eliminate character with sed
Hello list, I have a few php config files that have the windows delimiter character in them ('^M') that I would like to get rid of. I'm trying to use sed to do it, and for some reason I am not having any luck. Here's the line that I'm trying to use: #sed -i '.bak' 's/^M//g' config.php However when I have a look at the backup file that's been created with this command, it looks like there was no effect: ?php ^M/* Global Variables */^Mif(!defined('DS'))^M define('DS',DIRECTORY_SEPARATOR);^M^M if(!defined(_MAINSITEPATH_))^M define(_MAINSITEPATH_,dirname(__FILE__).DS);^M I was wondering is someone had a tip on how to run this command effectively in this situation. Thanks! tim -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SV: php5 port seems broken
yes I did.I put these lines into httpd.conf AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps and that did the trick. Thanks again list! tim - Original Message - From: Hasse Hansson ha...@thorshammare.org To: Tim Kellers timot...@wallnet.com, freebsd-questions@freebsd.org Sent: Monday, January 23, 2012 6:24:36 AM Subject: SV: php5 port seems broken -Oprindelig meddelelse- Fra: owner-freebsd-questi...@freebsd.org [mailto:owner-freebsd-questi...@freebsd.org] På vegne af Tim Kellers Sendt: den 23 januari 2012 02:04 Til: freebsd-questions@freebsd.org Emne: Re: php5 port seems broken On 1/22/12 7:50 PM, Tim Dunphy wrote: Hello again, Thanks for your input. Before attempting to install php on this machine I updated my ports tree with csvsup. But following the steps in this article helped me to get past this point. http://icesquare.com/wordpress/freebsdproblem-to-update-php-port/ Which was basically: #sudo rm -Rf /var/db/portsnap/* #sudo portsnap fetch extract #sudo portsnap fetch update #cd /usr/ports/distfiles/ #sudo wget http://fi.php.net/distributions/php-5.3.9.tar.bz2 #cd /usr/ports/lang/php5 #sudo make That was all I had to do. :) However I'm onto a new stumbling block, so if you're still tuned in I hope you don't mind if I bounce this off the list. It seems that Apache 2.2 is not recognizing PHP now that it's installed. If I go to a php test page in a web browser this is all I see: ?php // Show all information, defaults to INFO_ALL phpinfo(); // Show just the module information. // phpinfo(8) yields identical results. phpinfo(INFO_MODULES); ? These are the contents of the file I am hitting: ?php // Show all information, defaults to INFO_ALL phpinfo(); // Show just the module information. // phpinfo(8) yields identical results. phpinfo(INFO_MODULES); ? I checked to see that in my main apache config file (httpd.conf) I have this line: LoadModule php5_modulelibexec/apache22/libphp5.so And of course I've restarted apache after installing the php5 port. :) And since apache isn't even recognizing php at this point hitting the test page does not generate any errors in the error logs. Any thoughts/hits/suggestions from here? thanks tim - Original Message - From: RWrwmailli...@googlemail.com To: freebsd-questions@freebsd.org Sent: Sunday, January 22, 2012 7:07:21 PM Subject: Re: php5 port seems broken On Sun, 22 Jan 2012 18:01:29 -0500 Tim Kellers wrote: On 1/22/12 5:35 PM, Tim Dunphy wrote: Hello list, I'm attempting to install php5 from my ports tree. I've attempted the latest version ( 5.3.9 located in /usr/ports/lang/php5) and the 'latest stable' (5.2.17 located in /usr/ports/lang/php52). The result is pretty much the same: suhosin-patch-5.3.9-0.9.10.patch.gz. ===Giving up on fetching files: php-5.3.9.tar.bz2 Make sure the Makefile and distinfo file (/usr/ports/lang/php5/distinfo) are up to date. If you are absolutely sure you want to override this check, type make NO_CHECKSUM=yes [other args]. *** Error code 1 I just portupgraded my php5 this morning and I was able to fetch the distfile without trouble. It might just be a partially dled file and a checksum mismatch. if you do a make checksum it will download the file or resume a partial download before checking the hash. You can try (as root) rm -rf /usr/ports/distfiles/php-5.3.9.tar.bz2 and cd /usr/ports/lang/php5 make clean make install clean or make distclean If that gets you past the checksum error, you should be able to build it successfully. Probably the ports tree needs to be updated to pick-up an updated hash value. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Did you out this in httpd.conf? from pkg-message.mod: *** Make sure index.php is part of your DirectoryIndex. You should add the following to your Apache configuration file: AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps *** Tim Kellers ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org [] - And have a look at /usr/ports/lang/php5-extentions An easy to follow step by step tutorial http://www.unixmen.com
php5 port seems broken
Hello list, I'm attempting to install php5 from my ports tree. I've attempted the latest version ( 5.3.9 located in /usr/ports/lang/php5) and the 'latest stable' (5.2.17 located in /usr/ports/lang/php52). The result is pretty much the same: [root@LBSD2:/usr/ports/lang/php5] #make install === Vulnerability check disabled, database not found === License check disabled, port has not defined LICENSE === Found saved configuration for php5-5.3.9 === Extracting for php5-5.3.9 = SHA256 Checksum mismatch for php-5.3.9.tar.bz2. = SHA256 Checksum OK for suhosin-patch-5.3.9-0.9.10.patch.gz. === Refetch for 1 more times files: php-5.3.9.tar.bz2 === Vulnerability check disabled, database not found === License check disabled, port has not defined LICENSE === Found saved configuration for php5-5.3.9 = php-5.3.9.tar.bz2 doesn't seem to exist in /usr/ports/distfiles/. = Attempting to fetch http://dk.php.net/distributions/php-5.3.9.tar.bz2 fetch: http://dk.php.net/distributions/php-5.3.9.tar.bz2: Requested Range Not Satisfiable = Attempting to fetch http://de.php.net/distributions/php-5.3.9.tar.bz2 fetch: http://de.php.net/distributions/php-5.3.9.tar.bz2: Requested Range Not Satisfiable = Attempting to fetch http://es.php.net/distributions/php-5.3.9.tar.bz2 fetch: http://es.php.net/distributions/php-5.3.9.tar.bz2: Requested Range Not Satisfiable = Attempting to fetch http://fi.php.net/distributions/php-5.3.9.tar.bz2 fetch: http://fi.php.net/distributions/php-5.3.9.tar.bz2: Requested Range Not Satisfiable = Attempting to fetch http://fr.php.net/distributions/php-5.3.9.tar.bz2 === Vulnerability check disabled, database not found === License check disabled, port has not defined LICENSE === Found saved configuration for php5-5.3.9 = SHA256 Checksum mismatch for php-5.3.9.tar.bz2. = SHA256 Checksum OK for suhosin-patch-5.3.9-0.9.10.patch.gz. === Giving up on fetching files: php-5.3.9.tar.bz2 Make sure the Makefile and distinfo file (/usr/ports/lang/php5/distinfo) are up to date. If you are absolutely sure you want to override this check, type make NO_CHECKSUM=yes [other args]. *** Error code 1 Stop in /usr/ports/lang/php5. *** Error code 1 Stop in /usr/ports/lang/php5. *** Error code 1 Stop in /usr/ports/lang/php5. I was just wondering if anyone might have a guess as to why this wasn't working? thanks tim ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: php5 port seems broken
Hello again, Thanks for your input. Before attempting to install php on this machine I updated my ports tree with csvsup. But following the steps in this article helped me to get past this point. http://icesquare.com/wordpress/freebsdproblem-to-update-php-port/ Which was basically: #sudo rm -Rf /var/db/portsnap/* #sudo portsnap fetch extract #sudo portsnap fetch update #cd /usr/ports/distfiles/ #sudo wget http://fi.php.net/distributions/php-5.3.9.tar.bz2 #cd /usr/ports/lang/php5 #sudo make That was all I had to do. :) However I'm onto a new stumbling block, so if you're still tuned in I hope you don't mind if I bounce this off the list. It seems that Apache 2.2 is not recognizing PHP now that it's installed. If I go to a php test page in a web browser this is all I see: ?php // Show all information, defaults to INFO_ALL phpinfo(); // Show just the module information. // phpinfo(8) yields identical results. phpinfo(INFO_MODULES); ? These are the contents of the file I am hitting: ?php // Show all information, defaults to INFO_ALL phpinfo(); // Show just the module information. // phpinfo(8) yields identical results. phpinfo(INFO_MODULES); ? I checked to see that in my main apache config file (httpd.conf) I have this line: LoadModule php5_modulelibexec/apache22/libphp5.so And of course I've restarted apache after installing the php5 port. :) And since apache isn't even recognizing php at this point hitting the test page does not generate any errors in the error logs. Any thoughts/hits/suggestions from here? thanks tim - Original Message - From: RW rwmailli...@googlemail.com To: freebsd-questions@freebsd.org Sent: Sunday, January 22, 2012 7:07:21 PM Subject: Re: php5 port seems broken On Sun, 22 Jan 2012 18:01:29 -0500 Tim Kellers wrote: On 1/22/12 5:35 PM, Tim Dunphy wrote: Hello list, I'm attempting to install php5 from my ports tree. I've attempted the latest version ( 5.3.9 located in /usr/ports/lang/php5) and the 'latest stable' (5.2.17 located in /usr/ports/lang/php52). The result is pretty much the same: suhosin-patch-5.3.9-0.9.10.patch.gz. === Giving up on fetching files: php-5.3.9.tar.bz2 Make sure the Makefile and distinfo file (/usr/ports/lang/php5/distinfo) are up to date. If you are absolutely sure you want to override this check, type make NO_CHECKSUM=yes [other args]. *** Error code 1 I just portupgraded my php5 this morning and I was able to fetch the distfile without trouble. It might just be a partially dled file and a checksum mismatch. if you do a make checksum it will download the file or resume a partial download before checking the hash. You can try (as root) rm -rf /usr/ports/distfiles/php-5.3.9.tar.bz2 and cd /usr/ports/lang/php5 make clean make install clean or make distclean If that gets you past the checksum error, you should be able to build it successfully. Probably the ports tree needs to be updated to pick-up an updated hash value. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: reverse dns in bind9
hey guys, ok I fixed the reverse zone file and now it's working perfectly! @ IN SOA ns1.summitnjhome.com. bluethundr.gmail.com. ( 2011032901 ;serial 14400 ;refresh 3600 ;retry 604800 ;expire 10800;minimum ) 1.168.192.in-addr.arpa.IN NS ns1.yournameserver.com. 42 IN PTR LCENT01.summitnjhome.com. 43 IN PTR LCENT03.summitnjhome.com. 44 IN PTR LBSD2.summitnjhome.com. LBSD2# host 192.168.1.42 42.1.168.192.in-addr.arpa domain name pointer LCENT01.summitnjhome.com. On Tue, Mar 29, 2011 at 12:25 AM, Jon Radel j...@radel.com wrote: On 3/29/11 12:05 AM, Tim Dunphy wrote: hello no crabby comments on restart at all! LBSD2# /etc/rc.d/named restart Stopping named. Waiting for PIDS: 4970. Starting named. Ah but yes some complaints from the logs Mar 29 04:59:47 LBSD2 named[5469]: master/summitnjhome-reverse.db:10: ignoring out-of-zone data (summitnjhome.com) Mar 29 04:59:47 LBSD2 named[5469]: dns_master_load: master/summitnjhome-reverse.db:11: unexpected end of line Mar 29 04:59:47 LBSD2 named[5469]: dns_master_load: master/summitnjhome-reverse.db:10: unexpected end of input Mar 29 04:59:47 LBSD2 named[5469]: zone 1.168.192.in-addr.arpa/IN: loading from master file master/summitnjhome-reverse.db failed: unexpected end of input Mar 29 04:59:47 LBSD2 named[5469]: zone 1.168.192.in-addr.arpa/IN: not loaded due to errors. Mar 29 04:59:47 LBSD2 named[5469]: running Tho I am not sure why it's complaining about unexpected end of input this is the whole file Really? Judging from the line numbers in the log messages, you're missing about 3 lines that, I would hope, include something like IN SOA ns1.summitnjhome.com bluethunder.gmail.com ( 201103271 ; Serial, todays date + todays serial 8H ; Refresh 2H ; Retry 4W ; Expire 1D) ; Minimum TTL NS ns1.summitnjhome.com. summitnjhome.com. doesn't make much sense as data in this zone, error message 1 ^ Whoa, Nelly, where's the rest of this line? error message 2 Oh, never mind, I'm so out of here.ignore all that stuff below, messages 3 and 4 42 PTR LCENT01.summitnjhome.com. 43 PTR LCENT02.summitnjhome.com. 44 PTR LBSD2.summitnjhome.com. 45 PTR LCENT02.summitnjhome.com. 46 PTR LCENT03.summitnjhome.com. 47 PTR LCENT04.summitnjhome.com. 23 PTR virtcent01.summitnjhome.com. 24 PTR virtcent02.summitnjhome.com. 21 PTR virtcent03.summitnjhome.com. 26 PTR virtcent04.summitnjhome.com. 27 PTR virtcent05.summitnjhome.com. 28 PTR virtcent06.summitnjhome.com. 29 PTR virtcent07.summitnjhome.com. 30 PTR virtcent08.summitnjhome.com. 31 PTR virtcent09.summitnjhome.com. 32 PTR virtcent10.summitnjhome.com. 33 PTR virtcent11.summitnjhome.com. 34 PTR virtcent12.summitnjhome.com. 35 PTR virtcent13.summitnjhome.com. 36 PTR virtcent14.summitnjhome.com. 37 PTR virtcent15.summitnjhome.com. 38 PTR virtcent16.summitnjhome.com. 39 PTR virtcent17.summitnjhome.com. 40 PTR virtcent18.summitnjhome.com. 41 PTR virtcent19.summitnjhome.com. -- --Jon Radel j...@radel.com -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: reverse dns in bind9
