Re: General questions regarding FreeBSD 10
On Sep 27, 2013, at 10:47 AM, Nikolas Britton wrote: General questions regarding FreeBSD 10: 1. Did virtualization containers (VPS) make it into FreeBSD 10? The documentation I’ve read implies that you can have nested containers, with little to no performance penalty, is this correct? How is networking handled inside these containers? I don't think they made it into 10. I think they are still in the projects/ tree... Last 2 posts on the topic that I've seen (Sep. 23, 2013): http://lists.freebsd.org/pipermail/freebsd-hackers/2013-September/043429.html http://lists.freebsd.org/pipermail/freebsd-hackers/2013-September/043442.html 2. I'm assuming jails still exist in FreeBSD (I haven’t used BSD in a long time), how do they relate, or fit in, with VPS and Bhyve offerings? Yes. Changed slightly -- you configure jails in /etc/jail.conf now. Jails are enhanced by VPS and Bhyve offerings (which, the best of my knowledge, require jails). [skipping questions I can't answer] 6. How stable is FreeBSD's ZFS implementation, relative to Solaris? What zpool version is in FreeBSD 10? Is LZ4 the default compression mode? At $work we're actively deploying ZFS into production. It's very stable from our testing over several years. Mileage seems to depend on configuration complexity, but overall is extremely stable. The default zpool version is 28, but if you do a zpool upgrade ... you'll then jump to the new 5000 version introduces zfs feature flags. 8. Has ports management gotten any better, specifically upgrading ports? Can applications be self contained, like on the Mac, yet? Any work on rollback with ZFS? For better ports management, you could look into poudriere. There's a tutorial on bsdnow.tv The idea is that you'll use poudriere to intelligently manage the ports you want to roll binary packages. Then on 10 with the new `pkg' framework (formerly known as PkgNg) those binary packages are intelligently applied. As for self-contained packages... I believe you want what is known as PBIs. However, I think only PC-BSD offers PBIs -- I don't think they are offered in FreeBSD 10 by default (maybe there's a way though). I assume what you mean by rollback with ZFS is... boot loader integration with BEs so you can boot to a previous snapshot. Look for that in 10.1. 9. I recall device support being a large hurtle for me in the past. How far behind is driver development relative to Linux, for server equipment? Has there been any community interest in porting FreeBSD (world) to Linux (kernel)? Driver support is improving. There's AMD KMS and many more new drivers. Knowing what kind of hardware you use would help answer the question better. We've been very happy with LSI MegaRAID/SAS support, Broadcom 10G iSCSI support, QLogic 8G FC support, and many many more. As for FreeBSD-world with Linux-kernel... that sounds like the exact opposite of the Debian kFreeBSD project (FreeBSD-kernel, Linux-world). I don't suppose there's much demand in that. People that want such a thing seem to be quite happy with ArchLinux -- which uses a BSD-style init framework. There's also ArchBSD and ArchHurd. 10. How is the Java ecosystem on FreeBSD? Well, daiblo-jdk is dead, long live OpenJDK? Seems to be the motions around here at $work. I haven’t used FreeBSD in ages. However, VPS, with ZFS, has me really excited; Even more exciting, throw in VIMAGE, Geom Multipath, NETGRAPH, and sysutils/zxfer. The possibilities are limitless as you bolt on more-and-more ^_^ I don’t enjoy Solaris, and Enterprise Linux is still stuck in 2009, with kernel 2.6.32. I can’t find any modern linux distributions that are as reliable as I remember FreeBSD was. It’s really sad. Thanks! Come on back to FreeBSD. ;) you're always welcome! We won't discuss why you left in the first place ;) -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: memory stick
(sorry for top post) Heh, looks like the Alton Brown style of debugging ;D (for anyone that follows his twitter feed) -- Devin On Aug 8, 2013, at 7:34 AM, william benton wrote: I am trying to mount a memory stick at the command line. I seem to be able to mount and unmount it but i can't copy files into the stick. please see the attached image for the commands I used and the results. If you have any suggestions on what the problem might be I would sure like to know what you think. I logged in as root on free BSD version 7.0 release 0.0. 20130808091209582.pdf___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: .sh script code to determine IPv4 or IPv6
On Aug 6, 2013, at 9:20 AM, markham breitbach wrote: On 13-08-03 8:04 AM, Teske, Devin wrote: Actually, there's /usr/share/bsdconfig/media/tcpip.subr I don't seem to have that (FreeBSD 8.3-RELEASE). Where would I get that from? It's in up-coming 9.2-R (and present 9.2-* snapshots leading up to 9.2-R). You can snatch a copy of the code by installing sysutils/bsdconfig from the ports tree. However, the port is marked (correctly-so) as requiring FreeBSD 9.0 or higher. But don't let that stop you... the only reason it's marked as requiring 9.0 is because 9.0 brings in a new dialog(1) implementation. However, if you're interested in the TCP validation code... that will work on any release. It's only the dialog(1) stuff that won't work on 8.x or older. Luckily, it'll be pretty easy to avoid the land-mines. All functions starting with f_dialog_* should be avoided on 8.x or older. So here's the latest package to download (in case you're unsuccessful in getting the port to behave -- afterall, it may just balk at you for not running 9.x): fetch http://druidbsd.sourceforge.net/download/bsdconfig/bsdconfig-0.9.0.tbz That's a FreeBSD package. You can download it and say (as root): pkg_add bsdconfig-0.9.0.tbz Just be forewarned (again), on 8.x or older, executing bsdconfig will have widely unexpected results (it won't eat your homework, but it may or may not actually *run*). However, doing the above 2-step (fetch pkg_add) will bring in the files you're looking for and give you the functionality you're wanting on 8.x. -- Devin P.S. I really *can't* make the dialog(1) stuff backward compatible with 8.x's (or any older's) version of dialog(1). The new `cdialog' variant that was brought into 9.x to replace the aging dialog(1)/libdialog pair is has a *lot* of functionality that I depend on. It could potentially take months to make bsdconfig *fully* backward compatible with 8.x. For now, it's safe if you just use the libraries and avoid any/all functions beginning with f_dialog_. _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: .sh script code to determine IPv4 or IPv6
On Aug 6, 2013, at 9:43 AM, Polytropon wrote: On Tue, 06 Aug 2013 10:20:05 -0600, markham breitbach wrote: On 13-08-03 8:04 AM, Teske, Devin wrote: Actually, there's /usr/share/bsdconfig/media/tcpip.subr I don't seem to have that (FreeBSD 8.3-RELEASE). Where would I get that from? Maybe from sysutils/bsdconfig in the ports collection? I have not checked if this specific subroutine file is part of the port... Ah, Polytropon beat me ;D And yes... to clarify... the port is a mirror of what's in 9.x base. (however, see my recent notes in a separate reply; TL;DR: port is 9.x only; proceed only if you know you don't care about the dialog(1) aspects of the library code). -- Devin -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: .sh script code to determine IPv4 or IPv6
On Aug 6, 2013, at 10:39 AM, Polytropon wrote: On Tue, 6 Aug 2013 16:50:37 +, Teske, Devin wrote: And yes... to clarify... the port is a mirror of what's in 9.x base. (however, see my recent notes in a separate reply; TL;DR: port is 9.x only; proceed only if you know you don't care about the dialog(1) aspects of the library code). I think it should be relatively unproblematic to fetch the port and only use the subroutines as is, even if it's just for educational purposes. :-) Right. Just a warning though, what is fetched in ports is actually in the format of what's in HEAD (read: not in the format of what gets installed). For example, there are things that end up in /usr/share/bsdconfig that aren't in the bsdconfig/share/ source directory (e.g., all the stuff under /usr/share/bsdconfig/networking is under the source directory bsdconfig/networking/share). This may be counter-intuitive from an exploratory view if looking at the source directory (what's fetched by ports). And since the port Makefile will prevent you from turning that fetch'ed source directory into an installed software (putting things where they end up), it might be easier to grab this pre-built package that I stashed... http://druidbsd.sf.net/download/bsdconfig/bsdconfig-0.9.0.tbz Because then you can say pkg_add and everything will be in the right place (/usr/share/bsdconfig/ will be flush with everything and you won't have to hunt-and-peck through the source with a maintainers view). -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Geli and crunchgen (/rescue)
On Aug 3, 2013, at 12:35 AM, Dewayne wrote: Unfortunately I have had the need on several occasions to recover systems that use geli encrypted disks. Unfortunately geli is not included in the crunchgen /rescue directory. Has anyone been successful in crunchgen'ing geli into /rescue? I've spent a few hours on this and think herding cats might be easier. I'll give it a go. I've got a fair amount of experience with crunchgen... Oh, wait... I already did it... (see below link): http://druidbsd.cvs.sf.net/viewvc/druidbsd/druidbsd/druid/dep/freebsd/patches/local_patches/release%3A%3Ai386%3A%3Aboot_crunch.conf.patch?revision=1.2view=markup There you go ;D (smiles) -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: .sh script code to determine IPv4 or IPv6
On Aug 3, 2013, at 4:30 AM, Fbsd8 wrote: I have a .sh script that I need to determine if the entered IP address is IPv4 or IPv6. Is there some .sh command that does this? In RELENG_9, soon to be released 9.2-R: === FILE: wis === #!/bin/sh DEVICE_SELF_SCAN_ALL= . /usr/share/bsdconfig/media/tcpip.subr if f_validate_ipaddr6 $1; then echo Hey, nice IPv6 addr, great job! elif f_validate_ipaddr $1; then echo Hey, nice IPv4 addr; smiles elif f_validate_hostname $1; then echo Hey, nice hostname else echo What on Earth wast, _that_?! exit 1 fi === END FILE === dte...@scribe9.vicor.com ~ $ ./wis ::1 Hey, nice IPv6 addr, great job! dte...@scribe9.vicor.com ~ $ ./wis 0::1 Hey, nice IPv6 addr, great job! dte...@scribe9.vicor.com ~ $ ./wis 0:::1 What on Earth wast, _that_?! dte...@scribe9.vicor.com ~ $ ./wis 1.2.3.4 Hey, nice IPv4 addr; smiles dte...@scribe9.vicor.com ~ $ ./wis 0.2.3.4 Hey, nice IPv4 addr; smiles dte...@scribe9.vicor.com ~ $ ./wis 256.2.3.4 Hey, nice hostname dte...@scribe9.vicor.com ~ $ ./wis foo.bar.com Hey, nice hostname dte...@scribe9.vicor.com ~ $ ./wis abc-123 Hey, nice hostname dte...@scribe9.vicor.com ~ $ ./wis abc_123 What on Earth wast, _that_?! -- Cheers, Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: .sh script code to determine IPv4 or IPv6
On Aug 3, 2013, at 5:04 AM, Robert Huff wrote: Fbsd8 writes: I have a .sh script that I need to determine if the entered IP address is IPv4 or IPv6. Is there some .sh command that does this? Not that I know of. But ... how hard can it be to figure out whether it uses '.' or ':'? Actually, there's /usr/share/bsdconfig/media/tcpip.subr Function family: f_validate_ipaddr6 $ipv6_addr # Should be complete; I digested multiple RFCs on IPv6 f_validate_ipaddr $ipv4_addr [$netmask] # optional netmask to validate IP is within doubly-valid f_validate_hostname $hostname # To RFC specifications 952 and 1123 But if you need to prompt the user to enter a value and then validate it, the above functions return meaningful exit status for determining what's wrong with their entry (why did it fail specification, for example). To help decode the exit status, the functions you want to use are: # In /usr/share/bsdconfig/networking/ipaddr.subr Function family: f_dialog_iperror $status $ipv4_addr f_dialog_ip6error $status $ipv6_addr As is implied with the _dialog_ in their name, they take the $? exit status from the previously mentioned f_validate_*() functions and display a dialog(1) error appropriate to what's wrong. For example, you might see: ERROR! One or more individual octets within the IPv4 address\n(separated by dots) contains one or more invalid characters.\nOctets must contain only the characters 0-9.\n\nInvalid IP Address: %s or ERROR! The IP address entered has either too few (less than 3), too\nmany (more than 8), or not enough segments, separated by colons.\n\nInvalid IPv6 Address: %s And then, in the same function family above (as the *ip[6]error()): f_dialog_vaildate_ipaddr $ipv4_addr f_dialog_validate_ipaddr6 $ipv6_addr These are like: f_validate_ipaddr $ipv4_addr f_validate_ipaddr6 $ipv6_addr Except as implied by the extra _dialog_ in their name, they will actually run f_validate_* and then f_dialog_ip[6]error() for you with the result. Finally, last, but not least... The process of actually *getting* the values has been simplified too. In the same family function (as f_dialog_ip[6]error and f_dialog_validate_ipaddr[6]()) is: f_dialog_input_ipaddr $interface $ipaddr # $interface is displayed in the prompt text # $ipaddr is used as default text in the input box If user doesn't press escape or select cancel, $ipaddr will hold the users entry. This function validates, displays errors, and is an all-around solution if you need to prompt the user to enter the info and only proceed if they enter a valid entry (the above function is IPv4 centric and supports CIDR notation). The IPv6 version of the latter (f_dialog_input_ipaddr6) does not yet exist. I'm getting there. For now, if you need to prompt for an entry that could be IPv6, use the generic f_dialog_input() routine and sanitize it with the aforementioned API. -- Cheers, Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Make Release
On Aug 1, 2013, at 9:14 AM, Sam Fourman Jr. wrote: one specific question I have, that I can't find in the handbook... To make a FreeBSD release, that is to build the install images... you build world, and kernel.. then go to /etc/src/release and type make release... after this, the release images show up in /usr/obj/usr/src/release What I WANT to know.. is what shell script or file can I edit, to modify the install image BEFORE its created... for example say I wanted to add a line to /etc/rc.conf on the memstick.img file that gets created I understand that there may be better ways to accomplish this, but editing /etc/rc.conf is ONLY a example, im trying to find a simple way to create a slightly modified install media for my own internal purposes... eg: ssh enabled and the ethernet card set to DHCP, so I can remote install... I am aware of mfsBSD, as well as DruidBSD, however i'm looking for something simple that I can script. any help or thoughts is appreciated I'm hoping that my very open development documentation on customizing the release(7) process for producing DruidBSD releases can help you out here. I've documented much of the internals of the release(7) process (albeit, relevant to the RELENG_8 release(7) Makefile; in RELENG_9 it's still relevant to /usr/src/release/Makefile.sysinstall ... but I gather that much of the knobs may still exist in HEAD). Have a read through this revision-controlled text file... http://druidbsd.cvs.sf.net/viewvc/druidbsd/druidbsd/druid/dep/freebsd/patches/README?revision=1.2view=markup ALSO NOTE: Yes, the file is dated... it talks about cvsup instead of svn. My hope is that the doco can be a good starting point (even if the data is a bit dated). In there, you'll find things like (relevant to RELENG_9): make -f Makefile.sysinstall release \ MAKE=/usr/bin/env CFLAGS=-DDRUID make \ CHROOTDIR=/usr/release EXTSRCDIR=/usr/src KERNELS_BASE= \ NODOC=YES NO_FLOPPIES=YES NOCDROM=YES NOPORTS=YES \ WORLD_FLAGS=-DWITHOUT_OPENSSL PATCH_FLAGS=-N \ LOCAL_PATCHES=/tmp/druid.patches \ LOCAL_SCRIPT=/tmp/local_script.sh | tee release.log Take special note of the LOCAL_SCRIPT= option. Maybe, just maybe, the bsdinstall-specific release(7) process supports LOCAL_SCRIPT too. If it doesn't... why not? -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Make Release
On Aug 1, 2013, at 9:56 AM, Amitabh Kant wrote: On Thu, Aug 1, 2013 at 10:13 PM, Teske, Devin devin.te...@fisglobal.com wrote: I'm hoping that my very open development documentation on customizing the release(7) process for producing DruidBSD releases can help you out here. I've documented much of the internals of the release(7) process (albeit, relevant to the RELENG_8 release(7) Makefile; in RELENG_9 it's still relevant to /usr/src/release/Makefile.sysinstall ... but I gather that much of the knobs may still exist in HEAD). Have a read through this revision-controlled text file... http://druidbsd.cvs.sf.net/viewvc/druidbsd/druidbsd/druid/dep/freebsd/patches/README?revision=1.2view=markup ALSO NOTE: Yes, the file is dated... it talks about cvsup instead of svn. My hope is that the doco can be a good starting point (even if the data is a bit dated). In there, you'll find things like (relevant to RELENG_9): make -f Makefile.sysinstall release \ MAKE=/usr/bin/env CFLAGS=-DDRUID make \ CHROOTDIR=/usr/release EXTSRCDIR=/usr/src KERNELS_BASE= \ NODOC=YES NO_FLOPPIES=YES NOCDROM=YES NOPORTS=YES \ WORLD_FLAGS=-DWITHOUT_OPENSSL PATCH_FLAGS=-N \ LOCAL_PATCHES=/tmp/druid.patches \ LOCAL_SCRIPT=/tmp/local_script.sh | tee release.log Take special note of the LOCAL_SCRIPT= option. Maybe, just maybe, the bsdinstall-specific release(7) process supports LOCAL_SCRIPT too. If it doesn't... why not? -- Devin Devin Do you have any idea if there have an changes to bsdinstall process (on scripting side) in the upcoming 9.2 ? Yes, the partedit portion of bsdinstall is scriptable in 9.2. Also, many bug fixes. Also, you can now create /etc/installerconf (no `dot' between installer and conf) and it will be picked up and run by bsdinstall. For your bsdinstall scripts, 2 new tools and a new framework to learn... Tools: bsdconfig(8) and sysrc(8) Framework: bsdconfig libraries (advanced scripting) If you're behind on your sysinstall(8) *(yes... sysinstall(8)) scripting abilities, then I suggest you brush up. * bsdconfig(8) is [mostly] backward compatible sysinstall(8) scripts So... in your bsdinstal installerconf, you can: # Example A # ( do bsdinstall stuff ) then... bsdconfig packages # Example B # ( do bsdinstall stuff ) then... sysrc sshd_enable=YES # Example C # ( do bsdinstall stuff ) then... . /usr/share/bsdconfig/script.subr || exit 1 for package in a-1.0 b-2.0 c-3.0; do packageAdd done Here's a full list of items that bsdconfig(8) supports which are documented in sysinstall(8) (to which all you need to do to access is to include /usr/share/bsdconfig/script.subr): loadConfig deviceRescan mediaOpen mediaClose mediaGetType mediaSetCDROM mediaSetDOS mediaSetDirectory mediaSetFloppy mediaSetNFS mediaSetUFS mediaSetUSB optionsEditor tcpMenuSelect mediaSetFTP mediaSetFTPActive mediaSetFTPPassive mediaSetFTPUserPass mediaSetHTTP mediaSetHTTPProxy configPCNFSD configPackages packageAdd packageDelete packageReinstall installVarDefaults dumpVariables But that's only the tip of the iceberg. To get a full idea of what you can do with shell-script ALONE, you have to see the bsdconfig includes, which are in /usr/share/bsdconfig (link to what's released into 9.2 below): http://svnweb.freebsd.org/base/stable/9/usr.sbin/bsdconfig/share/ For example, there is: common.subr -- stuff everybody should use (makes your code cleaner and gives you basic abilities missing in shell, like f_getvar -- partner to setvar) device.subr -- scan for known devices and create structures with device info and type. Also provide routines for quickly scanning the array of structures for pre-probed devices of a specific type. Also contains code for presenting a menu of devices (of given type) to the user to select, returning the user's selection for processing. dialog.subr -- a *monster* of a library (uber documented to boot). Allows clean abstraction of dialog to where either dialog(1) or Xdialog(1) is a simple proposition to interface to. mustberoot.subr -- if your shell script needs to be able to run as non-root but escalate to root as-needed, this provides a clean way to transition to where your users seemlessly elevate. script.subr -- a dummy include that includes all the other includes. strings.subr -- handy string manipulation routines (tuned both for convenience and performance). struct.subr -- hold information in structs (using shell!) sysrc.subr -- manage rc.conf(5)! variable.subr -- variable definitions (boring; unless you code on bsdconfig -- hey, think about writing a module sometime! I encourage it, it's fun!) Beyond that... ( ok that's enough for this e-mail ). -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies
Re: Make Release
On Aug 1, 2013, at 10:58 AM, Teske, Devin wrote: On Aug 1, 2013, at 9:56 AM, Amitabh Kant wrote: On Thu, Aug 1, 2013 at 10:13 PM, Teske, Devin devin.te...@fisglobal.com wrote: I'm hoping that my very open development documentation on customizing the release(7) process for producing DruidBSD releases can help you out here. I've documented much of the internals of the release(7) process (albeit, relevant to the RELENG_8 release(7) Makefile; in RELENG_9 it's still relevant to /usr/src/release/Makefile.sysinstall ... but I gather that much of the knobs may still exist in HEAD). Have a read through this revision-controlled text file... http://druidbsd.cvs.sf.net/viewvc/druidbsd/druidbsd/druid/dep/freebsd/patches/README?revision=1.2view=markup ALSO NOTE: Yes, the file is dated... it talks about cvsup instead of svn. My hope is that the doco can be a good starting point (even if the data is a bit dated). In there, you'll find things like (relevant to RELENG_9): make -f Makefile.sysinstall release \ MAKE=/usr/bin/env CFLAGS=-DDRUID make \ CHROOTDIR=/usr/release EXTSRCDIR=/usr/src KERNELS_BASE= \ NODOC=YES NO_FLOPPIES=YES NOCDROM=YES NOPORTS=YES \ WORLD_FLAGS=-DWITHOUT_OPENSSL PATCH_FLAGS=-N \ LOCAL_PATCHES=/tmp/druid.patches \ LOCAL_SCRIPT=/tmp/local_script.sh | tee release.log Take special note of the LOCAL_SCRIPT= option. Maybe, just maybe, the bsdinstall-specific release(7) process supports LOCAL_SCRIPT too. If it doesn't... why not? -- Devin Devin Do you have any idea if there have an changes to bsdinstall process (on scripting side) in the upcoming 9.2 ? [snip] Beyond that... ( ok that's enough for this e-mail ). More includes (for the advanced scripting -- again, tapping into what /usr/share/bsdconfig/script.subr provides), there are sub-directories in /usr/share/bsdconfig (but again, script.subr brings them all in): media/ -- one file for each type of media (FTP, HTTP, HTTP Proxy, NFS, ... etc.) networking/ -- scripts for getting, setting, and interactively modifying network packages/ -- package management password/ -- root password startup/ -- rc.conf(5) and startup services timezone/ -- like tzsetup usermgmt/ -- user management stuff Each of those includes a lot of low-level functionality but it's all documented very well. That being said... there's one more avenue of scripting. All of the bsdconfig(8) modules that act as front-ends to the above libraries. Those are in /usr/libexec/bsdconfig -- and you can call those from your bsdinstall ``/etc/installerconf'' too. # Example A /usr/libexec/bsdconfig/090.timezone/timezone However, it's far easier to just say: # Example B bsdconfig timezone For a list of keywords to the modules, say either: bsdconfig -h *or* Peruse the diagram (which is generated by bsdconfig dot): http://druidbsd.sourceforge.net/download/bsdconfig/bsdconfig-HEAD-20130506-3i.svg The green parallelograms are the bsdconfig keywords, and the blue rectangles represent the modules (mousing over it will show the /usr/libexec/bsdconfig path in a tooltip). -- Devin -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD slices and the Boot Manager
