changing umask in ssh
I want to be able to set some users' umask to 002 after they login via ssh. Do I have to enable UseLogin to do this from login.conf? or is there another method? The purpose for this is that I want to implement group-based write privs without having to do ACLs which would be overkill for this. So that all files created by these users (who are in the same group) would have initial permissions set to 664 so that other members of the group can write to these files. -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology Yale University School of Medicine SenseLab | Research Assistant http://cowbert.2y.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: PPP routing failure [fixed]
Yes it was a sleep issue (and not the sleep(2) kind haha). *facepalm* Apparently the POP uses a 2 stage authentication process. First, you use unix/slip style authentication after which the POP then initiates CHAP. I had specified the inccorect password for CHAP but after the initial autentication the POP still assigned me an IP; albeit one that didn't talk to anything but the next hop and its nameserver. it's all good now! On Fri, Mar 18, 2005 at 09:38:47AM -0500, [EMAIL PROTECTED] wrote: > > Check out the install guide at > http://www.unixguide.net/freebsd/fbsd_installguide/index.php > it has the best step by step instructions for using userppp. > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Peter C. > Lai > Sent: Thursday, March 17, 2005 8:37 PM > To: freebsd-questions@freebsd.org; freebsd-net@freebsd.org; > freebsd-stable@freebsd.org > Subject: PPP routing failure > > > Hi everyone - > I'm experiencing some funky routing failures when I dialup netscape > internet > via user-level PPP: > I can negotiate IPCP fine; get a point-to-point link via tun0: > myaddr: 172.143.224.146; hisaddr: 63.152.0.70 > When the default route is setup to 63.152.0.70, all of my packets > are > blackholed after the first router hop. I am not using NAT. > The PPP link works perfectly fine in windows dialup networking. So I > dunno > what is wrong. When I look at the routing table in windows, it seems > backwards: > > DEST NM GW IF > default 0 myaddr ppp > hisaddr 0x myaddr ppp > localhost 0xff00 localhost localhost > myaddr0x localhost localhost > myaddr.255.255* 0x myaddr ppp > multicast multicast myaddr ppp > > *this is the first 2 dotted quads of myaddr appended with 255.255 > > If I try to manually set these routes in 5.3-R, I still can't get > out :( > Setting ADD DEFAULT MYADDR doesn't work, because ppp will still > think MYADDR > is 0.0.0.0. Either I need sleep or something is funky here... > > -- > Peter C. Lai > University of Connecticut > Dept. of Molecular and Cell Biology > Yale University School of Medicine > SenseLab | Research Assistant > http://cowbert.2y.net/ > > ___________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" > -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology Yale University School of Medicine SenseLab | Research Assistant http://cowbert.2y.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
PPP routing failure
Hi everyone - I'm experiencing some funky routing failures when I dialup netscape internet via user-level PPP: I can negotiate IPCP fine; get a point-to-point link via tun0: myaddr: 172.143.224.146; hisaddr: 63.152.0.70 When the default route is setup to 63.152.0.70, all of my packets are blackholed after the first router hop. I am not using NAT. The PPP link works perfectly fine in windows dialup networking. So I dunno what is wrong. When I look at the routing table in windows, it seems backwards: DESTNM GW IF default 0 myaddr ppp hisaddr 0x myaddr ppp localhost 0xff00 localhost localhost myaddr 0x localhost localhost myaddr.255.255* 0x myaddr ppp multicast multicast myaddr ppp *this is the first 2 dotted quads of myaddr appended with 255.255 If I try to manually set these routes in 5.3-R, I still can't get out :( Setting ADD DEFAULT MYADDR doesn't work, because ppp will still think MYADDR is 0.0.0.0. Either I need sleep or something is funky here... -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology Yale University School of Medicine SenseLab | Research Assistant http://cowbert.2y.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: building KLDs in RELENG_4
On Thu, Feb 24, 2005 at 09:59:01AM -0600, Scot Hetzel wrote: > On Thu, 24 Feb 2005 09:56:22 -0500, Peter C. Lai <[EMAIL PROTECTED]> wrote: > > Is there a way to build kernel modules by themselves without having to > > build the entire kernel? I am adding umass support to a 4.x machine but > > I don't want to build the entire kernel. I already have scbus, but I need > > da and of course, umass. > > > > Yes you can build modules seperately from a kernel build > > cd /usr/src/sys/modules/umass > make obj > make > make install > > Scot ok. what about da? i don't have that in my kernel, even though i have scbus. I think i'm just going to recompile the entire kernel anyway; I was just trying to not have to back-cvs /usr/src to patch the current one I have installed. (the more basic problem is i really should be keeping multiple versions of /usr/src around for different versions on different machines, but that is a separate problem). -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology Yale University School of Medicine SenseLab | Research Assistant http://cowbert.2y.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: PPP providors (partial success!)