Hello, Thanks for your reply! I took your advice and removed that line from resolv.conf and added it into /etc/named/named.conf Now it looks like this // RFC 1912 zone localhost{ type master; file master/localhost-forward.db; }; zone 127.in-addr.arpa { type master; file master/localhost-reverse.db; }; zone 255.in-addr.arpa { type master; file master/empty.db; }; zone 192.in-addr.arpa { type master; file master/summitjnhome-reverse.db; }; And I did a restart of both network and named but the issue remains: LBSD2# host 192.168.1.44 Host 44.1.168.192.in-addr.arpa. not found: 3(NXDOMAIN) On Mon, Mar 28, 2011 at 1:06 AM, Robert Bonomi bon...@mail.r-bonomi.com wrote: Date: Mon, 28 Mar 2011 00:19:26 -0400 From: Tim Dunphy bluethu...@gmail.com Subject: reverse dns in bind9 Hello, I am attempting to setup reverse dns in bind 9 under freebsd... this is in an attempt to allow mysql to work a little easier with DNS resolution. In my /etc/named/named.conf file I have the following: // RFC 1912 zone localhost { type master; file master/localhost-forward.db; }; zone 127.in-addr.arpa { type master; ile master/localhost-reverse.db; }; zone 255.in-addr.arpa { type master; file master/empty.db; }; zone 192.in-addr.arpa { type master; file master/summitjnhome-reverse.db; }; zone summitnjhome.com { type master; file master/summitnjhome.db; }; My master/summitnjhome.com looks like the following: For starters, this should be in master/summitnjhome-reerse.db $TTL 3D @ IN SOA ns1.summitnjhome.com. bluethundr.gmail.com. ( 201103271 ; Serial, todays date + todays serial 8H ; Refresh 2H ; Retry 4W ; Expire 1D) ; Minimum TTL NS ns1.summitnjhome.com. summitnjhome.com. 42 PTR LCENT01.summitnjhome.com. 43 PTR LCENT02.summitnjhome.com. 44 PTR LBSD2.summitnjhome.com. 45 PTR LCENT02.summitnjhome.com. 46 PTR LCENT03.summitnjhome.com. 47 PTR LCENT04.summitnjhome.com. 23 PTR virtcent01.summitnjhome.com. 24 PTR virtcent02.summitnjhome.com. 21 PTR virtcent03.summitnjhome.com. 26 PTR virtcent04.summitnjhome.com. 27 PTR virtcent05.summitnjhome.com. 28 PTR virtcent06.summitnjhome.com. 29 PTR virtcent07.summitnjhome.com. 30 PTR virtcent08.summitnjhome.com. 31 PTR virtcent09.summitnjhome.com. 32 PTR virtcent10.summitnjhome.com. 33 PTR virtcent11.summitnjhome.com. 34 PTR virtcent12.summitnjhome.com. 35 PTR virtcent13.summitnjhome.com. 36 PTR virtcent14.summitnjhome.com. 37 PTR virtcent15.summitnjhome.com. 38 PTR virtcent16.summitnjhome.com. 39 PTR virtcent17.summitnjhome.com. 40 PTR virtcent18.summitnjhome.com. 41 PTR virtcent19.summitnjhome.com. and my /etc/resolv.conf looks like this: domain summitnjhome.com nameserver 192.168.1.44 nameserver 4.2.2.2 zone 1.168.192.in-addr.arpa { type master; file /etc/named/master/summitnjhome-reverse.db }; the 'zone' line you show should *NOT* be in resolv.conf at all. this line should be in the named.conf file *instead* of the one for the '192.in-addr.arpa' zone. then I restart both named and the network service and yet if I were to try forward resolution: LBSD2# host sum1 sum1.summitnjhome.com is an alias for LCENT01.summitnjhome.com. LCENT01.summitnjhome.com has address 192.168.1.42 and then reverse resolution: LBSD2# host 192.168.1.42 Host 42.1.168.192.in-addr.arpa. not found: 3(NXDOMAIN) I have no luck. Any thoughts on this? see above. -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: reverse dns in bind9
Ok guys.. I totally get it now and sorry for the misunderstanding. I'm really looking forward to getting this working but might not get a chance to try this again until this evening. time. where does it go? don't know but I certainly appreciate yourst! On Mon, Mar 28, 2011 at 8:01 AM, Peter Andreev andreev.pe...@gmail.com wrote: 2011/3/28 Tim Dunphy bluethu...@gmail.com Hello, Thanks for your reply! I took your advice and removed that line from resolv.conf and added it into /etc/named/named.conf Now it looks like this // RFC 1912 zone localhost { type master; file master/localhost-forward.db; }; zone 127.in-addr.arpa { type master; file master/localhost-reverse.db; }; zone 255.in-addr.arpa { type master; file master/empty.db; }; zone 192.in-addr.arpa { type master; file master/summitjnhome-reverse.db; }; Robert said that you should replace 192.in-addr.arpa with 1.168.192.in-addr.arpa in your named.conf. Your named.conf should be look like the following: zone localhost { type master; file master/localhost-forward.db; }; zone 127.in-addr.arpa { type master; file master/localhost-reverse.db; }; zone 255.in-addr.arpa { type master; file master/empty.db; }; zone 1.168.192.in-addr.arpa { type master; file master/summitjnhome-reverse.db; }; And I did a restart of both network and named but the issue remains: LBSD2# host 192.168.1.44 Host 44.1.168.192.in-addr.arpa. not found: 3(NXDOMAIN) On Mon, Mar 28, 2011 at 1:06 AM, Robert Bonomi bon...@mail.r-bonomi.com wrote: Date: Mon, 28 Mar 2011 00:19:26 -0400 From: Tim Dunphy bluethu...@gmail.com Subject: reverse dns in bind9 Hello, I am attempting to setup reverse dns in bind 9 under freebsd... this is in an attempt to allow mysql to work a little easier with DNS resolution. In my /etc/named/named.conf file I have the following: // RFC 1912 zone localhost { type master; file master/localhost-forward.db; }; zone 127.in-addr.arpa { type master; ile master/localhost-reverse.db; }; zone 255.in-addr.arpa { type master; file master/empty.db; }; zone 192.in-addr.arpa { type master; file master/summitjnhome-reverse.db; }; zone summitnjhome.com { type master; file master/summitnjhome.db; }; My master/summitnjhome.com looks like the following: For starters, this should be in master/summitnjhome-reerse.db $TTL 3D @ IN SOA ns1.summitnjhome.com. bluethundr.gmail.com. ( 201103271 ; Serial, todays date + todays serial 8H ; Refresh 2H ; Retry 4W ; Expire 1D) ; Minimum TTL NS ns1.summitnjhome.com. summitnjhome.com. 42 PTR LCENT01.summitnjhome.com. 43 PTR LCENT02.summitnjhome.com. 44 PTR LBSD2.summitnjhome.com. 45 PTR LCENT02.summitnjhome.com. 46 PTR LCENT03.summitnjhome.com. 47 PTR LCENT04.summitnjhome.com. 23 PTR virtcent01.summitnjhome.com. 24 PTR virtcent02.summitnjhome.com. 21 PTR virtcent03.summitnjhome.com. 26 PTR virtcent04.summitnjhome.com. 27 PTR virtcent05.summitnjhome.com. 28 PTR virtcent06.summitnjhome.com. 29 PTR virtcent07.summitnjhome.com. 30 PTR virtcent08.summitnjhome.com. 31 PTR virtcent09.summitnjhome.com. 32 PTR virtcent10.summitnjhome.com. 33 PTR virtcent11.summitnjhome.com. 34 PTR virtcent12.summitnjhome.com. 35 PTR virtcent13.summitnjhome.com. 36 PTR virtcent14.summitnjhome.com. 37 PTR virtcent15.summitnjhome.com. 38 PTR virtcent16.summitnjhome.com. 39 PTR virtcent17.summitnjhome.com. 40 PTR virtcent18.summitnjhome.com. 41 PTR virtcent19.summitnjhome.com. and my /etc/resolv.conf looks like this: domain summitnjhome.com nameserver 192.168.1.44 nameserver 4.2.2.2 zone 1.168.192.in-addr.arpa { type master; file /etc/named/master/summitnjhome-reverse.db }; the 'zone' line you show should *NOT* be in resolv.conf at all. this line should be in the named.conf file *instead* of the one for the '192.in-addr.arpa' zone. then I restart both named and the network service and yet if I were to try forward resolution: LBSD2# host sum1 sum1.summitnjhome.com is an alias for LCENT01.summitnjhome.com. LCENT01.summitnjhome.com has address 192.168.1.42 and then reverse resolution: LBSD2# host 192.168.1.42 Host 42.1.168.192.in-addr.arpa. not found: 3(NXDOMAIN) I have no luck. Any thoughts
Re: reverse dns in bind9
hello list, I was able to make that correction: zone 1.168.192.in-addr.arpa { type master; file master/summitnjhome-reverse.d b; }; zone summitnjhome.com { type master; file master/summitnjhome.db; }; is now in named.conf. otherwise named.conf is identical to the way it is higher up in the thread, and summitnjhome-reverse.db is untouched. But as of now, forward lookups work, but reverse time out: LBSD2# host sum1 sum1.summitnjhome.com is an alias for LCENT01.summitnjhome.com. LCENT01.summitnjhome.com has address 192.168.1.42 LBSD2# nslookup sum1 Server: 192.168.1.44 Address:192.168.1.44#53 sum1.summitnjhome.com canonical name = LCENT01.summitnjhome.com. Name: LCENT01.summitnjhome.com Address: 192.168.1.42 LBSD2# host 192.168.1.42 ;; connection timed out; no servers could be reached LBSD2# nslookup 192.168.1.42 ;; Got SERVFAIL reply from 192.168.1.44, trying next server ;; connection timed out; no servers could be reached Now I could probably understand it FAILING due to perhaps a type-o in the config. But I am genuinely curious as to how forward lookups will work and reverse lookups time out. regards tim On Mon, Mar 28, 2011 at 9:36 AM, Tim Dunphy bluethu...@gmail.com wrote: Ok guys.. I totally get it now and sorry for the misunderstanding. I'm really looking forward to getting this working but might not get a chance to try this again until this evening. time. where does it go? don't know but I certainly appreciate yourst! On Mon, Mar 28, 2011 at 8:01 AM, Peter Andreev andreev.pe...@gmail.com wrote: 2011/3/28 Tim Dunphy bluethu...@gmail.com Hello, Thanks for your reply! I took your advice and removed that line from resolv.conf and added it into /etc/named/named.conf Now it looks like this // RFC 1912 zone localhost { type master; file master/localhost-forward.db; }; zone 127.in-addr.arpa { type master; file master/localhost-reverse.db; }; zone 255.in-addr.arpa { type master; file master/empty.db; }; zone 192.in-addr.arpa { type master; file master/summitjnhome-reverse.db; }; Robert said that you should replace 192.in-addr.arpa with 1.168.192.in-addr.arpa in your named.conf. Your named.conf should be look like the following: zone localhost { type master; file master/localhost-forward.db; }; zone 127.in-addr.arpa { type master; file master/localhost-reverse.db; }; zone 255.in-addr.arpa { type master; file master/empty.db; }; zone 1.168.192.in-addr.arpa { type master; file master/summitjnhome-reverse.db; }; And I did a restart of both network and named but the issue remains: LBSD2# host 192.168.1.44 Host 44.1.168.192.in-addr.arpa. not found: 3(NXDOMAIN) On Mon, Mar 28, 2011 at 1:06 AM, Robert Bonomi bon...@mail.r-bonomi.com wrote: Date: Mon, 28 Mar 2011 00:19:26 -0400 From: Tim Dunphy bluethu...@gmail.com Subject: reverse dns in bind9 Hello, I am attempting to setup reverse dns in bind 9 under freebsd... this is in an attempt to allow mysql to work a little easier with DNS resolution. In my /etc/named/named.conf file I have the following: // RFC 1912 zone localhost { type master; file master/localhost-forward.db; }; zone 127.in-addr.arpa { type master; ile master/localhost-reverse.db; }; zone 255.in-addr.arpa { type master; file master/empty.db; }; zone 192.in-addr.arpa { type master; file master/summitjnhome-reverse.db; }; zone summitnjhome.com { type master; file master/summitnjhome.db; }; My master/summitnjhome.com looks like the following: For starters, this should be in master/summitnjhome-reerse.db $TTL 3D @ IN SOA ns1.summitnjhome.com. bluethundr.gmail.com. ( 201103271 ; Serial, todays date + todays serial 8H ; Refresh 2H ; Retry 4W ; Expire 1D) ; Minimum TTL NS ns1.summitnjhome.com. summitnjhome.com. 42 PTR LCENT01.summitnjhome.com. 43 PTR LCENT02.summitnjhome.com. 44 PTR LBSD2.summitnjhome.com. 45 PTR LCENT02.summitnjhome.com. 46 PTR LCENT03.summitnjhome.com. 47 PTR LCENT04.summitnjhome.com. 23 PTR virtcent01.summitnjhome.com. 24 PTR virtcent02.summitnjhome.com. 21 PTR virtcent03.summitnjhome.com. 26 PTR virtcent04.summitnjhome.com. 27 PTR virtcent05.summitnjhome.com. 28 PTR virtcent06.summitnjhome.com. 29 PTR virtcent07.summitnjhome.com. 30 PTR virtcent08.summitnjhome.com. 31 PTR virtcent09.summitnjhome.com. 32 PTR virtcent10.summitnjhome.com. 33 PTR virtcent11.summitnjhome.com. 34 PTR