On Jul 28, 2013, at 12:55 PM, Conny Andersson wrote: Hi Ian, Thank you for all of your advices regarding my questions. I have been using FreeBSD for more than ten years, but I never heard of sade (sysadmins disk editor). That is one of the joyful things with running FreeBSD/Unix; there is always something earlier unheard of to explore. And, there is always more than one way to approach a problem. In this case, sade is (or was) a direct by-product of the death of sysinstall(8). It only exists in 9 or higher. In-fact... sade was (up until recently in HEAD) actual code removed from sysinstall(8). NOTE: In HEAD, sade(8) is now a direct path to bsdinstall partedit I don't know what the long-term goals are for sade, but it's a nice 4-letter acronym that's a nice keystroke saver (at the very least). -- Devin On Mon, 29 Jul 2013, Ian Smith wrote: In freebsd-questions Digest, Vol 477, Issue 8, Message: 10 On Sat, 27 Jul 2013 19:39:30 +0200 (CEST) Conny Andersson atar...@telia.com wrote: Hi, I have a workstation with two factory installed hard disks. The first disk, ada0, is occupied by a Windows 7 Pro OS (mainly kept for the three year warranty of the workstation as Dell techs mostly speak the Microsoft language). Yes, best humour adherents of the Almighty Bill - keeps them sweet. Instead I have configured the BIOS to boot from the MBR on the second disk as I most of the time (99%) use FreeBSD. The MBR on ada1 was installed with sysinstall's option Install the FreeBSD Boot Manager, when I installed the FreeBSD 8.3-RELEASE. Right. sysinstall(8) - or at least the fdisk and bsdlabel modules that constitute sade(8) - remains the only safe and sane way to handle MBR disks. bsdinstall seems fine for GPT, but its paradigm doesn't play so well with trying to do the sorts of manipulations you're talking about here. Why noone's tried to update sade(8) for GPT I don't understand; it's a far better, more forgiving interface, in my old-fashioned? view. (The latest BIOS version 2.4.0 for Dell T1500 does not support UEFI/GPT/GUID.) The second disk ada1, now has three FreeBSD slices: 1) ada1s1 with FreeBSD 8.1-RELEASE 2) ada1s2 with FreeBSD 8.2-RELEASE 3) ada1s3 with FreeBSD 8.3-RELEASE I want to install the new FreeBSD 8.4-RELEASE on ada1s1 by overwriting the now existing two first slices. This means that ada1s3, must become ada1s2 instead. Is this possible to do? Yes and no. Using sysinstall|sade on my 9.1 laptop -- without setting sysctl kern.geom.debugflags=16 so it can't write any inadvertent changes to my disk :) -- in the fdisk screen you can delete the first two slices freeing their space for a new slice (or two) and you can then allocate s1 ok, but the existing s3 is still called s3. Would that be a problem? If you only created one slice there you'd have s1 and s3, with s2 and s4 marked as empty in the MBR shown by fdisk(8). MBR slice order need not follow disk allocations, eg s4 might point to an earlier disk region. sysinstall|sade has undo options for both fdisk and bsdlabel modules; it's easy to play with, no chance of damage - even with foot-shooting flag set, unless/until you commit to changes. If in doubt hit escape until it backs right out, nothing will be written. A very important question is if sysinstall's option Install the FreeBSD Boot Manager detects that I have a FreeBSD 8.3 and detect it as slice 2 on disk 1? So it becomes a boot option when I am rebooting? (Maybe the slice may come up as ad6s2, because AHCI in FreeBSD 8.4 isn't enabled at the time of the install.) If you're running 8.4 sysinstall as init, ie booted into the installer, and you've told it to install to s1, then it should set s1 as the active partition in the disk table and in boot0cfg's active slice table. I've never tried it with a second disk so I can't confirm that will all play nice, but you seem to have installed 3 versions ok before :) If not, you can run boot0cfg(8) anytime to set the active slice etc, so that shouldn't be a worry. Likely need to set debugflags=16 to do that on a running system also .. don't forget to set them back to 0 later! (For anyone) still nervous about sade for setting up MBR disks, play with a spare memstick, setup a couple of slices, boot0cfg etc, allocate and delete slices and partitions. Jordan got that together 15years ago so noone would ever need to do those icky slice/partition maths again. My theory: few have been brave enough to dare mess with $deity's work, though it just needs some updates for modern realities, not abandonment. [ Polytropon, it's not 'obsolete' at all; still in 9 anyway. It'll be obsolete when there are no more MBR-only systems in use - say 7 years - OR when bsdinstall incorporates all the missing good sade(8) features, which requires it making a clear distinction between GPT and MBR and working accordingly, including
Re: Newbye question VIM problem
On Jul 23, 2013, at 7:24 AM, Pietro Paolini wrote: Hello all, I have to install in a probably not latest version BSD machine but when I try to pkg_add -r vim-lite Error: Unable to get ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-9.0-release/Latest/vim-lite.tbz: File unavailable (e.g., file not found, no access) pkg_add: unable to fetch 'ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-9.0-release/Latest/vim-lite.tbz' by URL I get that error, it should be cause by the fact that my system is not so new, am I wrong ? Any solution on that ? Try: env PACKAGESITE=ftp://ftp-archive.freebsd.org/pub/FreeBSD-Archive/ports/i386/packages-9.0-releases/Latest/ pkg_add -r vim-lite NOTE: That is a single command to be written on a single-line. -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Newbye question VIM problem
On Jul 23, 2013, at 8:56 AM, Pietro Paolini wrote: On Jul 23, 2013, at 5:16 PM, Fernando Apesteguía fernando.apesteg...@gmail.com wrote: https://urldefense.proofpoint.com/v1/url?u=ftp://ftp-archive.freebsd.org/pub/FreeBSD-Archive/ports/i386/packages-9.0-release/Latest/k=%2FbkpAUdJWZuiTILCq%2FFnQg%3D%3D%0Ar=Mrjs6vR4%2Faj2Ns9%2FssHJjg%3D%3D%0Am=EqNk3zW%2BFthkGaRpyM7lCZDFPyMcUaqjJFP252xoemg%3D%0As=bdff9db189b5402b3645c555057e75498aa8736639cf977d5009f66eb6335304 Yep, thanks a lot ! As a side discussion... (opening a can of squiggly worms here) It's often bothered me that the tools don't know about the archive (which goes back a long ways and has a very consistent and structured layout). So in authoring the latest tool (bsdconfig(8)), I made sure that the archive is checked (grep archive media/ftp.subr from SVN r247280). Don't know if that was the right move, but here @ Vicor, we've been [ab]using the archive for .. over a decade? (looks at julian to chime in if he used the archive before I got here). But I for one would like to see the archive to maintain its steady growth and be available. Of course, the change to look in the archive seemed (to me at least) to be a pretty innocuous one (if the archive goes away, they're back to where they started... no working URLs). Just wondering why for so long the archive has never been checked by tools when (imho) that only serves to break old releases sooner with respect to remote-fetch of a binary release file (e.g., pkg or dist, etc.). -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: jls usage
On Jul 12, 2013, at 2:35 AM, Frank Leonhardt wrote: On 12/07/2013 02:33, Teske, Devin wrote: On Jul 11, 2013, at 6:19 PM, Fbsd8 wrote: In a .sh script I'm trying to get the jid for a single jail using this code jid=`jls -j jailname | cut -f 1- | awk '{print $1}'` Looks a little over complicated... why not just.. jls -j jailname jid I've never got the -j option to work on jail names, only jail IDs. Misconfiguration; keep reading. I've tried using the actual jail name, and the hostname to be sure - nothing - and on checking (jls -v) I'm somehow ending up with the Name being the same as the ID. I just put this down to a quirk/bug (it's there in 8.2-9) but it sounds like it's not an issue for anyone else. I'm defining them in rc.conf: jail_enable=yes jail_list=one two three jail_agnet_rootdir=/usr/jail/one jail_agnet_hostname=one.mydomain.com jail_agnet_ip=123.123.123.123 jail_agnet_devfs_enable=yes jail_agnet_devfs_ruleset=devfsrules_jail You've configured one and two and three in your jail_list, but quite oddly... You have not defined jail_one_* or jail_two_* or jail_three_*. I'm extremely confused as to how your jail even started! -- Devin etc... jls -v produces: JID Hostname Path Name State CPUSetID IP Address(es) 1 one.mydomain.com /usr/jail/one 1 ACTIVE 2 123.123.123.123 Everything works just fine, and has done for years, except jls -j jailname. It's zero-impact on me as it's no problem referring to them by number (which doesn't change) but if anyone could tell me what I'm doing wrong I'd be very interested to know. Or at least it'd be good to know I'm not the only one with the problem. Thanks, Frank. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: jls usage
On Jul 11, 2013, at 6:19 PM, Fbsd8 wrote: In a .sh script I'm trying to get the jid for a single jail using this code jid=`jls -j jailname | cut -f 1- | awk '{print $1}'` Looks a little over complicated... why not just.. jls -j jailname jid -- Devin The first line output by jls is a title line which the cut command is suppose to cut out so the first field on line 2 gets selected by the awk command. This is not working as I want, I get the first field of the title line. Is the cut command the correct command to us here? This is what the jls command shows # /root jls -j dir2 JID IP Address Hostname Path 15 10.0.10.24 dir2 /usr/jails/dir2 I am after the number 15 Thanks in advance ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: UEFI Secure Boot
On Jul 8, 2013, at 3:24 PM, Sergio de Almeida Lenzi wrote: [snip] So the question: Why or when will I need an secure UEFI boot??? From what I've read of UEFI Secure boot, I've parceled out into these nuggets: (correct any nuggets I got wrong) 1. UEFI Secure boot is actually UEFI + Secure boot. You can disable Secure boot and still have UEFI. 2. Windows 8 requires UEFI Secure boot to ... boot. 3. Any OS can work with UEFI Secure boot... you just have to sign your drivers (which puts a burden on development, testing, etc.) 4. FreeBSD today can work on a machine if you disable UEFI (implied disabling of Secure boot sub-feature) 5. FreeBSD could eventually support UEFI. 6. Don't know if we want to support secure-boot... but I think we should. It's really up to how the end-user wants FreeBSD to function. If they want FreeBSD to reject module-loads for custom-compiled modules, secure boot seems to be a way to go. But for me at least, I won't be enabling it (even if we support it). However, I know customers that might think it's a great idea (think financial institutions running FreeBSD on bare metal both as workstations and servers). Now, I must admit, when the conversation of UEFI and Secure boot starts turning toward involving M$, I get confused. To my understanding, it's a methodology to allow a customer to secure his/her box against root-kit. The OS does this by communicating with the UEFI framework the keys of modules to load. That's between the BIOS and the OS (whatever OS you may be running). -- Devin P.S. Again, correct me if I'm wrong on anything -- I'm still wrapping my head around this stuff too. _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: X client without X server
On Jul 2, 2013, at 8:55 PM, Olivier Nicole wrote: Hi, Is there a way to install an X client without automatically install an X server? On all my systems, I throw xterm and emacs, as the primary tools I use for management, but the display is always remote, I never, ever, run X on the machine, but still it install X server, fonts and a lot of useless junk like xcalc. If you never run emacs in X11 mode, but instead run emacs within the XTerm, might I suggest that you look into the emacs-nox11 package (/usr/ports/editors/emacs-nox11). This should cut down on the number of dependencies significantly, but if you run emacs directly as an X11 program, then emacs-nox11 will not provide that functionality -- so this suggestion is [again] only helpful if you're used to just running emacs in the XTerm. On the vim side of things, I tend to shoot for vim-lite instead of vim. Same reason, fewer dependencies. Is there a way to install xterm and only the libraries that are needed to run xterm? You could always go the binary package route. force-install the binary package, then do an ldd on xterm to find out what's missing. Then compare what's missing to the packing-list's @pkgdep entries (/var/db/pkg/xterm*/+CONTENTS for non-pkgng systems; for pkgng systems, [guessing] pkg info -dx xterm) -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: apply /etc/ttys changes on system
From: owner-freebsd-questi...@freebsd.org [owner-freebsd-questi...@freebsd.org] on behalf of Dan Nelson [dnel...@allantgroup.com] Sent: Wednesday, June 19, 2013 7:54 AM To: takCoder Cc: freebsd-questions@freebsd.org Subject: Re: apply /etc/ttys changes on system In the last episode (Jun 19), takCoder said: Is there any way to apply /etc/ttys changes on system, except for *restarting system* and *running kill -HUP 1* command ? Due some reasons, i need to change tc value of some of my ttys, periodically. I'm looking for a safer way than *kill -HUP 1* command. So, as this command is not a good one to be used often, any ideas are really appreciated. I couldn't find any other one so far.. Why is kill -HUP 1 unsafe? It's documented in init's manpage: Line status (on, off, secure, getty, or window information) may be changed in the ttys(5) file without a reboot by sending the signal SIGHUP to init with the command ``kill -HUP 1''. On receipt of this signal, init re-reads the ttys(5) file. Or init q -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: install firefox without X
On Jun 18, 2013, at 6:41 AM, Pol Hallen wrote: Hi all :-) I need use -X ssh and use firefox on remote machine: ssh -X -l user xxx host Is there a way to install firefox without X? or less ports possible I indeed run Firefox using the above method from my servers (which aren't running X) but X is still installed. It *should* be able to work in theory (I use xdialog from ports on machines that don't have X installed; only xdialog and xauth). *** warning *** will uninstall X11 software *** warning *** pkg_delete -x xorg Maybe Firefox will still run (communicating with the X server running on the local side of your ssh client), or maybe it will balk incessantly about something. I do know however, that you'll need xauth installed regardless. -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD maximum password length
On Jun 17, 2013, at 7:47 AM, Eduardo Morras wrote: On Mon, 17 Jun 2013 17:49:56 +0330 takCoder tak.offic...@gmail.com wrote: I need to moderate the input password in my system's user interface. And I believe i have tested longer passwords than that, about 1000 characters long, and there was no limitations, via using this command in a /bin/sh test shell script : echo PASSWORD | pw user mod USER -h 0. If I remember well, any password longer than default size is truncated, so passwords a) 'AhN12Njufsn8794432kjfvsnkkJHNDSMNDKh844mNJKnhjhu8u8424' b) 'AhN12Njufsn8794432kj' have the same salt hash value and both validate the user. Depends on the hashing algo. Old crypt(3) stored passwords with a 12-bit (2x Base64 characters; [0-9a-zA-Z./]) followed by the hashed cleartext. This [ancient] format limited password input to 8 characters. With this algorithm, input beyond 8 characters was ignored, so the behavior you describe is accurate -- with the old DES based one-way hash algorithm (which hasn't been default for a vey long time). The default in FreeBSD is MD5, but you can go to AES256 (Rijndael) if you like, or Blowfish, or whatever you like. Each of these has different limitations, but will not exhibit the behavior you describe above. There is no limit to these algorithms, only in the implementations -- that is to say that if you implement a read-buffer of 128k, that's the practical limit of your applications input (read: these algorithms have no limitations on input, however that being stated… no CRC algorithm has a limitation on input). But be aware… What makes these algorithms more secure is their larger salts *and* their stated rate of collisions. MD5 is no longer considered secure. It's secure *enough* for most people, but if you run a tight ship, any one with a few multiplexed GPUs running a CUDA thread against your hash can break it in a matter of a week if not days. The benchmark (in my mind) for any cryptographically strong algo is that with almost dream-like hardware, it would still be impossible to reverse the one-way trapdoor hash in one's-own lifetime. Of course, achieving that as a human can be hard considering that we rarely (if ever) produce strong inputs to the strong algorithms. However, if you want to be pedantic about choosing a strong password… you should actually take respite in the fact that these algorithms is still like their CRC brethren in that: Inputs greater than the hash length are cryptographically more secure than inputs shorter than the hash length. I digress… -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD maximum password length
On Jun 17, 2013, at 10:28 AM, Mark Felder wrote: On Mon, 17 Jun 2013 12:25:54 -0500, Teske, Devin devin.te...@fisglobal.com wrote: The default in FreeBSD is MD5 MD5 is no longer the default. http://svnweb.freebsd.org/base?view=revisionrevision=238484 Huzzah! 9.1-RELEASE and higher indeed use sha512 as the new default. 8.4 still using md5 though (and expected to stay that way). Question… Is sha512 the highest it goes in our system? -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Setting a locale globally
On Jun 14, 2013, at 1:51 PM, Polytropon wrote: On Fri, 14 Jun 2013 15:54:06 -0400, Mike. wrote: On 6/14/2013 at 9:12 PM Polytropon wrote: |On Fri, 14 Jun 2013 12:13:34 -0400, Mike. wrote: | I would like to set the locale of my 9.1 server to | |LANG=en_US.ISO8859-1 | | | globally, i.e., put the locale entry in one file, and then have the | locale propagate as I go into other shells and run various scripts. | |You can add this to /etc/csh.cshrc as it will be inherited by |all interactive shells (login shells), unless of course they |override it with ~/.cshrc: | |setenv LANG en_US.ISO8859-1 That works for the login shell, but when I su to another user (e.g., root), LANG is no longer in the environment. That depends on _how_ you su. For example, if you use su -m, the environment will not be modified, but the UID 0 is gained. See man su for details. But you are correct in terms of what I mentioned: If some user-configuration changes or unsets $LANG, it will be gone, and it may even be possible that the setting will not be transmitted properly to a different shell (inheriting environment), especially if the shell is not the default login shell, but instead bash or zsh (when the setting is being made for csh only). |It's also possible to add it to /etc/profile and even make an |addition to /etc/login.conf's default setting: | |default:\ |:setenv=LANG=en_US.ISO8859-1:... That works for the login shell, but when I su to another user (e.g., root), LANG is no longer in the environment. Try su -m. Anyway, login.conf should be the better solution compared to the csh approach illustrated above. It should work independently from the kind of shell. Also, you can get the sudo(8) utility to preserve LANG by adding it to the env_keep list in /usr/local/etc/sudoers For example: Step 1: (as root) visudo Step 2: Find… (the default configuration) ## Locale settings # Defaults env_keep += LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET Step 3: Un-comment the second line (of the two lines shown above). Now whenever you use sudo(8) to execute a command, LANG (and a few others, like LC_ALL) are preserved. -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Bourne shell if syntax
On Jun 11, 2013, at 2:56 AM, Jan Henrik Sylvester wrote: On 06/10/2013 21:10, dte...@freebsd.org wrote: Character sentinels are not required. FreeBSD's sh(1) knows (because [ is a built-in) that when you quote a parameter, that it is not (even if the value begins with -) not an operator. Appears I was wrong (and I can admit that). Further testing/investigation shows that it's not based on double-quoting (although this DOES play a role -- but only in the fact that you're ensuring that the program -- [ -- only gets one argument -- sans trailing square-bracket). It appears that the divide is the number of arguments. For example, compare: if [ -gt 1 ]; then # arg1 treated as a string; returns success to if [ -gt 1 ]; then # arg1 treated as an operator; syntax error to if [ -gt ]; then # arg1 treated as a string; returns success Or compare the equally divided: A=-gt if [ $A 1 ]; then # arg1 treated as a string; returns success to if [ $A 1 ]; then # arg1 treated as an operator; syntax error to if [ $A ]; then # arg1 treated as a string; returns success When the program -- [ -- (regardless of built-in or external) sees only one argument in it's ARGV array, it will *not* treat the argument as a flag but instead return true if it's non-NULL or return false if NULL. What you are saying here is at least misleading. I just started up sh on 9.1 RELEASE and tried: $ A=-z $ if [ $A ] ; then echo z ; fi z $ if [ $A 1 ] ; then echo z ; fi $ if /bin/[ $A ] ; then echo z ; fi z $ if /bin/[ $A 1 ] ; then echo z ; fi $ Interesting that I do not get the same results on 9.0-R for the external usage. de...@mick.vicor.com ~ $ if /bin/[ $A ] ; then echo z ; fi [: ]: unknown operand de...@mick.vicor.com ~ $ if /bin/[ $A 1 ] ; then echo z ; fi [: ]: unknown operand Must be a bug in 9.0-R with the ending square-bracket (`]'). If I remove the ending square-bracket it runs… de...@mick.vicor.com ~ $ if /bin/[ $A ; then echo z ; fi z de...@mick.vicor.com ~ $ if /bin/[ $A 1 ; then echo z ; fi Although -z is quoted, it is seen as an operator. It does not seem to have anything to do with whether the build-in or external [ is used. You're at least partially right… number of arguments makes a difference. A=-gt if [ $A ]; then echo z; fi sh: line 0: [: -gt: unary operator expected === Meanwhile, it knows to treat it as a string when it's the only argument… A=-gt if [ $A ]; then echo z; fi z -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: VIMAGE
