Install guide (Was: Re: Urgent help needed : portmaster dies on py-cairo)
On Wednesday 08 July 2009 19:45:05 Manish Jain wrote:
==
Part-1)Immediately after a fresh FreeBSD-7.2#RELEASE install :
I assume you will at some stage or the other install a linux port, eg
acroread8 or acroread9, linux-ymessenger, etc. Incidentally, unless you
have specific needs, prefer acroread8 over acroread9.
Adding to assumptions: one wants to use gnome as desktop.
All following steps are to be executed as root.
a)Make sure /etc/rc.conf has at least the following 5 lines.
dbus_enable=YES
hald_enable=YES
polkitd_enable=YES
gnome_enable=YES
linux_enable=YES
b)Make sure /boot/loader.conf has at least the following 3 lines.
kern.maxdsiz=734003200
This is a) not needed and b) doesn't do anything useful, since the default
will still be the compiled default, unless you also set kern.defdsiz. The only
thing this does is allow the datasize limit to be raised to 700M, using
limits(1), but since the default still is 512M an unaware application will
still fail malloc(3) if allocating beyond 512M.
linprocfs_load=YES
linsysfs_load=YES
Which ports you mention require linsysfs?
c)Make sure /etc/fstab has at least the following 3 lines.
proc/proc procfs
rw00
linproc /usr/compat/linux/proclinprocfsrw00
linsys /usr/compat/linux/sys linsysfs rw0
0
Better to use /compat/linux/*. While by default it resides on /usr, it is
convenient to be able to change the symlink, for example to test a new
linux_base port without wiping the current one or to free up space on the /usr
partition.
d)Upgrage from python25 to python26 along with all dependent ports
as follows :
rm -rf /usr/ports 2/dev/null
Or you can simply not install the ports distribution, since this is the first
thing you do. I also don't understand why you install a boatload of packages
from CD/DVD only to complicate things by upgrading by my estimate at least
70%. Why not just portsnap and build the leafs?
mkdir -p /usr/ports/distfiles
portsnap fetch extract
cd /usr/ports/ports-mgmt/portupgrade
make deinstall 2/dev/null
make install clean
portupgrade -C -r -o lang/python26 lang/python25
portupgrade -rfx python26 python26
pkgdb -F
Before doing anything further, reboot.
This needs a reason. I don't know any.
Immediately after reboot, execute
Part-2.
Part-2) Steps to be followed whenever a significant number new
ports/patches are available and you need to ensure your ports as well as
your ports directory are up to date :
thisdate=`date +%Y-%m-%n`
I assume that's %d, since %n is a newline.
rm /root/portupgrade-${thisdate}.log 2/dev/null
portsnap fetch update
portupgrade -ace -uRl /root/portupgrade-${thisdate}.log
pkgdb -F
Note : If you plan to install any linux ports, you should have said yes
to 'Linux binary compatibility' at the time you installed FreeBSD. If
you didn't, the very first port you need to build is
emulators/linux_base-fc4
If you use net/skype you will need linux_base-fc6, so again using sysinstall
can be a problem.
--
Mel
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Urgent help needed : portmaster dies on py-cairo
b. f. wrote:
On 7/6/09, manish jain invalid.poin...@gmail.com wrote:
2009/7/6 b. f. bf1...@googlemail.com
After running pkgdb -F, I find that there hundreds of ports depending on
python2.5.
Most of these are probably indirectly dependent, and may not be
seriously affected. Many, for example, may have been dragged in by
xorg's silly dependency on python via libxcb.
Looks to me it will be easier to backup my dstfiles and reinstall
the whole system afresh a 3rd time rather than trying to fix the existing
ports. This time I will install no packages from the installation media, and
build directly from ports instead. The first 2 ports I will build this time
will be lang/python26 followed by lang/python.
Sounds good.
I suppose this should set the
systemwide default python version to 2.6.
As the others have mentioned, you don't need to do this unless you
wish to use a version of python other than 2.6, which is now the
default.
1) How do I find or set PYTHON_DEFAULT_VERSION ?
2) What workaround would be needed in make.conf to get 2.5-hardwired ports
to use 2.6 instead ?
1) See above.
2) I didn't mean, as Seaman seemed to think, and you may have, that
you can use ports built against 2.5 with 2.6. That would only rarely
work, and most likely lead to all sorts of problems. Instead you
should proceed with your plan, and rebuild all dependent ports via:
pkgdb -L
pkgdb -F
portupgrade -fvrx lang/python26 lang/python26
rm -r /usr/local/lib/python2.5
or rebuild just that subset of ports that are most likely to be broken
by the change, via the upgrade-site-packages target in lang/python, as
Seaman suggested.
What I meant by my original comment was, that if you should happen to
want to build a port against 2.6, but find that it is hardwired in the
port Makefile via USE_PYTHON to another version or versions, and you
don't want to go to the trouble of patching the port Makefile, and
then preserving this local modification when you merge in updates to
the port tree, you can add a workaround in /etc/make.conf. Say, for
example, you see that mail/py-spambayes has:
USE_PYTHON= -2.5
in the port Makefile, and you want to install spambayes, but you don't
want to have to reinstall python 2.5 or an earlier version of python.
If you add:
.if${.CURDIR:M*/mail/py-spambayes*}
PYTHON_VERSION=python2.6
NO_IGNORE=yes
.endif
to /etc/make.conf, you can override the spambayes port Makefile
without patching it. Now, you are _not_ supposed to do this, and you
will probably have to deal with any consequences of such a local
change on your own. Many ports have these restrictions for a good
reason, but such an override can be occasionally useful.
b.