Re: reverse dns in bind9
hello no crabby comments on restart at all! LBSD2# /etc/rc.d/named restart Stopping named. Waiting for PIDS: 4970. Starting named. Ah but yes some complaints from the logs Mar 29 04:59:47 LBSD2 named[5469]: master/summitnjhome-reverse.db:10: ignoring out-of-zone data (summitnjhome.com) Mar 29 04:59:47 LBSD2 named[5469]: dns_master_load: master/summitnjhome-reverse.db:11: unexpected end of line Mar 29 04:59:47 LBSD2 named[5469]: dns_master_load: master/summitnjhome-reverse.db:10: unexpected end of input Mar 29 04:59:47 LBSD2 named[5469]: zone 1.168.192.in-addr.arpa/IN: loading from master file master/summitnjhome-reverse.db failed: unexpected end of input Mar 29 04:59:47 LBSD2 named[5469]: zone 1.168.192.in-addr.arpa/IN: not loaded due to errors. Mar 29 04:59:47 LBSD2 named[5469]: running Tho I am not sure why it's complaining about unexpected end of input this is the whole file 201103271 ; Serial, todays date + todays serial 8H ; Refresh 2H ; Retry 4W ; Expire 1D) ; Minimum TTL NS ns1.summitnjhome.com. summitnjhome.com. 42 PTR LCENT01.summitnjhome.com. 43 PTR LCENT02.summitnjhome.com. 44 PTR LBSD2.summitnjhome.com. 45 PTR LCENT02.summitnjhome.com. 46 PTR LCENT03.summitnjhome.com. 47 PTR LCENT04.summitnjhome.com. 23 PTR virtcent01.summitnjhome.com. 24 PTR virtcent02.summitnjhome.com. 21 PTR virtcent03.summitnjhome.com. 26 PTR virtcent04.summitnjhome.com. 27 PTR virtcent05.summitnjhome.com. 28 PTR virtcent06.summitnjhome.com. 29 PTR virtcent07.summitnjhome.com. 30 PTR virtcent08.summitnjhome.com. 31 PTR virtcent09.summitnjhome.com. 32 PTR virtcent10.summitnjhome.com. 33 PTR virtcent11.summitnjhome.com. 34 PTR virtcent12.summitnjhome.com. 35 PTR virtcent13.summitnjhome.com. 36 PTR virtcent14.summitnjhome.com. 37 PTR virtcent15.summitnjhome.com. 38 PTR virtcent16.summitnjhome.com. 39 PTR virtcent17.summitnjhome.com. 40 PTR virtcent18.summitnjhome.com. 41 PTR virtcent19.summitnjhome.com. tim On Mon, Mar 28, 2011 at 11:54 PM, Jon Radel j...@radel.com wrote: On 3/28/11 11:36 PM, Tim Dunphy wrote: Now I could probably understand it FAILING due to perhaps a type-o in the config. But I am genuinely curious as to how forward lookups will work and reverse lookups time out. I would expect them to time out if your dns server knows nothing about the reverse zone; give or take how you connect to the rest of the DNS. What messages about zones loading did you get when you restarted bind? Where there any crabby comments in the log file about not loading master/summitnjhome-reverse.db due to error(s)? Was that file mentioned at all? --Jon Radel j...@radel.com -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
change hostname
hey guys, I setup a FreeBSD 8.2 box to server as an LDAP server. I forgot that I had a TLS cert with a different hostname than the one I selected. So I edited /etc/rc.conf to change the name there defaultrouter=192.168.1.1 hostname=LBSD2.summitnjhome.com ## -- used to be LBSD1.summitnjhome.com ifconfig_bge0=inet 192.168.1.44 netmask 255.255.255.0 nfs_client_enable=YES sshd_enable=YES named_enable=YES slapd_enable=YES And then edited /etc/hosts ::1 localhost localhost.summitnjhome.com 127.0.0.1 localhost localhost.summitnjhome.com 192.168.1.44LBSD2.summitnjhome.com LBSD2 ## -- used to be LBSD1.summitnjhome.com 192.168.1.44LBSD2.summitnjhome.com. ## -- Same then i restarted the network LBSD2# /etc/rc.d/netif restart Stopping Network: lo0 bge0 plip0. lo0: flags=8048LOOPBACK,RUNNING,MULTICAST metric 0 mtu 16384 options=3RXCSUM,TXCSUM inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet6 ::1 prefixlen 128 nd6 options=3PERFORMNUD,ACCEPT_RTADV bge0: flags=8802BROADCAST,SIMPLEX,MULTICAST metric 0 mtu 1500 options=8009bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE ether 00:14:22:38:9e:eb media: Ethernet autoselect (1000baseT full-duplex) status: active plip0: flags=8810POINTOPOINT,SIMPLEX,MULTICAST metric 0 mtu 1500 Starting Network: lo0 bge0. lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST metric 0 mtu 16384 options=3RXCSUM,TXCSUM inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff00 nd6 options=3PERFORMNUD,ACCEPT_RTADV bge0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=8009bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE ether 00:14:22:38:9e:eb inet 192.168.1.44 netmask 0xff00 broadcast 192.168.1.255 media: Ethernet autoselect (none) status: no carrier However when I issue the hostname -f command it does not reflect the change. It doesn't even show the fqdn LBSD2# hostname -f LBSD2 What am I doing wrong, here? thanks! -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: change hostname
that did it! thanks On Sun, Mar 27, 2011 at 11:00 PM, Noel noeld...@gmail.com wrote: On 3/27/2011 9:18 PM, Tim Dunphy wrote: hey guys, I setup a FreeBSD 8.2 box to server as an LDAP server. I forgot that I had a TLS cert with a different hostname than the one I selected. So I edited /etc/rc.conf to change the name there defaultrouter=192.168.1.1 hostname=LBSD2.summitnjhome.com ## -- used to be LBSD1.summitnjhome.com ifconfig_bge0=inet 192.168.1.44 netmask 255.255.255.0 nfs_client_enable=YES sshd_enable=YES named_enable=YES slapd_enable=YES And then edited /etc/hosts ::1 localhost localhost.summitnjhome.com 127.0.0.1 localhost localhost.summitnjhome.com 192.168.1.44 LBSD2.summitnjhome.com LBSD2 ##-- used to be LBSD1.summitnjhome.com 192.168.1.44 LBSD2.summitnjhome.com. ##-- Same then i restarted the network LBSD2# /etc/rc.d/netif restart Stopping Network: lo0 bge0 plip0. lo0: flags=8048LOOPBACK,RUNNING,MULTICAST metric 0 mtu 16384 options=3RXCSUM,TXCSUM inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet6 ::1 prefixlen 128 nd6 options=3PERFORMNUD,ACCEPT_RTADV bge0: flags=8802BROADCAST,SIMPLEX,MULTICAST metric 0 mtu 1500 options=8009bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE ether 00:14:22:38:9e:eb media: Ethernet autoselect (1000baseTfull-duplex) status: active plip0: flags=8810POINTOPOINT,SIMPLEX,MULTICAST metric 0 mtu 1500 Starting Network: lo0 bge0. lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST metric 0 mtu 16384 options=3RXCSUM,TXCSUM inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff00 nd6 options=3PERFORMNUD,ACCEPT_RTADV bge0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=8009bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE ether 00:14:22:38:9e:eb inet 192.168.1.44 netmask 0xff00 broadcast 192.168.1.255 media: Ethernet autoselect (none) status: no carrier However when I issue the hostname -f command it does not reflect the change. It doesn't even show the fqdn LBSD2# hostname -f LBSD2 What am I doing wrong, here? thanks Try typing the command: # hostname LBSD2.summitnjhome.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
reverse dns in bind9
Hello, I am attempting to setup reverse dns in bind 9 under freebsd... this is in an attempt to allow mysql to work a little easier with DNS resolution. In my /etc/named/named.conf file I have the following: // RFC 1912 zone localhost{ type master; file master/localhost-forward.db; }; zone 127.in-addr.arpa { type master; file master/localhost-reverse.db; }; zone 255.in-addr.arpa { type master; file master/empty.db; }; zone 192.in-addr.arpa { type master; file master/summitjnhome-reverse.db; }; zone summitnjhome.com { type master; file master/summitnjhome.db; }; My master/summitnjhome.com looks like the following: $TTL 3D @ IN SOA ns1.summitnjhome.com. bluethundr.gmail.com. ( 201103271 ; Serial, todays date + todays serial 8H ; Refresh 2H ; Retry 4W ; Expire 1D) ; Minimum TTL NS ns1.summitnjhome.com. summitnjhome.com. 42 PTR LCENT01.summitnjhome.com. 43 PTR LCENT02.summitnjhome.com. 44 PTR LBSD2.summitnjhome.com. 45 PTR LCENT02.summitnjhome.com. 46 PTR LCENT03.summitnjhome.com. 47 PTR LCENT04.summitnjhome.com. 23 PTR virtcent01.summitnjhome.com. 24 PTR virtcent02.summitnjhome.com. 21 PTR virtcent03.summitnjhome.com. 26 PTR virtcent04.summitnjhome.com. 27 PTR virtcent05.summitnjhome.com. 28 PTR virtcent06.summitnjhome.com. 29 PTR virtcent07.summitnjhome.com. 30 PTR virtcent08.summitnjhome.com. 31 PTR virtcent09.summitnjhome.com. 32 PTR virtcent10.summitnjhome.com. 33 PTR virtcent11.summitnjhome.com. 34 PTR virtcent12.summitnjhome.com. 35 PTR virtcent13.summitnjhome.com. 36 PTR virtcent14.summitnjhome.com. 37 PTR virtcent15.summitnjhome.com. 38 PTR virtcent16.summitnjhome.com. 39 PTR virtcent17.summitnjhome.com. 40 PTR virtcent18.summitnjhome.com. 41 PTR virtcent19.summitnjhome.com. and my /etc/resolv.conf looks like this: domain summitnjhome.com nameserver 192.168.1.44 nameserver 4.2.2.2 zone 1.168.192.in-addr.arpa { type master; file /etc/named/master/summitnjhome-reverse.db }; then I restart both named and the network service and yet if I were to try forward resolution: LBSD2# host sum1 sum1.summitnjhome.com is an alias for LCENT01.summitnjhome.com. LCENT01.summitnjhome.com has address 192.168.1.42 and then reverse resolution: LBSD2# host 192.168.1.42 Host 42.1.168.192.in-addr.arpa. not found: 3(NXDOMAIN) I have no luck. Any thoughts on this? thanks! -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Unable to umount
[robert@dell64] ~ umount Flash umount: unmount of /home/robert/Flash failed: Device busy [robert@dell64] ~ umount /dev/da6s1 umount: unmount of /home/robert/Flash failed: Device busy have you tried lazy unmount? umount -l /dev/da6s1 if you have root access you should su/sudo to that before trying this command. regards, tim On Sat, Mar 12, 2011 at 11:35 AM, Chris Brennan xa...@xaerolimit.net wrote: On Sat, Mar 12, 2011 at 11:33 AM, Robert travelin...@cox.net wrote: Thank you for the reply. As shown above, I mounted the drive and then tried to umount the drive. I did not access it other than the ls command. [robert@dell64] ~ lsof Flash [robert@dell64] ~ lsof /dev/da6s1 [robert@dell64] ~ [robert@dell64] ~ umount Flash umount: unmount of /home/robert/Flash failed: Device busy [robert@dell64] ~ umount /dev/da6s1 umount: unmount of /home/robert/Flash failed: Device busy [robert@dell64] ~ For shgiggles, try and umount it as root, does that actually work? -- Did you know... If you play a Windows 2000 CD backwards, you hear satanic messages, but what's worse is when you play it forward ...it installs Windows 2000 -- Alfred Perlstein on chat at freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: pam ssh authentication via ldap
requiredpam_unix.so no_warn try_first_pass I really appreciate your input Krad and I appreciate any advice anyone may have thanks tim On Sun, Feb 27, 2011 at 6:10 AM, krad kra...@gmail.com wrote: On 27 February 2011 11:05, krad kra...@gmail.com wrote: On 26 February 2011 20:01, Tim Dunphy bluethu...@gmail.com wrote: Hey list, I just wanted to follow up with my /usr/local/etc/ldap.conf file and nsswitch file because I thought they might be helpful in dispensing advice as to what is going on: uri ldap://LBSD2.summitnjhome.com base ou=staff,ou=Group,dc=summitnjhome,dc=com sudoers_base ou=staff,ou=Group,dc=summitnjhome,dc=com binddn cn=pam_ldap,ou=Services,dc=summitnjhome,dc=com bindpw secret scope sub pam_password exop nss_base_passwd dc=summitnjhome,dc=com nss_base_shadow dc=summitnjhome,dc=com nss_base_group dc=summitnjhome,dc=com nss_base_sudo dc=summitnjhome,dc=com # nsswitch.conf(5) - name service switch configuration file # $FreeBSD: src/etc/nsswitch.conf,v 1.1.10.1.2.1 2009/10/25 01:10:29 kensmith Exp $ # passwd: files ldap passwd_compat: files ldap group: files ldap group_compat: nis sudoers: ldap hosts: files dns networks: files shells: files services: compat services_compat: nis protocols: files rpc: files On Sat, Feb 26, 2011 at 2:55 PM, Tim Dunphy bluethu...