On Jun 3, 2013, at 6:33 AM, Pietro Paolini wrote: On Jun 1, 2013, at 5:26 AM, Teske, Devin devin.te...@fisglobal.com wrote: On May 31, 2013, at 3:05 PM, Teske, Devin wrote: On May 31, 2013, at 1:48 AM, Pietro Paolini wrote: On May 30, 2013, at 6:25 PM, Teske, Devin devin.te...@fisglobal.com wrote: On May 30, 2013, at 3:35 AM, Pietro Paolini wrote: Hello all, I am a new bye on the FreeBSD and I am looking at the VIMAGE features experiencing some problems. I added the options : VIMAGE if_bridge and I removed STCP then I recompiled my kernel and install it. After that, following this tutorial https://urldefense.proofpoint.com/v1/url?u=http://imunes.tel.fer.hr/virtnet/eurobsdcon07_tutorial.pdfk=%2FbkpAUdJWZuiTILCq%2FFnQg%3D%3D%0Ar=Mrjs6vR4%2Faj2Ns9%2FssHJjg%3D%3D%0Am=xe0XNgnKBiT9v8HzxwWwnNMOVN3YdEHmTsIZfFoQA9Y%3D%0As=b271820faf310ac274ded8c3135b4931f2a5278e78ec1a66ce6a5ab971ff64f5 I tried the Exercise 2 which consist on the following commands: vimage -c n1 vimage -c n2 ngctl mkpeer efface ether ether ngctl mkpeer efface ether ether Don't you just love autocorrect? (does the same thing to me… turns eiface into efface) ngctl mkpeer em0: bridge lower link0 Looks good. ngctl name em0:lower bridge0 I usually do my connect before the name… but shouldn't matter. Should work all the same. ngctl connect em0: bridge0: upper link1 This looks wrong to me. I'd expect: ngctl connect em0: bridge0:lower upper link1 Many thanks for the answer Devin, when I try to use that last command I receive: ngctl connect em0: bridge0:lower upper link1 ngctl: send msg: Invalid argument What's wrong ? Let's start from scratch on a freshly booted box… dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl ls -l [sudo] Password: There are 4 total nodes: Name: em0 Type: ether ID: 0002 Num hooks: 0 Name: em1 Type: ether ID: 0003 Num hooks: 0 Name: ngctl1719 Type: socket ID: 0004 Num hooks: 0 Name: msk0Type: ether ID: 0001 Num hooks: 0 Ok… we have an ether type node for each of our physical adapters (these are provided by ng_ether(4); you didn't have to do anything to get these nodes). We also have a single socket type node. This is the ngctl connection to the netgraph subsystem (you can learn more by reading ng_socket(4)). Here's the corresponding hardware behind em0, em1, and msk0: === dte...@scu0a.jbsd.vicor.com ~ $ grep '\(em\|e1000phy\|mskc\?\)[[:digit:]]' /var/run/dmesg.boot mskc0: Marvell Yukon 88E8050 Gigabit Ethernet port 0xdc00-0xdcff mem 0xfcffc000-0xfcff irq 16 at device 0.0 on pci5 msk0: Marvell Technology Group Ltd. Yukon EC Id 0xb6 Rev 0x02 on mskc0 msk0: Ethernet address: xx:xx:xx:xx:xx:xx miibus0: MII bus on msk0 e1000phy0: Marvell 88E Gigabit PHY PHY 0 on miibus0 e1000phy0: none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-master, 1000baseT-FDX, 1000baseT-FDX-master, auto mskc0: [ITHREAD] em0: Intel(R) PRO/1000 Legacy Network Connection 1.0.3 port 0xec80-0xecbf mem 0xfebe-0xfebf irq 16 at device 4.0 on pci7 em0: [FILTER] em0: Ethernet address: xx:xx:xx:xx:xx:xx em1: Intel(R) PRO/1000 Legacy Network Connection 1.0.3 port 0xec00-0xec3f mem 0xfeba-0xfebb,0xfeb8-0xfeb9 irq 18 at device 6.0 on pci7 em1: [FILTER] em1: Ethernet address: xx:xx:xx:xx:xx:xx em0: link state changed to UP === Next, let's make a bridge (think of it as a big software switch that we're going to hook a bunch of interfaces; created, physical, or otherwise). Since I'm doing this over an SSH connection (a mistake I made earlier today), I'm not going to touch em0 (the adapter my SSH connection is using). Creating the bridge on an actively configured PHY will knock it off the net. This is not to say you can't have an active configuration on a bridged interface… just that the creation of the bridge (something you should only do once each time you boot) will disrupt an active connection. So… dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl mkpeer em1: bridge lower link0 NOTE: No output == Success. === Now let's look at our handiwork… dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl info em1:lower Name: unnamed Type: bridge ID: 0007 Num hooks: 1 Local hook Peer name Peer typePeer ID Peer hook -- - ---- - link0 em1 ether0003lower Ok, we see that the lower peer hook of the em1 ether-node goes off to something named link0. To see where link0 is off-to… we need a full listing (back to ngctl ls -l). dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl ls -l There are 5 total nodes: Name: unnamed Type: bridge ID: 0007 Num hooks: 1
Re: openvpn and tap device
On May 29, 2013, at 8:52 AM, Pol Hallen wrote: It's a while since I looked at OpenVPN, so this is from unreliable memory, but IIRC it uses tap devices under Windows and tun devices under Unix(ish) OSes. Do you see tun0 appear? sorry for the mistake: tun device I don't have any tun devices but I can use openvpn to connect to other vpn client tun devices are used with software like vpnc in my experience. -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: VIMAGE
On May 31, 2013, at 1:48 AM, Pietro Paolini wrote: On May 30, 2013, at 6:25 PM, Teske, Devin devin.te...@fisglobal.commailto:devin.te...@fisglobal.com wrote: On May 30, 2013, at 3:35 AM, Pietro Paolini wrote: Hello all, I am a new bye on the FreeBSD and I am looking at the VIMAGE features experiencing some problems. I added the options : VIMAGE if_bridge and I removed STCP then I recompiled my kernel and install it. After that, following this tutorial http://imunes.tel.fer.hr/virtnet/eurobsdcon07_tutorial.pdf I tried the Exercise 2 which consist on the following commands: vimage -c n1 vimage -c n2 ngctl mkpeer efface ether ether ngctl mkpeer efface ether ether Don't you just love autocorrect? (does the same thing to me… turns eiface into efface) ngctl mkpeer em0: bridge lower link0 Looks good. ngctl name em0:lower bridge0 I usually do my connect before the name… but shouldn't matter. Should work all the same. ngctl connect em0: bridge0: upper link1 This looks wrong to me. I'd expect: ngctl connect em0: bridge0:lower upper link1 Many thanks for the answer Devin, when I try to use that last command I receive: ngctl connect em0: bridge0:lower upper link1 ngctl: send msg: Invalid argument What's wrong ? Let's start from scratch on a freshly booted box… dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl ls -l [sudo] Password: There are 4 total nodes: Name: em0 Type: ether ID: 0002 Num hooks: 0 Name: em1 Type: ether ID: 0003 Num hooks: 0 Name: ngctl1719 Type: socket ID: 0004 Num hooks: 0 Name: msk0Type: ether ID: 0001 Num hooks: 0 Ok… we have an ether type node for each of our physical adapters (these are provided by ng_ether(4); you didn't have to do anything to get these nodes). We also have a single socket type node. This is the ngctl connection to the netgraph subsystem (you can learn more by reading ng_socket(4)). Here's the corresponding hardware behind em0, em1, and msk0: === dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ grep '\(em\|e1000phy\|mskc\?\)[[:digit:]]' /var/run/dmesg.boot mskc0: Marvell Yukon 88E8050 Gigabit Ethernet port 0xdc00-0xdcff mem 0xfcffc000-0xfcff irq 16 at device 0.0 on pci5 msk0: Marvell Technology Group Ltd. Yukon EC Id 0xb6 Rev 0x02 on mskc0 msk0: Ethernet address: xx:xx:xx:xx:xx:xx miibus0: MII bus on msk0 e1000phy0: Marvell 88E Gigabit PHY PHY 0 on miibus0 e1000phy0: none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-master, 1000baseT-FDX, 1000baseT-FDX-master, auto mskc0: [ITHREAD] em0: Intel(R) PRO/1000 Legacy Network Connection 1.0.3 port 0xec80-0xecbf mem 0xfebe-0xfebf irq 16 at device 4.0 on pci7 em0: [FILTER] em0: Ethernet address: xx:xx:xx:xx:xx:xx em1: Intel(R) PRO/1000 Legacy Network Connection 1.0.3 port 0xec00-0xec3f mem 0xfeba-0xfebb,0xfeb8-0xfeb9 irq 18 at device 6.0 on pci7 em1: [FILTER] em1: Ethernet address: xx:xx:xx:xx:xx:xx em0: link state changed to UP === Next, let's make a bridge (think of it as a big software switch that we're going to hook a bunch of interfaces; created, physical, or otherwise). Since I'm doing this over an SSH connection (a mistake I made earlier today), I'm not going to touch em0 (the adapter my SSH connection is using). Creating the bridge on an actively configured PHY will knock it off the net. This is not to say you can't have an active configuration on a bridged interface… just that the creation of the bridge (something you should only do once each time you boot) will disrupt an active connection. So… dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl mkpeer em1: bridge lower link0 NOTE: No output == Success. === Now let's look at our handiwork… dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl info em1:lower Name: unnamed Type: bridge ID: 0007 Num hooks: 1 Local hook Peer name Peer typePeer ID Peer hook -- - ---- - link0 em1 ether0003lower Ok, we see that the lower peer hook of the em1 ether-node goes off to something named link0. To see where link0 is off-to… we need a full listing (back to ngctl ls -l). dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl ls -l There are 5 total nodes: Name: unnamed Type: bridge ID: 0007 Num hooks: 1 Local hook Peer name Peer typePeer ID Peer hook -- - ---- - link0 em1 ether0003lower Name: em0 Type: ether ID: 0002 Num hooks: 0 Name: em1 Type: ether ID: 0003 Num hooks: 1 Local
Re: VIMAGE
On May 31, 2013, at 3:05 PM, Teske, Devin wrote: On May 31, 2013, at 1:48 AM, Pietro Paolini wrote: On May 30, 2013, at 6:25 PM, Teske, Devin devin.te...@fisglobal.commailto:devin.te...@fisglobal.com wrote: On May 30, 2013, at 3:35 AM, Pietro Paolini wrote: Hello all, I am a new bye on the FreeBSD and I am looking at the VIMAGE features experiencing some problems. I added the options : VIMAGE if_bridge and I removed STCP then I recompiled my kernel and install it. After that, following this tutorial http://imunes.tel.fer.hr/virtnet/eurobsdcon07_tutorial.pdf I tried the Exercise 2 which consist on the following commands: vimage -c n1 vimage -c n2 ngctl mkpeer efface ether ether ngctl mkpeer efface ether ether Don't you just love autocorrect? (does the same thing to me… turns eiface into efface) ngctl mkpeer em0: bridge lower link0 Looks good. ngctl name em0:lower bridge0 I usually do my connect before the name… but shouldn't matter. Should work all the same. ngctl connect em0: bridge0: upper link1 This looks wrong to me. I'd expect: ngctl connect em0: bridge0:lower upper link1 Many thanks for the answer Devin, when I try to use that last command I receive: ngctl connect em0: bridge0:lower upper link1 ngctl: send msg: Invalid argument What's wrong ? Let's start from scratch on a freshly booted box… dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl ls -l [sudo] Password: There are 4 total nodes: Name: em0 Type: ether ID: 0002 Num hooks: 0 Name: em1 Type: ether ID: 0003 Num hooks: 0 Name: ngctl1719 Type: socket ID: 0004 Num hooks: 0 Name: msk0Type: ether ID: 0001 Num hooks: 0 Ok… we have an ether type node for each of our physical adapters (these are provided by ng_ether(4); you didn't have to do anything to get these nodes). We also have a single socket type node. This is the ngctl connection to the netgraph subsystem (you can learn more by reading ng_socket(4)). Here's the corresponding hardware behind em0, em1, and msk0: === dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ grep '\(em\|e1000phy\|mskc\?\)[[:digit:]]' /var/run/dmesg.boot mskc0: Marvell Yukon 88E8050 Gigabit Ethernet port 0xdc00-0xdcff mem 0xfcffc000-0xfcff irq 16 at device 0.0 on pci5 msk0: Marvell Technology Group Ltd. Yukon EC Id 0xb6 Rev 0x02 on mskc0 msk0: Ethernet address: xx:xx:xx:xx:xx:xx miibus0: MII bus on msk0 e1000phy0: Marvell 88E Gigabit PHY PHY 0 on miibus0 e1000phy0: none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-master, 1000baseT-FDX, 1000baseT-FDX-master, auto mskc0: [ITHREAD] em0: Intel(R) PRO/1000 Legacy Network Connection 1.0.3 port 0xec80-0xecbf mem 0xfebe-0xfebf irq 16 at device 4.0 on pci7 em0: [FILTER] em0: Ethernet address: xx:xx:xx:xx:xx:xx em1: Intel(R) PRO/1000 Legacy Network Connection 1.0.3 port 0xec00-0xec3f mem 0xfeba-0xfebb,0xfeb8-0xfeb9 irq 18 at device 6.0 on pci7 em1: [FILTER] em1: Ethernet address: xx:xx:xx:xx:xx:xx em0: link state changed to UP === Next, let's make a bridge (think of it as a big software switch that we're going to hook a bunch of interfaces; created, physical, or otherwise). Since I'm doing this over an SSH connection (a mistake I made earlier today), I'm not going to touch em0 (the adapter my SSH connection is using). Creating the bridge on an actively configured PHY will knock it off the net. This is not to say you can't have an active configuration on a bridged interface… just that the creation of the bridge (something you should only do once each time you boot) will disrupt an active connection. So… dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl mkpeer em1: bridge lower link0 NOTE: No output == Success. === Now let's look at our handiwork… dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl info em1:lower Name: unnamed Type: bridge ID: 0007 Num hooks: 1 Local hook Peer name Peer typePeer ID Peer hook -- - ---- - link0 em1 ether0003lower Ok, we see that the lower peer hook of the em1 ether-node goes off to something named link0. To see where link0 is off-to… we need a full listing (back to ngctl ls -l). dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl ls -l There are 5 total nodes: Name: unnamed Type: bridge ID: 0007 Num hooks: 1 Local hook Peer name Peer typePeer ID Peer hook -- - ---- - link0 em1 ether0003lower Name: em0 Type: ether ID: 0002 Num hooks: 0 Name: em1 Type
Re: VIMAGE
On May 30, 2013, at 3:35 AM, Pietro Paolini wrote: Hello all, I am a new bye on the FreeBSD and I am looking at the VIMAGE features experiencing some problems. I added the options : VIMAGE if_bridge and I removed STCP then I recompiled my kernel and install it. After that, following this tutorial http://imunes.tel.fer.hr/virtnet/eurobsdcon07_tutorial.pdf I tried the Exercise 2 which consist on the following commands: vimage -c n1 vimage -c n2 ngctl mkpeer efface ether ether ngctl mkpeer efface ether ether Don't you just love autocorrect? (does the same thing to me… turns eiface into efface) ngctl mkpeer em0: bridge lower link0 Looks good. ngctl name em0:lower bridge0 I usually do my connect before the name… but shouldn't matter. Should work all the same. ngctl connect em0: bridge0: upper link1 This looks wrong to me. I'd expect: ngctl connect em0: bridge0:lower upper link1 # The way I see most people using vimage… it seems like almost always a mistake to not hook the upper (unless you have very good reason to make the base machine inaccessible from the jails and vice-versa). Some missing points… # Make sure the bridged-interface is active ifconfig em0 up # Set promiscous mode and # don't override src addr ngctl msg em0: setpromisc 1 ngctl msg em0: setautosrc 0 ngctl connect ngeth0: bridge0: ether link2 ngctl connect ngeth1: bridge0: ether link3 Let's re-work this. Earlier you did 2x mkpeer to pre-create your eiface nodes. I don't do this, as it later requires a connect for each created peer. What you can do instead is _not_ perform those earlier commands (shown below): ngctl mkpeer eiface ether ether ngctl mkpeer eiface ether ether (followed by the above connect statements) But *instead*, you can actually do a contextual mkpeer that connects the nodes as they are created. For example… instead of this: ngctl mkpeer eiface ether ether ngctl mkpeer eiface ether ether ngctl connect ngeth0: bridge0: ether link2 ngctl connect ngeth0: bridge0: ether link3 (which doesn't look right to me, because I'm used to creating an ether edge between bridge:lower and the eiface) You can instead do: ngctl mkpeer em0:lower eiface link2 ether ngctl mkpeer em0:lower eiface link3 ether This simplifies 4 statements into 2. NOTE: I can't remember if em0:lower can be replaced with the new name of bridge0 (that you created with ngctl name em0:lower bridge0). My scripts continue to use the raw name in the mkpeer statements even after a rename of the lower-link. You *may* be able to instead say ngctl mkpeer bridge0: eiface link2 ether etc.) vimage -i n1 ngeth0 e0 But my virtual interface on the n1 vimage does not receive any packet from the external network while I can see the packet go out from it. Try hooking changing your PHY-bridge hook to the lower and hooking your PHY upper into the bridge. For instance using DHCP, e0 on n1 sends DHCP packets but it does not receive the answers (which are send, I verified it from wireshark), in adding the ARP request for his IP address (if I try to add it statically) are not received then it can not answer. At the end of the line the question is: how can I make this virtual network and the external real network be able to communicate ? Thanks in advance. Wondering if you've given my solution a try… http://druidbsd.sf.net/vimage.shtml -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: VIMAGE
On May 30, 2013, at 9:18 AM, Joe wrote: Pietro Paolini wrote: On May 30, 2013, at 2:29 PM, Joe fb...@a1poweruser.commailto:fb...@a1poweruser.com wrote: Pietro Paolini wrote: Hello all, I am a new bye on the FreeBSD and I am looking at the VIMAGE features experiencing some problems. I added the options : VIMAGE if_bridge and I removed STCP then I recompiled my kernel and install it. After that, following this tutorial http://imunes.tel.fer.hr/virtnet/eurobsdcon07_tutorial.pdf I tried the Exercise 2 which consist on the following commands: vimage -c n1 vimage -c n2 ngctl mkpeer efface ether ether ngctl mkpeer efface ether ether ngctl mkpeer em0: bridge lower link0 ngctl name em0:lower bridge0 ngctl connect em0: bridge0: upper link1 ngctl connect ngeth0: bridge0: ether link2 ngctl connect ngeth1: bridge0: ether link3 vimage -i n1 ngeth0 e0 But my virtual interface on the n1 vimage does not receive any packet from the external network while I can see the packet go out from it. For instance using DHCP, e0 on n1 sends DHCP packets but it does not receive the answers (which are send, I verified it from wireshark), in adding the ARP request for his IP address (if I try to add it statically) are not received then it can not answer. At the end of the line the question is: how can I make this virtual network and the external real network be able to communicate ? Thanks in advance. Pietro. 1. That link is from 2007. So very much has changed since then. There are more current links on the internet about this subject. Most are for 8.X releases. 2. If your running 8.2-RELEASE or 9.1-RELEASE all you need to add is options vimage statement to your kernel source and recompile. 3. There are 2 networking methods available for creating vnet/vimage jail networks, if_bridge/epair and netgraph. The if_bridge/epair method is far simpler to config and use then the netgraph method. 4. There are 2 methods of jail setup, the rc.d method where your jail definition parameters go into the hosts rc.conf and the jail(8) method where you can place each jails definition parameter in separate files. 5. There are two very important show stopper PRs on vimage, 164763 memory leak and 149050 the rc.d keyword nojail problem. Vimage is a very long way from prime time usage, thats why it's labeled as highly experimental. Host system freezes and page faults are common. 6. When it comes to running a firewall in a vnet/vimage jail your limited to IPFW and it has limitations. Dummynet and in kernel NAT cause system freezes. IPFILTER causes page fault at boot time. PF will run on the host but not run in the vnet/vimage jail. Here are a bunch of PRs on vimage firewall problems, 143621, 176092, 161094, 176992, 143808, 148155, 165252, 178480, 178482 Check out these links http://druidbsd.sourceforge.net/vimage.shtml http://devinteske.com/vimage-jails-on-freebsd-8 http://lists.freebsd.org/pipermail/freebsd-virtualization/2011-September/000747.html http://bsdbased.com/2009/12/06/freebsd-8-vimage-epair-howto http://zewaren.net/site/?q=node/78 ___ freebsd-questions@freebsd.orgmailto:freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.orgmailto:freebsd-questions-unsubscr...@freebsd.org Thanks so much, really interesting and good links but I can't again accomplish my task - I followed http://bsdbased.com/2009/12/06/freebsd-8-vimage-epair-howto as a base tutorial - I would like simulate more client for my PC using this technology, and that's my topology: 1 - Two epairs created 2 - Two jail created 3 - Assign one intf for jail 4 - Add the real interface to a bridge where I put all the interfaces --- JAIL1 0b --- --- JAIL2 1b --- --- HOST 0a 1a em0 -- REAL --- Where {0,1}a is the first pair and {0,1}b is the second and em0 is my real interface (it has an IP address), then I got to the problem, I tried to : jexec 2 dhclient epair1b And I can see the DHCP packet with the correct MAC address going out, the server reply (I have a sniffer pc) but the transaction does not end successfully, what is really strange is that if I attach tcpdump on em0 I can NOT see the answer server sends while when I try dhclient em0 I can see the packet going in and out and the DHCP transaction finish successfully. Do you have any idea about how can I accomplish my target ? Maybe I am using the wrong technology ? I would not surprised if I make a error on my configuration but what really interest me is if I CAN do that using jail. Thanks a lot, and in advance ! :-) Pietro. Pietro; You really have to provide a lot more info about your host system and jail configuration. What version of FreeBSD are you running? Which method do you use to create your jails, rc.d/rc.conf or jail(8). How are your creating the if_bridge/epair network, IE entering
Re: Installing 8.1-RELEASE - Problems via FTP
On May 21, 2013, at 9:39 AM, Tim Nelson wrote: Greetings- I have need to install FreeBSD 8.1-RELEASE amd64 to build some packages. My usual method of installation is via the *-bootonly.iso, pulling the install from FTP. However, it appears since 8.1-RELEASE is old and deprecated, none of the mirrors have the files available anymore to use during the installer. Poppycock… BEFORE you get to the sysinstall media selection dialog, make a detour into the Options, use arrow-up/down to highlight Release Name, press SPACEBAR, and change from X.Y-RELEASE to any (without quotes; also acceptable would be __RELEASE without quotes). NOTE: This will tell sysinstall to *not* try and auto-detect the release directory path on the FTP server but instead use the exact path that you give it. When you get to the media selection dialog, use FTP-Passive with the following URL: ftp://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/ That should work. The any (or __RELEASE) release-name tells it to not try things like pub/FreeBSD/releases/arch/relName (which obviously doesn't exist, given extra -Archive and old- prefixes in some of the path directory elements). So, how do I proceed: 1. Does anyone have a proper URL to put into the installer? I already tried ftp://ftp-archive.freebsd.org but I think there is additional path info needed Right… but you really need to make the detour into the Options and change Release Name to either any or __RELEASE to indicate that the path you are providing is absolute (otherwise, sysinstall try to intelligently find the directory based off the architecture that it booted from -- this was done to make maintenance easier). Just go into the Options and set Release Name to any (HINT: if you were scripting sysinstall, you'd be able to do the same thing with relName=any) and then use: ftp://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE NOTE: Replace i386 with amd64 if you want 64-bit build 2. Should I install from the full CD or DVDs? If successful, would I still have problems pulling the ports tree for 8.1-RELEASE? If you use the above method, you can have the CD pull the static ports collection off the FTP server. However, (and this may be what you desire) just note that the ports collection when installed from an FTP mirror is not an up-to-date snapshot of the constantly-shifting ports tree. -- DevinD _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ngctl list ?
