Optimizing pam_ldap and nss_ldap
Hello freebsd users! I've got Openldap 2.4.23 that used as authentication and authorization server for about 40-50 servers. OS - FreeBSD 8.1. It's not heavy loaded. openldap# top -SP last pid: 45647; load averages: 0.15, 0.15, 0.07 up 81+22:29:21 15:18:57 99 processes: 3 running, 80 sleeping, 16 waiting CPU 0: 0.7% user, 0.0% nice, 0.0% system, 0.0% interrupt, 99.3% idle CPU 1: 0.4% user, 0.0% nice, 0.7% system, 0.0% interrupt, 98.9% idle Mem: 79M Active, 1402M Inact, 379M Wired, 84M Cache, 213M Buf, 31M Free Swap: 4060M Total, 8K Used, 4060M Free PID USERNAME THR PRI NICE SIZERES STATE C TIME WCPU COMMAND 11 root 2 171 ki31 0K32K CPU00 3874.8 200.00% idle 4773 ldap18 440 398M 53748K ucond 1 41.1H 0.00% slapd But on my servers sometimes I see in logs something like on FTP-server: Mar 25 21:55:32 someftp ftpd: nss_ldap: could not search LDAP server - Server is unavailable Authentication works fine, no problems. But want to find out what can be wrong. To understand this problem I installed ldap-stats utility and made it run: /var/log/debug.log - it's half day openldap server usage log. openldap# ldap-stats -c 1000 /var/log/debug.log Report Generated on Tue Apr 5 15:16:47 2011 Processed /var/log/debug.log: Apr 5 00:00:00 - Apr 5 15:17:33 Operation totals Total operations : 913845 Total connections : 101226 Total authentication failures : 2 Total binds : 99700 Total unbinds : 99181 Total searches: 714964 Total compares: 7 Total modifications : 0 Total modrdns : 0 Total additions : 0 Total deletions : 0 Unindexed attribute requests : 0 Operations per connection : 9.03 # UsesFilter ----- 615504 ((objectClass=posixAccount)(uid=mailer-daemon)) 90699 ((objectClass=posixGroup)) 6833((objectClass=posixAccount)(uid=root)) 2236((objectClass=posixAccount)(uid=hiddenuser1)) 669 ((objectClass=posixGroup)(memberUid=root)) 318 ((objectClass=posixAccount)(uid=testacc)) 87 ((objectClass=posixGroup)(memberUid=postfix)) 87 ((objectClass=posixAccount)(uid=postfix)) 81 (objectClass=posixAccount) 68 ((objectClass=posixAccount)(uid=debian-exim)) 68 ((objectClass=posixGroup)(memberUid=Debian-exim)) 39 ((objectClass=posixAccount)(uid=normaluser)) 34 ((objectClass=posixAccount)(uidNumber=7333)) 30 ((objectClass=posixGroup)(memberUid=hiddenuser1)) 29 ((objectClass=posixGroup)(memberUid=chelovek)) 29 ((objectClass=posixAccount)(uid=chelovek)) 27 ((objectClass=posixAccount)(uid=user0)) 23 ((objectClass=posixAccount)(uid=nobody)) 21 ((objectClass=posixAccount)(uid=user1)) 18 ((objectClass=posixAccount)(uid=user2)) 16 ((objectClass=posixAccount)(uid=user3)) 15 ((objectClass=posixAccount)(uid=user4)) 12 ((objectClass=posixAccount)(uid=user5)) 11 ((objectClass=posixAccount)(uidNumber=7330)) 10 ((objectClass=posixAccount)(uid=user15)) 9 ((objectClass=posixAccount)(uid=user16)) 8 ((objectClass=posixAccount)(uidNumber=7333)) 6 ((objectClass=posixAccount)(uid=user6)) 5 ((objectClass=posixAccount)(uid=user7)) 5 (cn=defaults) 4 ((objectClass=posixAccount)(uidNumber=7228)) 4 ((objectClass=shadowAccount)(uid=user1)) 4 ((objectClass=posixAccount)(uid=user9)) 4 ((objectClass=posixAccount)(uid=user10)) 4 ((objectClass=posixAccount)(uid=user11)) 3 ((objectClass=posixAccount)(uid=user12)) 3 ((objectClass=posixAccount)(uid=user13)) 3 ((objectClass=posixAccount)(uid=user14)) ... and MANY others that has 1 use in this stats. I think this many queries from mail relay server. * user1 and etc - users that relayed, like us...@domain.com in rcpt to field in email at mail-relay. What can I do to tune nss? Can you point me in a right direction? There's too many not needed nss requests to ldap (when email recieved and then relayed somewhere). Do not know what to look at. If you need any additional information, logs and etc - I'll provide it. Thanks in advance! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Portupgrade and Updating the portsdb
2011/2/11 ill...@gmail.com ill...@gmail.com: On 10 February 2011 08:33, c0re nr1c...@gmail.com wrote: Hello all! I've got set of servers that uses NFS mounted /usr/ports. When I use portupgrade samba on 1st server it says [/usr/ports/INDEX-7.db: unexpected file type or format -- Invalid argument] [Updating the portsdb format:bdb_btree in /usr/ports ... - 22601 port entries found error] Remove and try again. [Updating the portsdb format:dbm_hash in /usr/ports ... - 22601 port entries found . . done] Okay. It took 10-15 mins to rebuild. Then I say portupgrade samba on 2nd server it says again [/usr/ports/INDEX-7.db: unexpected file type or format -- Invalid argument] [Updating the portsdb format:bdb_btree in /usr/ports ... - 22601 port entries found error] Remove and try again. and rebuild portsdb. Why is it so? Ports are updated via portsnap fetch update. /etc/portsnap.conf has INDEX INDEX-5 DESCRIBE.5 INDEX INDEX-6 DESCRIBE.6 INDEX INDEX-7 DESCRIBE.7 INDEX INDEX-8 DESCRIBE.8 So while portupgrade rebuilds portsdb it's not possible use portupgrade on 2nd server because later build process will fail on 1st or second server. What can I do with it? Why portupgrade always thinks that [/usr/ports/INDEX-7.db: unexpected file type or format -- Invalid argument]? The INDEX-n.db is a locally generated portupgrade thing. Edit your /usr/local/etc/pkgtools.conf for each machine to include a line such as: ENV['PORTS_INDEX'] ||= ENV['PORTSDIR'] + '/INDEX.local' Only instead of '/INDEX.local' use '/INDEX.your_hostname_here'. You might also look at changing the part ENV['PORTSDIR'] to something local (speed, etc), like adding a line up from that: ENV['LOCALINDICES'] ||= '/var/db' then ENV['PORTS_INDEX'] ||= ENV['LOCALINDICES'] + '/INDEX.thy_hostname_here' Also, if you have local space, settin' WRKDIRPREFIX= in /etc/make.conf will speed things up allow multiple machines to build at the same time. HTH -- -- It's time to make upgrade of some packages. I configured