@gmail.com wrote: Hello List!! I have an OpenLDAP 2.4 server functioning very nicely that authenticates a network of (mostly virtual) centos 5.5 machines. But at the moment I am attempting to setup pam authentication for ssh via LDAP and having some difficulty. My /etc/pam.d/sshd file seems to be setup logically and correctly: # PAM configuration for the sshd service # # auth auth sufficient pam_opie.so no_warn no_fake_prompts auth requisite pam_opieaccess.so no_warn allow_local #auth sufficient pam_krb5.so no_warn try_first_pass #auth sufficient pam_ssh.so no_warn try_first_pass auth required pam_ldap.so #auth required pam_unix.so no_warn try_first_pass # account account required pam_nologin.so #account required pam_krb5.so account required pam_login_access.so account required pam_ldap.so #account required pam_unix.so # session #session optional pam_ssh.so session sufficient pam_ldap.so session required pam_permit.so # password #password sufficient pam_krb5.so no_warn try_first_pass password required pam_ldap.so #password required pam_unix.so no_warn try_first_pass And if I'm reading the logs correctly LDAP is searching for and finding the account information when I am making the login attempt: Feb 26 19:52:54 LBSD2 slapd[54891]: conn=21358 op=22122 SRCH base=dc=summitnjhome,dc=com scope=2 deref=0 filter=((objectClass=posixAccount)(uidNumber=1001 )) Feb 26 19:52:54 LBSD2 slapd[54891]: conn=21358 op=22122 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectCla ss Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates Feb 26 19:52:54 LBSD2 slapd[54891]: AND Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_list_candidates 0xa0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates Feb 26 19:52:54 LBSD2 slapd[54891]: OR Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_list_candidates 0xa1 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates Feb 26 19:52:54 LBSD2 slapd[54891]: EQUALITY Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates: id=0 first=0 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates Feb 26 19:52:54 LBSD2 slapd[54891]: AND Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_list_candidates 0xa0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates Feb 26 19:52:54 LBSD2 slapd[54891]: EQUALITY Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates: id=26 first=106 last=137 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates Feb 26 19:52:54 LBSD2 slapd[54891]: EQUALITY Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates: id=0 first=0 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_list_candidates: id=0 first=106 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates: id=0 first=106 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_list_candidates: id=0 first=0 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates: id=0 first=0 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_list_candidates: id=0 first=1 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates: id=0 first=1 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: conn=21358 op=22122 SEARCH RESULT tag=101 err=0 nentries=0 text= Feb 26 19:52:54 LBSD2
pam ssh authentication via ldap
Hello List!! I have an OpenLDAP 2.4 server functioning very nicely that authenticates a network of (mostly virtual) centos 5.5 machines. But at the moment I am attempting to setup pam authentication for ssh via LDAP and having some difficulty. My /etc/pam.d/sshd file seems to be setup logically and correctly: # PAM configuration for the sshd service # # auth authsufficient pam_opie.so no_warn no_fake_prompts authrequisite pam_opieaccess.so no_warn allow_local #auth sufficient pam_krb5.so no_warn try_first_pass #auth sufficient pam_ssh.so no_warn try_first_pass authrequiredpam_ldap.so #auth requiredpam_unix.so no_warn try_first_pass # account account requiredpam_nologin.so #accountrequiredpam_krb5.so account requiredpam_login_access.so account requiredpam_ldap.so #accountrequiredpam_unix.so # session #sessionoptionalpam_ssh.so session sufficient pam_ldap.so session requiredpam_permit.so # password #password sufficient pam_krb5.so no_warn try_first_pass passwordrequiredpam_ldap.so #password requiredpam_unix.so no_warn try_first_pass And if I'm reading the logs correctly LDAP is searching for and finding the account information when I am making the login attempt: Feb 26 19:52:54 LBSD2 slapd[54891]: conn=21358 op=22122 SRCH base=dc=summitnjhome,dc=com scope=2 deref=0 filter=((objectClass=posixAccount)(uidNumber=1001 )) Feb 26 19:52:54 LBSD2 slapd[54891]: conn=21358 op=22122 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectCla ss Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates Feb 26 19:52:54 LBSD2 slapd[54891]: AND Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_list_candidates 0xa0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates Feb 26 19:52:54 LBSD2 slapd[54891]: OR Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_list_candidates 0xa1 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates Feb 26 19:52:54 LBSD2 slapd[54891]: EQUALITY Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates: id=0 first=0 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates Feb 26 19:52:54 LBSD2 slapd[54891]: AND Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_list_candidates 0xa0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates Feb 26 19:52:54 LBSD2 slapd[54891]: EQUALITY Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates: id=26 first=106 last=137 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates Feb 26 19:52:54 LBSD2 slapd[54891]: EQUALITY Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates: id=0 first=0 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_list_candidates: id=0 first=106 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates: id=0 first=106 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_list_candidates: id=0 first=0 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates: id=0 first=0 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_list_candidates: id=0 first=1 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates: id=0 first=1 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: conn=21358 op=22122 SEARCH RESULT tag=101 err=0 nentries=0 text= Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: activity on 1 descriptor Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: waked Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: select: listen=6 active_threads=0 tvp=NULL Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: select: listen=7 active_threads=0 tvp=NULL Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: activity on 1 descriptor Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: activity on: Feb 26 19:52:54 LBSD2 slapd[54891]: Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: read activity on 212 Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: select: listen=6 active_threads=0 tvp=NULL Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: select: listen=7 active_threads=0 tvp=NULL Feb 26 19:52:54 LBSD2 slapd[54891]: connection_read(212): input error=-2 id=34715, closing. Feb 26 19:52:54 LBSD2 slapd[54891]: connection_closing: readying conn=34715 sd=212 for close Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: activity on 1 descriptor Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: waked Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: select: listen=6 active_threads=0 tvp=NULL Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: select: listen=7 active_threads=0 tvp=NULL Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: removing 212 Feb 26 19:52:54 LBSD2 slapd[54891]: conn=34715 fd=212 closed (connection lost) But logins fail every time. Could someone offer an opinion as to what may be going on to prevent logging in via pam/sshd and LDAP? Thanks in advance! Tim -- GPG
Re: pam ssh authentication via ldap
Hey list, I just wanted to follow up with my /usr/local/etc/ldap.conf file and nsswitch file because I thought they might be helpful in dispensing advice as to what is going on: uri ldap://LBSD2.summitnjhome.com base ou=staff,ou=Group,dc=summitnjhome,dc=com sudoers_base ou=staff,ou=Group,dc=summitnjhome,dc=com binddn cn=pam_ldap,ou=Services,dc=summitnjhome,dc=com bindpw secret scope sub pam_password exop nss_base_passwd dc=summitnjhome,dc=com nss_base_shadow dc=summitnjhome,dc=com nss_base_group dc=summitnjhome,dc=com nss_base_sudo dc=summitnjhome,dc=com # nsswitch.conf(5) - name service switch configuration file # $FreeBSD: src/etc/nsswitch.conf,v 1.1.10.1.2.1 2009/10/25 01:10:29 kensmith Exp $ # passwd: files ldap passwd_compat: files ldap group: files ldap group_compat: nis sudoers: ldap hosts: files dns networks: files shells: files services: compat services_compat: nis protocols: files rpc: files On Sat, Feb 26, 2011 at 2:55 PM, Tim Dunphy bluethu...@gmail.com wrote: Hello List!! I have an OpenLDAP 2.4 server functioning very nicely that authenticates a network of (mostly virtual) centos 5.5 machines. But at the moment I am attempting to setup pam authentication for ssh via LDAP and having some difficulty. My /etc/pam.d/sshd file seems to be setup logically and correctly: # PAM configuration for the sshd service # # auth auth sufficient pam_opie.so no_warn no_fake_prompts auth requisite pam_opieaccess.so no_warn allow_local #auth sufficient pam_krb5.so no_warn try_first_pass #auth sufficient pam_ssh.so no_warn try_first_pass auth required pam_ldap.so #auth required pam_unix.so no_warn try_first_pass # account account required pam_nologin.so #account required pam_krb5.so account required pam_login_access.so account required pam_ldap.so #account required pam_unix.so # session #session optional pam_ssh.so session sufficient pam_ldap.so session required pam_permit.so # password #password sufficient pam_krb5.so no_warn try_first_pass password required pam_ldap.so #password required pam_unix.so no_warn try_first_pass And if I'm reading the logs correctly LDAP is searching for and finding the account information when I am making the login attempt: Feb 26 19:52:54 LBSD2 slapd[54891]: conn=21358 op=22122 SRCH base=dc=summitnjhome,dc=com scope=2 deref=0 filter=((objectClass=posixAccount)(uidNumber=1001 )) Feb 26 19:52:54 LBSD2 slapd[54891]: conn=21358 op=22122 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectCla ss Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates Feb 26 19:52:54 LBSD2 slapd[54891]: AND Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_list_candidates 0xa0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates Feb 26 19:52:54 LBSD2 slapd[54891]: OR Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_list_candidates 0xa1 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates Feb 26 19:52:54 LBSD2 slapd[54891]: EQUALITY Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates: id=0 first=0 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates Feb 26 19:52:54 LBSD2 slapd[54891]: AND Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_list_candidates 0xa0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates Feb 26 19:52:54 LBSD2 slapd[54891]: EQUALITY Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates: id=26 first=106 last=137 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates Feb 26 19:52:54 LBSD2 slapd[54891]: EQUALITY Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates: id=0 first=0 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_list_candidates: id=0 first=106 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates: id=0 first=106 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_list_candidates: id=0 first=0 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates: id=0 first=0 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_list_candidates: id=0 first=1 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: = bdb_filter_candidates: id=0 first=1 last=0 Feb 26 19:52:54 LBSD2 slapd[54891]: conn=21358 op=22122 SEARCH RESULT tag=101 err=0 nentries=0 text= Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: activity on 1 descriptor Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: waked Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: select: listen=6 active_threads=0 tvp=NULL Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: select: listen=7 active_threads=0 tvp=NULL Feb 26 19:52:54 LBSD2 slapd[54891]: daemon: activity on 1 descriptor Feb 26 19:52:54 LBSD2 slapd[54891
openldap problems authenticating