On May 20, 2013, at 4:28 PM, Joe wrote: […] Without netgraph compiled into the kernel, issuing ngctl list command on the host only shows the socket for ngctl. After I issue the kldload command on the host for netgraph ng_bridge ng_eiface ng_ether ng_socket, then issuing ngctl list command now shows the real NIC interface device names. Thanks for you insight. Cool… glad module-based ng_ether is working. (in 8.1 the ng_* modules all worked, but for ng_ether, it wasn't producing the expected results as a module -- glad that's been fixed). I have another problem. To standardize my bridge and eiface names I want to use the JID number as a suffix. jid=`jls -j ${jailname} jid` bridge_name=bridge${jid} When creating the bridge it gets assigned bridge_name just like I want. I want to assign the ${jid} to the ieface peer name and can not figure out the syntax. This is the command I am using now ngctl mkpeer eiface ether ether The syntax for renaming anything in netgraph with ngctl (non-interactively) is ngctl name node new_name. First you create the node and then you rename it. As an aside... It looks like you're creating the eiface separately from connecting it to the bridge. You can combine the mkpeer and the (not shown) later connect by doing a contextual mpeer (which will result in a peer being created that is already connected to the bridge). For example: ngctl mkpeer rl0:lower eiface link# ether You're creating a new eiface peer off the rl0:lower ether device and assigning the link all in one go. rl0 is your ng_ether device and rl0:lower is (presumably) your ng_bridge device. link# is the new link to create. To find the # value in link#, I run a loop that starts from 2 (because rl0:upper is link0, and rl0:lower is link1) and counts upward until it finds an unused link#. How I test for the existence of a link is by issuing: ngctl info rl0:lower getstats # Where # is the link# you're interested in. So here's the loop I run to find link# LINKNUM=2 while ngctl msg rl0:bridge getstats $LINKNUM /dev/null 21; do LINKNUM=$(($LINKNUM+1)) done At that point, I've calculated LINKNUM and can then issue the above command with: ngctl mkpeer rl0:lower eiface link$LINKNUM ether NOTE: Again, assuming your ng_ether device is rl0 (a Realtek NIC; replace with em0, bge0, or whatever as needed). Resulting in a new eiface that is already connected to the bridge (previously connected to rl0:lower). Now… to rename that interface… ngctl name rl0:lower:link$LINKNUM desired_name But once you've done that, you're not finished yet. You now need to rename the interface using ifconfig. The syntax for renaming interfaces visible to ifconfig(8) is: ifconfig old_name name new_name The old name is obtainable with the following ngctl syntax: ngctl show -n rl0:lower:link$LINKNUM NOTE: It's the second word, so | awk '{print $2}' is handy here Once you've got that value, you can then do your ifconfig re-naming. This is the safe way to do the renaming (interrogate netgraph for the ifconfig name using the above method). NOTE: The netgraph renaming is entirely optional (should have mentioned that earlier); all that is really needed is the ifconfig renaming (using the ngctl show syntax to parse out the current ifconfig name for a peer). However, one of the things that the netgraph-based naming buys you is that when you dump the current config (using ngctl dot), you have a good mapping of eifaces-to-JIDs; in my case… with the vimage script I developed… this is why I actually tend to favor the jail-name truncated to fit into the interface name… it's much more useful than staring at a graphviz rendering holding nothing but JIDs). This creates a default name of ngeth0 I would be ok with ngeth${jid} But would really like to assign my own peer name vetjail${kid} All you really need is the above recipe and you should be on your way. Let me know if you need additional help. Does the mkpeer syntax allow doing this? Well… not really. The name syntax of ngctl allows this. Thanks Cheers. -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: does ifconfig see netgraph bridges?
On May 19, 2013, at 11:32 AM, Nikos Vassiliadis wrote: Hi, On 05/19/2013 04:57 PM, Joe wrote: I create a ng bridge but issuing ifconfig does not show the bridge. Running 9.1-RELEASE. Is this a bug? ifconfig is not supposed to know about a netgraph bridge. So this is by design. Also, since the bridge is supposed to be transparent to the network i wouldn't know what kind of information would be relevant to ifconfig, that is the netgraph bridge has no MAC, no IP etc. What info are you after? To see the upper/lower links to a bridge, you want to execute (as root): ngctl ls -l The output is a bit cluttered, as there's no empty newline between the headers as it enumerates the different types. Just as traditional ls you can give it a path, however the path is not delimited by / but by : to separate the peers, etc. Start small by trying to ls your bridge (and then ls -l your bridge). If memory serves (on the go, so don't have a terminal to try this out before giving the tip): ngctl ls -l bridge0: Should perhaps show the connected links. When in doubt… go interactive… ngctl And try different combinations of ls and ls -l on the prompt. -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ngctl list ?
On May 19, 2013, at 1:47 PM, Joe wrote: When I issue ngctl list command on the host it only shows the socket for ngctl. I thought it would also show the real NIC interface device names. Am I wrong in thinking that? No, you're not wrong, however one wrinkle is that ng_ether(4) has to be compiled-in to get the netgraph subsystem to attach to your real NIC interfaces. On the system where you're executing ngctl list (same thing as ngctl ls), can you execute: config -x `sysctl -n kern.bootfile` | grep NETGRAPH_ETHER and get back something like the following (which I get back from my system): options NETGRAPH_ETHER # ng_ether(4) (and on that system, I get the following for ngctl ls) r...@folsom.vicor.commailto:r...@folsom.vicor.com ~ # ngctl ls There are 16 total nodes: Name: em0 Type: ether ID: 0003 Num hooks: 0 Name: em1 Type: ether ID: 0004 Num hooks: 0 Name: em2 Type: ether ID: 0005 Num hooks: 0 Name: ng0_beefcakeType: eiface ID: 0018 Num hooks: 1 Name: ng0_stats Type: eiface ID: 000f Num hooks: 1 Name: ngctl21992 Type: socket ID: 005f Num hooks: 0 Name: ng0_cfg0_vlbxri Type: eiface ID: 0024 Num hooks: 1 Name: igb0bridge Type: bridge ID: 0008 Num hooks: 4 Name: ng0_ipu0a_vlbxr Type: eiface ID: 0037 Num hooks: 1 Name: ng0_ipm0_vlbxri Type: eiface ID: 002d Num hooks: 1 Name: igb1bridge Type: bridge ID: 001d Num hooks: 8 Name: ng0_oos0a_vlbxr Type: eiface ID: 0042 Num hooks: 1 Name: ng0_opm0_vlbxri Type: eiface ID: 004e Num hooks: 1 Name: ng0_wss0a_vlbxr Type: eiface ID: 005b Num hooks: 1 Name: igb0Type: ether ID: 0001 Num hooks: 2 Name: igb1Type: ether ID: 0002 Num hooks: 2 NOTE: Alternatively… if you don't get a response back from config(8) similar to the above,… does kldstat show an ng_ether entry? I think last time I tried to load ng_ether(4) as a module (versus compiled-in), it didn't list any of my ether devices (Type: ether in above ngctl ls output). -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: netgraph network setup for jail(8) vnet jails.
Sorry for top-post, but just wanted to add a quick note: The output of ngctl dot would be very helpful to others in debugging your setup. -- Devin On May 18, 2013, at 8:38 AM, Joe wrote: Hello list I cant get to the internet using this netgraph setup script. I sure would appreciate giving this console log a look over for errors. My netgraph knowledge level is not sufficient to see what is wrong. The goal is to run this script to setup and break down a netgraph network for a single vnet jail at a time. rl0 is the real nic interface device name of the nic facing the internet. This box is on my lan and the gateway box does NAT for all lan boxes. The host running this script can ping the internet ok. Thank you very much for your help. The host's kernel has modules with vimage ipfw compiled in. From the host # /root ifconfig rl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu options=2008VLAN_MTU,WOL_MAGIC ether 00:0c:6e:09:8b:74 inet 10.0.10.5 netmask 0xfff8 broadcast 10.0.10.7 nd6 options=29PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL media: Ethernet autoselect (100baseTX full-duplex) status: active plip0: flags=8810POINTOPOINT,SIMPLEX,MULTICAST metric 0 mtu 1500 nd6 options=29PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL ipfw0: flags=8801UP,SIMPLEX,MULTICAST metric 0 mtu 65536 nd6 options=29PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST metric 0 mtu 16384 options=63RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8 inet 127.0.0.1 netmask 0xff00 nd6 options=21PERFORMNUD,AUTO_LINKLOCAL The jails config file # /root cat /usr/local/etc/vnet/vdir4 vdir4 { host.hostname = vdir4; path= /usr/jails/vdir4; mount.fstab = /usr/local/etc/fstab/vdir4; vnet; persist; } The netgraph script # /root cat /usr/local/bin/vnet.ng.test #!/bin/sh # snip comments for displaying here # This script is based on this /usr/share/examples/netgraph/virtual.lan # Give the name of ethernet interface. ETHER_INTF=rl0 # List the names of virtual nodes and their IP addresses. Use ':' # character to separate node name from node IP address and netmask. #TARGET_TOPOLOGY=c1|10.0.2.20/24 c2|10.0.2.21/24 c3|10.0.2.22/24 TARGET_TOPOLOGY=vdir4|10.0.2.20/24 # MAC manufacturer prefix. This can be modified according to needs. MAC_PREFIX=00:1d:92 # Temporary file is important for proper execution of script. TEMP_FILE=/var/tmp/virtual.lan.tmp virtual_lan_start() { # Load netgraph KLD's as necessary. for KLD in ng_ether ng_bridge ng_eiface; do if ! kldstat -v | grep -qw ${KLD}; then echo -n Loading ${KLD}.ko... kldload ${KLD} || exit 1 echo done fi done # Reset all interfaces and jails. If temporary file can not be found # script assumes that there is no previous configuration. if [ ! -e ${TEMP_FILE} ]; then echo No previous configuration(${TEMP_FILE}) found to clean-up. else echo -n Cleaning previous configuration... virtual_lan_stop echo done fi # Create temporary file for usage. This file includes generated # interface names and jail names. All bridges, interfaces and jails # are written to file while created. In clean-up process written # objects are cleaned (i.e. removed) from system. if [ -e ${TEMP_FILE} ]; then touch ${TEMP_FILE} fi echo -n Verifying ethernet interface existence... # Verify ethernet interface exist. if ! ngctl info ${ETHER_INTF}: /dev/null 21; then echo Error: interface ${ETHER_INTF} does not exist exit 1 fi ifconfig ${ETHER_INTF} up || exit 1 echo done # Get current number of bridge interfaces in the system. This number # is used to create a name for new bridge. BRIDGE_COUNT=`ngctl l | grep bridge | wc -l | sed -e s/ //g` BRIDGE_NAME=bridge${BRIDGE_COUNT} # Create new ng_bridge(4) node and attach it to the ethernet interface. # Connect ng_ether:lower hook to bridge:link0 when creating bridge and # connect ng_ether:upper hook to bridge:link1 after bridge name is set. echo Creating bridge interface: ${BRIDGE_NAME}... ngctl mkpeer ${ETHER_INTF}: bridge lower link0 || exit 1 ngctl name ${ETHER_INTF}:lower ${BRIDGE_NAME} || exit 1 ngctl connect ${ETHER_INTF}: ${BRIDGE_NAME}: upper link1 || exit 1 echo Bridge ${BRIDGE_NAME} is created and ${ETHER_INTF} is connected. # In the above code block two hooks are connected to bridge interface, # therefore LINKNUM is set to 2 indicating total number of connected # hooks on the bridge interface. LINKNUM=2 # Write name of the bridge to temp file. Clean-up procedure will use # this name to shutdown bridge interface. echo bridge ${BRIDGE_NAME} ${TEMP_FILE} # Attach vnet jail. for NODE in ${TARGET_TOPOLOGY}; do # Virtual nodes are defined in
Re: check variable content size in sh script
On May 18, 2013, at 9:06 AM, Polytropon wrote: On Sat, 18 May 2013 11:58:30 -0400, Quartz wrote: newfoo=${foo:0:51} That works for bash, not sh. Ok granted, but I don't think that ${#foo} is straight sh either, so I assumed things bash/tcsh/ksh/whatever accept when running in sh emulation were ok. By default, there is no bash on FreeBSD, and therefor no emulation and implicit features. :-) At least FreeBSD's implementation of sh (which is ash, I think) dash actually -- the Debian Almquist shell (descendent of NetBSD's ash). -- Devin supports the # functionality. From man sh: ${#parameter} String Length. The length in characters of the value of parameter. And: ${parameter#word} Remove Smallest Prefix Pattern. The word is expanded to produce a pattern. The parameter expansion then results in parameter, with the smallest portion of the prefix matched by the pattern deleted. Check the chapter Parameter Expansion for more surprising things that are supported by ye olde /bin/sh. :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: check variable content size in sh script
On May 18, 2013, at 4:54 PM, Quartz wrote: #foo works with sh Is it actually part of the official spec though is what I'm wondering, or is it a case of other shells not rejecting 'advanced' statements when running in emulation. Shells don't have an emulation mode. The shell supports what it supports, and no shell that I've ever used had an emulation mode to act like another shell. Maybe you're referring to as emulation is actually the invocation line of the shell script. Make no mistake… when you change the invocation (first) line of a shell script from: #/bin/sh to: #/bin/tcsh You are not instructing a shell to emulate anything, you are actually using a different shell. sh != tcsh != bash != ash != dash != zsh Your script will use the shell that is written in the innovation line and the features you get are respective to which shell you choose. At least FreeBSD's implementation of sh (which is ash, I think) supports the # functionality. The reason I say all this is that my copy of tcsh (on this not-freebsd machine) *doesn't* work with this when in sh emulation. Get the idea that csh or tcsh are *anything* like sh out of your mind. Further, you almost *never* want to do any serious shell programming in csh or tcsh. Why? Because csh and tcsh have an incomplete programming spec. Most notably are the way that it handles pipe data and the standard-output/error file descriptors. Specifically, you cannot throw away stdout while keeping stderr. This short-coming may not be noticeable to all programmers that choose csh/tcsh, but if you want to do any serious programming, you'll eventually hit those limitations and be forced to move to a real shell (real in the sense that it has a complete programming specification). I personally never recommend csh/tcsh as a scripting language… but I can see the benefit that certain constructs (like repeat N cmd) have, purely for their simplicity (and readability for *very* short scripts). To challenge myself on this topic, I routinely try and cross-port very complex shell scripts to csh, and while I can do math with let and I can other things that a *normal* scripting language should allow… I invariably end up running away screaming in frustration. Again, csh != tcsh != sh != bash != ash != dash != zsh -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: check variable content size in sh script
On May 18, 2013, at 5:06 PM, Teske, Devin wrote: On May 18, 2013, at 4:54 PM, Quartz wrote: #foo works with sh Is it actually part of the official spec though is what I'm wondering, or is it a case of other shells not rejecting 'advanced' statements when running in emulation. Shells don't have an emulation mode. The shell supports what it supports, and no shell that I've ever used had an emulation mode to act like another shell. I say this from a FreeBSD context. It may entirely be possible that a Linux distro uses bash in /bin/sh -- and it's entirely possible that bash may act differently if ARGV[0] is /bin/sh. But I wouldn't call this emulation. I'd call it standardization. When bash is invoked with an ARGV[0] of bash or {anything}/bash, it will act more like bash and less like standardized bourne shell, aka POSIX compliant /bin/sh (notice I didn't insert the name of any other shell, like ash, dash, etc. but instead I said like [a] standardized bourne shell. That is to say that bash will more strictly adhere to POSIX bourne shell standards when ARGV[0] is /bin/sh versus bash. Even when bash clamps down on the bash-specific features if/when ARGV[0] is /bin/sh… you still have access to constructs such as ${#foo}. All that being said… csh/tcsh has no such standards comliancy mode (what you called emulation). In fact… csh/tcsh don't follow the POSIX standards (or if it does… *extremely* loosely; see handling of file descriptors below in replied-to text). -- Devin Maybe you're referring to as emulation is actually the invocation line of the shell script. Make no mistake… when you change the invocation (first) line of a shell script from: #/bin/sh to: #/bin/tcsh You are not instructing a shell to emulate anything, you are actually using a different shell. sh != tcsh != bash != ash != dash != zsh Your script will use the shell that is written in the innovation line and the features you get are respective to which shell you choose. At least FreeBSD's implementation of sh (which is ash, I think) supports the # functionality. The reason I say all this is that my copy of tcsh (on this not-freebsd machine) *doesn't* work with this when in sh emulation. Get the idea that csh or tcsh are *anything* like sh out of your mind. Further, you almost *never* want to do any serious shell programming in csh or tcsh. Why? Because csh and tcsh have an incomplete programming spec. Most notably are the way that it handles pipe data and the standard-output/error file descriptors. Specifically, you cannot throw away stdout while keeping stderr. This short-coming may not be noticeable to all programmers that choose csh/tcsh, but if you want to do any serious programming, you'll eventually hit those limitations and be forced to move to a real shell (real in the sense that it has a complete programming specification). I personally never recommend csh/tcsh as a scripting language… but I can see the benefit that certain constructs (like repeat N cmd) have, purely for their simplicity (and readability for *very* short scripts). To challenge myself on this topic, I routinely try and cross-port very complex shell scripts to csh, and while I can do math with let and I can other things that a *normal* scripting language should allow… I invariably end up running away screaming in frustration. Again, csh != tcsh != sh != bash != ash != dash != zsh -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: netgraph network setup for jail(8) vnet jails.