ENV['PORTS_INDEX'] = '/var/db/INDEX' ENV['PORTS_DBDIR'] = ENV['PKG_DBDIR'] in /usr/local/etc/pkgtools.conf, assuming that PKG_DBDIR is /var/db/pkg and portupgrade sudo results Fetching the ports index ... fetch: /usr/ports/INDEX-7.bz2: open(): Read-only file system *** Error code 1 Stop in /usr/ports. failed to fetch INDEX! Updating the ports index ... Generating INDEX.tmp - please wait..cannot create /usr/ports/INDEX.tmp.tmp: Read-only file system Warning: Duplicate INDEX entry: py25-bsddb-2.5.5_2 *** Error code 2 Stop in /usr/ports. *** Error code 1 Stop in /usr/ports. failed to generate INDEX! index generation error /usr/local/lib/ruby/site_ruby/1.8/portsdb.rb:493:in `open_db': database file error (PortsDB::DBError) from /usr/local/lib/ruby/site_ruby/1.8/portsdb.rb:661:in `port' from /usr/local/lib/ruby/site_ruby/1.8/portsdb.rb:849:in `all_depends_list' from /usr/local/lib/ruby/site_ruby/1.8/pkgdb.rb:843:in `tsort_build' from /usr/local/lib/ruby/site_ruby/1.8/pkgdb.rb:835:in `each' from /usr/local/lib/ruby/site_ruby/1.8/pkgdb.rb:835:in `tsort_build' from /usr/local/lib/ruby/site_ruby/1.8/pkgdb.rb:857:in `sort_build' from /usr/local/lib/ruby/site_ruby/1.8/pkgdb.rb:861:in `sort_build!' from /usr/local/sbin/portupgrade:792:in `main' from /usr/local/lib/ruby/1.8/optparse.rb:791:in `initialize' from /usr/local/sbin/portupgrade:229:in `new' from /usr/local/sbin/portupgrade:229:in `main' from /usr/local/sbin/portupgrade:2213 Any workaround with Fetching the ports index? There exists /usr/ports/INDEX-7, but portupgrade tryes to fetch it again and failes, cose /usr/ports is read-only mounted. Changing ENV['PORTSDIR'] ||= '/var/ports' make no sense because it's obvious that PORTSDIR should look at ports base (/usr/ports) # portupgrade sudo ** Port directory not found: security/sudo ** Listing the failed packages (-:ignored / *:skipped / !:failed) - security/sudo (port directory error) Still looking for a solution about using portupgrade with read-only mounted /usr/ports. And yes, i'm using WRKDIRPREFIX in /etc/make.conf. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: / file system is full, but du does not show that it's full
2011/1/6 Matthew Seaman m.sea...@infracaninophile.co.uk: On 06/01/2011 11:26, c0re wrote: # df -h Filesystem Size Used Avail Capacity Mounted on /dev/ad0s1a 496M 466M -9.8M 102% / So it's full. But by du it's not appeared to be full # du -hxd 1 / 2.0K /.snap 512B /dev 2.0K /tmp 2.0K /usr 2.0K /var 1.9M /etc 2.0K /cdrom 2.0K /dist 1.0M /bin 131M /boot 10M /lib 356K /libexec 2.0K /media 12K /mnt 2.0K /proc 7.2M /rescue 296K /root 4.7M /sbin 4.0K /lost+found 157M / Do you have partitions mounted at /tmp, /usr, /var etc? Does the output of your du command change if you unmount those partitions? (It might be an idea to boot into a livefs CD or DVD given that du(1) lives in /usr/bin, so a bit tricky to unmount /usr and then run du) My guess is that you've at one time created files beneath what is usually a mount point. Mounting the partition over them makes those files inaccessible, but they still take up space on the drive. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW At last I found time to check it. Booted with frenzy life cd, mounted only / partition and saw trash /var/spool. Deleted it and it solved problem. But later was and idea to mount device of / (/dev/da0s1a) as /mnt/root and just delete those files without need of livecd. It works in Linux. But in freebsd i got # mount /dev/da0s1a /mnt/root/ mount: /dev/da0s1a : Operation not permitted So only single user mode or live cd could solve it. Thanks Matthew for an idea! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: / file system is full, but du does not show that it's full
2011/2/28 Robert Bonomi bon...@mail.r-bonomi.com: From owner-freebsd-questi...@freebsd.org Mon Feb 28 05:31:46 2011 Date: Mon, 28 Feb 2011 14:24:30 +0300 From: c0re nr1c...@gmail.com To: Matthew Seaman m.sea...@infracaninophile.co.uk Cc: FreeBSD freebsd-questions@freebsd.org Subject: Re: / file system is full, but du does not show that it's full 2011/1/6 Matthew Seaman m.sea...@infracaninophile.co.uk: On 06/01/2011 11:26, c0re wrote: # df -h Filesystem Size Used Avail Capacity Mounted on /dev/ad0s1a 496M 466M -9.8M 102% / So it's full. But by du it's not appeared to be full # du -hxd 1 / 2.0K /.snap 512B /dev 2.0K /tmp 2.0K /usr 2.0K /var 1.9M /etc 2.0K /cdrom 2.0K /dist 1.0M /bin 131M /boot 10M /lib 356K /libexec 2.0K /media 12K /mnt 2.0K /proc 7.2M /rescue 296K /root 4.7M /sbin 4.0K /lost+found 157M / Do you have partitions mounted at /tmp, /usr, /var etc? Does the output of your du command change if you unmount those partitions? (It might be an idea to boot into a livefs CD or DVD given that du(1) lives in /usr/bin, so a bit tricky to unmount /usr and then run du) My guess is that you've at one time created files beneath what is usually a mount point. Mounting the partition over them makes those files inaccessible, but they still take up space on the drive. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW At last I found time to check it. Booted with frenzy life cd, mounted only / partition and saw trash /var/spool. Deleted it and it solved problem. But later was and idea to mount device of / (/dev/da0s1a) as /mnt/root and just delete those files without need of livecd. It works in Linux. But in freebsd i got # mount /dev/da0s1a /mnt/root/ mount: /dev/da0s1a : Operation not permitted So only single user mode or live cd could solve it. *NOT* true. Stopping any daemons that were using /var/spooll, and then umount(1)-ing it would have done the trick from multi-user mode. Yeah, not true. Checked with lsof /var and it was used by these daemons: devd syslogd rpcbind snmpd mysqld httpd sendmail cron Yes, I can stop them all, but was not sure about stopping devd... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Strange behavior of MTU on loopback interfaces.