Hello list, I am running an openldap 2.4 server under FreeBSD that was working well until the config was tweaked by someone on the team without properly documenting their work # /usr/local/etc/ldap.con on ldap server (FreeBSD 8.1) host LBSD.summitnjhome.com base dc=summitnjhome,dc=com sudoers_base ou=sudoers,ou=Services,dc=summitnjhome,dc=com binddn cn=pam_ldap,ou=Services,dc=summitnjhome,dc=com bindpw {SSHA}secret scope sub pam_password exop nss_base_passwd ou=staff,dc=summitnjhome,dc=com nss_base_shadow ou=staff,dc=summitnjhome,dc=com # grep for ldap account shows ldap account on the ldap server itself succeeds [root@LBSD2:/usr/local/etc/openldap] #getent passwd | grep walbs walbs:secret/:1002:1003:Walkiria Soares:/home/walbs:/usr/local/bin/bash [root@LBSD2:/usr/local/etc/openldap] #grep walbs /etc/passwd [root@LBSD2:/usr/local/etc/openldap] # # /etc/ldap.conf on ldap client (centos 5.5) host LBSD2.summitnjhome.com base dc=summitnjhome,dc=com sudoers_base ou=sudoers,ou=Services,dc=summitnjhome,dc=com binddn cn=pam_ldap,ou=Services,dc=summitnjhome,dc=com bindpw {crypt}secret scope sub pam_password exop nss_base_passwd ou=staff,dc=summitnjhome,dc=com nss_base_shadow ou=staff,dc=summitnjhome,dc=com # grep getent passwd for ldap account on the client nothing turns up after a long pause [root@LCENT01:~] #getent passwd | grep walbs [root@LCENT01:~] # # nsswitch on the client passwd: files ldap shadow: files ldap group: files ldap sudoers:ldap #hosts: db files nisplus nis dns hosts: files dns # this is what's going on in the logs on the ldap server during th getent from the #client Feb 22 21:31:18 LBSD2 slapd[51158]: conn=3411 op=0 RESULT tag=97 err=49 text= Feb 22 21:31:18 LBSD2 slapd[51158]: conn=3411 op=1 UNBIND Feb 22 21:31:18 LBSD2 slapd[51158]: conn=3411 fd=22 closed Feb 22 21:31:26 LBSD2 slapd[51158]: conn=3412 fd=22 ACCEPT from IP=192.168.1.42:53811 (IP=192.168.1.44:389) Feb 22 21:31:26 LBSD2 slapd[51158]: conn=3412 op=0 BIND dn=cn=pam_ldap,ou=Services,dc=summitnjhome,dc=com method=128 Feb 22 21:31:26 LBSD2 slapd[51158]: conn=3412 op=0 RESULT tag=97 err=49 text= Feb 22 21:31:26 LBSD2 slapd[51158]: conn=3412 op=1 UNBIND Feb 22 21:31:26 LBSD2 slapd[51158]: conn=3412 fd=22 closed #ldap search from the client as the pam services account is able to locate the ldap user info [root@LCENT02:~] #ldapsearch -xH 'ldap://LBSD2.summitnjhome.com' -D 'cn=pam_ldap ,ou=Services,dc=summitnjhome,dc=com' -w 'secret' -b 'dc=summitnjhome,dc=com' '(uid=walbs)' # extended LDIF # # LDAPv3 # base dc=summitnjhome,dc=com with scope subtree # filter: (uid=walbs) # requesting: ALL # # walbs, People, summitnjhome.com dn: uid=walbs,ou=People,dc=summitnjhome,dc=com uid: walbs cn: Walkiria Soares givenName: Walkiria sn: Soares mail: wa...@example.com objectClass: inetLocalMailRecipient objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top uidNumber: 1002 gidNumber: 1003 # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 #pam_ldap services account in the ldap directory 3 cn=pam_ldap,ou=Services,dc=summitnjhome,dc=com cn: pam_ldap objectClass: top objectClass: inetOrgPerson sn: PAM userPassword: {SSHA}secret I have also tried doing anonymous binds on the client as well as using plain text passwords. I get the same tag=97 err=49 messages on the client either way. Some advice is sorely needed here. Thank you very kindly in advance! -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/inetorgperson.schema # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org pidfile /var/run/openldap/slapd.pid argsfile/var/run/openldap/slapd.args # Load dynamic backend modules: modulepath /usr/local/libexec/openldap moduleload back_bdb # moduleloadback_hdb # moduleloadback_ldap # Sample security restrictions # Require integrity protection (prevent hijacking) # Require 112-bit (3DES or better) encryption for updates # Require 63-bit encryption for simple bind # security ssf=1 update_ssf=112 simple_bind=64 # Sample access control policy: # Root DSE: allow anyone to read it # Subschema (sub)entry DSE: allow anyone to read it # Other DSEs: # Allow self write access # Allow authenticated users read access # Allow anonymous users to authenticate # Directives needed to implement policy: # access to dn.base= by * read # access to dn.base=cn=Subschema
openldap not starting
hello list!! I am building an ldap server on freebsd 8.1. For some reason if I include the inetorgperson schema in my slapd.conf slapd will not start here is the listing in slapd.conf # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/inetorgpreson.schema I do not know why this is the case as I can ls the file: [root@LBSD2:/usr/local/etc/openldap] #ls -l /usr/local/etc/openldap/schema/inetorgperson.schema -r--r--r-- 1 root wheel 6360 Feb 21 03:13 /usr/local/etc/openldap/schema/inetorgperson.schema If I comment out the inetorg schema slapd starts. And it looks like the ownership and permissions are the same as they are on the schema that is currently working: [root@LBSD2:/usr/local/etc/openldap] #ls -l /usr/local/etc/openldap/schema/core.schema -r--r--r-- 1 root wheel 20583 Feb 21 03:13 /usr/local/etc/openldap/schema/core.schema Boy would I love to get this working again! :) thanks for your help! -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FreeBSD as a xen host
Hello, I am attempting to turn my two FreeBSD hosts into xen hosts that can run some vms. I am using this guide: http://wiki.freebsd.org/FreeBSD/Xen I get down to this step: cd xen-3.3-testing.hg ; make world make install and it fails to build: [r...@lbsd2:/tmp/xen-3.2-testing.hg]#make world make install Makefile, line 9: Need an operator Config.mk, line 12: Missing dependency operator Config.mk, line 14: Need an operator Config.mk, line 31: Could not find /config/.mk Config.mk, line 32: Could not find /config/.mk Config.mk, line 34: Missing dependency operator Config.mk, line 37: Need an operator Config.mk, line 53: Need an operator Error expanding embedded variable. Does anyone have any advice on how to get this to work? thanks! -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD as a xen host
Guys, Thanks gmake has gotten me much farther than make has! :) However the install is still failing: gmake libxenctrl.a libxenctrl.so libxenctrl.so.3.2 libxenctrl.so.3.2.0 libxenguest.a libxenguest.so libxenguest.so.3.2 libxenguest.so.3.2.0 getconf: no such configuration parameter `LFS_CFLAGS' gmake[4]: Entering directory `/tmp/xen-3.2-testing.hg/tools/libxc' gcc -O2 -fomit-frame-pointer -m32 -march=i686 -DNDEBUG -fno-strict-aliasing -std=gnu99 -Wall -Wstrict-prototypes -Wno-unused-value -Wdeclaration-after-statement -D__XEN_TOOLS__ -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -mno-tls-direct-seg-refs -Werror -Wmissing-prototypes -I. -I../xenstore -Wp,-MD,.xc_core.o.d -c -o xc_core.o xc_core.c In file included from xg_private.h:16, from xc_core.c:52: xc_private.h:18:29: error: xen/sys/privcmd.h: No such file or directory In file included from xg_private.h:16, from xc_core.c:52: xc_private.h:86: error: expected declaration specifiers or '...' before 'privcmd_hypercall_t' xc_private.h: In function 'do_xen_version': xc_private.h:90: error: 'privcmd_hypercall_t' undeclared (first use in this function) xc_private.h:90: error: (Each undeclared identifier is reported only once xc_private.h:90: error: for each function it appears in.) xc_private.h:90: error: expected ';' before 'hypercall' xc_private.h:92: error: 'hypercall' undeclared (first use in this function) xc_private.h:96: error: too many arguments to function 'do_xen_hypercall' xc_private.h: In function 'do_domctl': xc_private.h:102: error: 'privcmd_hypercall_t' undeclared (first use in this function) xc_private.h:102: error: expected ';' before 'hypercall' xc_private.h:106: error: 'hypercall' undeclared (first use in this function) xc_private.h:115: error: too many arguments to function 'do_xen_hypercall' xc_private.h: In function 'do_sysctl': xc_private.h:131: error: 'privcmd_hypercall_t' undeclared (first use in this function) xc_private.h:131: error: expected ';' before 'hypercall' xc_private.h:135: error: 'hypercall' undeclared (first use in this function) xc_private.h:144: error: too many arguments to function 'do_xen_hypercall' xc_private.h: At top level: xc_private.h:158: error: expected declaration specifiers or '...' before 'privcmd_mmap_entry_t' gmake[4]: *** [xc_core.o] Error 1 gmake[4]: Leaving directory `/tmp/xen-3.2-testing.hg/tools/libxc' gmake[3]: *** [build] Error 2 gmake[3]: Leaving directory `/tmp/xen-3.2-testing.hg/tools/libxc' gmake[2]: *** [install] Error 2 gmake[2]: Leaving directory `/tmp/xen-3.2-testing.hg/tools' gmake[1]: *** [install-tools] Error 2 gmake[1]: Leaving directory `/tmp/xen-3.2-testing.hg' gmake: *** [world] Error 2 I was wondering if you might have any further suggestions that might get this working. regards On Sun, Nov 7, 2010 at 8:01 AM, Bruce Cran br...@cran.org.uk wrote: On Sun, 7 Nov 2010 07:54:01 -0500 Tim Dunphy bluethu...@gmail.com wrote: [r...@lbsd2:/tmp/xen-3.2-testing.hg]#make world make install Makefile, line 9: Need an operator Config.mk, line 12: Missing dependency operator Config.mk, line 14: Need an operator Config.mk, line 31: Could not find /config/.mk Config.mk, line 32: Could not find /config/.mk Config.mk, line 34: Missing dependency operator Config.mk, line 37: Need an operator Config.mk, line 53: Need an operator Error expanding embedded variable. Does anyone have any advice on how to get this to work? Looks like you might need to use GNU make (gmake) instead of make? -- Bruce Cran -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD as a xen host
Adam, Thanks for clarifying. And my root shell is csh. I am merely executing bash so I have the convenience of command line completion. best! On Sun, Nov 7, 2010 at 11:28 AM, Adam Vande More amvandem...@gmail.com wrote: On Sun, Nov 7, 2010 at 6:54 AM, Tim Dunphy bluethu...@gmail.com wrote: Hello, I am attempting to turn my two FreeBSD hosts into xen hosts that can run some vms. I am using this guide: http://wiki.freebsd.org/FreeBSD/Xen I get down to this step: cd xen-3.3-testing.hg ; make world make install and it fails to build: You may wish to read that page again. Dom0 support doesn't exist in FreeBSD, and paravirt domU is sketchy at best. Your virtualization options are VirtualBox or FreeBSD jails. There's another container based method that's experimental somewhere too. Changing your root shell is asking for trouble. There's a FAQ on it, and hundreds of threads of misery. http://www.freebsd.org/doc/en/books/faq/book.html#TOOR-ACCOUNT -- Adam Vande More -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
failure to import ldif into ldap
Thanks all.. I have read the man of ldif your advice has gotten me quite far both in my current implementation and in my overall understanding of LDAP which I am hoping grows with each passing day. In my attempt to build my current directory, I have taken a dump of my last successful implementation (which was created on FreeBSD 8.1) and substituted values for the dc=company and dc=com values with the correct ones for the current directory (attempting to implement under CentOS 5.4) and even tho the correct schemas are in place it is choking on this entry: # defaults, sudoers, Services, acadaca.com dn: cn=defaults,ou=sudoers,ou=Services,dc=acadaca,dc=net objectClass: top objectClass: sudoRole cn: defaults description: Default sudoOption's go here And again I should have all the schemas in place to make this work... include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include /etc/openldap/schema/nis.schema include /etc/openldap/schema/misc.schema inlcude /etc/openldap/schema/sudoers.schema include /etc/openldap/schema/openldap.schema [r...@ldap ldif]# ldapadd -h ldap -a -w secret -x -D cn=Manager,dc=acadaca,dc=net -f /home/tim/txt/ldif/acadaca-master.ldif adding new entry cn=defaults,ou=sudoers,ou=Services,dc=acadaca,dc=net ldapadd: Invalid syntax (21) additional info: objectClass: value #1 invalid per syntax Why this ldif will work in one directory but not another is a mystery at this point.. thanks again -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
version of slapd?
hello list! how do I get the version of slapd under FreeBSD? under CentOS it's simply [r...@ldap schema]# slapd -V @(#) $OpenLDAP: slapd 2.3.43 (Aug 11 2010 09:09:21) $ mockbu...@builder17.centos.org:/builddir/build/BUILD/openldap-2.3.43/openldap-2.3.43/build-servers/servers/slapd Need to do the same thing for FreeBSD [r...@lbsd2:/usr/home/bluethundr]#/usr/local/etc/rc.d/slapd -V /usr/local/etc/rc.d/slapd: unknown directive '-V'. Usage: /usr/local/etc/rc.d/slapd [fast|force|one](start|stop|restart|rcvar|status|poll) [r...@lbsd2:/usr/home/bluethundr]#su - root Password: Last login: Thu Nov 4 18:44:15 on pts/0 LBSD2# slapd -V slapd: Command not found. thanks! -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: version of slapd?