On May 18, 2013, at 5:51 PM, Joe wrote: Teske, Devin wrote: Sorry for top-post, but just wanted to add a quick note: The output of ngctl dot would be very helpful to others in debugging your setup. graph netgraph { edge [ weight = 1.0 ]; node [ shape = record, fontsize = 12 ] { 1 [ label = {rl0:|{ether|[1]:}} ]; 5 [ label = {bridge0:|{bridge|[5]:}} ]; 9 [ label = {ngeth0:|{eiface|[9]:}} ]; e [ label = {ngctl2355:|{socket|[e]:}} ]; }; subgraph cluster_disconnected { bgcolor = pink; e; }; node [ shape = octagon, fontsize = 10 ] { 1.upper [ label = upper ]; 1.lower [ label = lower ]; }; { edge [ weight = 2.0, style = bold ]; 1 -- 1.upper; 1 -- 1.lower; }; node [ shape = octagon, fontsize = 10 ] { 5.link2 [ label = link2 ]; 5.link1 [ label = link1 ]; 5.link0 [ label = link0 ]; }; { edge [ weight = 2.0, style = bold ]; 5 -- 5.link2; 5 -- 5.link1; 5 -- 5.link0; }; 5.link1 -- 1.upper; 5.link0 -- 1.lower; node [ shape = octagon, fontsize = 10 ] { 9.ether [ label = ether ]; }; { edge [ weight = 2.0, style = bold ]; 9 -- 9.ether; }; 9.ether -- 5.link2; }; I rendered your output by saving it in a file (joe.dot) and then running: dot -Tsvg -o joe.svg joe.dot I then uploaded joe.svg to my website: http://druidbsd.sf.net/download/joe.svg Compare your output to any of the following: http://druidbsd.sf.net/download/warden0.jbsd.svg http://druidbsd.sourceforge.net/download/folsom.svg It looks like everything is connected properly. A couple thoughts off the top of my head: a. Did you enable promiscuous mode on rl0 via ngctl? (in your script perhaps?) b. Have you tried giving ngeth0 a new MAC address? (I do this through ngctl too, but I imagine ifconfig from within the jail could achieve the same thing) -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: check variable content size in sh script
On May 16, 2013, at 8:28 AM, Tim Daneliuk wrote: On 05/16/2013 10:08 AM, Joe wrote: Hello Have script that has max size on content in a variable. How to code size less than 51 characters? FOO=Some string you want to check length of FOOLEN=`echo $FOO | wc | awk '{print $3}'` Uh, without forking to 2 separate programs… FOOLEN=${#FOO} You can then use $FOOLEN in a conditional. However, if the OP wanted to actually truncate $FOO to 51 characters: NEWFOO=$( echo $FOO | awk -v max=51 '{print substr($0,0,max)}' ) However, if you want to handle the case of $FOO containing newlines (and you want the newline to count toward the max), then this instead would do the trick: NEWFOO=$( echo $FOO | awk -v max=51 ' { len = length($0) max -= len print substr($0,0,(max 0 ? len : max + len)) if ( max 0 ) exit max-- }' ) $NEWFOO, even if multi-line, will be limited to 51-bytes (adjust max=51 accordingly for other desired-lengths). Newlines are preserved. Last, but not least, if you want to be able to handle multi-line values but only want to return the first line up-to N bytes (using 51 as the OP used): NEWFOO=$( echo $FOO | awk -v max=51 '{ print substr($0,0,max); exit }' ) If $FOO had multiple lines, $NEWFOO will have only the first line (and it will be truncated to 51 bytes or less). -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: check variable content size in sh script
On May 16, 2013, at 9:06 AM, Teske, Devin wrote: On May 16, 2013, at 8:28 AM, Tim Daneliuk wrote: On 05/16/2013 10:08 AM, Joe wrote: Hello Have script that has max size on content in a variable. How to code size less than 51 characters? FOO=Some string you want to check length of FOOLEN=`echo $FOO | wc | awk '{print $3}'` Uh, without forking to 2 separate programs… FOOLEN=${#FOO} You can then use $FOOLEN in a conditional. However, if the OP wanted to actually truncate $FOO to 51 characters: NEWFOO=$( echo $FOO | awk -v max=51 '{print substr($0,0,max)}' ) However, if you want to handle the case of $FOO containing newlines (and you want the newline to count toward the max), then this instead would do the trick: NEWFOO=$( echo $FOO | awk -v max=51 ' { len = length($0) max -= len print substr($0,0,(max 0 ? len : max + len)) if ( max 0 ) exit max-- }' ) For fun, I decided to expand on the solution I provided immediately above… turning it into a function that you might be a little more familiar with: snprintf() { local __var_to_set=$1 __size=$2 shift 2 # var_to_set/size eval $__var_to_set=\$\( printf \\$@\ \| awk -v max=\\$__size\ \'' { len = length($0) max -= len print substr($0,0,(max 0 ? len : max + len)) if ( max 0 ) exit max-- }'\' \) } Example usage: FOO=$( printf abc\n123\n ) snprintf NEWFOO 6 %s $FOO echo NEWFOO=[$NEWFOO] len=[${#NEWFOO}] Produces: NEWFOO=[abc 12] len=[6] Hopefully this should help some folks. -- Devin $NEWFOO, even if multi-line, will be limited to 51-bytes (adjust max=51 accordingly for other desired-lengths). Newlines are preserved. Last, but not least, if you want to be able to handle multi-line values but only want to return the first line up-to N bytes (using 51 as the OP used): NEWFOO=$( echo $FOO | awk -v max=51 '{ print substr($0,0,max); exit }' ) If $FOO had multiple lines, $NEWFOO will have only the first line (and it will be truncated to 51 bytes or less). -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: check variable content size in sh script
On May 16, 2013, at 9:27 AM, Teske, Devin wrote: On May 16, 2013, at 9:06 AM, Teske, Devin wrote: On May 16, 2013, at 8:28 AM, Tim Daneliuk wrote: On 05/16/2013 10:08 AM, Joe wrote: Hello Have script that has max size on content in a variable. How to code size less than 51 characters? FOO=Some string you want to check length of FOOLEN=`echo $FOO | wc | awk '{print $3}'` Uh, without forking to 2 separate programs… FOOLEN=${#FOO} You can then use $FOOLEN in a conditional. However, if the OP wanted to actually truncate $FOO to 51 characters: NEWFOO=$( echo $FOO | awk -v max=51 '{print substr($0,0,max)}' ) However, if you want to handle the case of $FOO containing newlines (and you want the newline to count toward the max), then this instead would do the trick: NEWFOO=$( echo $FOO | awk -v max=51 ' { len = length($0) max -= len print substr($0,0,(max 0 ? len : max + len)) if ( max 0 ) exit max-- }' ) For fun, I decided to expand on the solution I provided immediately above… turning it into a function that you might be a little more familiar with: snprintf() { local __var_to_set=$1 __size=$2 shift 2 # var_to_set/size eval $__var_to_set=\$\( printf \\$@\ \| awk -v max=\\$__size\ \'' { len = length($0) max -= len print substr($0,0,(max 0 ? len : max + len)) if ( max 0 ) exit max-- }'\' \) } Example usage: FOO=$( printf abc\n123\n ) snprintf NEWFOO 6 %s $FOO echo NEWFOO=[$NEWFOO] len=[${#NEWFOO}] Produces: NEWFOO=[abc 12] len=[6] Hopefully this should help some folks. I figured I'd help as many folks as I can… http://svnweb.freebsd.org/base?view=revisionrevision=250701 Added it to my string processing library. Lots of other useful functions in there. -- Cheers, Devin $NEWFOO, even if multi-line, will be limited to 51-bytes (adjust max=51 accordingly for other desired-lengths). Newlines are preserved. Last, but not least, if you want to be able to handle multi-line values but only want to return the first line up-to N bytes (using 51 as the OP used): NEWFOO=$( echo $FOO | awk -v max=51 '{ print substr($0,0,max); exit }' ) If $FOO had multiple lines, $NEWFOO will have only the first line (and it will be truncated to 51 bytes or less). -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: enter single user mode from boot menu
On Apr 29, 2013, at 4:52 AM, Joe wrote: Teske, Devin wrote: On Apr 28, 2013, at 3:44 PM, Joe wrote: running 9.1 and can not figure how to get into single user mode or safe mode from the BOOT menu. After hitting the 5 or 6 keys to select those options, what do you do next to continue? Based on your description it sounds like you have the following boot menu (regardless of color): http://twitpic.com/b1pkz1 Pressing 5 or 6 changes the status from off to On Hitting enter key just boots the system without regard to options selected. Pressing ENTER is supposed to boot with the displayed options. Yes this is what I was experiencing. Can not find usage of boot menu in the handbook. The 4th files are heavily documented in man-pages as well as by loader and boot manuals. -- Devin P.S. There have been enhancements already that will come down with 9.2 that add a top-level Boot single user mode option simply by pressing s -- thus making it like the boot menus of 6.x, 7.x, and 8.x (s to boot single user). Devin Background info. I had put load commands for ipfw modules into /boot/loader.conf to test if this would work with a kernel that has vimage compiled in. The boot process would start normally and progress to the point where the usb messages get displayed and them the system would freeze up becoming unresponsive. Try compiling ipfw into your kernel by adding these great options… dte...@oos0a.lbxrich.vicor.commailto:dte...@oos0a.lbxrich.vicor.com ~ $ config -x `sysctl -n kern.bootfile`|grep -i ipf options IPFIREWALL # Enable support for `ipfw' options IPDIVERT # Enable support for `ipfw divert' options IPFIREWALL_NAT # Enable support for `ipfw nat' options IPFIREWALL_FORWARD # Enable transparent proxy support options IPFIREWALL_DEFAULT_TO_ACCEPT # Allow everything by default This is partly how we're using ipfw in vimage jails. NOTE: You might be wondering how exactly we got comments into our embedded configf-file… the secret is to manually configure your kernel with config -C -g MYGENERIC (replacing MYGENERIC with whatever your kernel config filename is). Figured I would just reboot and go in single user mode and remove the statements from loader.conf. But no matter what I tried the boot menu would no go into single user mode. Yet, it wasn't booting [fully to multiuser mode] either, correct? Quoting from above: The boot process would start normally and progress to the point where the usb messages get displayed and them (sic) the system would freeze up becoming unresponsive Well… It's not that the menu was ignoring your choice to enter single-user mode, it was that it couldn't make it to single-user mode. To make it to single-user mode you have to be able to invoke init(8) at the very least and it doesn't sound like you made it that far (let alone invoking /etc/rc and ilk). The solution was to take a testing disk that had 9.1-rc3 on it and cable it as master and the original disk as slave. I would have just dropped to the loader-prompt and used the built-in commands (not even any Forth, but easy-to-use loader commands that are documented in loader(8)): unload That will unload the kernel and your ipfw.ko that was loaded by your loader.conf preference. The way kernels and modules are loaded has always been to load them before the menu. You should see this as you are booting. The unload command lets you discard these things and change your game plan. A few other commands that are good to know on the loader prompt: ls or ls path Good for exploring for things to load (the next command): load path Can load a kernel or load a module. boot or boot path Can boot the loaded kernel (just boot by itself) or boot a kernel at path. more path Can read a file (for example more /boot/loader.conf). See loader(8) for more details. (HINT: according to loader(8) there's also an lsmod command) In this configuration the system booted correctly and I mounted the slave and corrected loader.conf. Recabled the original disk as master and was back in business. Good. Rescue discs are good for this too. My own FreeBSD Druid for example. I think that because the ipfw modules were loaded before the boot process got to the boot menu is what caused the boot menu to not function correctly. Don't see a PR in this case. Correct -- No PR needed; the boot menu functions properly (however it can't affect boot if you _can't_ in-fact boot). Thanks to all who replied. Cheers. -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you
Re: enter single user mode from boot menu
On Apr 28, 2013, at 4:13 PM, Michael Sierchio wrote: On Sun, Apr 28, 2013 at 4:04 PM, Polytropon free...@edvax.de wrote: After the BTX loader has started, keep hammering the space bar. :-) At some point, you'll see the Ok _ prompt. This is where you enter the command boot -s to go into single-user mode. The kernel will load as you would expect, but no further action (rc.d startup) will be taken. Instead you have to confirm the shell (/bin/sh by default) by pressing enter at the When prompted Enter full pathname of shell or RETURN for /bin/sh: prompt; and then you're left at the # _ prompt, which means you're in single user mode. Type exit to start into multi-user mode as usual. In single user mode, the root filesystem will be the only one mounted, and it will be mounted read-only. If you need to make changes (Correcting a fat-fingered edit to /etc/fstab, for example), you'll need to mount root rw. mount -u -o rw / or mount -u -rw / (just thought I'd save you 2 keystrokes, nyuk nyuk) -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: enter single user mode from boot menu
On Apr 28, 2013, at 3:44 PM, Joe wrote: running 9.1 and can not figure how to get into single user mode or safe mode from the BOOT menu. After hitting the 5 or 6 keys to select those options, what do you do next to continue? Based on your description it sounds like you have the following boot menu (regardless of color): http://twitpic.com/b1pkz1 Pressing 5 or 6 changes the status from off to On Hitting enter key just boots the system without regard to options selected. Pressing ENTER is supposed to boot with the displayed options. If this is not your experience, then a potential bug has been found. Can not find usage of boot menu in the handbook. The 4th files are heavily documented in man-pages as well as by loader and boot manuals. -- Devin P.S. There have been enhancements already that will come down with 9.2 that add a top-level Boot single user mode option simply by pressing s -- thus making it like the boot menus of 6.x, 7.x, and 8.x (s to boot single user). _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: gmultipath, ses and shared disks / cant seem to share between local nodes
On Apr 17, 2013, at 3:26 PM, Outback Dingo wrote: Ok, maybe im at a loss here in the way my brain is viewing this we have a box, its got 2 nodes in the chassis, and 32 sata drives attached to a SATA/SAS backplane via 4 (2 per node) LSI MPT SAS2 cards should i not logically be seeing 4 controllers X #drive count ?? camcontrol devlist shows 32 devices, daX,passX and sesX,passX SEAGATE ST33000650SS 0004at scbus0 target 9 lun 0 (da0,pass0) STORBRICK-3 1400at scbus0 target 10 lun 0 (ses0,pass1) SEAGATE ST33000650SS 0004at scbus0 target 11 lun 0 (da1,pass2) STORBRICK-1 1400at scbus0 target 12 lun 0 (ses1,pass3) SEAGATE ST33000650SS 0004at scbus0 target 13 lun 0 (da2,pass4) STORBRICK-2 1400at scbus0 target 14 lun 0 (ses2,pass5) SEAGATE ST33000650SS 0004at scbus0 target 15 lun 0 (da3,pass6) STORBRICK-4 1400at scbus0 target 16 lun 0 (ses3,pass7) SEAGATE ST33000650SS 0004at scbus0 target 17 lun 0 (da4,pass8) STORBRICK-6 1400at scbus0 target 18 lun 0 (ses4,pass9) SEAGATE ST33000650SS 0004at scbus0 target 19 lun 0 (da5,pass10) STORBRICK-0 1400at scbus0 target 20 lun 0 (ses5,pass11) SEAGATE ST33000650SS 0004at scbus0 target 21 lun 0 (da6,pass12) STORBRICK-7 1400at scbus0 target 22 lun 0 (ses6,pass13) SEAGATE ST33000650SS 0004at scbus0 target 23 lun 0 (da7,pass14) STORBRICK-5 1400at scbus0 target 24 lun 0 (ses7,pass15) SEAGATE ST9300605SS 0004 at scbus1 target 0 lun 0 (da8,pass16) SEAGATE ST9300605SS 0004 at scbus1 target 1 lun 0 (da9,pass17) STORBRICK-3 1400at scbus8 target 10 lun 0 (ses8,pass19) SEAGATE ST33000650SS 0004at scbus8 target 11 lun 0 (da11,pass20) STORBRICK-1 1400at scbus8 target 12 lun 0 (ses9,pass21) SEAGATE ST33000650SS 0004at scbus8 target 13 lun 0 (da12,pass22) STORBRICK-2 1400at scbus8 target 14 lun 0 (ses10,pass23) SEAGATE ST33000650SS 0004at scbus8 target 15 lun 0 (da13,pass24) STORBRICK-4 1400at scbus8 target 16 lun 0 (ses11,pass25) SEAGATE ST33000650SS 0004at scbus8 target 17 lun 0 (da14,pass26) STORBRICK-6 1400at scbus8 target 18 lun 0 (ses12,pass27) SEAGATE ST33000650SS 0004at scbus8 target 19 lun 0 (da15,pass28) STORBRICK-0 1400at scbus8 target 20 lun 0 (ses13,pass29) SEAGATE ST33000650SS 0004at scbus8 target 21 lun 0 (da16,pass30) STORBRICK-7 1400at scbus8 target 22 lun 0 (ses14,pass31) SEAGATE ST33000650SS 0004at scbus8 target 23 lun 0 (da17,pass32) STORBRICK-5 1400at scbus8 target 24 lun 0 (ses15,pass33) USB 2.0 Flash Drive 8.07 at scbus9 target 0 lun 0 (da18,pass34) we would like to create a zpool from all the devices, that in theory if nodeA failed then nodeB could force import the pool, gmultipath (which you mention in the subject) is the appropriate tool for this, but there's no need for an import of the pool if you build the pool out of multipath devices. In our experience, we can pull a cable and zfs continues working just fine. In other words, don't build the pool out of the devices, put a gmultipath label on each device and then use /dev/multipath/LABEL for the zpool devices. nodeA and NodeB are attached through dual LSI controllers, to the SATA/SAS backplane. but i cant seem to create a zpool from sesX or passX devices, i can however create a 16 drive zp0ol on either node, from any daX device. what did i miss? ive looked at gmirror, and also ses documents. Any insight is appreciated, thanks in advance. gmirror is the wrong tool, gmultipath is what you want. The basic task is to use gmultipath label FOO da# to write a cookie on the disk (used to identify new/existing paths during GOEM taste events for example). After you've labeled the da# devices with gmultipath you say gmultipath status to see the components of each label and you use multipath/LABEL as your disk name when creating the zpool (these correspond directly to /dev/multipath/LABEL, but zpool create … or zpool add … allow you to omit the leading /dev). -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: gmultipath, ses and shared disks / cant seem to share between local nodes
On Apr 17, 2013, at 4:10 PM, Outback Dingo wrote: On Wed, Apr 17, 2013 at 6:39 PM, Teske, Devin devin.te...@fisglobal.commailto:devin.te...@fisglobal.com wrote: On Apr 17, 2013, at 3:26 PM, Outback Dingo wrote: Ok, maybe im at a loss here in the way my brain is viewing this we have a box, its got 2 nodes in the chassis, and 32 sata drives attached to a SATA/SAS backplane via 4 (2 per node) LSI MPT SAS2 cards should i not logically be seeing 4 controllers X #drive count ?? camcontrol devlist shows 32 devices, daX,passX and sesX,passX SEAGATE ST33000650SS 0004at scbus0 target 9 lun 0 (da0,pass0) STORBRICK-3 1400at scbus0 target 10 lun 0 (ses0,pass1) SEAGATE ST33000650SS 0004at scbus0 target 11 lun 0 (da1,pass2) STORBRICK-1 1400at scbus0 target 12 lun 0 (ses1,pass3) SEAGATE ST33000650SS 0004at scbus0 target 13 lun 0 (da2,pass4) STORBRICK-2 1400at scbus0 target 14 lun 0 (ses2,pass5) SEAGATE ST33000650SS 0004at scbus0 target 15 lun 0 (da3,pass6) STORBRICK-4 1400at scbus0 target 16 lun 0 (ses3,pass7) SEAGATE ST33000650SS 0004at scbus0 target 17 lun 0 (da4,pass8) STORBRICK-6 1400at scbus0 target 18 lun 0 (ses4,pass9) SEAGATE ST33000650SS 0004at scbus0 target 19 lun 0 (da5,pass10) STORBRICK-0 1400at scbus0 target 20 lun 0 (ses5,pass11) SEAGATE ST33000650SS 0004at scbus0 target 21 lun 0 (da6,pass12) STORBRICK-7 1400at scbus0 target 22 lun 0 (ses6,pass13) SEAGATE ST33000650SS 0004at scbus0 target 23 lun 0 (da7,pass14) STORBRICK-5 1400at scbus0 target 24 lun 0 (ses7,pass15) SEAGATE ST9300605SS 0004 at scbus1 target 0 lun 0 (da8,pass16) SEAGATE ST9300605SS 0004 at scbus1 target 1 lun 0 (da9,pass17) STORBRICK-3 1400at scbus8 target 10 lun 0 (ses8,pass19) SEAGATE ST33000650SS 0004at scbus8 target 11 lun 0 (da11,pass20) STORBRICK-1 1400at scbus8 target 12 lun 0 (ses9,pass21) SEAGATE ST33000650SS 0004at scbus8 target 13 lun 0 (da12,pass22) STORBRICK-2 1400at scbus8 target 14 lun 0 (ses10,pass23) SEAGATE ST33000650SS 0004at scbus8 target 15 lun 0 (da13,pass24) STORBRICK-4 1400at scbus8 target 16 lun 0 (ses11,pass25) SEAGATE ST33000650SS 0004at scbus8 target 17 lun 0 (da14,pass26) STORBRICK-6 1400at scbus8 target 18 lun 0 (ses12,pass27) SEAGATE ST33000650SS 0004at scbus8 target 19 lun 0 (da15,pass28) STORBRICK-0 1400at scbus8 target 20 lun 0 (ses13,pass29) SEAGATE ST33000650SS 0004at scbus8 target 21 lun 0 (da16,pass30) STORBRICK-7 1400at scbus8 target 22 lun 0 (ses14,pass31) SEAGATE ST33000650SS 0004at scbus8 target 23 lun 0 (da17,pass32) STORBRICK-5 1400at scbus8 target 24 lun 0 (ses15,pass33) USB 2.0 Flash Drive 8.07 at scbus9 target 0 lun 0 (da18,pass34) we would like to create a zpool from all the devices, that in theory if nodeA failed then nodeB could force import the pool, gmultipath (which you mention in the subject) is the appropriate tool for this, but there's no need for an import of the pool if you build the pool out of multipath devices. In our experience, we can pull a cable and zfs continues working just fine. In other words, don't build the pool out of the devices, put a gmultipath label on each device and then use /dev/multipath/LABEL for the zpool devices. nodeA and NodeB are attached through dual LSI controllers, to the SATA/SAS backplane. but i cant seem to create a zpool from sesX or passX devices, i can however create a 16 drive zp0ol on either node, from any daX device. what did i miss? ive looked at gmirror, and also ses documents. Any insight is appreciated, thanks in advance. gmirror is the wrong tool, gmultipath is what you want. The basic task is to use gmultipath label FOO da# to write a cookie on the disk (used to identify new/existing paths during GOEM taste events for example). After you've labeled the da# devices with gmultipath you say gmultipath status to see the components of each label and you use multipath/LABEL as your disk name when creating the zpool (these correspond directly to /dev/multipath/LABEL, but zpool create … or zpool add … allow you to omit the leading /dev). sanity check me on node A i did zpool destroy master gmultipath label FOO da0 gmultipath status NameStatus Components multipath/FOO DEGRADED da0 (ACTIVE) multipath/FOO-619648737 DEGRADED da1 (ACTIVE) multipath/FOO-191725652 DEGRADED da2 (ACTIVE) multipath/FOO-1539342315 DEGRADED da3 (ACTIVE) multipath/FOO-1276041606 DEGRADED da4 (ACTIVE) multipath/FOO-2000832198 DEGRADED da5 (ACTIVE) multipath/FOO-1285640577 DEGRADED da6 (ACTIVE) multipath/FOO-1816092574 DEGRADED da7 (ACTIVE) multipath/FOO-110225 DEGRADED da8 (ACTIVE) multipath/FOO-330300690 DEGRADED da9 (ACTIVE) multipath/FOO-92140635 DEGRADED da10