2011/2/25 Nikos Vassiliadis nv...@gmx.com: On 2/25/2011 9:29 AM, c0re wrote: Hello all! I'm testing setting lower MTU on loopback interfaces to avoid some MTU problems with IPSEC in a path of traffic. ifconfig lo1 create ifconfig lo1 mtu 1300 ifconfig lo1 5.5.5.5/32 # ifconfig lo1 lo1: flags=8049UP,LOOPBACK,RUNNING,MULTICAST metric 0 mtu 1300 inet 5.5.5.5 netmask 0x #ifconfig em0 em0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=9bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM ether 12:ac:29:7c:fa:39 inet 10.0.0.1 netmask 0xff00 broadcast 10.0.0.255 media: Ethernet autoselect (1000baseTXfull-duplex) status: active And I set only one Listen 5.5.5.5:80 in http.conf in apache 2.2 # sockstat -4 | grep 80 www httpd 96843 3 tcp4 5.5.5.5:80 *:* www httpd 96838 3 tcp4 5.5.5.5:80 *:* www httpd 96837 3 tcp4 5.5.5.5:80 *:* www httpd 96836 3 tcp4 5.5.5.5:80 *:* www httpd 96835 3 tcp4 5.5.5.5:80 *:* www httpd 96834 3 tcp4 5.5.5.5:80 *:* root httpd 96833 3 tcp4 5.5.5.5:80 *:* I run tcpdump -ni em0 port 80. And made telnet 5.5.5.5 80 from other host and saw something wrong. 10:26:01.640866 IP 10.0.0.2.57553 5.5.5.5.80: S 1049284626:1049284626(0) win 65535mss 1460,sackOK,eol 10:26:01.640902 IP 5.5.5.5.80 10.0.0.2.57553: S 2144222949:2144222949(0) ack 1049284627 win 65535mss 1460,sackOK,eol 10:26:01.642632 IP 10.0.0.2.57553 5.5.5.5.80: . ack 1 win 65535 5.5.5.5:80 said that it has got tcp mss 1460. Why? I was waiting for something like 1260. It uses the MTU of the outgoing path, which is 1500. You change the MTU for specific paths, using route and the mtu modifier. Like this: lab# ifconfig em0 em0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=9bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM ether 08:00:27:17:c3:de inet 192.168.73.193 netmask 0xff00 broadcast 192.168.73.255 media: Ethernet autoselect (1000baseT full-duplex) status: active lab# route change 192.168.73.0 -mtu 1100 change net 192.168.73.0 lab# route -n get 192.168.73.0 route to: 192.168.73.0 destination: 192.168.73.0 mask: 255.255.255.0 interface: em0 flags: UP,DONE,STATIC recvpipe sendpipe ssthresh rtt,msec mtu weight expire 0 0 0 0 1100 1 0 lab# All packets going to 192.168.73.0/24 will use IP packet sizes up to 1100. IMHO it's better to leave the physical interface's MTU unchanged and use the routing subsystem to define the maximum IP packet size per path. HTH, Nikos Works like a charm! # route change 0.0.0.0 -mtu 1300 change net 0.0.0.0 # tcpdump -ni em0 host 5.5.5.5 13:42:58.996721 IP 10.0.0.2.51933 5.5.5.5.80: S 626695541:626695541(0) win 64512 mss 1460,nop,nop,sackOK 13:42:58.996760 IP 5.5.5.5.80 10.0.0.2.51933: S 289198669:289198669(0) ack 626695542 win 65535 mss 1260,sackOK,eol 13:42:58.999455 IP 10.0.0.2.51933 5.5.5.5.80: . ack 1 win 64512 Thank you very much! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Strange behavior of MTU on loopback interfaces.