That did it!!! [bluethu...@lbsd2:~]#pkg_info | grep openldap openldap-sasl-client-2.4.23 Open source LDAP client implementation with SASL2 support openldap-sasl-server-2.4.23 Open source LDAP server implementation I will put /usr/local/libexec/ on my path when I get a chance btw, thanks for mentioning it! Also thank you for making my Jedi powers that much stronger!!! ;-) Sent from my iPhone On Nov 4, 2010, at 6:07 PM, Julian Fagir g...@gnrp.in-berlin.de wrote: Hi, [r...@lbsd2:/usr/home/bluethundr]#/usr/local/etc/rc.d/slapd -V /usr/local/etc/rc.d/slapd: unknown directive '-V'. Usage: /usr/local/etc/rc.d/slapd [fast|force|one](start|stop|restart|rcvar|status|poll) [r...@lbsd2:/usr/home/bluethundr]#su - root Password: Last login: Thu Nov 4 18:44:15 on pts/0 LBSD2# slapd -V slapd: Command not found. slapd is located in libexec of your local directory, i.e. /usr/local/libexec/slapd which is usually not in your PATH. The rc.d-script is just the startfile, not the executable itself. Alternatively, you can look at the version of your installed package, e.g. pkg_info | grep openldap Regards, Julian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: can't add entries to fsab
hey guys, thanks!! Yeah I tried adding the late option, but that didn't change anything. But then I thought that perhaps DNS was not loaded by the time the fstab is parsed making any DNS style mounts render the machine unbootable in normal mode. So I tried referring to the mount by the IP address rather than the DNS name, and that fixed it.. I suppose I could setup the order in which the services load in /etc/rc.d/ by pre-pending each one with numbers (i.e. 00netif 01named 02syslogd...etc etc). Not sure I care enough to do that on my home system, but maybe I will.. On Sat, Oct 30, 2010 at 8:10 PM, Warren Block wbl...@wonkity.com wrote: On Sat, 30 Oct 2010, Tim Dunphy wrote: I am having some trouble adding entries to /etc/fstab.. what happens to work under CentOS does not under FreeBSD!! no surprise there, I suppose.. heh I have nfs_client_enable=YES in my /etc/rc.conf Yet if I add even one line such as nas2.summitnhome.com:/mnt/home /home nfs rw 0 0 the system refuses to boot normally and I have to add the path to /bin//sh manually each time Add the late option ('man mount | less +3/late') to the rw option in that line: nas2.summitnhome.com:/mnt/home /home nfs rw,late 0 0 why on Earth can I not add entries to fstab as I do to CentOS?? Beyond knowing that they're different, dunno. Maybe the async DHCP in FreeBSD is different. -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: can't add entries to fsab
oh ok, thanks good thing I saw this before I got to long in this process. I backed up the /etc/rc.d directory and started re-ordering things like this: 000netif 001netoptions 002routing 003network_ipv6 004ppp 005ipfw 006defaultroute 007routed 008mrouted 009route6d 0010mroute6d 011named 012resolv 013hostname 014hostapd 015hostid 016hostid_save 017rpcbind 018nfsclient 019nfscbd 020nfsdrpcbind 021mountd 022mountcritlocal 023mountcritremote 024mountlate I realized there may be dependencies but I was gonna give it a try and see if I got it right. If not I would restore from backup. Actually this machine isn't on DHCP, it's statically assigned. My basic goal is to get the box to the point where it can resolve DNS before it mounts the contents of /etc/fstab... do you have any suggestions on how best to achieve this goal? thanks On Sun, Oct 31, 2010 at 11:58 AM, Warren Block wbl...@wonkity.com wrote: On Sun, 31 Oct 2010, Tim Dunphy wrote: On Sat, Oct 30, 2010 at 8:10 PM, Warren Block wbl...@wonkity.com wrote: On Sat, 30 Oct 2010, Tim Dunphy wrote: I am having some trouble adding entries to /etc/fstab.. what happens to work under CentOS does not under FreeBSD!! no surprise there, I suppose.. heh I have nfs_client_enable=YES in my /etc/rc.conf Yet if I add even one line such as nas2.summitnhome.com:/mnt/home /home nfs rw 0 0 the system refuses to boot normally and I have to add the path to /bin//sh manually each time Add the late option ('man mount | less +3/late') to the rw option in that line: nas2.summitnhome.com:/mnt/home /home nfs rw,late 0 0 why on Earth can I not add entries to fstab as I do to CentOS?? Beyond knowing that they're different, dunno. Maybe the async DHCP in FreeBSD is different. thanks!! Yeah I tried adding the late option, but that didn't change anything. But then I thought that perhaps DNS was not loaded by the time the fstab is parsed making any DNS style mounts render the machine unbootable in normal mode. So I tried referring to the mount by the IP address rather than the DNS name, and that fixed it.. I suppose I could setup the order in which the services load in /etc/rc.d/ by pre-pending each one with numbers (i.e. 00netif 01named 02syslogd...etc etc). Changing that order is not easy, there are internal dependencies. Forcing the startup to wait for DHCP in /etc/rc.conf may be enough: ifconfig_re0=SYNCDHCP re0 used for example, change to whatever interface you have. -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
can't start firefox
Whenever I try to launch firefox I get a message saying Firefox is already running, but is not responding. To open a new window, you must first close the existing Firefox process, or restart your system. Then I try doing a ps so that I can find the pid and kill it... LBSD1# ps -auxwww | grep firefox LBSD1# But it does not appear to be running. I've tried rebooting and reinstalling the port.. nothing works.. HELP!!! :) -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
hostname
how can I set the hostname so that it persists through reboots? I have set the hostname I want in /etc/hosts but rebooting the change does not show up. In CentOS you have /etc/hostname which serves this purpose but in FreeBSD I don't know how to do this. thanks -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
can't add entries to fsab
Hello, I am having some trouble adding entries to /etc/fstab.. what happens to work under CentOS does not under FreeBSD!! no surprise there, I suppose.. heh I have nfs_client_enable=YES in my /etc/rc.conf Yet if I add even one line such as nas2.summitnhome.com:/mnt/home /homenfs rw 0 0 the system refuses to boot normally and I have to add the path to /bin//sh manually each time why on Earth can I not add entries to fstab as I do to CentOS?? thanks!! -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: start kde in 8.1
Hey guys, Yes xorg is installed: [bluethu...@bsd1 /usr/local/kde4/bin]$ pkg_info -Ix xorg-7 xorg-7.5X.Org complete distribution metaport But startkde does not appear to be in /usr/local/kde4/bin [bluethu...@bsd1 /usr/local/kde4/bin]$ ls checkXMLkjs dolphin kjscmd kappfinder konqueror kbookmarkmerger konsole kbuildsycoca4 konsoleprofile kconfig_compilerkross kcookiejar4 kshell4 kde4-config kunittestmodrunner kded4 kwrapper4 kdeinit4kwrite kdeinit4_shutdown makekdewidgets kdeinit4_wrappermeinproc4 kdepasswd nepomuk-rcgen kdialog nspluginscan keditbookmarks nspluginviewer kfind preparetips kfmclient servicemenudeinstallation kinfocenter servicemenuinstallation I have so far only installed kde4base.. I am attempting to install the full KDE 4... thanks for your help On Fri, Oct 29, 2010 at 12:32 AM, Warren Block wbl...@wonkity.com wrote: On Thu, 28 Oct 2010, Tim Dunphy wrote: I have kdebase4 installed successfully under freebsd 8.1 I found the following advice on the net with so far isn't working to start it: echo startkde ~/.xinitrc I have attempted startx but the system doesn't know about it. may I have a suggestion to proceed? Is xorg installed? % pkg_info -Ix xorg-7 If it's installed, rehash. -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: start kde in 8.1
definitely on it!! it takes a while but I'm sure it'll be worth it... thanks On Fri, Oct 29, 2010 at 10:12 AM, Warren Block wbl...@wonkity.com wrote: On Fri, 29 Oct 2010, Tim Dunphy wrote: Hey guys, Yes xorg is installed: [bluethu...@bsd1 /usr/local/kde4/bin]$ pkg_info -Ix xorg-7 xorg-7.5 X.Org complete distribution metaport But startkde does not appear to be in /usr/local/kde4/bin ... I have so far only installed kde4base.. I am attempting to install the full KDE 4... startkde is in kdebase4-workspace, but you can't install any of the KDE sub-ports by themselves and expect it to run. Install x11/kde4 for the whole thing. -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: download cvsup?
thanks for the suggestion! but the other machines on this network do not use the FreeBSD machine as a router. They merely reference it as their first choice of DNS servers. So as of now networking is good to go for all machines. best!! On Thu, Oct 28, 2010 at 2:32 AM, Michael Powell nightre...@hotmail.com wrote: Tim Dunphy wrote: hey listers!! sorry for all the trouble.. just as an FYI it turned out to NOT be a DNS issue at all!!! it was a routing issue... this command apparently did the trick... [r...@lbsd2:/usr/home/bluethundr]#/etc/rc.d/routing restart add net default: gateway 192.168.1.1 [r...@lbsd2:/usr/home/bluethundr]#ping google.com PING google.com (173.194.33.104): 56 data bytes 64 bytes from 173.194.33.104: icmp_seq=0 ttl=55 time=14.083 ms 64 bytes from 173.194.33.104: icmp_seq=1 ttl=55 time=14.537 ms 64 bytes from 173.194.33.104: icmp_seq=2 ttl=55 time=14.531 ms sometimes it's the simplest solutions under our noses. :) Sorry for not getting back any sooner, went camping in the mountains for a bit. Glad to hear it is resolved. The above is accomplished via this: defaultrouter=192.168.1.1 in your /etc/rc.conf. If you are using this machine as a gateway for the other machines and it is between your FIOS router and the other machines, the defaultrouter value for the other machines would point to the gateway box's internal facing address. -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
start slapd automatically
Hey listers, I have a quick one for ya.. I am running openLDAP 2.4 server on my freebsd box and it's coming along nicely. But whenever I reboot the box it doesn't start automatically. What's the best way to accomplish this? My /etc/defaults/rc.conf has the following entry: local_startup=/usr/local/etc/rc.d # startup script dirs. And slapd is living in the location referenced on that line: [r...@lbsd2:/usr/home/bluethundr]#ls -l /usr/local/etc/rc.d/slapd -r-xr-xr-x 1 root wheel 3591 Oct 9 21:37 /usr/local/etc/rc.d/slapd So I am under the impression that it should be starting there normally. Thanks for your help! -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: start slapd automatically
ok thanks.. this is what I tried: [r...@lbsd2:/var/run/openldap]#vi /usr/local/etc/rc.conf # -- sysinstall generated deltas -- # Sun Aug 15 18:54:08 2010 # Created: Sun Aug 15 18:54:08 2010 # Enable network daemons for user convenience. # Please make all changes to this file, not to /etc/defaults/rc.conf. # This file now contains just the overrides from /etc/defaults/rc.conf. defaultrouter=192.168.1.1 hostname=LBSD2.summitnjhome.com ifconfig_bge0=inet 192.168.1.44 netmask 255.255.255.0 sshd_enable=YES apache22_enable=YES mysql_enable=YES hald_enable=YES dbus_enable=YES dbus_enable=YES hald_enable=YES local_startup={local_startup} /usr/local/kde4/etc/rc.d kde4_enable=YES named_enable=YES slapd_enable=YES slapd_enable=YES slapd_flags='-h ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://192.168.1.44/;' slapd_sockets=/var/run/openldap/ldapi # -- sysinstall generated deltas -- # Thu Sep 16 00:12:09 2010 rpcbind_enable=YES nfs_server_enable=YES slapd_enable=YES [r...@lbsd2:/var/run/openldap]#/usr/local/etc/rc.d/slapd restart Stopping slapd. Waiting for PIDS: 6701. Starting slapd. [r...@lbsd2:/var/run/openldap]#lsof -U | grep slapd slapd 6824 ldap3u unix 0xc895 0t0 -0xc46cb19c slapd 6824 ldap3u unix 0xc895 0t0 -0xc46cb19c [r...@lbsd2:/var/run/openldap]#ls -lh /var/run/openldap/ total 8 -rw-r--r-- 1 ldap ldap 0B Oct 28 12:10 ldapi -rw-r--r-- 1 ldap ldap42B Oct 28 12:15 slapd.args -rw-r--r-- 1 ldap ldap 5B Oct 28 12:15 slapd.pid [r...@lbsd2:/var/run/openldap]#cat /var/run/openldap/ldapi [r...@lbsd2:/var/run/openldap]# I'm not sure why the socket file is empty at the moment..but I have verified that openLDAP is functioning...I can bounce around the network easily by logging in as the LDAP users... can't actually reboot the machine right now, but hopefully this should work. I'll give a shout the next time I reboot if it doesn't start slapd as expected. thanks! On Thu, Oct 28, 2010 at 11:53 AM, Lowell Gilbert freebsd-questions-lo...@be-well.ilk.org wrote: Tim Dunphy bluethu...@gmail.com writes: I have a quick one for ya.. I am running openLDAP 2.4 server on my freebsd box and it's coming along nicely. But whenever I reboot the box it doesn't start automatically. What's the best way to accomplish this? My /etc/defaults/rc.conf has the following entry: local_startup=/usr/local/etc/rc.d # startup script dirs. And slapd is living in the location referenced on that line: [r...@lbsd2:/usr/home/bluethundr]#ls -l /usr/local/etc/rc.d/slapd -r-xr-xr-x 1 root wheel 3591 Oct 9 21:37 /usr/local/etc/rc.d/slapd So I am under the impression that it should be starting there normally. You probably missed the rc.conf entry, described in the message that was printed when you installed the port. Specifically: In order to run the LDAP server, you need to edit %%PREFIX%%/etc/openldap/slapd.conf to suit your needs and add the following lines to /etc/rc.conf: slapd_enable=YES slapd_flags='-h ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0/;' slapd_sockets=/var/run/openldap/ldapi Then start the server with %%PREFIX%%/etc/rc.d/slapd start or reboot. Where %%PREFIX%% is presumably /usr/local. -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
adding user ldif to ldap
hi list.. I am trying to add an ldif with my users that I have derived from /etc/passwd. for some reason ldapadd is choking on the root user... may I ask how best to correct this? Here is the error: LBSD2# ldapadd -x -D cn=Manager,dc=summitnjhome,dc=com -w localG30rg3T0wn -f /tmp/passwd.ldif adding new entry uid=root,ou=People,dc=summitnjhome,dc=com ldap_add: Invalid syntax (21) additional info: objectClass: value #6 invalid per syntax Here is the entry that seems to be the problem: dn: uid=root,ou=People,dc=summitnjhome,dc=com uid: root cn: Enoch givenName: Enoch sn: mail: r...@summitnjhome.com mailRoutingAddress: r...@mail.summitnjhome.com mailHost: mail.summitnjhome.com objectClass: inetLocalMailRecipient objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top objectClass: kerberosSecurityObject userPassword: {crypt}* krbName: r...@summitnjhome.com loginShell: /bin/csh uidNumber: 0 gidNumber: 0 homeDirectory: /root gecos: Enoch And here are the schemas I have included in my slapd.conf: LBSD2# cat /usr/local/etc/openldap/slapd.conf # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/openldap.schema include /usr/local/etc/openldap/schema/sudoers.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/misc.schema Thanks for your help! -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
start kde in 8.1
hey guys, I have kdebase4 installed successfully under freebsd 8.1 I found the following advice on the net with so far isn't working to start it: echo startkde ~/.xinitrc I have attempted startx but the system doesn't know about it. may I have a suggestion to proceed? thanks! -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: start kde in 8.1
sorry forgot to mention I am running it on a dell optiplex gx620 .. thanks in advance On Thu, Oct 28, 2010 at 11:16 PM, Tim Dunphy bluethu...@gmail.com wrote: hey guys, I have kdebase4 installed successfully under freebsd 8.1 I found the following advice on the net with so far isn't working to start it: echo startkde ~/.xinitrc I have attempted startx but the system doesn't know about it. may I have a suggestion to proceed? thanks! -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: download cvsup?