I signed up for netscape, becauase hey, it's 1 month free trial anyway. So technically, I'm an AOL luser now *hangs head in shame* :-/ (after logging into the POP, you end up on AOL). The good thing is, I can use the vanilla windows DUN with MS CHAP authentication, so after I get freebsd setup, I'm gonna try configuring ppp. Currently POP login name obfuscation is: "[EMAIL PROTECTED]" where username is the one you are given when you setup the account (typically nsJohnDoe). The password is not obfuscated. On Tue, Feb 22, 2005 at 05:47:41AM -0500, Mike Hauber wrote: > On Monday 21 February 2005 04:28 pm, Peter C. Lai wrote: > > I need a temporary 56K providor until I get broadband installed > > at a new location. Do any of the commercially advertised ones > > (netscape, netzero, peoplepc, earthlink) support using regular > > PPP, or am I forced to use their dialer in win32? This is > > obviously important in determining if such a providor can be > > used in freebsd. > > TIA > > pete > > A few months ago, I had my Father set up on Earthlink. I've heard > tell (rumor probably) that they plan on switching to something > like a software setup like aol. I've tried netzero and peoplepc, > and couldn't get anywhere with them. I don't know about > netscape. Your best bet _may_ be to go through a local dialup > service (if you can find one, these days). > > Oh yeah... I don't know if AT&T is an option where you are, but > they are straight forward and don't require any junk software for > connection. > > HTH > > Mike -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology Yale University School of Medicine SenseLab | Research Assistant http://cowbert.2y.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
building KLDs in RELENG_4
Is there a way to build kernel modules by themselves without having to build the entire kernel? I am adding umass support to a 4.x machine but I don't want to build the entire kernel. I already have scbus, but I need da and of course, umass. TIA, pete -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology Yale University School of Medicine SenseLab | Research Assistant http://cowbert.2y.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
PPP providors
I need a temporary 56K providor until I get broadband installed at a new location. Do any of the commercially advertised ones (netscape, netzero, peoplepc, earthlink) support using regular PPP, or am I forced to use their dialer in win32? This is obviously important in determining if such a providor can be used in freebsd. TIA pete -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology Yale University School of Medicine SenseLab | Research Assistant http://cowbert.2y.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: vinum vs. DPT smartcacheIV raid
On Thu, Feb 17, 2005 at 09:44:51AM +1030, Greg 'groggy' Lehey wrote: > Recall that there are no real hardware RAID controllers on the > market. The difference is whether you have a special processor on the > controller card or not. To determine which is faster, you need to > compare the hardware on the card and the hardware in the system. If I understand the DPT manual correctly: My cards have a motorola 68000-based cpu. The "faster" smartraid cards have motorola 68020-based cpus as well as much larger cache. My card has a max transaction rate of 20MHz. It sends 2bytes down the wire per clockcycle (SCSI DDR? LOL) so it has a max througput of 40Mbps. -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology Yale University School of Medicine SenseLab | Research Assistant http://cowbert.2y.net/ smime.p7s Description: S/MIME cryptographic signature
Re: vinum vs. DPT smartcacheIV raid