Hello all! I'm testing setting lower MTU on loopback interfaces to avoid some MTU problems with IPSEC in a path of traffic. ifconfig lo1 create ifconfig lo1 mtu 1300 ifconfig lo1 5.5.5.5/32 # ifconfig lo1 lo1: flags=8049UP,LOOPBACK,RUNNING,MULTICAST metric 0 mtu 1300 inet 5.5.5.5 netmask 0x #ifconfig em0 em0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=9bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM ether 12:ac:29:7c:fa:39 inet 10.0.0.1 netmask 0xff00 broadcast 10.0.0.255 media: Ethernet autoselect (1000baseTX full-duplex) status: active And I set only one Listen 5.5.5.5:80 in http.conf in apache 2.2 # sockstat -4 | grep 80 www httpd 96843 3 tcp4 5.5.5.5:80*:* www httpd 96838 3 tcp4 5.5.5.5:80*:* www httpd 96837 3 tcp4 5.5.5.5:80*:* www httpd 96836 3 tcp4 5.5.5.5:80*:* www httpd 96835 3 tcp4 5.5.5.5:80*:* www httpd 96834 3 tcp4 5.5.5.5:80*:* root httpd 96833 3 tcp4 5.5.5.5:80*:* I run tcpdump -ni em0 port 80. And made telnet 5.5.5.5 80 from other host and saw something wrong. 10:26:01.640866 IP 10.0.0.2.57553 5.5.5.5.80: S 1049284626:1049284626(0) win 65535 mss 1460,sackOK,eol 10:26:01.640902 IP 5.5.5.5.80 10.0.0.2.57553: S 2144222949:2144222949(0) ack 1049284627 win 65535 mss 1460,sackOK,eol 10:26:01.642632 IP 10.0.0.2.57553 5.5.5.5.80: . ack 1 win 65535 5.5.5.5:80 said that it has got tcp mss 1460. Why? I was waiting for something like 1260. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Portupgrade and Updating the portsdb
Hello all! I've got set of servers that uses NFS mounted /usr/ports. When I use portupgrade samba on 1st server it says [/usr/ports/INDEX-7.db: unexpected file type or format -- Invalid argument] [Updating the portsdb format:bdb_btree in /usr/ports ... - 22601 port entries found error] Remove and try again. [Updating the portsdb format:dbm_hash in /usr/ports ... - 22601 port entries found .1000.2000.3000.4000.5000.6000.7000.8000.9000.1.11000.12000.13000.14000.15000.16000.17000.18000.19000.2.21000.22000.. . done] Okay. It took 10-15 mins to rebuild. Then I say portupgrade samba on 2nd server it says again [/usr/ports/INDEX-7.db: unexpected file type or format -- Invalid argument] [Updating the portsdb format:bdb_btree in /usr/ports ... - 22601 port entries found error] Remove and try again. and rebuild portsdb. Why is it so? Ports are updated via portsnap fetch update. /etc/portsnap.conf has INDEX INDEX-5 DESCRIBE.5 INDEX INDEX-6 DESCRIBE.6 INDEX INDEX-7 DESCRIBE.7 INDEX INDEX-8 DESCRIBE.8 So while portupgrade rebuilds portsdb it's not possible use portupgrade on 2nd server because later build process will fail on 1st or second server. What can I do with it? Why portupgrade always thinks that [/usr/ports/INDEX-7.db: unexpected file type or format -- Invalid argument]? Thanks!!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
/ file system is full, but du does not show that it's full
# df -h Filesystem SizeUsed Avail Capacity Mounted on /dev/ad0s1a496M466M -9.8M 102%/ So it's full. But by du it's not appeared to be full # du -hxd 1 / 2.0K/.snap 512B/dev 2.0K/tmp 2.0K/usr 2.0K/var 1.9M/etc 2.0K/cdrom 2.0K/dist 1.0M/bin 131M/boot 10M/lib 356K/libexec 2.0K/media 12K/mnt 2.0K/proc 7.2M/rescue 296K/root 4.7M/sbin 4.0K/lost+found 157M/ I know that something (like running process) can hold file so it's actually are not deleted. I rebooted server. But this not helped, so it's not a process holding file. Checked with fsck # fsck / ** /dev/ad0s1a (NO WRITE) ** Last Mounted on / ** Root file system ** Phase 1 - Check Blocks and Sizes ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts ** Phase 5 - Check Cyl groups 47268 files, 238539 used, 15276 free (6684 frags, 1074 blocks, 2.6% fragmentation) No problems here. # uname -a FreeBSD host.domain.com 7.3-RELEASE-p4 FreeBSD 7.3-RELEASE-p4 #0: Tue Dec 28 13:55:47 MSK 2010 r...@host.domain.com:/usr/obj/usr/src/sys/MYKERNEL i386 What's the problem here? Why df says that filesystem is full? Other command may also say that can't write because file system is full. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: / file system is full, but du does not show that it's full
2011/1/6 Ryan Coleman ryan.cole...@cwis.biz: What about filehandlers? On Jan 6, 2011, at 5:26 AM, c0re wrote: # df -h Filesystem Size Used Avail Capacity Mounted on /dev/ad0s1a 496M 466M -9.8M 102% / So it's full. But by du it's not appeared to be full # du -hxd 1 / 2.0K /.snap 512B /dev 2.0K /tmp 2.0K /usr 2.0K /var 1.9M /etc 2.0K /cdrom 2.0K /dist 1.0M /bin 131M /boot 10M /lib 356K /libexec 2.0K /media 12K /mnt 2.0K /proc 7.2M /rescue 296K /root 4.7M /sbin 4.0K /lost+found 157M / I know that something (like running process) can hold file so it's actually are not deleted. I rebooted server. But this not helped, so it's not a process holding file. Checked with fsck # fsck / ** /dev/ad0s1a (NO WRITE) ** Last Mounted on / ** Root file system ** Phase 1 - Check Blocks and Sizes ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts ** Phase 5 - Check Cyl groups 47268 files, 238539 used, 15276 free (6684 frags, 1074 blocks, 2.6% fragmentation) No problems here. # uname -a FreeBSD host.domain.com 7.3-RELEASE-p4 FreeBSD 7.3-RELEASE-p4 #0: Tue Dec 28 13:55:47 MSK 2010 r...