Re: gmultipath, ses and shared disks / cant seem to share between local nodes
On Apr 17, 2013, at 4:56 PM, Outback Dingo wrote: On Wed, Apr 17, 2013 at 7:29 PM, Teske, Devin devin.te...@fisglobal.commailto:devin.te...@fisglobal.com wrote: On Apr 17, 2013, at 4:10 PM, Outback Dingo wrote: On Wed, Apr 17, 2013 at 6:39 PM, Teske, Devin devin.te...@fisglobal.commailto:devin.te...@fisglobal.com wrote: On Apr 17, 2013, at 3:26 PM, Outback Dingo wrote: Ok, maybe im at a loss here in the way my brain is viewing this we have a box, its got 2 nodes in the chassis, and 32 sata drives attached to a SATA/SAS backplane via 4 (2 per node) LSI MPT SAS2 cards should i not logically be seeing 4 controllers X #drive count ?? camcontrol devlist shows 32 devices, daX,passX and sesX,passX SEAGATE ST33000650SS 0004at scbus0 target 9 lun 0 (da0,pass0) STORBRICK-3 1400at scbus0 target 10 lun 0 (ses0,pass1) SEAGATE ST33000650SS 0004at scbus0 target 11 lun 0 (da1,pass2) STORBRICK-1 1400at scbus0 target 12 lun 0 (ses1,pass3) SEAGATE ST33000650SS 0004at scbus0 target 13 lun 0 (da2,pass4) STORBRICK-2 1400at scbus0 target 14 lun 0 (ses2,pass5) SEAGATE ST33000650SS 0004at scbus0 target 15 lun 0 (da3,pass6) STORBRICK-4 1400at scbus0 target 16 lun 0 (ses3,pass7) SEAGATE ST33000650SS 0004at scbus0 target 17 lun 0 (da4,pass8) STORBRICK-6 1400at scbus0 target 18 lun 0 (ses4,pass9) SEAGATE ST33000650SS 0004at scbus0 target 19 lun 0 (da5,pass10) STORBRICK-0 1400at scbus0 target 20 lun 0 (ses5,pass11) SEAGATE ST33000650SS 0004at scbus0 target 21 lun 0 (da6,pass12) STORBRICK-7 1400at scbus0 target 22 lun 0 (ses6,pass13) SEAGATE ST33000650SS 0004at scbus0 target 23 lun 0 (da7,pass14) STORBRICK-5 1400at scbus0 target 24 lun 0 (ses7,pass15) SEAGATE ST9300605SS 0004 at scbus1 target 0 lun 0 (da8,pass16) SEAGATE ST9300605SS 0004 at scbus1 target 1 lun 0 (da9,pass17) STORBRICK-3 1400at scbus8 target 10 lun 0 (ses8,pass19) SEAGATE ST33000650SS 0004at scbus8 target 11 lun 0 (da11,pass20) STORBRICK-1 1400at scbus8 target 12 lun 0 (ses9,pass21) SEAGATE ST33000650SS 0004at scbus8 target 13 lun 0 (da12,pass22) STORBRICK-2 1400at scbus8 target 14 lun 0 (ses10,pass23) SEAGATE ST33000650SS 0004at scbus8 target 15 lun 0 (da13,pass24) STORBRICK-4 1400at scbus8 target 16 lun 0 (ses11,pass25) SEAGATE ST33000650SS 0004at scbus8 target 17 lun 0 (da14,pass26) STORBRICK-6 1400at scbus8 target 18 lun 0 (ses12,pass27) SEAGATE ST33000650SS 0004at scbus8 target 19 lun 0 (da15,pass28) STORBRICK-0 1400at scbus8 target 20 lun 0 (ses13,pass29) SEAGATE ST33000650SS 0004at scbus8 target 21 lun 0 (da16,pass30) STORBRICK-7 1400at scbus8 target 22 lun 0 (ses14,pass31) SEAGATE ST33000650SS 0004at scbus8 target 23 lun 0 (da17,pass32) STORBRICK-5 1400at scbus8 target 24 lun 0 (ses15,pass33) USB 2.0 Flash Drive 8.07 at scbus9 target 0 lun 0 (da18,pass34) we would like to create a zpool from all the devices, that in theory if nodeA failed then nodeB could force import the pool, gmultipath (which you mention in the subject) is the appropriate tool for this, but there's no need for an import of the pool if you build the pool out of multipath devices. In our experience, we can pull a cable and zfs continues working just fine. In other words, don't build the pool out of the devices, put a gmultipath label on each device and then use /dev/multipath/LABEL for the zpool devices. nodeA and NodeB are attached through dual LSI controllers, to the SATA/SAS backplane. but i cant seem to create a zpool from sesX or passX devices, i can however create a 16 drive zp0ol on either node, from any daX device. what did i miss? ive looked at gmirror, and also ses documents. Any insight is appreciated, thanks in advance. gmirror is the wrong tool, gmultipath is what you want. The basic task is to use gmultipath label FOO da# to write a cookie on the disk (used to identify new/existing paths during GOEM taste events for example). After you've labeled the da# devices with gmultipath you say gmultipath status to see the components of each label and you use multipath/LABEL as your disk name when creating the zpool (these correspond directly to /dev/multipath/LABEL, but zpool create … or zpool add … allow you to omit the leading /dev). sanity check me on node A i did zpool destroy master gmultipath label FOO da0 gmultipath status NameStatus Components multipath/FOO DEGRADED da0 (ACTIVE) multipath/FOO-619648737 DEGRADED da1 (ACTIVE) multipath/FOO-191725652 DEGRADED da2 (ACTIVE) multipath/FOO-1539342315 DEGRADED da3 (ACTIVE) multipath/FOO-1276041606 DEGRADED da4 (ACTIVE) multipath/FOO-2000832198 DEGRADED da5 (ACTIVE) multipath/FOO-1285640577 DEGRADED da6 (ACTIVE) multipath/FOO-1816092574
Re: OT: posix sh problem
On Apr 4, 2013, at 5:32 AM, Mark Felder wrote: Hi all, Hopefully someone here is much more clever than I am. I've run out of ideas on how to cleanly convert this chunk of ksh to posix sh. /me takes the challenge (and shame on some of the current responses; this is trivial in sh and there's actually nothing wrong with the OPs code -- it works) This is from a BB/Hobbit/Xymon monitoring script for ZFS. I'd really like to have this working cleanly on FreeBSD without requiring any funky shells or using any temporary files. Cool! After I help you fix whatever the issue is, I'd be interested in this a little more. ZFS monitoring would be nice. The following is supposed to be able to loop through the output of multiple zpools reading one line at a time and each line item is set as a variable: /sbin/zpool list -H | while read name size used avail cap dedup health altroot do # do interesting things here done Unfortunately you can't pipe through read in posix sh. Wait, you can't? Then I've been doing something wrong all these years… #!/bin/sh printf line1\nline2\n | while read line do echo line=[$line] done === dte...@scribe9.vicor.com ~ $ sh bar line=[line1] line=[line2] === Just a side note, on my zpool list -H on my 8.1-R system doesn't provide the dedup column, so your mileage may vary (you may have to adjust the script to account for that on systems like mine). Aside from that, I took your script as-is, copy/paste and it worked fine on 8.1-RELEASE-p6: dte...@oos0a.lbxrich.vicor.com ~ $ cat bar #!/bin/sh /sbin/zpool list -H | while read name size used avail cap dedup health altroot do echo $name done dte...@oos0a.lbxrich.vicor.com ~ $ sh bar NEC1-RAID6-ARRAY1 NEC1-RAID6-ARRAY2 NEC1-RAID6-ARRAY3 You also can't use process substitution: while read var1 var1 (/sbin/zpool list -H) I'll admit that one's unsupported. Any ideas are greatly appreciated. I know there's a python-based script floating on github but I cant guarantee every server will have python on it… Stick to /bin/sh if you can (like you say, portability and potability in using base utilities). Source of script is here: http://en.wikibooks.org/wiki/System_Monitoring_with_Xymon/Other_Docs/HOWTO#Hobbit_Client_and_ZFS_monitoring The only things I saw that needed changing to go from ksh to /bin/sh were: if [ … == … ]; then Needs to be if [ … = … ]; then And optionally, a style nit would be to convert back-tick pairs into nestable $(…) syntax. For example, change: cap=`…` to instead: cap=$(…) Oh and of course, the HTML should go away since you're making a command-line tool and not a BB/Hobbit/Xymon module. -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: OT: posix sh problem
On Apr 4, 2013, at 7:42 AM, Mark Felder wrote: On Thu, 04 Apr 2013 08:54:30 -0500, Teske, Devin devin.te...@fisglobal.com wrote: Wait, you can't? Then I've been doing something wrong all these years… #!/bin/sh printf line1\nline2\n | while read line do echo line=[$line] done You sort-of can, but it's not portable at all. As detailed here: http://www.etalabs.net/sh_tricks.html One common pitfall is trying to read output piped from commands, such as: foo | IFS= read var POSIX allows any or all commands in a pipeline to be run in subshells, And for most purposes that's fine. Read-on… and which command (if any) runs in the main shell varies greatly betweenimplementations … that is only if you truly need the variables to be read into the main shell. This is most always not what you want. The page you linked about doesn't talk about the special case of while, in example: foo | IFS= while read var On the back-end nothing changes (the same caveat applies -- variables set on the right side of the pipe may not be available to the main shell; as-per the quoted text). However, the high-level task changes from: I want to read some text from a pipe into some variables to instead: I want to read some text from a pipe and process it word-by-word (in your case) and act on the words in a loop So in other words… the only reason for wanting the variables in the main shell is if you want to act on the last set of variables for the last line after the loop has run (and presumably already processed the last line). This is what I am saying anyone will rarely ever want. In other words, once the loop (potentially running in a sub-shell) has completed, you likely don't care about the variable contents and are willing to throw them away anyhow. — in particular Bash and ksh differ here. The standardidiom for overcoming this problem is to use a here document: IFS= read var EOF $(foo) EOF But you're not processing a single line; you're processing the entire input at-once and performing an action (writing to the screen) that also doesn't care whether it's in a sub-shell or not. SO… I say rock-on with the original syntax. It's portable. You don't need those vars when the loop ends. I was having problems with the variables magically becoming empty, remembered I had Rich's site bookmarked, checked to see if it mentioned and it was. I'll admit there's a high chance that due to lack of sleep user error was the culprit. I'm interested in why you need the variables after the loop has completed. Put your code in the loop where the variables are defined and have values. -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: OT: posix sh problem
Oh, and just to cover all bases… If you suspect you have sub-shells in the loop, use export to export the vars so that the sub-shells get the vars in the loop. -- Devin On Apr 4, 2013, at 8:04 AM, Teske, Devin wrote: On Apr 4, 2013, at 7:42 AM, Mark Felder wrote: On Thu, 04 Apr 2013 08:54:30 -0500, Teske, Devin devin.te...@fisglobal.com wrote: Wait, you can't? Then I've been doing something wrong all these years… #!/bin/sh printf line1\nline2\n | while read line do echo line=[$line] done You sort-of can, but it's not portable at all. As detailed here: http://www.etalabs.net/sh_tricks.html One common pitfall is trying to read output piped from commands, such as: foo | IFS= read var POSIX allows any or all commands in a pipeline to be run in subshells, And for most purposes that's fine. Read-on… and which command (if any) runs in the main shell varies greatly betweenimplementations … that is only if you truly need the variables to be read into the main shell. This is most always not what you want. The page you linked about doesn't talk about the special case of while, in example: foo | IFS= while read var On the back-end nothing changes (the same caveat applies -- variables set on the right side of the pipe may not be available to the main shell; as-per the quoted text). However, the high-level task changes from: I want to read some text from a pipe into some variables to instead: I want to read some text from a pipe and process it word-by-word (in your case) and act on the words in a loop So in other words… the only reason for wanting the variables in the main shell is if you want to act on the last set of variables for the last line after the loop has run (and presumably already processed the last line). This is what I am saying anyone will rarely ever want. In other words, once the loop (potentially running in a sub-shell) has completed, you likely don't care about the variable contents and are willing to throw them away anyhow. — in particular Bash and ksh differ here. The standardidiom for overcoming this problem is to use a here document: IFS= read var EOF $(foo) EOF But you're not processing a single line; you're processing the entire input at-once and performing an action (writing to the screen) that also doesn't care whether it's in a sub-shell or not. SO… I say rock-on with the original syntax. It's portable. You don't need those vars when the loop ends. I was having problems with the variables magically becoming empty, remembered I had Rich's site bookmarked, checked to see if it mentioned and it was. I'll admit there's a high chance that due to lack of sleep user error was the culprit. I'm interested in why you need the variables after the loop has completed. Put your code in the loop where the variables are defined and have values. -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: OT: posix sh problem
On Apr 4, 2013, at 8:11 AM, Mark Felder wrote: Sorry, my email client did something weird with collapsing and I didn't see you mention that it appeared to be working for you. On Thu, 04 Apr 2013 08:54:30 -0500, Teske, Devin devin.te...@fisglobal.com wrote: The only things I saw that needed changing to go from ksh to /bin/sh were: if [ … == … ]; then Needs to be if [ … = … ]; then And optionally, a style nit would be to convert back-tick pairs into nestable $(…) syntax. For example, change: cap=`…` to instead: cap=$(…) Oh and of course, the HTML should go away since you're making a command-line tool and not a BB/Hobbit/Xymon module. I actually will be using this with Xymon at work. I did fix the == and style nit when I went over this script I'm still having a problem. No worries… When I started debugging this last night $STRING led me to believe the pipe into read wasn't working right. At the bottom of the script I added echo in front of the $BB $BBDISP line. Ok, going back to the original script, I see the error. Yes… you're right, you can't modify a string from the rvalue of a pipe; simply put. [snip] Do you see what I mean now? :( Yes, I do. Here's what I suggest (the following works for me -- lists all my pools and shows healthy): --- bar.orig2013-04-04 09:05:27.0 -0700 +++ bar 2013-04-04 09:14:37.0 -0700 @@ -1,4 +1,5 @@ -#!/bin/ksh +#!/bin/sh +BB=echo MACHINE=$(hostname) # Revision History: # 1. Mike Rowell mike.row...@rightmove.co.uk, original # 2. Uwe Kirbach u.kirb...@enbw.com @@ -22,19 +23,20 @@ STRING=table border=0 cellpadding=10 # mypool 33.8G 84.5K 33.7G 0% ONLINE - # bash-3.00# -/usr/sbin/zpool list -H | while read name size used avail cap health altroot +STRING=$STRING$( +/sbin/zpool list -H | while read name size used avail cap health altroot do LINE_COLOR=green - if [ ${health} == ONLINE ]; then + if [ ${health} = ONLINE ]; then HEALTH_COLOR=green - elif [ ${health} == DEGRADED ]; then + elif [ ${health} = DEGRADED ]; then HEALTH_COLOR=yellow - elif [ ${health} == FAULTED ]; then + elif [ ${health} = FAULTED ]; then HEALTH_COLOR=red fi - cap=`echo ${cap} | cut -d% -f1` + cap=$(echo ${cap} | cut -d% -f1) if [ ${cap} -lt $DISKYELL ]; then CAP_COLOR=green elif [ ${cap} -gt $DISKYELL ]; then @@ -43,7 +45,7 @@ do CAP_COLOR=red fi - if [ $HEALTH_COLOR == red -o $HEALTH_COLOR == yellow -o $CAP_COLOR == red -o $CAP_COLOR == yellow ]; then + if [ $HEALTH_COLOR = red -o $HEALTH_COLOR = yellow -o $CAP_COLOR = red -o $CAP_COLOR = yellow ]; then DISPCOLOR=$COLOR LINE_COLOR=$COLOR fi @@ -58,13 +60,14 @@ do yellow) FIRST_LINE_CAP=nearly full ;; esac - STRING=$STRING trtd${LINE_COLOR}/tdtd${name}/tdtd${health}/tdtd${cap}/td/tr + echo trtd${LINE_COLOR}/tdtd${name}/tdtd${health}/tdtd${cap}/td/tr done +) # What: accumulate the bb message strings. STRING=$STRING /tablebrbr -STRING=$STRING`/usr/sbin/zpool status -xv` +STRING=$STRING$(/sbin/zpool status -xv) FIRST_LINE=zfs - health: $FIRST_LINE_HEALTH - capacity: $FIRST_LINE_CAP # What: Sent out the final bb message to hobbit server. -$BB $BBDISP status $MACHINE.$TEST $DISPCOLOR `date` $FIRST_LINE $STRING +$BB $BBDISP status $MACHINE.$TEST $DISPCOLOR $(date) $FIRST_LINE $STRING -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: use of the kernel and licensing
On Mar 31, 2013, at 6:39 AM, Joe fb...@a1poweruser.com wrote: kpn...@pobox.com wrote: On Sat, Mar 30, 2013 at 09:22:22AM -0400, Maikoda Sutter wrote: If I use the kernel as a basis for my own system and modify the kernel should I still maintain the licensing of the kernel bits, or could release it under it's own license? For example: I would like to rewrite the headers to be 100% POSIX compliant and I do like the BSD license, however I was planning on releasing my whole system under the Unlicense, I understand that certain headers and code that I do not modify has to be released under the BSD license as that is the original license of the code, however for headers or code that I modify can I release it under the Unlicense (http://unlicense.org/)? I do plan on giving credit where it is due and such to the wonderful developers of FreeBSD and those that wrote the original code because without you I would not be able to produce so rapidly that which I am looking to produce I just would like clarification on the extent that I would have to license things via the BSD license. You cannot yourself change the license on code you do not hold the copyright on. Period. If you make changes and redistribute them then add your copyright notice with license to the files. Do not remove the existing copyright notice(s) and license(s). You hold the copyright for stuff you wrote, but the original copyright stays for the parts that did not come from you. Parts means any fraction of a file from the whole file down to small amounts. You are allowed to add restrictions (unless the existing license says you can't), but you are not allowed to loosen the existing restrictions (unless the existing license says you can). Also, it follows from the copyright that your license only applies to the parts copyrighted by you. The existing licenses are similar in that they apply only to their parts of the file. All licenses must be followed when the file is treated (copied, used, etc) as a whole. Make sure your license isn't incompatible with the license that applies to other parts of the same file. If that happens then how it will turn out in court is anyone's guess. The file may not be usable by the public, or the incompatible license terms added by you may be struck down, or a judge could cook up something else. It can't be predicted in advance so just don't even go there. Giving credit where it is due is an important social convention, and I'm glad to see that you aren't planning on doing anything unethical like breaking it. But copyright comes from the law and thus must be obeyed even if you wanted to break purely social conventions. Read up on copyright, and when you do pay close attention to the reliability of the source. The issue has become very political in the past 15 years or so. Don't be badly advised by someone who has their own agenda. Most people, to varying degrees, have their own agenda. Finally, if money is at stake (directly or indirectly) I strongly advise talking to a copyright lawyer in particular. That's just general advice. Taking advice from random people online is not a good idea if any money is involved, but I'd give the same advice to my best friend. The general rule applies here as it does elsewhere: You get what you pay for. Does one have to file legal paper work with the government to be issued a copyright on software? No, copyrights are more like artists signing their work -- in a standardized way -- but every bit as legally binding. They are first come priority in the court of law and if-ever disputed, often require correlative evidentiary proof to show true ownership (a notarized copy of the work mailed to yourself kept in an unopened envelope perhaps). Does any software not having a copyright statement or any license comments included in the source mean that it's public domain? Be careful here. The answer to your question is NO. If a work lacks a license in the source, it may be on the website. If you can't find a license, you must always contact the author(s) before forking something. If you can neither find the license nor the contact info, it's always best to assume it is not for reuse. Even the, if you used code that was from an unknown origin with no license and no author, you should indicate as such in the header of such source files. Essentially what it boils down to, is that in the court of law (if someone indicts or brings a civil suit) you may have to account for the origin of every line -- so that's why: 1. If a file has an inline license (beerware, gpl, bsd, apple, or even one you make up all your own), it must stay there to mark the origins 2. If a file is lacking an inline license, it is often because the license is too long or unwieldy to embed and it is in a COPYING file distributed with the source code OR in a terms of agreement on the website (in which case you should download it and place it into
RE: Is the Intel X520-SR2 (82599ES) supported by the ixbe driver?