On Wed, Feb 16, 2005 at 09:58:17AM -0500, Ean Kingston wrote: > > > I have a box with DPT PM2044 SmartCacheIV UW-SCSI PCI cards which can do > > RAID-5 in hardware, but I'd have to use the DOS volume manager to set up > > the array. I have heard reports that vinum woudl be faster than using the > > native card. Is this true? > > Doubtful, though I have heard that there are some rare special > circumstances where software raid can be faster. Given your hardware, you > will probably not experience those conditions. The reason I asked is because http://www.shub-internet.org/brad/FreeBSD/vinum.html suggests vinum can be marginally better than the hardware raid on the smartraid range of cards (which have an even faster processor onboard than the smartcache range). The CPU platform is more or less comparable. Then again it is with old Fbsd, so I don't know how accurate that is. > > > Should I not bother with doing the hardware > > raid > > and just go with vinum? > > Use the hardware RAID, especially if you are going to use a simple RAID > configuration (like one big RAID-5 virtual disk). Just make sure you have > some way of figuring out if one of the disks goes bad. Worst case you > could boot off a DOS floppy once in a while to make sure all the disks are > still good. > > > The rest of the system is a k6-2 400mhz with 256mb ram (amount might > > change). > > I will also have moderate network i/o on the pci bus (obviously). > > -- > Ean Kingston > > E-Mail: ean_AT_hedron_DOT_org > URL: http://www.hedron.org/ > -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology Yale University School of Medicine SenseLab | Research Assistant http://cowbert.2y.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
vinum vs. DPT smartcacheIV raid
I have a box with DPT PM2044 SmartCacheIV UW-SCSI PCI cards which can do RAID-5 in hardware, but I'd have to use the DOS volume manager to set up the array. I have heard reports that vinum woudl be faster than using the native card. Is this true? Should I not bother with doing the hardware raid and just go with vinum? The rest of the system is a k6-2 400mhz with 256mb ram (amount might change). I will also have moderate network i/o on the pci bus (obviously). TIA, cowbert -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology Yale University School of Medicine SenseLab | Research Assistant http://cowbert.2y.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Is my Apache server running as the root user or not?
This isn't on-topic for the list, but I'll answer it anyway. The Apache parent runs as root so that it can attach to port 80. After a packet reaches port 80, Apache will hand it off to a child process running as www. The parent process also does other housekeeping duties as you would expect from any other parent process. On Sat, Dec 04, 2004 at 07:24:27AM +0100, Jesper Wallin wrote: > Heya.. > > By reading my /usr/local/etc/apache2/httpd.conf, I can find out that my > Apache is > running as the user "www" and the group "www" .. Yet, when I run sockstat, it > tells me > one of the forks are runned as root and listening on port 80 as well as the > other forks > are runned by www:www.. If I got a lot of users connecting to my server on > port 80, will > thier requests ever be answered by the root fork or the www:www forks? > > --- snip --- > [EMAIL PROTECTED]:~]# sockstat -l4p80 > USER COMMANDPID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS www > httpd > 18149 3 tcp4 *:80 *:* > www httpd 18148 3 tcp4 *:80 *:* > www httpd 18147 3 tcp4 *:80 *:* > www httpd 14055 3 tcp4 *:80 *:* > www httpd 14054 3 tcp4 *:80 *:* > www httpd 14053 3 tcp4 *:80 *:* > www httpd 14052 3 tcp4 *:80 *:* > www httpd 14051 3 tcp4 *:80 *:* > root httpd 14050 3 tcp4 *:80 *:* > [EMAIL PROTECTED]:~]# > --- snip --- > > > Best regards, > Jesper Wallin > > > ___ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology Yale University School of Medicine SenseLab | Research Assistant http://cowbert.2y.net/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
lpt0 blocking i/o causes ghostscript to hang system