@host.domain.com:/usr/obj/usr/src/sys/MYKERNEL i386 What's the problem here? Why df says that filesystem is full? Other command may also say that can't write because file system is full. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org fstat does not show full filepath so I uses lsof from ports lsof does not show anything criminal # lsof / COMMANDPID USER FD TYPE DEVICE SIZE/OFF NODE NAME init 1 root cwd VDIR 0,81 512 2 / init 1 root rtd VDIR 0,81 512 2 / init 1 root txt VREG 0,81 632348 33074 /sbin/init firmware 5 root cwd VDIR 0,81 512 2 / firmware 5 root rtd VDIR 0,81 512 2 / adjkerntz 145 root cwd VDIR 0,81 512 2 / adjkerntz 145 root rtd VDIR 0,81 512 2 / adjkerntz 145 root txt VREG 0,81 7448 16481 /sbin/adjkerntz adjkerntz 145 root txt VREG 0,81 189172 50770 /libexec/ld-elf.so.1 adjkerntz 145 root txt VREG 0,81 1067248 50739 /lib/libc.so.7 devd 487 root cwd VDIR 0,81 512 2 / devd 487 root rtd VDIR 0,81 512 2 / devd 487 root txt VREG 0,81 369684 32969 /sbin/devd syslogd564 root cwd VDIR 0,81 512 2 / syslogd564 root rtd VDIR 0,81 512 2 / syslogd564 root txt VREG 0,81 189172 50770 /libexec/ld-elf.so.1 syslogd564 root txt VREG 0,8155240 50747 /lib/libutil.so.7 syslogd564 root txt VREG 0,81 1067248 50739 /lib/libc.so.7 rpcbind650 root cwd VDIR 0,81 512 2 / rpcbind650 root rtd VDIR 0,81 512 2 / rpcbind650 root txt VREG 0,81 189172 50770 /libexec/ld-elf.so.1 rpcbind650 root txt VREG 0,8155240 50747 /lib/libutil.so.7 rpcbind650 root txt VREG 0,81 1067248 50739 /lib/libc.so.7 snmpd 690 root cwd VDIR 0,81 512 2 / snmpd 690 root rtd VDIR 0,81 512 2 / snmpd 690 root txt VREG 0,81 189172 50770 /libexec/ld-elf.so.1 snmpd 690 root txt VREG 0,8132024 50740 /lib/libcrypt.so.4 snmpd 690 root txt VREG 0,8155240 50747 /lib/libutil.so.7 snmpd 690 root txt VREG 0,8192720 50743 /lib/libm.so.5 snmpd 690 root txt VREG 0,8129916 50741 /lib/libkvm.so.4 snmpd 690 root txt VREG 0,8118788 50761 /lib/libdevstat.so.6 snmpd 690 root txt VREG 0,81 1417668 50595 /lib/libcrypto.so.5 snmpd 690 root txt VREG 0,81 1067248 50739 /lib/libc.so.7 sh 751 mysql cwd VDIR 0,81 512 2 / sh 751 mysql rtd VDIR 0,81 512 2 / sh 751 mysql txt VREG 0,81 115388 33069 /bin/sh sh 751 mysql txt VREG 0,81 189172 50770 /libexec/ld-elf.so.1 sh 751 mysql txt VREG 0,8188492 50751 /lib/libedit.so.6 sh 751 mysql txt VREG 0,81 261484 50738 /lib/libncurses.so.7 sh 751 mysql txt VREG 0,81 1067248 50739 /lib/libc.so.7 mysqld 800 mysql rtd VDIR 0,81 512 2 / mysqld 800 mysql txt VREG 0,81 189172 50770 /libexec/ld-elf.so.1 mysqld 800 mysql txt VREG 0,8164300 49385 /lib/libz.so.3 mysqld 800 mysql txt VREG 0,8128768 58494 /lib/libcrypt.so.3 mysqld 800 mysql txt VREG 0,8195120 49378 /lib/libm.so.4 mysqld 800 mysql txt VREG 0,81 140320 49370 /lib/libpthread.so.2 mysqld 800 mysql txt
Re: / file system is full, but du does not show that it's full
2011/1/6 Matthew Seaman m.sea...@infracaninophile.co.uk: On 06/01/2011 11:26, c0re wrote: # df -h Filesystem Size Used Avail Capacity Mounted on /dev/ad0s1a 496M 466M -9.8M 102% / So it's full. But by du it's not appeared to be full # du -hxd 1 / 2.0K /.snap 512B /dev 2.0K /tmp 2.0K /usr 2.0K /var 1.9M /etc 2.0K /cdrom 2.0K /dist 1.0M /bin 131M /boot 10M /lib 356K /libexec 2.0K /media 12K /mnt 2.0K /proc 7.2M /rescue 296K /root 4.7M /sbin 4.0K /lost+found 157M / Do you have partitions mounted at /tmp, /usr, /var etc? Does the output of your du command change if you unmount those partitions? (It might be an idea to boot into a livefs CD or DVD given that du(1) lives in /usr/bin, so a bit tricky to unmount /usr and then run du) My guess is that you've at one time created files beneath what is usually a mount point. Mounting the partition over them makes those files inaccessible, but they still take up space on the drive. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW Nice idea! But I can't check it now - server is may hundred km away and no KVM aviable. Will check it 1 or 2 weeks later. Checked only /tmp - it was ok, no files there after unmount. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: / file system is full, but du does not show that it's full
why not to restart your httpd and mysqld? This may release your unused filehandles. As I said I've restarted whole server, so nothing there to release at all. Another place to look for wasted space is filesystem snapshots, if any. They can be created implicitly, e. g., by fsck. Yeah, I checked /.snap - nothing there. And... why lsof and not fstat(1)? As I mentioned - fstat does not show full path including filename like lsof does. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: do i need a dedicated ip address for https?