I suspect you're running out of mbuf clusters. Try: echo kern.ipc.nmbclusters=524288 /etc/sysctl.conf echo kern.ipc.nmbjumbop=524288 /etc/sysctl.conf reboot -- Devin From: owner-freebsd-questi...@freebsd.org [owner-freebsd-questi...@freebsd.org] on behalf of Dennis Glatting [d...@pki2.com] Sent: Friday, March 15, 2013 10:17 AM To: freebsd-questions@freebsd.org Subject: Is the Intel X520-SR2 (82599ES) supported by the ixbe driver? I have a new Intel X520-SR2 that I plopped into my Supermicro H8QGL-6F with the hope I could connect 10GbE to a Cisco 3560. The links come but but there is much wierdness. Looking through the driver I see the 82599EB is supported but no mention of the ES. Should this work? I have: Keystone# uname -a FreeBSD Keystone 9.1-STABLE FreeBSD 9.1-STABLE #0 r248293: Thu Mar 14 19:31:29 PDT 2013 root@Keystone:/usr/obj/disk-3/src/sys/SECRACK amd64 Keystone# dmesg | egrep 'ix[01]' ix0: Intel(R) PRO/10GbE PCI-Express Network Driver, Version - 2.5.7 - STABLE/9 port 0x8400-0x841f mem 0xdce8-0xdcef,0xdce7c000-0xdce7 irq 32 at device 0.0 on pci3 ix0: Using MSIX interrupts with 9 vectors ix0: Ethernet address: 90:e2:ba:2f:5f:9c ix0: PCI Express Bus: Speed 5.0Gb/s Width x8 ix1: Intel(R) PRO/10GbE PCI-Express Network Driver, Version - 2.5.7 - STABLE/9 port 0x8800-0x881f mem 0xdcf8-0xdcff,0xdcf7c000-0xdcf7 irq 33 at device 0.1 on pci3 ix1: Using MSIX interrupts with 9 vectors ix1: Ethernet address: 90:e2:ba:2f:5f:9d ix1: PCI Express Bus: Speed 5.0Gb/s Width x8 ix0: link state changed to UP Keystone# ifconfig ix0 ix0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 8192 options=407bbRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,VLAN_HWTSO ether 90:e2:ba:2f:5f:9c nd6 options=29PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL media: Ethernet autoselect (10Gbase-SR full-duplex) status: active Here's an interesting point. If I set the address for the interface, it is accepted but an ifconfig of the interface is shown above. Specifically, I previously executed this command: Keystone# ifconfig ix0 inet 192.168.3.2/24 mtu 8192 up Executing that command a second time yields: Keystone# ifconfig ix0 inet 192.168.3.2/24 mtu 8192 up ifconfig: ioctl (SIOCAIFADDR): File exists A truss of that command yields more interesting things, specifically: kldload(if_ix) ERR#2 'No such file or directory' There is no driver named if_ix. It is also weird that the interface is named ix0 rather than ixgbe0. Also, an arp shows: Keystone# arp -an ? (192.168.17.1) at 2c:21:72:cb:f5:0c on vlan17 expires in 166 seconds [vlan] ? (192.168.13.33) at 78:e7:d1:ea:7a:4e on vlan13 expires in 760 seconds [vlan] ? (192.168.13.1) at 2c:21:72:cb:f5:0c on vlan13 expires in 97 seconds [vlan] ? (192.168.13.3) at 00:21:d8:0b:57:98 on vlan13 expires in 232 seconds [vlan] ? (192.168.7.6) at dc:7b:94:9a:52:41 on vlan7 expires in 268 seconds [vlan] ? (192.168.7.4) at e0:2f:6d:30:39:41 on vlan7 expires in 290 seconds [vlan] ? (192.168.7.3) at 00:21:d8:0b:57:98 on vlan7 expires in 210 seconds [vlan] ? (192.168.7.66) at 28:92:4a:2e:e0:a0 on vlan7 expires in 1199 seconds [vlan] ? (192.168.7.33) at 78:e7:d1:ea:7a:4e on vlan7 expires in 143 seconds [vlan] ? (192.168.7.65) at 28:92:4a:2e:eb:22 on vlan7 expires in 615 seconds [vlan] ? (192.168.3.2) at 90:e2:ba:2f:5f:9c on ix0 permanent [ethernet] So clearly there is a MAC/IP association however I cannot ping the IP: Keystone# ping 192.168.3.2 PING 192.168.3.2 (192.168.3.2): 56 data bytes (nothing) Can someone clue me in? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: rm -R
rm -R -- -S The -- tells it here's the end of the options, here come the file/directories -- Devin From: owner-freebsd-questi...@freebsd.org [owner-freebsd-questi...@freebsd.org] on behalf of Jos Chrispijn [ker...@webrz.net] Sent: Saturday, March 02, 2013 7:50 AM To: freebsd-questions@FreeBSD.org Subject: rm -R I made a folder called -S; how can I remove that again? did a rm -R '-S;' but that doesn't work (...). thanks for your advise, Jos Chrispijn ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: Jail question
On Fri, 01 Mar 2013, Bernt Hansson wrote: On 2013-02-27 11:19, Bernt Hansson wrote: 2013-02-26 15:18, Teske, Devin skrev: Yes, this is possible. When I get into work, I'll share with you the recipe Please do share with us. Ok I rephrase my question. How do I install freebsd 4.9 in a jail on 8.3 amd64. Step 1. Download the following files/directories... bin/ catpages/ cdrom.inf compat1x/ compat22/ compat3x/ compat4x/ crypto/ dict/ doc/ games/ info/ manpages/ proflibs/ from: ftp://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/4.9-RELEASE/ NOTE: For example, download those files/directories to /usr/repos/FreeBSD-4.9/4.9-RELEASE Step 2. Download my jail_build script from: http://druidbsd.sourceforge.net/download.shtml#jail_build Step 3: Run jail_build NOTE: If you put your downloaded files in /usr/repos/FreeBSD-4.9/4.9-RELEASE then jail_build will automatically find them and present 4.9 as an option. After selecting FreeBSD-4.9, it will then prompt you to enter the root directory where to unpack the jail to. When jail_build completes, you'll have a freshly unpacked FreeBSD-4.9 in the desired root directory. Step 4: Grab and install my vimage package: http://druidbsd.sourceforge.net/download.shtml#vimage About: http://druidbsd.sourceforge.net/vimage.shtml Step 5: Configure your vimage in /etc/rc.conf (see /etc/rc.conf.d/vimage for a sample). Example: vimage_enable=YES vimage_list=fbsd4_9 vimage_fbsd4_9_rootdir=/usr/jails/fbsd4_9 vimage_fbsd4_9_hostname=fbsd4_9 vimage_fbsd4_9_bridges=bge0 vimage_fbsd4_9_devfs_enable=YES vimage_fbsd4_9_procfs_enable=YES Step 6: [Pre-]configure the network interface for the visage Example: chroot /usr/jails/fbsd4_9 vi /etc/rc.conf NOTE: Since the vimage (aka vnet jail) isn't running yet, we use chroot instead of jexec. (Also note that the chroot is only for pedantic safety ... it prevents things such as what if /etc/rc.conf is a symlink to /etc/rc.conf.other -- without the chroot you'd accidentally edit the host machines /etc/rc.conf.other). Add the following: ifconfig_ng0_fbsd4_9=inet 192.168.1.123 netmask 255.255.255.0 defaultrouter=192.168.1.1 # or whatever fits your network # Don't forget /etc/resolv.conf # Don't forget to set sshd_enable=YES in rc.conf(5) if you want to be able to ssh into the vimage Step 7: Fix some binaries in the 4.9 distribution to work under the 8.3 kernel... Download my update411binaries.sh script (should work fine for 4.9 jails too) from... http://druidbsd.sf.net/download/update411binares.sh Step 8: Run update411binares.sh with a first argument of (for example) /usr/jails/fbsd4_9 Step 9: Fire up the vimage service vimage start fbsd4_9 Step 10: Check things out... jls ssh 192.168.1.123 jexec fbsd4_9 csh etc. etc. -- HTH Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: Jail question
Yes, this is possible. When I get into work, I'll share with you the recipe (I have a script called update4.sh which I run after building [or rsync'ing] a 4.x box to an 8.x box to become a vimage; note that I didn't say jail -- 4.x runs better as a VNET jail than a regular jail). We've not had much luck in running 4.x as a non-vnet jail under 8.x whereas vnet-jail works wonders (with a couple binaries replaced, like netstat, ifconfig, ps, and top for example). -- Devin From: owner-freebsd-questi...@freebsd.org [owner-freebsd-questi...@freebsd.org] on behalf of Bernt Hansson [b...@bananmonarki.se] Sent: Tuesday, February 26, 2013 5:23 AM To: questions FreeBSD Subject: Jail question Hello list! I would like to install an old version of freebsd let's say 4.6 in a jail. Is that possible. Host is 8.3-stable amd64 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: SAS Driver Support
I did a write-up on hardware integration procedures some time back. Might help... http://lists.freebsd.org/pipermail/freebsd-questions/2012-June/241956.html In addition, I'll add that you don't necessarily have to boot FreeBSD... what I'll often do is boot DruidBSD and run the Hardware Detection Tool or HDT by Ewan Velu: http://sourceforge.net/projects/druidbsd/files/Druid-0.0.iso/download That will allow me to get the vendor/device hex values that identify the card you want to support. Once you have the 4-digit hex values for vendor id and device id then it's just a matter of grep'ing the FreeBSD source code to find out which module(s) work with that hardware. -- Devin From: owner-freebsd-questi...@freebsd.org [owner-freebsd-questi...@freebsd.org] on behalf of Muhammad Junaid [muhammad.jun...@cubexsweatherly.com] Sent: Wednesday, February 20, 2013 9:14 PM To: freebsd-questions@FreeBSD.org Subject: SAS Driver Support Dear Team FreeBSD can support HP D2600 disk enclosure or not? FreeBSD can support SAS controller card (P800\P812) driver or not? Regard's Muhammad Junaid ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: I made a mess. libc
Is it the base machine that won't boot? I got this ... My latest version of Druid has a very sophisticated Interactive Disk Repair script that will assemble your system humpty-dumpty style while booted from a CD or Thumb drive (you said you couldn't burn a CD, but it wasn't clear whether you could master a thumb drive). http://sourceforge.net/projects/druidbsd/files/FreeBSD-8.3_Druid-1.0b60.iso/download When you run the Interactive Disk Repair (IDR) Shell option, it presents you with a few questions (like, I've found a saved network interface in rc.conf(5) -- would you like me to activate it for you?), and ultimately mounts your system to present a working shell to fix your problems. Important: when it asks you if you want to chroot into the mounted filesystem, say NO (you're libc isn't working, so that would be a bad idea) -- rather, run from the LiveFS environment where /mnt is your mounted system. There's even a copy of libc in the LiveFS environment that you can copy over your old one... cp /cdrom/freebsd/rescue/lib/libc.so.7 /mnt/lib/libc.so.7 (if I recall correctly) -- Devin From: owner-freebsd-questi...@freebsd.org [owner-freebsd-questi...@freebsd.org] on behalf of Bernt Hansson [b...@bananmonarki.se] Sent: Thursday, February 21, 2013 7:51 AM To: Fleuriot Damien Cc: questions FreeBSD Subject: Re: I made a mess. libc 2013-02-21 15:43, Fleuriot Damien skrev: On Feb 21, 2013, at 3:34 PM, Bernt Hansson b...@bananmonarki.se wrote: Hello list! It's me again. I was happily upgrading my jail make build* and so on. Make installworld failed with som chflag set on libc.so.7 so i left jail and went to the host and tought I fixit from there. I did remove the chflag and all was well I tought, but no. Copy it to the jail, someone screamed, ok I'll do that Well the problem is I copied it to the host amd64 and jail is i386. the host locked up hard and after a reboot I get libc.so.7 invalid file format. How do I get it back. I can not burn a cd with livefs, wich should be on memorystick anyway. Thanks for any help and it's needed. This is my libc.so.7 from the 19th, for 8-stable amd64, after the patch for the security advisory. root@pf1:/usr/ports/emulators/fuse # ls -l /lib/libc.so.7 -r--r--r-- 1 root wheel 1399225 Feb 19 15:27 /lib/libc.so.7 root@pf1:/usr/ports/emulators/fuse # md5 /lib/libc.so.7 MD5 (/lib/libc.so.7) = 9e4b09aa6dbc731bf56593b736e9fef1 root@pf1:/usr/ports/emulators/fuse # shasum /lib/libc.so.7 19e856f287586f52611aca9a4aa8a4104b65fb4e /lib/libc.so.7 root@pf1:/usr/ports/emulators/fuse # uname -a FreeBSD pf1.backbone.dev 8.3-STABLE FreeBSD 8.3-STABLE #6 r247008M: Tue Feb 19 20:14:57 UTC 2013 r...@pf1.backbone.dev:/usr/obj/usr/src/sys/UNIVERSAL amd64 I can host the file over HTTP if you want. That was very nice of you, but how do I get the file into my machine? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: I made a mess. libc
Can you specify perhaps /rescue/sh as the single-user shell? That should get you in. Then you have to stick to static executables like /rescue/rcp to remotely transfer files. Perhaps someone can host a file on a machine that can be reached via /rescue/rcp for you. -- Devin From: Bernt Hansson [b...@bananmonarki.se] Sent: Thursday, February 21, 2013 9:22 AM To: Teske, Devin Cc: Fleuriot Damien; questions FreeBSD Subject: Re: I made a mess. libc 2013-02-21 18:01, Teske, Devin skrev: Is it the base machine that won't boot? I got this ... That is correct. So no cd burning no nothing...Well it want to drop in to a single shell bla bla bla press enter for /bin/sh enter libexec* libc.so.7: invalid file format I do not want to reinstall, have 4 encrypted disks. My latest version of Druid has a very sophisticated Interactive Disk Repair script that will assemble your system humpty-dumpty style while booted from a CD or Thumb drive (you said you couldn't burn a CD, but it wasn't clear whether you could master a thumb drive). https://urldefense.proofpoint.com/v1/url?u=http://sourceforge.net/projects/druidbsd/files/FreeBSD-8.3_Druid-1.0b60.iso/downloadk=%2FbkpAUdJWZuiTILCq%2FFnQg%3D%3D%0Ar=LTzUWWrRnz2iN3PtHDubWRSAh9itVJ%2BMUcNBCQ4tyeo%3D%0Am=07piZUd2tTTVmRt2abbbhXwBr9OUC7olyXwRy6BdjoM%3D%0As=a0b244b57abd48f38a1cd817513b96950f4c6f2f035b3d33ddee2a27938b2f04 When you run the Interactive Disk Repair (IDR) Shell option, it presents you with a few questions (like, I've found a saved network interface in rc.conf(5) -- would you like me to activate it for you?), and ultimately mounts your system to present a working shell to fix your problems. Important: when it asks you if you want to chroot into the mounted filesystem, say NO (you're libc isn't working, so that would be a bad idea) -- rather, run from the LiveFS environment where /mnt is your mounted system. There's even a copy of libc in the LiveFS environment that you can copy over your old one... cp /cdrom/freebsd/rescue/lib/libc.so.7 /mnt/lib/libc.so.7 (if I recall correctly) _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: jail and networking
On Thu, 21 Feb 2013, Shane Ambler wrote: On 22/02/2013 05:52, Devin Teske wrote: What I find strange is that: 1. I knew about ListenAddress w/respect to jails, but... 2. We are not changing it (sshd_config has no ListenAddress -- leading to default values used), yet... 3. Base machine and jails both work fine Not sure when it's required versus not, because we're running fine without that change here with over a dozen jails. The only thing I've ever noticed is that we tend to use jail_NAME_ip=iface|addr while most everybody else seems to be using jail_NAME_ip=addr. We may need to expand out from that. I use jail_NAME_ip=addr but also ipv4_addrs_re0=10.0.0.254/24 10.0.0.1-5/24 route_jaillan0=-net 10.0.0.0/24 10.0.0.254 static_routes=jaillan0 Don't recall where I got that from but think it was an easy way to alias a number of ip's whereas ifconfig_iface_alias0 sets one ip at a time and is also deprecated. If you use jail_NAME_ip=iface|addr does this mean you don't have ip addresses aliased to the iface on startup and they get aliased as the jail starts? That would be why sshd isn't bound to the address before. Correct, and this was my leading theory. man rc.conf for jail_jname_ip says ... Additionally each address can be prefixed by the name of an interface followed by a pipe to overwrite does that mean it clears the ip from the base system and re-creates it for the jail? Dunno -- I first learned about iface|addr from reading the code. It did what I wanted _and_ improved the clarity/readability of rc.conf(5) in the case of multiple jails utilizing separate interfaces on similar subnets. Thus, it was embraced. I also see jail_jname_interface ...When set, sets the interface to use when setting IP address alias. Note that the alias is created at jail startup and removed at jail shutdown. Never used that setting before. Which is what sounds like the solution to not have ip's available when sshd starts so it isn't bound to them. Right-o. Also what sys version were these options added? I would guess 8.x as we're using iface|addr in 8.1 (as previously mentioned, not using jail_jname_interface -- dunno about that one). The following URLs might be of assistance in tracking down the origins of various options: http://www.freebsd.org/cgi/cvsweb.cgi/src/etc/rc.d/jail http://svnweb.freebsd.org/base/head/etc/rc.d/jail -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: jail and networking
On Wed, 20 Feb 2013, Bernt Hansson wrote: Hello list! I dont seem to get net working in a test jail. These I've tried; ftp, fetch, telnet They time out. Ssh sort of work. 32bit# ssh 10.0.0.3 ssh_askpass: exec(/usr/local/bin/ssh-askpass): No such file or directory Host key verification failed. jail is 8.3-STABLE i386 GENERIC host is FreeBSD 8.3-STABLE amd64 GENERIC I'm sure you want more info so just tell me what info. Commonly the problem is that you are jexec'd into the jail and I find that tools like ssh, ftp, telnet, etc. don't work when you're in the jail via jexec but instead what works way better is if you ssh into the jail (via the jail'd ssh process of course). Does that seem to be the case in your situation? -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: jail and networking
On Wed, 20 Feb 2013, Bernt Hansson wrote: On 2013-02-20 17:23, Teske, Devin wrote: On Wed, 20 Feb 2013, Bernt Hansson wrote: Hello list! I dont seem to get net working in a test jail. These I've tried; ftp, fetch, telnet They time out. Ssh sort of work. 32bit# ssh 10.0.0.3 ssh_askpass: exec(/usr/local/bin/ssh-askpass): No such file or directory Host key verification failed. jail is 8.3-STABLE i386 GENERIC host is FreeBSD 8.3-STABLE amd64 GENERIC I'm sure you want more info so just tell me what info. Commonly the problem is that you are jexec'd into the jail and I find that tools like ssh, ftp, telnet, etc. don't work when you're in the jail via jexec but instead what works way better is if you ssh into the jail (via the jail'd ssh process of course). Does that seem to be the case in your situation? If you mean this sshd IsJ0:00,00 /usr/sbin/sshd Then no. %ssh 10.0.0.10 ssh: connect to host 10.0.0.10 port 22: Operation timed out I did have an alias on the host to the jail's ip. Tried to restart the jail it went fine, but now I can't jexec in to the jail. testbox# jexec 1 tcsh jexec: jail_attach(1): Invalid argument Sooo... I'm kind of out of ideas. When you restart a jail it's jid (the first argument to jexec) changes. Instead of using the jid you can use the jail name (example below): jexec NAME tcsh Otherwise, you're going to have to do jls to get the new jid after restarting the jail. -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: jail and networking
On Wed, 20 Feb 2013, Bernt Hansson wrote: On 2013-02-20 19:07, Jeff Tipton wrote: On 02/20/2013 19:42, Bernt Hansson wrote: On 2013-02-20 17:23, Teske, Devin wrote: On Wed, 20 Feb 2013, Bernt Hansson wrote: Hello list! I dont seem to get net working in a test jail. These I've tried; ftp, fetch, telnet They time out. Ssh sort of work. 32bit# ssh 10.0.0.3 ssh_askpass: exec(/usr/local/bin/ssh-askpass): No such file or directory Host key verification failed. jail is 8.3-STABLE i386 GENERIC host is FreeBSD 8.3-STABLE amd64 GENERIC I'm sure you want more info so just tell me what info. Commonly the problem is that you are jexec'd into the jail and I find that tools like ssh, ftp, telnet, etc. don't work when you're in the jail via jexec but instead what works way better is if you ssh into the jail (via the jail'd ssh process of course). Does that seem to be the case in your situation? If you mean this sshd IsJ0:00,00 /usr/sbin/sshd Then no. %ssh 10.0.0.10 ssh: connect to host 10.0.0.10 port 22: Operation timed out I did have an alias on the host to the jail's ip. Tried to restart the jail it went fine, but now I can't jexec in to the jail. testbox# jexec 1 tcsh jexec: jail_attach(1): Invalid argument Sooo... I'm kind of out of ideas. What does jls command say? If you have restarted your jail, it's ID most likely has changed. The ID did change, didn't know about that, thank you. But still, sshd isn't running in the jail 32bit# ps ax PID TT STAT TIME COMMAND 2385 ?? IsJ0:00,00 sendmail: Queue runner@00:30:00 for /var/spool/clientmqueue (sendmail) 2391 ?? SsJ0:00,00 /usr/sbin/cron -s 2464 0 SJ 0:00,01 tcsh 2482 0 R+J0:00,00 ps ax testbox# ps ax | grep J 2385 ?? IsJ0:00,00 sendmail: Queue runner@00:30:00 for /var/spool/clientmqueue (sendmail) 2391 ?? SsJ0:00,00 /usr/sbin/cron -s 2488 0 S+ 0:00,00 grep J testbox is the host. A stab in the dark, but... Did you add sshd_enable=YES to the jail's rc.conf(5)? -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: How to add zfs support to FreeBSD
4. lsvfs output? -- Devin From: owner-freebsd-questi...@freebsd.org [owner-freebsd-questi...@freebsd.org] on behalf of Jeremy Chadwick [j...@koitsu.org] Sent: Tuesday, February 19, 2013 12:16 AM To: freebsd-questions@freebsd.org Cc: fb...@a1poweruser.com; free...@edvax.de Subject: Re: How to add zfs support to FreeBSD Regarding all the recommendations on how to determine if ZFS is available on the system: Do not run commands like /sbin/zfs or /sbin/zpool right off the bat. This will result in the underlying kld bits dynamically loading zfs.ko and opensolaris.ko on the fly -- even if there aren't any ZFS filesystems used -- which takes up kernel memory. This also generates crap on the console, and I can assure you an SA running some script is not expecting this. (An example is a system I admin which does not use ZFS, but I often forget that fact and type zpool status as root by accident, which loads ZFS, etc. -- I ended up using WITHOUT_CDDL on that system just to keep that from happening ;-) ). The OP needs to define what he means by enabled on the host. This could mean: a) The host actually has ZFS compiled or not (e.g. WITHOUT_ZFS and/or WITHOUT_CDDL and/or WITHOUT_CTF are not defined in src.conf), b) The host is capable of using ZFS (e.g. kernel modules are built and installed but are not loaded), c) The host has the kernel modules loaded but are not actually in use (e.g. zfs_enable=yes in rc.conf but no ZFS filesystems defined), d) The host has the kernel modules loaded and actively has ZFS filesystems in use. Recommendations (meaning you get to use a combination of these to create proper logic depending on what you want -- please keep in mind what I just said about using /sbin/zpool and so on however): 1) Check for the existence of /sbin/zfs (e.g. if [ -x ... ]). If it exists, the system was built without WITHOUT_{ZFS,CDDL,CTF} set. (Sorry for the double negative). 2) Use sysctl -n vfs.zfs.version.zpl and check exit code. If 1, the kernel modules are not loaded, else they are. 3) Run /sbin/zpool list -H and see if there's any output. If there is, there are pools defined, which means in some way or another ZFS is being used by the system. (Note that I recommend using /sbin/zpool not /sbin/zfs, because zpool (for me anyway) takes less time and if there's a pool there is going to be a filesystem (even if -omountpoint=none) that shows up /sbin/zfs). Note that this WILL result in the kernel modules being loaded. Depending on what the OP wants, you could use /sbin/mount | grep zfs instead, but that won't catch one situation: where all ZFS filesystems are mountpoint=none. Footnote: do not do silly things like grep /etc/src.conf for WITHOUT_xxx features, or /etc/rc.conf for whatever; an admin may have set these in advance for the next {build,install}{world,kernel} which have yet to be run. Parsing/checking config files is not going to suffice. -- | Jeremy Chadwick j...@koitsu.org | | UNIX Systems Administratorhttp://jdc.koitsu.org/ | | Mountain View, CA, US| | Making life hard for others since 1977. PGP 4BD6C0CB | ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: How to add zfs support to FreeBSD?
