Thursday 29 April 2004 14:22, Marty Landman wrote: That said, the constraint that you point out is imposed by suexec is that the id owning that file must also own all the applications that have any access to that file. Unless you deem fit to make the file world readable, writeable, or executable. Technically if no other other users tha www itself is member of the www group I find the more sophisticated way of setting permissions you gain would be more important. It is my believe that suexec by being too paranoid removes some great configuration options. Some options that I would personally prefer. But of course this is my oppinion and i'll bet the people who maintain suexec disagree:) Hmm may there is a way to get what I want. If apache's user is add'ed to all the groups that the users are member of this would work. Eg. user1 is member of the group user1. So is the www-user. Now setting permissions 644 would give access to everyone. Setting permissions 640 would deny all other users on the server access to the files. Setting permissions 600 would completely deny everyone from reading the files. This is what I wanted from the beginning. Setting www as group owner of the files would be a lot easier in my oppinion than adding the www-user so every user's group. But it will do. Now I'm happy:-) Hmm not that happy after all. The concept of making the apache user member of many groupt works fine to begin with. But when the number of memberships apache has exceeds a certain number it refuses to start. The number of memberships is not specific but lies around 15-25. Lines like theese are written multiple times (usually about 10 times) to the apache error log: [Mon May 3 10:13:29 2004] [alert] (22)Invalid argument: initgroups: unable to set groups for User www and Group 80 Then these lines follows: [Mon May 3 10:13:29 2004] [notice] Apache/1.3.29 (Unix) PHP/4.3.4 configured -- resuming normal operations [Mon May 3 10:13:29 2004] [notice] suEXEC mechanism enabled (wrapper: /usr/local/sbin/suexec) [Mon May 3 10:13:29 2004] [notice] Accept mutex: flock (Default: flock) [Mon May 3 10:13:29 2004] [alert] Child 51086 returned a Fatal error... Apache is exiting! My test setup is FreeBSD 5.2.1 and Apache 1.3.29 with suexec. I guess this might be an issue for an Apache mailinglist unless initgroups is part of the FreeBSD system. Does anyone know this? - Mikkel ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Suexec with Apache 1.3.29
On Monday 03 May 2004 16:42, Marty Landman wrote: At 01:37 AM 5/3/2004, Joe Rhett wrote: On Thu, Apr 29, 2004 at 02:20:14PM -0400, Marty Landman wrote: On the side, this makes me wonder what the philosophy is on Windows servers where the whole permissions concept is nonexistent afaik. Because suexec isn't really possible in that environment, so they have no options at all. Maybe this is a foolish question, but how can reasonable security on a server running Windows/Apache be achieved? If the answer is what I fear, do you think that the 'native' MS server, IIS can be configured more securely than Apache? There are other tools than suexec under IIS. I'm no fan of windows, but really it isn't completely fucked up. Looking at it in another way, is it possible to have a secure, network accessible server of any type w/o the Unix style permissions concept in place? I can't tell exacely how it works but is is possible to configure IIS securely. Being able to break security because of poorly programmed software is different part of the story. The system does have permissions otherwise it would be quite useless. And IMO the permissions on windows are not that different from unix. Maybe a bit more complicated because everything is running through GUI but it's there. - Mikkel ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]