2010/12/22 S Mathias smathias1...@yahoo.com: http://help.godaddy.com/article/1054 # Set up SSL protection on your website. is it an inescapable requirement to have a dedicated [not fix] ip address, when i want to use ssl on my domain? thank you happy Christmas! :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org mod_gnutls can do 'Server Name Indication' and mod_ssl with apache_2.2 should do it too https://issues.apache.org/bugzilla/show_bug.cgi?id=34607 http://svn.apache.org/viewvc?view=revisionrevision=776281 But hoster may not use mod_gnutls or not recent version of apache, so it may not support multiple ssl with single IP. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Want sendmail applying aliases to 'cc:' field too
Hey all! I've got /etc/mail/aliases file like user: u...@site1.domain.com user2: us...@site1.domain.com user3: us...@site2.domain.com When someone from Internet send email to u...@domain.com with cc: to us...@domain.com sendmail send mail to user and user3 normaly, they recieve their mail. But I need some additional behavior: user receive that mail with to: u...@site1.domain.com cc: us...@domain.com I want that cc would be us...@site2.domain.com, like in aliases file. Because I got problems replying to all (with us...@domain.com included, but it must be us...@site2.domain.com). How this can be achieved? In other words I need some kind of cc: field rewriting regarding to aliases file contents. I have not found such feature in sendmail. So I think this can be done with some milter may be... Anyone has ideas? Any tips, thinks, tricks and etc highly needed! I'm out of ideas at that moment. Thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Want sendmail applying aliases to 'cc:' field too
2010/12/10 tomasz dereszynski toma...@paraklet.net: Generally reading documentation helps. then google... http://www.google.co.uk/search?source=ighl=enrlz=1G1GGLQ_ENUK294=q=sendmail+aliasesbtnG=Google+Searchaq=foq= first URL... http://www.feep.net/sendmail/tutorial/intro/aliases.html t Hey all! I've got /etc/mail/aliases file like user: u...@site1.domain.com user2: us...@site1.domain.com user3: us...@site2.domain.com When someone from Internet send email to u...@domain.com with cc: to us...@domain.com sendmail send mail to user and user3 normaly, they recieve their mail. But I need some additional behavior: user receive that mail with to: u...@site1.domain.com cc: us...@domain.com I want that cc would be us...@site2.domain.com, like in aliases file. Because I got problems replying to all (with us...@domain.com included, but it must be us...@site2.domain.com). How this can be achieved? In other words I need some kind of cc: field rewriting regarding to aliases file contents. I have not found such feature in sendmail. So I think this can be done with some milter may be... Anyone has ideas? Any tips, thinks, tricks and etc highly needed! I'm out of ideas at that moment. Thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- bEsT rEgArDs | Confidence is what you have before you tomasz dereszynski | understand the problem. -- Woody Allen | Spes confisa Deo | In theory, theory and practice are much numquam confusa recedit | the same. In practice they are very | different. -- Albert Einstein I do use aliases file and I know what is it. But it looks like not this case. I want Cc: be rewritten like in aliases file defined in Cc: header, not only those one that comes in RCPT TO:. And sendmail does not do it with Cc: field. Yes, recipient that in Cc: field do receive this mail, all ok in this way, but I want in MY mail Cc: field been rewritten as it is in aliases. I want to see in my mail this email headers to: u...@domain.com cc: us...@site2.domain.com Not this one: to: u...@site1.domain.com cc: us...@domain.com Looked at postfix - same thing, no such feature saw there in documentation. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: openssl version - how to verify
2010/11/15 Jerry freebsd.u...@seibercom.net: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 16 Nov 2010 00:41:32 +1030 Indexer inde...@internode.on.net articulated: It breaks alot, and causes you to need to rebuild some parts of the base system. The most notable, is SSHD, which whenever I install the openssl from ports, will not work unless i rebuild SSHD or, remove the ports version. There were (maybe still are) a few ports that don't work correctly with openssl via ports; however, I have filed PRs on them and for the most part they have been fixed. However, I would not let that fact deter you from using a newer, safer version of the application. When building a new system, I start with the newer version from the start. If updating later, I have found that first installing the new openssl version via ports, and then using portmanager with the -p option rebuilds virtually any port still dependent on the deprecated version. In any case, I believe it is a prerequisite to have the previously noted notation in the /etc/make.conf file prior to building any port(s) or kernel/world. In jedem Falle jedoch zu seinem eigenen. - -- Jerry ✌ freebsd.u...@seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ No man's ambition has a right to stand in the way of performing a simple act of justice. John Altgeld -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.16 (FreeBSD) iQEcBAEBAgAGBQJM4UW8AAoJEHdwsA8xwKhFwS8H/jbjsVMwXKyLbKv5ns8yNCjy xYiYJLyn/mZdSNi+mWTtNVUQsEulxw+sEKC4RewsBeZtwhKHeP+1TifOEF6sMFQ5 WuTXlCS8t/JlDuz3k1cINo1nfaUkhgzbDgE6CQXVA4bqMz5A2G4bAu0+s5jJripa KlHU526K0DlSIyaoYcSNoNlAfCXn3+sTfvxK0rpN3hiG0ZxCGKh1WK1p+dTsGkKm ZgXxAhE0hrk/tqeBvZKBNDplLMJHgrDdjTIBa52jUPxlBSkju+1JPakzJ325A8no 1mI8EGlxkiVAOEmoxrDOaKVlUcjGm1bpqXveGAZAsg6OZi5th1xN8zP5VcuQh18= =nffO -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Filled one pr. http://www.freebsd.org/cgi/query-pr.cgi?pr=152483 Hope this would be resolved someday :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: openssl version - how to verify