The tool for checking rc.conf(5) is my sysrc(8). It will eventually be part of base (it's already checked into HEAD at usr.sbin/sysrc -- but not installed by default unless WITH_BSDCONFIG is enabled when performing a build(7) or release(7) process). Currently, also available via ports in sysutils/sysrc I definitely recommend giving it a shot. There's essentially two ways to use it for your needs: 1. sysrc -n zfs_enable Returns YES for example. or... 2. For better performance, use the includes... #!/bin/sh . /usr/local/share/sysrc/sysrc.subr f_sysrc_get zfs_enable Returns YES for example. -- Devin From: owner-freebsd-questi...@freebsd.org [owner-freebsd-questi...@freebsd.org] on behalf of Fbsd8 [fb...@a1poweruser.com] Sent: Monday, February 18, 2013 5:41 PM To: Polytropon Cc: FreeBSD questions Subject: Re: How to add zfs support to FreeBSD? Polytropon wrote: On Mon, 18 Feb 2013 16:57:14 -0500, Fbsd8 wrote: Fbsd8 wrote: The handbook does not cover how to add zfs support. How is it done? Let me reword. If zfs is in the base system why does it not show up when I look for it this way? if config -x $( sysctl -n kern.bootfile ) | grep -q '^[[:space:]]*options[[:space:]]\{1,\}ZFS\'; then echo yes zfs is in the kernel fi Without the ability to check this, I strongly assume that if you enable ZFS as described in the Handbook, the module /boot/kernel/zfs.ko (part of the default system) will be loaded. That's why it won't show up in a sysctl query aimed at the _kernel_ itself -- because it isn't in the kernel. Also, sysctl -n kern.bootfile will return the actual kernel file, /boot/kernel/kernel, which is a binary. If the exact config list (from the kernel _configuration_ file) is not plain-text part of that file, grep will not find the text you're grepping for. So the next question is there any sh script code I can use to check if zfs has been enabled by the rc.conf zfs_enable statement. I need to determine if zfs is enabled on the host. Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: about unatteneded installation
On Thu, 14 Feb 2013, Rick Miller wrote: Hi Devin, On 12/20/12 1:10 PM, Devin Teske devin.te...@fisglobal.com wrote: For now, people that prefer sysinstall can use my FreeBSD Druid pre-built install media: For 9.0: http://sourceforge.net/projects/druidbsd/files/FreeBSD-9.0_Druid-1.0b60.iso/download For 8.3: http://sourceforge.net/projects/druidbsd/files/FreeBSD-8.3_Druid-1.0b60.iso/download As for 10.0 (when it comes out), expect bsdinstall to surpass sysinstall (in many many great ways) in every way (unlike the current status in 9.x). I had begun evaluating FreeBSD Druid and DruidBSD, but was sidetracked with a different project. I'm hoping to return to this in the coming weeks. Having said that, I am wondering what disk partition utilities FreeBSD Druid/DruidBSD use when installing 9.x. Is it using fdisk/bsdlabel or gpart? Hi Rick, No worries on time lapse. In fact, I had been needing to get back to you on assuaging those 4 failed patch hunks on your sysinstall work. FreeBSD Druid (both 8.x and 9.x) use sysinstall for disk partitioning. What does sysinstall use, you say? Glad you asked. sysinstall(8) uses a combination of: + libdisk ( see, for example, Set_Boot_Mgr(3) within case 'W' of switch (toupper(key)) in function diskPartition() of file stable/9/usr.sbin/sysinstall/disks.c lines 630-693) http://svnweb.freebsd.org/base/stable/9/usr.sbin/sysinstall/disks.c?revision=225736view=markup and ... + phk code (see, for example, slice_wizard() function in file stable/9/usr.sbin/sysinstall/wizard.c lines 65-201, in-use for case '|' of the same switch above, same function, lines 695-707 of stable/9/usr.sbin/sysinstall/disks.c) http://svnweb.freebsd.org/base/stable/9/usr.sbin/sysinstall/disks.c?revision=225736view=markup http://svnweb.freebsd.org/base/stable/9/usr.sbin/sysinstall/wizard.c?revision=225736view=markup But wait, there's more... The FreeBSD 9 version of my FreeBSD Druid has a patch to perform (only when doing automated/scripted installs): gpart -F destroy ${dest_disk} The reason for this is that if you, say for example, were to try the bsdinstall based media and then want to try sysinstall based media, you're actually prevented from re-formatting that disk into a usable MBR layout until you destroy the GPT backup label stored at the end of the disk. So the FreeBSD Druid for 9.x is basically the same as for 8.x with an additional twist, it has gpart in the mfsroot so that it can do a destroy on the GPT backup data before formatting the disk in automated installations (this destroy command is not done for non-scripted installs). You can see the code here: http://druidbsd.cvs.sourceforge.net/viewvc/druidbsd/druidbsd/druid/src/freebsd/menu/etc/all_install?r1=1.2r2=1.3 http://druidbsd.cvs.sourceforge.net/viewvc/druidbsd/druidbsd/druid/src/freebsd/menu/etc/all_install?revision=1.3view=markup -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: Fun Scripting Problem
(apologies for top-post) As tempted as I am, I think newsyslog(8) may be what you want. Missing information in your post is how you intend to timestamp the files -- by filename? by content? If by-content, then is it a good assumption that the data is one entry per-line? ... and if-so, is the timestamp in that line? These are all questions that would be needed to script what you're asking for (not that I'm volunteering or anything like that). -- Devin From: owner-freebsd-questi...@freebsd.org [owner-freebsd-questi...@freebsd.org] on behalf of Tim Daneliuk [tun...@tundraware.com] Sent: Wednesday, February 13, 2013 10:27 AM To: FreeBSD Mailing List Subject: Fun Scripting Problem I know how to do this in Python, but I really want to do it in straight Bourne shell. I have some ideas, but I thought I'd give you folks a crack at this Big Fun: a) You have a directory of files - say they're logs - generated at nondeterministic intervals. You may get more than one a day, more than one a month, none, or hundreds. b) To conserve space, you want to keep the last file generated in any given month (the archive goes back for an unspecified number of years), and delete all the files generated prior to that last file in that same month. c) Bonus points if the problem is solved generally for either files or directories generated as described above. These are not actually logs, and no, I don't think logrotate can do this ... or can it? -- --- Tim Daneliuk ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: Was I Sourced?
On Tue, 12 Feb 2013, Tim Daneliuk wrote: Is there a way for script to determine whether is was sourced or forked off as a subprocess when it was invoked? Not that I'm aware of. I have a script that needs to be sourced to work properly and I want to warn the luser if they exec or subshell it instead. In order for a user to exec a script it has to have the invocation line: #!/bin/sh So naturally, if your script is missing this as the first line, the file will not be interpretable (and thus exec will fail). And if the file is not executable (due to lack of invocation line) then you also shouldn't have any worry about execution within a sub-shell (though it will still be possible to source within a sub-shell using . -- but that shouldn't be any different than sourcing in the main shell). One thin you could do is to use an invocation line that will warn the user that it shouldn't be executed directly... #!/not_directly_executable # Use the source luke So when someone executes your script they get... -bash: ./script: /not_directly_executable: bad interpreter: No such file or directory -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: vnet without epair
On Sun, 10 Feb 2013, Nikos Vassiliadis wrote: On 2/10/2013 1:12 AM, Teske, Devin wrote: On Sat, 9 Feb 2013, Fbsd8 wrote: I did google search and could only find 9.0 vnet jails using epair. I'm surprised you didn't find my own page on vnet jails using netgraph: http://druidbsd.sf.net/vimage.shtml I have seen this but I got the idea that it is not in ports(?) and this stopped me from trying. It's not in ports only because I first wanted to see where jail.conf would take us w/respect to vimages. However, this package not being in ports shouldn't prevented you from trying it -- it's extremely stable and as I mentioned, we've been using it heavily at $work for over 12 months now. When you download the package (*.tgz) and pkg_add it, it installs the following two files only: /etc/rc.d/vimage /etc/rc.conf.d/vimage NOTE: The rc.conf.d file is the documentation on usage If you haven't tried it, then I hope you will because I think the new jail.conf stuff falls short. Don't get me wrong, jail.conf is a great start, but simply adding the ability to manage the vnet aspect of a jail does not make a vimage (what's missing is the built-in support for generating bridges as vimages are brought up/down dynamically). I feel that before I add this to ports I need to reprogram it to use jail.conf (not directly). That will simplify its code and [should] make it smaller. I was somewhat waiting on /etc/rc.d/jail to blaze the trail for me. In short, the landscape has been changing fast enough that it's prevented me from adding this to ports, but in spite of that it's still very much real _and_ real stable. -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: packages listing
On Sun, 10 Feb 2013, Nikos Vassiliadis wrote: On 2/10/2013 8:57 AM, Polytropon wrote: On Sat, 9 Feb 2013 22:52:37 -0800 (PST), Dánielisz László wrote: Hi Everybody, Do you have any idea how can I list those installed packages that are not required by any other? You can use sysutils/pkg_cutleaves to determine those. I use this: #!/bin/sh pkg_info -R '*' | sed -n ' /^Information for /{ N N /Required by:/d s/^Information for \(.*\):\n\n$/\1/p } ' Just curious, why not use pkg_info -Ra instead of pkg_info -R '*' ? -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: vnet without epair
On Sun, 10 Feb 2013, Nikos Vassiliadis wrote: On 2/10/2013 2:54 PM, Teske, Devin wrote: It's not in ports only because I first wanted to see where jail.conf would take us w/respect to vimages. I see. However, this package not being in ports shouldn't prevented you from trying it -- it's extremely stable and as I mentioned, we've been using it heavily at $work for over 12 months now. When you download the package (*.tgz) and pkg_add it, it installs the following two files only: /etc/rc.d/vimage /etc/rc.conf.d/vimage NOTE: The rc.conf.d file is the documentation on usage If you haven't tried it, then I hope you will because I think the new jail.conf stuff falls short. Don't get me wrong, jail.conf is a great start, but simply adding the ability to manage the vnet aspect of a jail does not make a vimage (what's missing is the built-in support for generating bridges as vimages are brought up/down dynamically). I feel that before I add this to ports I need to reprogram it to use jail.conf (not directly). That will simplify its code and [should] make it smaller. I was somewhat waiting on /etc/rc.d/jail to blaze the trail for me. In short, the landscape has been changing fast enough that it's prevented me from adding this to ports, but in spite of that it's still very much real _and_ real stable. Yes, of course. I will try it and report back to you my findings. What I - nikos - really need from a script like yours is the ability to generate arbitrarily complex topologies with interconnected vnet jails. Something like: abc---d | | hef---g | | i Like a cut-down version of imunes[1] without the need of a graphical user interface. Excellent! This is precisely what I was after when I wrote the vimage package and its contents. I'm familiar with IMUNES and netgraph fits the bill well (especially with ngctl dot being useful in providing visual confirmation when you've achieved the desired network layout -- when ngctl dot | dot -Tsvg -o netgraph.svg starts to look like your IMUNES graph, then you know you're making progress toward having the right configuration). -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: vnet without epair
On Sun, 10 Feb 2013, Nikos Vassiliadis wrote: On 2/10/2013 3:56 PM, Teske, Devin wrote: Excellent! This is precisely what I was after when I wrote the vimage package and its contents. I'm familiar with IMUNES and netgraph fits the bill well (especially with ngctl dot being useful in providing visual confirmation when you've achieved the desired network layout -- when ngctl dot | dot -Tsvg -o netgraph.svg starts to look like your IMUNES graph, then you know you're making progress toward having the right configuration). You'll be soon hearing from me then! Here's some examples of ngctl dot | dot -Tsvg -ofile run on various servers running my vimage package: http://druidbsd.sourceforge.net/download/warden0.jbsd.svg A server with two network interfaces (igb0 and igb1). igb0 is bridged to 5 vimages (named kps0a_dev, kps64a_dev, kws411a_dev, kws411b_dev, and kws82a_dev). Each vimage has a single bridge to the same igb0 interface and are talking on a single subnet (see next example for more complex layout). Meanwhile, igb1 is used exclusively for the host machine (netgraph displays this in a disconnected cluster because it's not in-use by the netgraph system). The ngctl99755 element off to the right is the ngctl program's connection to the netgraph system to dump the dot(1) output for the creation of the SVG image itself. http://druidbsd.sourceforge.net/download/folsom.svg A server with 5 network interfaces (em0, em1, em2, igb0, igb1). igb0 is bridged between the host machine, a vimage named stats and a vimage named beefcake. igb1 is bridged between the host machine, a vimage named bafug1, and 6 other vimages. Of the 6 other vimages, the special one is cfg0_vlbxrich which has 2 bridges to the same interface (the host machine's rc.conf has vimage_cfg0_vlbxrich_bridges=igb0 igb0) but is speaking different subnets on each of the bridged interfaces within the jail (saying ifconfig in that vimage produces two interfaces -- beside lo0 -- named ng0_cfg0_vlbxri, and ng1_cfg0_vlbxri; these are configured to 2 different subnets in the jails's /etc/rc.conf). There are more vimages that can't be seen as netgraph does not show vimages that are using whole interfaces (a single PHY on a quad-port NIC for example; or a tap/tun pair); however you can see the interfaces em0, em1, and em2. What's cute is that those vimages are often purposed as high se curity vimages and as-such we view it as a value-add that they don't appear in the netgraph layout. (but to be honest, this is an older output and I can't remember what those interfaces were used for -- our vimage servers have grown and changed since then). http://druidbsd.sourceforge.net/download/bastion.svg A high security server (that was decommissioned last Friday) where each vimage gets an entire PHY (read: netgraph is not used, whole interfaces are moved into the vimages -- see /etc/rc.conf.d/vimage specifically vimage_example_vnets). So naturally, this graph appears to be rather boring (all the interfaces are in the disconnect cluster) because netgraph isn't using the interfaces. -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: vnet without epair
Have you tried using netgraph? -- Devin From: owner-freebsd-questi...@freebsd.org [owner-freebsd-questi...@freebsd.org] on behalf of Fbsd8 [fb...@a1poweruser.com] Sent: Saturday, February 09, 2013 7:57 AM To: FreeBSD questions Subject: vnet without epair Has any one been able to get RELEASE 9.1 to enable jail vnet without having to use epair? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: vnet without epair
On Sat, 9 Feb 2013, Fbsd8 wrote: Nikos Vassiliadis wrote: On 2/9/2013 5:57 PM, Fbsd8 wrote: Has any one been able to get RELEASE 9.1 to enable jail vnet without having to use epair? Yes, you can use vnet-enabled jails with several types of interfaces. Physical ones like em0 etc, virtual ones like vlan0 etc, netgraph ethernet-like interfaces like ngeth etc and if_epair interfaces. What all these have in common is that they all are ethernet-like. You don't mention what kind of use and more or less most interfaces are usable in a vnet jail. Could you share more on what you are trying to achieve? Nikos Thanks for your reply and interest. What I am doing is writing documentation that describes the new 9.1 jail extensions for jail.conf and the rc.conf jail statements. I am going to submit changes to /etc/defaults/rc.conf and as long as I was on the jail subject thought I may as well include vnet because it was missing from /etc/defaults/rc.conf. Thanks for taking this on. I did google search and could only find 9.0 vnet jails using epair. I'm surprised you didn't find my own page on vnet jails using netgraph: http://druidbsd.sf.net/vimage.shtml What I did was dup' the old rc.d/jail script one day and modify it to support vnet jails (read: it doesn't use jail.conf it uses the old style of rc.conf(5) parameters) with the built-in ability to do bridging with netgraph (if you enable the right kernel options and/or have the right modules loaded). It also supports shoving any whole interfaces into the vnet jails (be they real or pseudo interfaces, the only restriction is that it has to be a valid parameter in ifconfig interface vnet jail_id. ASIDE: The nice thing about using netgraph to do the bridging on the back-end is that ngctl dot | dot -Tsvg -o netgraph.svg creates nice pictures of your network layout (aside from being very versatile). It was my understanding that epair was not necessary to use vnet and thanks to you, you confirmed it. As part of this self-appointed project I plan to also update man jail and the handbook jail section which is really way out of date. I plan to include vnet in all aspects of this project. I must point out this is not just a writing project. I have been using rc.conf jail statements to configure jails for some time now, I hope you'll look at my vimage package (we've been using it for a little over 12 months now). $work has been very happy with it to say the least. and have a test bed to test things I write about so I can verify what I write is true and valid. I am working with the author of the jail environment and already have discovered bugs which are being addressed. I have never played with vimage as it's labeled as experimental because it is not scp aware. I think you mean it conflicts with SCTP (network protocol like UDP and TCP). IE: can not use more than a single cpu. I'm not so sure about that. One of the 9.1 jail extensions deals with being able to use quotas inside of jails. I am excited to begin testing this new function. Very cool -- looking forward to reading updates on that. During my jail research I have come across posts where people have to use a kernel patch to get xorg desktops to work inside of a jail. I have a separate post to questions list trying to mine some info on that subject. Excellent! I am always open to input. If you have the background to support my efforts in this project its welcomed. Yeah, we use vimages a lot at $work. For example, just yesterday, I had a need to move a machine into the server room but it wasn't in a rack-mountable case -- so I rsync'd the OS (minus /dev and /proc of course) to a directory on the vimage server, spent a minute or two copy/pasting in /etc/rc.conf, changing a couple values (like which em* interface to bridge to), and then I said service vimage start [thename] obsoleting the once-physical machine for a new vimage. In this case, the server needed to run samba on a private network. Worked great. Freed up some workstation hardware for an actual workstation and a server that should have been in the rack is now running on server equipment as it should. It was a win for everybody and it took less than an hour (including the time to rsync). Now only if I could find a graceful solution to rsync dying with out of memory errors on massive amounts of files and/or hard-links (rsync-3.0.7), I'd be all set! -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___
RE: How to add unused space to an existing install
On 7 Feb 2013, Paul Schmehl wrote: --On February 6, 2013 5:21:39 PM -0600 dte...@freebsd.org wrote: -Original Message- From: owner-freebsd-questi...@freebsd.org [mailto:owner-freebsd- questi...@freebsd.org] On Behalf Of Paul Schmehl Sent: Wednesday, February 06, 2013 9:59 AM To: FreeBSD Questions List Subject: How to add unused space to an existing install I have a FreeBSD 8.3 RELEASE box that we recently discovered only has part of the disk being used. This box has four 1TB drives in RAID 5, and df only shows 500MB of disk available. fdisk shows this: # fdisk -p # /dev/mfid0 g c364602 h255 s63 p 1 0xa5 63 1562363771 a 1 When I run the fdisk editor in sysinstall I see this: Disk name: mfid0 FDISK Partition Editor DISK Geometry: 364602 cyls/255 heads/63 sectors = 5857331130 sectors (2860024MB) Offset Size(ST)End Name PType Desc Subtype Flags 0 63 62- 12 unused0 63 1562363771 1562363833 mfid0s1 8freebsd 165 1562363834 4294981702 5857345535- 12 unused0 I want to capture all that unused space and add it to the server. fstab has this: # cat /etc/fstab # Device Mountpoint FStype Options Dump Pass# /dev/mfid0s1bnoneswapsw 0 0 /dev/mfid0s1a/ ufs rw 1 1 /dev/mfid0s1e/home ufs rw 2 2 /dev/mfid0s1d/tmpufs rw 2 2 /dev/mfid0s1f/usrufs rw 2 2 /dev/mfid0s1g/varufs rw 2 2 /dev/acd0/cdrom cd9660 ro,noauto 0 0 When I try to create a new slice using fdisk, it doesn't seem to work. Did you try something like: echo p 2 165 * * | sudo fdisk -f- /dev/mfid0 ?? Thank you for your detailed and informative answer. I did not. I'm a neophyte in the disk world. I've always used sysinstall to setup partitions and mount points. Afterward fdisk -p should show something like... # /dev/mfid0 g c364602 h255 s63 p 1 0xa5 63 1562363771 p 2 0xa5 num num a 1 And then you'll have /dev/mfid0s2 which you can do-with what you like (directly newfs the slice or create BSD partitions underneath that to further sub-divide into as many as 8 smaller units, /dev/mfid0s2[a-h]). I've been doing some more research on this problem, and I've discovered that bsdlabel has a 2 to the 32nd limit on disk size. It appears I have to use gpart instead. Is that not correct? Only if your disk is larger than 2TB (or 2048GB). If you try to partition a 2TB disk with fdisk the most you can hope to access is 2TB (the rest will be forever unused). I was noticing that that the total size for all your partitions is about 744.95GB -- far short of the maximum addressable of 2TB. So you *could* gain access to more space with the tricks discussed here, but yes... You will be required to use gpart to address more than 2TB of storage on a single discrete disk. gpart creates a GPT layout versus fdisk which creates an MBR layout. GPT uses length identifiers double that of MBR so you should be able to address up to 16 million terabytes on any single discrete disk with gpart. That ought to be enough for a while (the largest storage array known to exist today is in the Petabytes ... thousands of terabytes -- nobody has yet produced a single storage device of contiguous addressable space matching-or-exceeding 1024 petabytes or 1M terabytes; so we have a ways to go before anybody reaches the limit of 2^64). If I move to the label editor, I get this: FreeBSD Disklabel Editor Disk: mfid0 Partition name: mfid0s1 Free: 0 blocks (0MB) Part Mount Size Newfs Part Mount Size Newfs - - - - mfid0s1a none 2000MB * mfid0s1d none 65536MB * mfid0s1e none 4096MB * mfid0s1b swap65536MB SWAP mfid0s1f none 10240MB * mfid0s1g none601GB * As you can see mfid0s1g is 601GB, and according to fstab that's /var. Yet df -h shows: # df -h Filesystem SizeUsed Avail Capacity Mounted on /dev/mfid0s1a1.9G726M1.0G41%/ devfs1.0k1.0k 0B 100%/dev /dev/mfid0s1e3.9G 38M3.5G 1%/home /dev/mfid0s1d 62G6.6M 57G 0%/tmp /dev/mfid0s1f9.7G7.5G1.4G84%/usr /dev/mfid0s1g582G 39G496G 7%/var So apparently I'm not creating this new slice? It should be /dev/mfid0s1h, correct?
Re: sh script ?
Use = for string comparison with the [ built-in and -eq for numerical comparison. -- Devin On Jan 24, 2013, at 10:07 AM, Fbsd8 fb...@a1poweruser.com wrote: I get this message [: 10.0.10.21: bad number on this code [ ${saved_ip} -eq ${used_ip} ] echo good match Both variables have valid ip addresses in them. Why does it think the variable content is a number and not text? What am I doing wrong? Thanks for your help ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD's backwards webdesign / corporate identity
On Apr 13, 2012, at 5:54 PM, Polytropon free...@edvax.de wrote: On Sat, 14 Apr 2012 07:49:40 +0700, Erich Dollansky wrote: Hi, On Friday 13 April 2012 23:37:16 Polytropon wrote: On Fri, 13 Apr 2012 22:59:41 +0700, Erich Dollansky wrote: On Friday 13 April 2012 20:56:35 Sean Cavanaugh wrote: -Original Message- From: owner-freebsd-questi...@freebsd.org [mailto:owner-freebsd- questi...@freebsd.org] On Behalf Of Erich Dollansky Sent: Friday, April 13, 2012 9:12 AM To: freebsd-questions@freebsd.org Cc: Julian H. Stacey; Tony; Steffen Daode Nurpmeso Subject: Re: FreeBSD's backwards webdesign / corporate identity On Friday 13 April 2012 18:44:07 Steffen Daode Nurpmeso wrote: Julian H. Stacey wrote [2012-04-13 13:13+0200]: The 1000 year Reich lasted 6. 13. Not for all, though. 1945 - 1933 gives 12. Do I have to start a calculator now? Its 13 INCLUSIVE. You're calculating exclusive it also fits better to today's date. Fits even better next Friday! ;-) oh, yeah, the big birthday bash. Is it organised via facebook? Who with a sane mind would press his face into a book? :-) Certainly _not_ Gutenberg (considering the size of his press, OUCH!!) ;-) -- Devin _ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org