Hi. I have this peculiar issue with printing to lpt0 with ghostscript-gnu 7.05. I'm running stock lpd(1) with a handwritten input filter. If I am printing a huge file (such that the printer can't buffer all of the document at once and I am spooling to the printer as the printer is printing), and the printer starts blocking i/o (due to paper jam/paper out/etc), the ghostscript hangs the system until I unblock the parport (by remedying the condition, or hitting the "retry" button on the printer). It appears that ghostscript attempting to pipe its output trips interupts to the point that all of the cpu is taken up and the system will stop responding until the printer unblocks lpt0. My input filter is: #!/bin/sh exec 3>&1 1>&2 GS=/usr/local/bin/gs GS_FONTPATH=/usr/local/share/ghostscript/fonts:\ /usr/local/share/ghostscript/7.05/lib export GS GS_FONTPATH $GS -q -dNOPAUSE -dSAFER -sDEVICE=ljet4 -sOutputFile=/dev/fd/3 - && exit 0 exit 2 Now, if I don't use gs, and just use cat(1) as my passthrough filter like this: #!/bin/sh exec 3>&1 1>&2 /bin/cat 1>&3 && exit 0 exit 2 When i/o on lpt0 is blocking in this case, cat(1) will quietly sit there until such time that lpt0 can be written to again. I believe this is because cat(1) buffers its output. Right now my solution is to have ghostscript's -sOutputFile=\|"/usr/bin/lpr -h \ -Pbuffer" where a printcap(5) entry for the "buffer" printer's device is lpt0 and has an input filter that uses cat(1) (just like above). Here, gs will output the processed job to a "buffer" spool before any i/o is outbound to lpt0. Any of you run into this problem at all? It was seriously bugging me until I devised the 2 spooler system above, which adds stability to the system but feels too hackish for me. Whereas my print server is no longer hanging because someone is too lazy to put paper in it, the solution breaks my in-house web based job control system. The main culprit is gs not buffering its output; but lpd could also use a hand in "printer not-ready" detection. -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology Yale University School of Medicine SenseLab | Research Assistant http://cowbert.2y.net/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: tunneling ftp through ipfw
On Tue, Jul 16, 2002 at 09:35:55PM +0200, Roelof Osinga wrote: > Peter C. Lai wrote: > > > > ... > > I can set up the outgoing tunnel fine. > > I can do 'ftp localhost' on the client and log in fine. I cannot > > establish a data connection though. > > Furthermore, I have tried this with stunnel and it also doesn't work. > > How would I do this? I have to use FTP because the ftp is being done > > by some oldish win32 program that doesn't do sftp etc. > > From within FTP: > > ftp> help passive > passive enter passive transfer mode I did this. the connection hangs. with debug mode on, i get EPSV Entering Extended Passive Mode [|49175] or something. I spent hours trying to get it to work, but no luck. I instead made my program use samba to transfer files. Thanks anyway > > That should do the trick. > > Roelof > > -- > ___ > eBOA. est. 1982 > http://eBOA.com/ tel. +31-58-2123014 > mailto:[EMAIL PROTECTED]?subject=Information_requestfax. +31-58-2160293 > -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology | Undergraduate Research Assistant Yale University School of Medicine Center for Medical Informatics | Research Assistant http://cowbert.2y.net/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
tunneling ftp through ipfw
I need to be able to tunnel ftp through a nat gateway to my freebsd server. The topology looks like this: client > win2k ICS > freebsd ftp box (192.168.0.2) (192.168.0.1 | External IP) (External IP2) I can ftp normally since the win2k gateway is quite forgiving. However, I want to avoid using plaintext authentication to the freebsd box, so I want to use SSH to tunnel the ftp-control channel. I can set up the outgoing tunnel fine. I can do 'ftp localhost' on the client and log in fine. I cannot establish a data connection though. Furthermore, I have tried this with stunnel and it also doesn't work. How would I do this? I have to use FTP because the ftp is being done by some oldish win32 program that doesn't do sftp etc. thanks pete -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology | Undergraduate Research Assistant Yale University School of Medicine Center for Medical Informatics | Research Assistant http://cowbert.2y.net/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message