2010/11/16 Dennis Glatting d...@penx.com: On Tue, 2010-11-16 at 10:28 +0300, c0re wrote: Jerry, I'm not about that :) base openssl are OK. But I need proves that it has got no security problems - it's external IT auditors request. And I'm interested how I can know what patchlevel there on base openssl version and prove them (auditors) that freebsd base openssl are not vulnerable. Most operating systems have a variant of OpenSSL they patch from the security bug set without bumping the OpenSSL version identifier (they usually tack on an OS-specific identifier but the OpenSSL identifier becomes meaningless). For example Debian is a patched g,which you would conclude as old (in many respects it is old) and therefore security hole riddled. Debian 5.0.6: Tasha:# openssl version OpenSSL 0.9.8g 19 Oct 2007 FreeBSD 8.1: btw openssl version OpenSSL 0.9.8n 24 Mar 2010 That /does not/ mean those versions of OpenSSL have security holes. The fallacy with auditors is they look at version identifies to make conclusions. This is in error. You need to figure out what they are looking for. Do they have a specific issue? Bug? Test suite they want run? You /could/ install the most recent version of OpenSSL but there is no guarantee it will replace the running version and it /could/ break applications, if only introducing holes that previously didn't exist (data structure sizing, library binding, function argument sets, etc.) 2010/11/15 Jerry freebsd.u...@seibercom.net: On Mon, 15 Nov 2010 18:40:27 +0300 c0re nr1c...@gmail.com articulated: There are still too many broken ports with openssl from ports, I do not like debug it and really like to use base openssl, almost no difference. Might I suggest that if you are aware of ports that don't work correctly with the port's version of openssl that you file a PR against it. I have done so and succeeded in getting several patches issued to correct the problem. This problem will not go away by itself. -- Jerry freebsd.u...@seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org I understood you. They just look at openssl version and that's all. I just install openssl from ports, hide /usr/bin/openssl temporary, they get all they needs (there is openssl in /usr/local/bin/) and then I deinstall openssl from ports and restore /usr/bin/openssl. That's absurdity, but that's auditors... :) Thanks all. It's hard to prove to auditors that base openssl are OK. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: openssl version - how to verify
2010/11/16 Adam Vande More amvandem...@gmail.com: On Tue, Nov 16, 2010 at 1:28 AM, c0re nr1c...@gmail.com wrote: Jerry, I'm not about that :) base openssl are OK. But I need proves that it has got no security problems - it's external IT auditors request. And I'm interested how I can know what patchlevel there on base openssl version and prove them (auditors) that freebsd base openssl are not vulnerable. Please don't top-post, thanks. Sorry. Wont will in future. But why? http://security.freebsd.org/advisories/ The files say which version it's corrected in. -- Adam Vande More Thanks, it's better then nothing :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
openssl version - how to verify
Hey all! If I look at base openssl in 7.3-RELEASE-p3 sys# openssl version -a OpenSSL 0.9.8e 23 Feb 2007 built on: Mon Sep 27 11:54:36 MSD 2010 platform: FreeBSD-i386 options: bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) blowfish(idx) compiler: cc OPENSSLDIR: /etc/ssl but at www.openssl.org I see that it's not recent version 01-Jun-2010: OpenSSL 0.9.8o is now available, including important bug and security fixes I know that freebsd security team make patches for base openssl, but how can I know what patchlevel of openssl in base version? Like -p5 in OpenSSL 0.9.8e-p5 23 Feb 2007. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: openssl version - how to verify
2010/11/15 Jerry freebsd.u...@seibercom.net: On Mon, 15 Nov 2010 16:17:10 +0300 c0re nr1c...@gmail.com articulated: If I look at base openssl in 7.3-RELEASE-p3 sys# openssl version -a OpenSSL 0.9.8e 23 Feb 2007 built on: Mon Sep 27 11:54:36 MSD 2010 platform: FreeBSD-i386 options: bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) blowfish(idx) compiler: cc OPENSSLDIR: /etc/ssl but at www.openssl.org I see that it's not recent version 01-Jun-2010: OpenSSL 0.9.8o is now available, including important bug and security fixes I know that freebsd security team make patches for base openssl, but how can I know what patchlevel of openssl in base version? Like -p5 in OpenSSL 0.9.8e-p5 23 Feb 2007. Why not just install the ports version: openssl version -a OpenSSL 1.0.0a 1 Jun 2010 built on: Sun Jun 6 12:19:12 EDT 2010 platform: BSD-x86_64 options: bn(64,64) rc4(8x,int) des(idx,cisc,16,int) idea(int) blowfish(idx) compiler: cc -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall -O2 -pipe -march=athlon64 -fno-strict-aliasing -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DWHIRLPOOL_ASM OPENSSLDIR: /usr/local/openssl You would need to add this to the /etc/make.conf file first I believe: WITH_OPENSSL_PORT=yes There are still too many broken ports with openssl from ports, I do not like debug it and really like to use base openssl, almost no difference. But I just want to have some proves that base system openssl has security patches because 7.3-RELEASE base openssl is 0.9.8e, but 0.9.8e has got security vulnerabilities. But how can I be sure that freebsd base system with 0.9.8e version does not have any vulnerabilities? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: openssl version - how to verify
Jerry, I'm not about that :) base openssl are OK. But I need proves that it has got no security problems - it's external IT auditors request. And I'm interested how I can know what patchlevel there on base openssl version and prove them (auditors) that freebsd base openssl are not vulnerable. 2010/11/15 Jerry freebsd.u...@seibercom.net: On Mon, 15 Nov 2010 18:40:27 +0300 c0re nr1c...@gmail.com articulated: There are still too many broken ports with openssl from ports, I do not like debug it and really like to use base openssl, almost no difference. Might I suggest that if you are aware of ports that don't work correctly with the port's version of openssl that you file a PR against it. I have done so and succeeded in getting several patches issued to correct the problem. This problem will not go away by itself. -- Jerry ✌ freebsd.u...@seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Upgrading to higher major version directly or via small steps?