hey listers!! sorry for all the trouble.. just as an FYI it turned out to NOT be a DNS issue at all!!! it was a routing issue... this command apparently did the trick... [r...@lbsd2:/usr/home/bluethundr]#/etc/rc.d/routing restart add net default: gateway 192.168.1.1 [r...@lbsd2:/usr/home/bluethundr]#ping google.com PING google.com (173.194.33.104): 56 data bytes 64 bytes from 173.194.33.104: icmp_seq=0 ttl=55 time=14.083 ms 64 bytes from 173.194.33.104: icmp_seq=1 ttl=55 time=14.537 ms 64 bytes from 173.194.33.104: icmp_seq=2 ttl=55 time=14.531 ms sometimes it's the simplest solutions under our noses. :) Sincere thanks for all your input and all your help! On Fri, Oct 22, 2010 at 11:01 PM, Tim Dunphy bluethu...@gmail.com wrote: guys, thanks for the input. busy couple of days sorry for not following up sooner. at any rate, I tried many suggestions. Here is the current state of things: This is a working resolv.conf on the rest of the network which are CentOS machines: [r...@lbsd2:/usr/home/bluethundr]#cat /etc/resolv.conf domain summitnjhome.com nameserver 192.168.1.44 nameserver 71.250.0.12 nameserver 4.2.2.2 I rsync'ed this file to the bsd server from a CentOS machine and this is what happens when you try to resolve internally, then externally (also tried editing it manually of course): [r...@lbsd2:/usr/home/bluethundr]#host bsd2 bsd2.summitnjhome.com has address 192.168.1.44 [r...@lbsd2:/usr/home/bluethundr]#host sum1 sum1.summitnjhome.com is an alias for lCent01.summitnjhome.com. lCent01.summitnjhome.com has address 192.168.1.42 [r...@lbsd2:/usr/home/bluethundr]#ping yahoo.com ping: cannot resolve yahoo.com: Host name lookup failure this is how my named.conf looks: options { // Relative to the chroot directory, if any directory /etc/namedb; pid-file /var/run/named/pid; dump-file /var/dump/named_dump.db; statistics-file /var/stats/named.stats; Also i notice it's [r...@lbsd2:/usr/home/bluethundr]#ping yahoo.com ping: cannot resolve yahoo.com: Host name lookup failure with forwarders commented out and [r...@lbsd2:/usr/home/bluethundr]#ping yahoo.com PING yahoo.com (72.30.2.43): 56 data bytes ping: sendto: No route to host ping: sendto: No route to host with forwarders enabled: forwarders { 71.250.0.12; 4.2.2.2; }; or even just forwarders { 192.168.1.1; }; enabled.. I'm still quite puzzled.. I'm hoping that this problem won't require me to backup my most important configurations (DNS, LDAP, Apache) and reinstall.. cuz that's uhmmm.. cheating! ;) not to mention a pain in the firggin' arse... guh // If named is being used only as a local resolver, this is a safe default. // For named to be accessible to the network, comment this option, specify // the proper IP address, or delete this option. #listen-on { 127.0.0.1; }; listen-on { 127.0.0.1; 192.168.1.44; }; allow-recursion {127.0.0.1; 192.168.1.0/24;}; On Wed, Oct 20, 2010 at 5:38 AM, Michael Powell nightre...@hotmail.com wrote: Dick Hoogendijk wrote: Are the forwarders in your named.conf file OK? That was the next thing I was about to suggest. His FIOS router should be running DNS itself by default, with it pointing to Verizon's name servers. So he could try using 192.168.1.1 in his named.conf forwarders directive. This would just recurse out to Verizon's name servers and should get a basic external resolution going, provided he has not altered the default router setup. Example from mine: (don't just cut and paste but adjust as required) options { directory /etc/namedb; pid-file /var/run/named/pid; dump-file /var/dump/named_dump.db; statistics-file /var/stats/named.stats; listen-on { 127.0.0.1; 192.168.10.1; }; allow-recursion {127.0.0.1; 192.168.10.0/24;}; // If you've got a DNS server around at your upstream provider, enter // its IP address here, and enable the line below. This will make you // benefit from its cache, thus reduce overall DNS traffic in the Internet. forwarders { 208.67.222.222; 208.67.220.220; 192.168.1.1; }; // query-source address * port 53; }; ---/ Below are snipped out zone file directives for my local stuff /--- The first two IP addresses in my forwarders clause are for OpenDNS. You could delete them so as to only have 192.168.1.1 and your FreeBSD's DNS server will then forward requests to your FIOS router which will then request from Verizon. Use of the listen-on and allow-recursion is not necessary, but if you decide to utilize make sure they reflect values which apply to your situation. Do rndc reload or reboot to take effect. I think he has some other issues pending as well, but one thing at a time. :-) -Mike
Re: download cvsup?
guys, thanks for the input. busy couple of days sorry for not following up sooner. at any rate, I tried many suggestions. Here is the current state of things: This is a working resolv.conf on the rest of the network which are CentOS machines: [r...@lbsd2:/usr/home/bluethundr]#cat /etc/resolv.conf domain summitnjhome.com nameserver 192.168.1.44 nameserver 71.250.0.12 nameserver 4.2.2.2 I rsync'ed this file to the bsd server from a CentOS machine and this is what happens when you try to resolve internally, then externally (also tried editing it manually of course): [r...@lbsd2:/usr/home/bluethundr]#host bsd2 bsd2.summitnjhome.com has address 192.168.1.44 [r...@lbsd2:/usr/home/bluethundr]#host sum1 sum1.summitnjhome.com is an alias for lCent01.summitnjhome.com. lCent01.summitnjhome.com has address 192.168.1.42 [r...@lbsd2:/usr/home/bluethundr]#ping yahoo.com ping: cannot resolve yahoo.com: Host name lookup failure this is how my named.conf looks: options { // Relative to the chroot directory, if any directory /etc/namedb; pid-file/var/run/named/pid; dump-file /var/dump/named_dump.db; statistics-file /var/stats/named.stats; Also i notice it's [r...@lbsd2:/usr/home/bluethundr]#ping yahoo.com ping: cannot resolve yahoo.com: Host name lookup failure with forwarders commented out and [r...@lbsd2:/usr/home/bluethundr]#ping yahoo.com PING yahoo.com (72.30.2.43): 56 data bytes ping: sendto: No route to host ping: sendto: No route to host with forwarders enabled: forwarders { 71.250.0.12; 4.2.2.2; }; or even just forwarders { 192.168.1.1; }; enabled.. I'm still quite puzzled.. I'm hoping that this problem won't require me to backup my most important configurations (DNS, LDAP, Apache) and reinstall.. cuz that's uhmmm.. cheating! ;) not to mention a pain in the firggin' arse... guh // If named is being used only as a local resolver, this is a safe default. // For named to be accessible to the network, comment this option, specify // the proper IP address, or delete this option. #listen-on { 127.0.0.1; }; listen-on{ 127.0.0.1; 192.168.1.44; }; allow-recursion {127.0.0.1; 192.168.1.0/24;}; On Wed, Oct 20, 2010 at 5:38 AM, Michael Powell nightre...@hotmail.com wrote: Dick Hoogendijk wrote: Are the forwarders in your named.conf file OK? That was the next thing I was about to suggest. His FIOS router should be running DNS itself by default, with it pointing to Verizon's name servers. So he could try using 192.168.1.1 in his named.conf forwarders directive. This would just recurse out to Verizon's name servers and should get a basic external resolution going, provided he has not altered the default router setup. Example from mine: (don't just cut and paste but adjust as required) options { directory /etc/namedb; pid-file /var/run/named/pid; dump-file /var/dump/named_dump.db; statistics-file /var/stats/named.stats; listen-on { 127.0.0.1; 192.168.10.1; }; allow-recursion {127.0.0.1; 192.168.10.0/24;}; // If you've got a DNS server around at your upstream provider, enter // its IP address here, and enable the line below. This will make you // benefit from its cache, thus reduce overall DNS traffic in the Internet. forwarders { 208.67.222.222; 208.67.220.220; 192.168.1.1; }; // query-source address * port 53; }; ---/ Below are snipped out zone file directives for my local stuff /--- The first two IP addresses in my forwarders clause are for OpenDNS. You could delete them so as to only have 192.168.1.1 and your FreeBSD's DNS server will then forward requests to your FIOS router which will then request from Verizon. Use of the listen-on and allow-recursion is not necessary, but if you decide to utilize make sure they reflect values which apply to your situation. Do rndc reload or reboot to take effect. I think he has some other issues pending as well, but one thing at a time. :-) -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: download cvsup?
This is the current state of affairs: [r...@lbsd2:/usr/home/bluethundr]#host bsd2 bsd2 has address 199.101.28.20 Host bsd2 not found: 3(NXDOMAIN) [r...@lbsd2:/usr/home/bluethundr]#ping yahoo.com PING yahoo.com (69.147.125.65): 56 data bytes ping: sendto: No route to host ping: sendto: No route to host I made sure these services were commented out or set to no in /etc/rc.conf and /etc/defaults/rc.conf and that they were not running [r...@lbsd2:/usr/home/bluethundr]#ps auxwww | grep rpcbind root1781 0.0 0.1 3492 1212 5 S+ 12:12AM 0:00.00 grep rpcbind [r...@lbsd2:/usr/home/bluethundr]#ps auxwww | grep nfs_server root1783 0.0 0.1 3492 1216 5 S+ 12:13AM 0:00.00 grep nfs_server [r...@lbsd2:/usr/home/bluethundr]#ps auxwww | grep nfs_client root1785 0.0 0.1 3492 1216 5 S+ 12:13AM 0:00.00 grep nfs_client [r...@lbsd2:/usr/home/bluethundr]# Once I was sure those services weren't running I tried these flavors of /etc/fstab: [r...@lbsd2:/usr/home/bluethundr]#cat /etc/resolv.conf domain summitnjhome.com nameserver 192.168.1.44 nameserver 71.250.0.12 nameserver 4.2.2.2 With this here config I can resolve internally but not externally [r...@lbsd2:/usr/home/bluethundr]#host bsd2 bsd2.summitnjhome.com has address 192.168.1.44 [r...@lbsd2:/usr/home/bluethundr]#ping yahoo.com ping: cannot resolve yahoo.com: Host name lookup failure [r...@lbsd2:/usr/home/bluethundr]# With this suggested config I actually get neither internal nor external resolution! [r...@lbsd2:/usr/home/bluethundr]#host bsd2 bsd2 has address 199.101.28.20 ^^ Not any ip that's on MY network! ;) Host bsd2 not found: 3(NXDOMAIN) [r...@lbsd2:/usr/home/bluethundr]#ping yahoo.com PING yahoo.com (72.30.2.43): 56 data bytes ping: sendto: No route to host ping: sendto: No route to host And if I'm not resolving externally I really wonder how I get THAT IP [r...@virtcent05:~]#whois 199.101.28.20 [Querying whois.arin.net] [whois.arin.net] # # Query terms are ambiguous. The query is assumed to be: # n 199.101.28.20 # # Use ? to get help. # # # The following results may also be obtained via: # http://whois.arin.net/rest/nets;q=199.101.28.20?showDetails=trueshowARIN=false # NetRange: 199.101.28.0 - 199.101.31.255 CIDR: 199.101.28.0/22 OriginAS: NetName:SKYE-1 NetHandle: NET-199-101-28-0-1 Parent: NET-199-0-0-0-0 NetType:Direct Assignment NameServer: AUTH1.SKYEBYNOMINUM.COM NameServer: AUTH2.SKYEBYNOMINUM.COM RegDate:2009-03-20 Updated:2009-03-20 Ref:http://whois.arin.net/rest/net/NET-199-101-28-0-1 OrgName:SKYE OrgId: NOMIN-4 Address:2000 Seaport Blvd. Address:Suite 400 City: Redwood City StateProv: CA PostalCode: 94063 Country:US RegDate:2009-03-11 Updated:2009-03-11 Ref:http://whois.arin.net/rest/org/NOMIN-4 Weird man... Back to this config: [r...@lbsd2:/usr/home/bluethundr]#cat /etc/resolv.conf domain summitnjhome.com nameserver 192.168.1.44 nameserver 71.250.0.12 nameserver 4.2.2.2 It's back to the same old routine of resolving internally but not externally! [r...@lbsd2:/usr/home/bluethundr]#host bsd2 bsd2.summitnjhome.com has address 192.168.1.44 [r...@lbsd2:/usr/home/bluethundr]#ping yahoo.com ping: cannot resolve yahoo.com: Host name lookup failure [r...@lbsd2:/usr/home/bluethundr]#nslookup sum1.summitnjhome.com Server: 192.168.1.44 Address:192.168.1.44#53 sum1.summitnjhome.com canonical name = lCent01.summitnjhome.com. Name: lCent01.summitnjhome.com Address: 192.168.1.42 My gateway is a FiOS router at 192.168.1.1 I have a semi-fancy netgear switch that provides wired connectivity to my farm of 6 machines. 1) FreeBSD (God machine) that is SSH gateway, DNS/BIND server, OpenLDAP server, Apache22 server and MySQL 5.1 server. 2) Centos 1 machine - host xen instances that are stored on a san 3) Centos 2 machine - hosts the rest of the xen instances all of which are stored in the same NFS nas mount (/mnt/store/xen). 4) FreeNAS 1 5) FreeNAS 2 6) Client machine (non server) The BSD really kinda runs the show I use that as the base from which to operate. But now it's hobbled with only semi-functioning DNS! Thanks for your help!!! On Tue, Oct 19, 2010 at 1:00 AM, Michael Powell nightre...@hotmail.com wrote: Tim Dunphy wrote: Thanks guys! But to give more background the host in question IS networking, at this point I can ssh into and out of it.. I just can't resolve externally. [r...@lbsd2:/usr/ports]#ifconfig bge0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=9bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM ether 00:14:22:38:9e:eb inet6 fe80::214:22ff:fe38:9eeb%bge0 prefixlen 64 scopeid 0x1 inet 192.168.1.44 netmask 0xff00 broadcast 192.168.1.255 media: Ethernet autoselect (1000baseT full-duplex
Re: download cvsup?