I can't understand why should I use this adm tool instead of standard method, described in /usr/src/Makefile. And it's not an answer to this question: 6.2 to 7.3 is which one of the folowing: - 6.2-6.4-7.0-7.3 or - 6.2-7.3 directly? 2010/10/4 Odhiambo Washington odhia...@gmail.com: On Mon, Oct 4, 2010 at 4:47 PM, c0re nr1c...@gmail.com wrote: Hello all! I'm interested in 2 updates: - from 6.2 to 7.3 and - from 6.2 to 8.1 Can I update directly from 6.2 to 7.3? like set RELENG_7_3 in supfile and make csup. Or I should update to 6.4, then to 7.0, and then to 7.3? And same question about upgrading from 6.2 to 8.1 - can i csup directly to 8.1? If not - why is it so? http://people.freebsd.org/~rse/upgrade/ -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ If you have nothing good to say about someone, just shut up!. -- Lucky Dube ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Upgrading to higher major version directly or via small steps?
Hello all! I'm interested in 2 updates: - from 6.2 to 7.3 and - from 6.2 to 8.1 Can I update directly from 6.2 to 7.3? like set RELENG_7_3 in supfile and make csup. Or I should update to 6.4, then to 7.0, and then to 7.3? And same question about upgrading from 6.2 to 8.1 - can i csup directly to 8.1? If not - why is it so? Thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
/usr/ports via NFS on several servers adn parralell portupgrade
Hello all! I found one problem using portupgrade on a number of servers, that has NFS mounter /usr/ports from one server. On one server portupgrade sometimes want to rebuild /usr/ports/INDEX-7.db. While it rebuilds, another portupgrade running on second server suddenly wants to rebuild INDEX-7.db. And both portupgrades fails with this message: ... /usr/ports/INDEX-7:17502:read: 0x2a75d37c, 1024: Stale NFS file handle -- Stale NFS file handle /usr/ports/INDEX-7:17503:read: 0x2a75d37c, 1024: Stale NFS file handle -- Stale NFS file handle /usr/ports/INDEX-7:17504:read: 0x2a75d37c, 1024: Stale NFS file handle -- Stale NFS file handle /usr/ports/INDEX-7:17505:read: 0x2a75d37c, 1024: Stale NFS file handle -- Stale NFS file handle /usr/ports/INDEX-7:17506:read: 0x2a75d37c, 1024: Stale NFS file handle -- Stale NFS file handle /usr/ports/INDEX-7:17507:read: 0x2a75d37c, 1024: Stale NFS file handle -- Stale NFS file handle /usr/ports/INDEX-7:17508:read: 0x2a75d37c, 1024: Stale NFS file handle -- Stale NFS file handle /usr/ports/INDEX-7:17509:read: 0x2a75d37c, 1024: Stale NFS file handle -- Stale NFS file handle .. How ti use portupgrade with /usr/ports right? I set WRKDIRPREFIX=/tmp/workdir in make.conf. May be I can do something else to allow several portupgrade processes on several servers that has mounted nfs from one server? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
freebsd-update 8.1 to 8.1-p1
Hello freebsd-questions! I've installed freebsd 8.1 and made freebsd-update fetch freebsd-update install reboot And in uname -a I still see 8.1-RELEASE, but I want to see 8.1-RELEASE-p1. In /usr/src/sys/conf/newvers.sh I see that it is 8.1-p1 REVISION=8.1 BRANCH=RELEASE-p1 Why is it so? I want to know that my system is up to date with freebsd-update, but uname -a does not show this to me. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: freebsd-update 8.1 to 8.1-p1
But freebsd-update should do it. Rebuilding kernel will prevent from further freebsd-update patches to rebuilded GENERIC. 2010/9/27 Phan Quoc Hien phanquoch...@gmail.com: Try rebuild your kernel and get 8.1-RELEASE-p1! I did it! On Mon, Sep 27, 2010 at 3:29 PM, c0re nr1c...@gmail.com wrote: Hello freebsd-questions! I've installed freebsd 8.1 and made freebsd-update fetch freebsd-update install reboot And in uname -a I still see 8.1-RELEASE, but I want to see 8.1-RELEASE-p1. In /usr/src/sys/conf/newvers.sh I see that it is 8.1-p1 REVISION=8.1 BRANCH=RELEASE-p1 Why is it so? I want to know that my system is up to date with freebsd-update, but uname -a does not show this to me. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- Mr.Hien E-mail: phanquoch...@gmail.com Website: www.mrhien.info ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: freebsd-update 8.1 to 8.1-p1
Is not p1 compiled in kernel during make buildkernel operation? If yes, /boot/kernel of 8.1 and /boot/kernel 8.1-p1 must be different. So binary diff of /boot/kernel also must be installed during freebsd-update. It's my opinion. Why not? I think it's not reasonable to have updated system without actually be possible to know that it's really updated. And I think that if you are looking for real patch level of your OS, you will look at uname -a, not in newvers.sh file. Correct me if i'm wrong. 2010/9/27 Jason jhelf...@e-e.com: On Mon, Sep 27, 2010 at 09:01:38PM +0700, Phan Quoc Hien thus spake: Try rebuild your kernel and get 8.1-RELEASE-p1! I did it! On Mon, Sep 27, 2010 at 3:29 PM, c0re nr1c...@gmail.com wrote: Hello freebsd-questions! I've installed freebsd 8.1 and made freebsd-update fetch freebsd-update install reboot And in uname -a I still see 8.1-RELEASE, but I want to see 8.1-RELEASE-p1. In /usr/src/sys/conf/newvers.sh I see that it is 8.1-p1 REVISION=8.1 BRANCH=RELEASE-p1 Why is it so? I want to know that my system is up to date with freebsd-update, but uname -a does not show this to me. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org The kernel wasn't touched during the latest set of security releases, so an update to 8.1-p1 will show your kernel at 8.1. If you perform another freebsd-update, it should show no updates for 8.1-p1. Based on what you are saying, uname is reporting correctly. Other than 'sys/conf/newvers.sh,' if the update touches sys, it should redistribute the kernel and the patch number in the announcement. After it is properly applied, 'uname' should match. I don't recall the reasoning behind newvers.sh in the update software, but others may have an idea. -jgh ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org