Thanks guys! But to give more background the host in question IS networking, at this point I can ssh into and out of it.. I just can't resolve externally. [r...@lbsd2:/usr/ports]#ifconfig bge0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=9bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM ether 00:14:22:38:9e:eb inet6 fe80::214:22ff:fe38:9eeb%bge0 prefixlen 64 scopeid 0x1 inet 192.168.1.44 netmask 0xff00 broadcast 192.168.1.255 media: Ethernet autoselect (1000baseT full-duplex) status: active plip0: flags=8810POINTOPOINT,SIMPLEX,MULTICAST metric 0 mtu 1500 lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST metric 0 mtu 16384 options=3RXCSUM,TXCSUM inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff00 [r...@lbsd2:/usr/ports]# Also the rest of the network is currently working. I am writing this to you from another machine on the same network as the bsd machien. I was able to download the ports tarball from the freebsd ftp site and scp it over to the bsd host. so that minor crisis has been solved. (grin). But it is still quite necessary for me to get this host resolving external hosts of course! And yes I now realize that csup is part of the base system. But in order for me to use it I must resolve! Not sure how this might have cause this but I edited my fstab file with some nfs mounts like so: 192.168.1.44:/mnt/nas/mnt/nas nfsrsize=32768,wsize=32768,timeo=14,intr 192.168.1.44:/mnt/store /mnt/store nfsrsize=32768,wsize=32768,timeo=14,intr 192.168.1.44:/mnt/home /home nfsrsize=32768,wsize=32768,timeo=14,intr And when I rebooted the host pretty much it all went haywire! LDAP, DNS, Apache, MySQL, and even ALL NETWORKING which normally started with the host stopped working. I now have to start each one by hand whatever I try I can't seem to resolve external hosts, tho. So I restored the fstab file from backup and still I am stuck not resolving. /etc/resolv.conf looks ok to me so I would think I that I could ping out of the network. Sadly this is not the case! [r...@lbsd2:/usr/ports]#cat /etc/resolv.conf domain summitnjhome.com nameserver 192.168.1.44 nameserver 4.2.2.2 [r...@lbsd2:/usr/ports]#ping yahoo.com ping: cannot resolve yahoo.com: Host name lookup failure [r...@lbsd2:/usr/ports]#ping sum1.summitnjhome.com PING lCent01.summitnjhome.com (192.168.1.42): 56 data bytes 64 bytes from 192.168.1.42: icmp_seq=0 ttl=64 time=0.273 ms 64 bytes from 192.168.1.42: icmp_seq=1 ttl=64 time=0.180 ms 64 bytes from 192.168.1.42: icmp_seq=2 ttl=64 time=0.186 ms thanks for your continued assistance with this problem! On Mon, Oct 18, 2010 at 1:56 AM, Michael Powell nightre...@hotmail.com wrote: Tim Dunphy wrote: hello, I accidentally deleted my ports tree thinking that cvsup was already installed. it wasn't. :( csup is cvsup rewritten with C and exists in the base system. You no longer need to install cvsup, just use csup. I seem to be having a little trouble resolving external hosts tho my trusty named server on this host is working fine to resolve the local network. I need to reinstall my ports with sysinstall but to do that i need to resolve externally of course. I think this problem could use a fresh set of eyes. You do not have to use sysinstall just to install ports. It is available as a tarball you can download and decompress. Use csup afterwards for an update to ensure you have pulled in any changes which may have occurred after the tarball was generated. You will, of course, need to get your network working first. [r...@lbsd2:/usr/home/bluethundr]#/etc/rc.d/netif restart Stopping Network: lo0 bge0 plip0. lo0: flags=8048LOOPBACK,RUNNING,MULTICAST metric 0 mtu 16384 options=3RXCSUM,TXCSUM inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 bge0: flags=8802BROADCAST,SIMPLEX,MULTICAST metric 0 mtu 1500 options=9bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM ether 00:14:22:38:9e:eb inet6 fe80::214:22ff:fe38:9eeb%bge0 prefixlen 64 scopeid 0x1 media: Ethernet autoselect (none) status: no carrier ^^^ plip0: flags=8810POINTOPOINT,SIMPLEX,MULTICAST metric 0 mtu 1500 Starting Network: lo0 bge0. lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST metric 0 mtu 16384 options=3RXCSUM,TXCSUM inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff00 bge0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=9bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM ether 00:14:22:38:9e:eb inet6 fe80::214:22ff:fe38:9eeb%bge0 prefixlen 64 scopeid 0x1 inet 192.168.1.44 netmask 0xff00 broadcast 192.168.1.255 media: Ethernet autoselect (none) status: no carrier Your network interface isn't connecting to anything, such as a hub, switch, or another
download cvsup?
hello, I accidentally deleted my ports tree thinking that cvsup was already installed. it wasn't. :( I seem to be having a little trouble resolving external hosts tho my trusty named server on this host is working fine to resolve the local network. I need to reinstall my ports with sysinstall but to do that i need to resolve externally of course. I think this problem could use a fresh set of eyes. [r...@lbsd2:/usr/home/bluethundr]#/etc/rc.d/netif restart Stopping Network: lo0 bge0 plip0. lo0: flags=8048LOOPBACK,RUNNING,MULTICAST metric 0 mtu 16384 options=3RXCSUM,TXCSUM inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 bge0: flags=8802BROADCAST,SIMPLEX,MULTICAST metric 0 mtu 1500 options=9bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM ether 00:14:22:38:9e:eb inet6 fe80::214:22ff:fe38:9eeb%bge0 prefixlen 64 scopeid 0x1 media: Ethernet autoselect (none) status: no carrier plip0: flags=8810POINTOPOINT,SIMPLEX,MULTICAST metric 0 mtu 1500 Starting Network: lo0 bge0. lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST metric 0 mtu 16384 options=3RXCSUM,TXCSUM inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff00 bge0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=9bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM ether 00:14:22:38:9e:eb inet6 fe80::214:22ff:fe38:9eeb%bge0 prefixlen 64 scopeid 0x1 inet 192.168.1.44 netmask 0xff00 broadcast 192.168.1.255 media: Ethernet autoselect (none) status: no carrier [r...@lbsd2:/usr/home/bluethundr]#cat /etc/resolv.conf domain summitnjhome.com nameserver 192.168.1.44 nameserver 151.202.0.84 nameserver 4.2.2.2 [r...@lbsd2:/usr/home/bluethundr]#ping yahoo.com ping: cannot resolve yahoo.com: Host name lookup failure [r...@lbsd2:/usr/home/bluethundr]#host bsd2 bsd2.summitnjhome.com has address 192.168.1.44 I've cycled the network interface (bge0) several times now and even bounced the host to no avail. Thoughts? thanks! -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
migrating to openldap
Hello, I am attempting to migrate my local user setup to openldap under FreeBSD 8.1. My server is currently running nicely. At the moment, sudoers is imported into openldap-server24. But services that authenticate through PAM (such as su and ssh) are currently not working. I notice that the CentOS version of openldap24 has a really nice set of perl scripts suited to this purpose. So I rsynced them over to my BSD box in the hopes of using them. LBSD2# ls README migrate_group.pl migrate_aliases.pl migrate_hosts.pl migrate_all_netinfo_offline.sh migrate_netgroup.pl migrate_all_netinfo_online.sh migrate_netgroup_byhost.pl migrate_all_nis_offline.sh migrate_netgroup_byuser.pl migrate_all_nis_online.sh migrate_networks.pl migrate_all_nisplus_offline.sh migrate_passwd.pl migrate_all_nisplus_online.sh migrate_profile.pl migrate_all_offline.sh migrate_protocols.pl migrate_all_online.sh migrate_rpc.pl migrate_automount.plmigrate_services.pl migrate_base.pl migrate_slapd_conf.pl migrate_common.ph migration-tools.txt migrate_fstab.pl What one needs to do is set an environment variable for your base DN and then run the scripts. LBSD2# echo $DEFAULT_BASE dc=summitnjhome,dc=com LBSD2# ./migrate_base.pl /home/bluethundr/txt/base.ldif But for some reason the scripts running under BSD don't see the base dn that i set, whereas when I run them under CentOS they do. Now, I could edit the resulting file by hand, but that isn't a very practical solution. Does anyone know if there are either existing FreeBSD versions of these migration scripts or have a tip for helping me get these to run under FreeBSD? Thanks!!! -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: migrating to openldap
Maciej, thanks for the suggestion! I did give it a try but the result did not change.. Here is a copy-paste of what I tried: LBSD2# echo $LDAP_BASE dc=summitnjhome,dc=com LBSD2# ./migrate_base.pl /home/bluethundr/txt/ldif/base.ldif LBSD2# less /home/bluethundr/txt/ldif/base.ldif dn: dc=padl,dc=com dc: padl objectClass: top objectClass: domain dn: ou=Hosts,dc=padl,dc=com ou: Hosts objectClass: top objectClass: organizationalUnit dn: ou=Rpc,dc=padl,dc=com ou: Rpc objectClass: top objectClass: organizationalUnit I mean I guess worse comes to worse I can break out some command line perl and replace dc=padl with dc=summitnjhome but it would be cleaner /faster I think to see if I can get the environment variable to be read by the various scripts. I would appreciate any thoughts on the matter... thanks again! On Wed, Oct 13, 2010 at 11:37 AM, Maciej Milewski m...@dat.pl wrote: On Wednesday 13 October 2010 16:08:35, Tim Dunphy wrote: Hello, I am attempting to migrate my local user setup to openldap under FreeBSD 8.1. My server is currently running nicely. At the moment, sudoers is imported into openldap-server24. But services that authenticate through PAM (such as su and ssh) are currently not working. I notice that the CentOS version of openldap24 has a really nice set of perl scripts suited to this purpose. So I rsynced them over to my BSD box in the hopes of using them. LBSD2# ls README migrate_group.pl migrate_aliases.pl migrate_hosts.pl migrate_all_netinfo_offline.sh migrate_netgroup.pl migrate_all_netinfo_online.sh migrate_netgroup_byhost.pl migrate_all_nis_offline.sh migrate_netgroup_byuser.pl migrate_all_nis_online.sh migrate_networks.pl migrate_all_nisplus_offline.sh migrate_passwd.pl migrate_all_nisplus_online.sh migrate_profile.pl migrate_all_offline.sh migrate_protocols.pl migrate_all_online.sh migrate_rpc.pl migrate_automount.pl migrate_services.pl migrate_base.pl migrate_slapd_conf.pl migrate_common.ph migration-tools.txt migrate_fstab.pl What one needs to do is set an environment variable for your base DN and then run the scripts. LBSD2# echo $DEFAULT_BASE dc=summitnjhome,dc=com LBSD2# ./migrate_base.pl /home/bluethundr/txt/base.ldif But for some reason the scripts running under BSD don't see the base dn that i set, whereas when I run them under CentOS they do. Now, I could edit the resulting file by hand, but that isn't a very practical solution. Does anyone know if there are either existing FreeBSD versions of these migration scripts or have a tip for helping me get these to run under FreeBSD? Thanks!!! The migrationtools page[1] says this about $DEFAULT_BASE The naming suffix to use in entries' distinguished names. If undefined, this will be constructed by mapping the mail domain name into a distinguished name (eg aceindustry.com becomes dc=aceindustry,dc=com). You may override this with the LDAP_BASEDN environment variable. Have you tried that? 1.http://www.padl.com/OSS/MigrationTools.html -- Maciej Milewski -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: migrating to openldap
Actually, I was trying this as root on FBSD.. so therefore I was using csh.. but that's 6 of one half dozen of the other. At any rate, your suggestion WORKED!! THANK YOU a ton man, this really helped!! :))) LBSD2# setenv LDAP_BASEDN dc=summitnjhome,dc=com You have new mail. LBSD2# echo $LDAP_BASEDN dc=summitnjhome,dc=com LBSD2# rm /home/bluethundr/txt/ldif/base.ldif LBSD2# ./migrate_base.pl /home/bluethundr/txt/ldif/base.ldif LBSD2# less /home/bluethundr/txt/ldif/base.ldif dn: dc=summitnjhome,dc=com dc: summitnjhome objectClass: top objectClass: domain dn: ou=Hosts,dc=summitnjhome,dc=com ou: Hosts objectClass: top objectClass: organizationalUnit dn: ou=Rpc,dc=summitnjhome,dc=com ou: Rpc objectClass: top objectClass: organizationalUnit dn: ou=Services,dc=summitnjhome,dc=com ou: Services objectClass: top objectClass: organizationalUnit dn: nisMapName=netgroup.byuser,dc=summitnjhome,dc=com nismapname: netgroup.byuser objectClass: top objectClass: nisMap On Wed, Oct 13, 2010 at 4:13 PM, Maciej Milewski m...@dat.pl wrote: On Wednesday 13 October 2010 21:36:16, Tim Dunphy wrote: Maciej, thanks for the suggestion! I did give it a try but the result did not change.. Here is a copy-paste of what I tried: LBSD2# echo $LDAP_BASE dc=summitnjhome,dc=com Not LDAP_BASE but LDAP_BASEDN. It works with stock migrationtools from padl.com. I mean I guess worse comes to worse I can break out some command line perl and replace dc=padl with dc=summitnjhome but it would be cleaner /faster I think to see if I can get the environment variable to be read by the various scripts. I would appreciate any thoughts on the matter... thanks again! You don't have to, look into these migrate_*.pl files they all should include the same file where you can change these defaults with needed ones. -- Maciej Milewski -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys 5A4873A9 Share and enjoy!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org