Hi,
After a marathon session spread over 2 days, I have managed to set up a
new FreeBSD-7.2 installation with all ports (762) up to date. From the
gleanings of this conversation and some reading I did myself, I have
compiled a small document for what-to-do-after-installation. I would
dearly appreciate your comments on the document, and would be extremely
glad if my document could be of any help to somebody else too.
Please note that portupgrade works much better on my system than
portmaster. So the following document assumes/recommends using portupgrade.
Here it is.
==
Part-1)Immediately after a fresh FreeBSD-7.2#RELEASE install :
I assume you will at some stage or the other install a linux port, eg
acroread8 or acroread9, linux-ymessenger, etc. Incidentally, unless you
have specific needs, prefer acroread8 over acroread9.
All following steps are to be executed as root.
a)Make sure /etc/rc.conf has at least the following 5 lines.
dbus_enable=YES
hald_enable=YES
polkitd_enable=YES
gnome_enable=YES
linux_enable=YES
b)Make sure /boot/loader.conf has at least the following 3 lines.
kern.maxdsiz=734003200
linprocfs_load=YES
linsysfs_load=YES
c)Make sure /etc/fstab has at least the following 3 lines.
proc/proc procfs
rw00
linproc /usr/compat/linux/proclinprocfsrw00
linsys /usr/compat/linux/sys linsysfs rw0
0
d)Upgrage from python25 to python26 along with all dependent ports
as follows :
rm -rf /usr/ports 2/dev/null
mkdir -p /usr/ports/distfiles
portsnap fetch extract
cd /usr/ports/ports-mgmt/portupgrade
make deinstall 2/dev/null
make install clean
portupgrade -C -r -o lang/python26 lang/python25
portupgrade -rfx python26 python26
pkgdb -F
Before doing anything further, reboot. Immediately after reboot, execute
Part-2.
Part-2) Steps to be followed whenever a significant number new
ports/patches are available and you need to ensure your ports as well as
your ports directory are up to date :
thisdate=`date +%Y-%m-%n`
rm /root/portupgrade-${thisdate}.log 2/dev/null
portsnap fetch update
portupgrade
Re: Urgent help needed : portmaster dies on py-cairo
2009/7/6 b. f. bf1...@googlemail.com Manish Jain wrote: After 3-4 hours, portsnap died on graphics/py-cairo saying : cannot find python headers I'm guessing you meant portmaster died here ... /usr/ports/graphics/py-cairo/work/pycairo-1.8.4/config.log says : configure:4734: cc -E -I/usr/local/include conftest.c conftest.c:10:28: error: ac_nonexistent.h: No such file or directory configure:4741: $? = 1 cd /usr find . -name 'ac_nonexistent.h' #no results As the name suggests, this header doesn't really exist. It's just a dummy header used during a test in the configure script to see how the compiler reacts when a header isn't there, in preparation for testing for the presence of real headers. That shouldn't be the problem: are you sure the configure script really failed at that point? If so, something is probably wrong with your compiler or toolchain, and that's usually bad news. :( py-cairo-1.8.4 needs python2.6. My system has both python2.5 and python2.6 installed, with their headers under /usr/local/include/python2.5 and /usr/local/include/python2.6 respectively. Why do you have both versions installed? 2.6 is largely backwards-compatible with 2.5, so why not just rip out 2.5 and use 2.6 exclusively? You'll save some trouble and disk space. Make sure your ports tree is up-to-date, so that PYTHON_DEFAULT_VERSION defaults to python2.6. Then deinstall lang/python25 and reinstall lang/python26. In particular, check to see that /usr/local/bin/python is present is a link to /usr/local/bin/python2.6. If it isn't, then something is wrong -- perhaps you have PYTHON_VERSION or PYTHON_DEFAULT_VERSION defined to the wrong value, or your ports tree is corrupt. Then rebuild all of the ports that depend upon python, and remove any vestige of the old /usr/local/lib/python2.5 directory tree. If you've stale ports that are still wired to use python2.5 for no good reason, you can patch them or their port Makefiles, or put a workaround in make.conf. Any help on enabling py-cairo locate the python headers would be greatly appreciated. What is the output of: make -C /usr/ports/graphics/py-cairo -V CONFIGURE_ENV If PYTHON is in there, properly defined as the path to the python2.6 binary, and the binary actually exists, then the configure script should succeed. If not, something is wrong. The configure script uses: PYTHON_INCLUDES=`$PYTHON-config --includes 2/dev/null` to find the proper Python.h. Is /usr/local/bin/python2.6-config missing or broken on your system? What about /usr/local/include/python2.6/Python.h? b. Hello B, Thanks for your help. After running pkgdb -F, I find that there hundreds of ports depending on python2.5. Looks to me it will be easier to backup my dstfiles and reinstall the whole system afresh a 3rd time rather than trying to fix the existing ports. This time I will install no packages from the installation media, and build directly from ports instead. The first 2 ports I will build this time will be lang/python26 followed by lang/python. I suppose this should set the systemwide default python version to 2.6. Before I undertake this 3rd attempt, I request a few clarifications so that everything comes out fine this time around. something is wrong -- perhaps you have PYTHON_VERSION or PYTHON_DEFAULT_VERSION defined to the wrong value, or your ports tree is corrupt. Then rebuild all of the ports that depend upon python, and remove any vestige of the old /usr/local/lib/python2.5 directory tree. If you've stale ports that are still wired to use python2.5 for no good reason, you can patch them or their port Makefiles, or put a workaround in make.conf. 1) How do I find or set PYTHON_DEFAULT_VERSION ? 2) What workaround would be needed in make.conf to get 2.5-hardwired ports to use 2.6 instead ? Thanks for any help. Regards Manish Jain invalid.poin...@gmail.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Urgent help needed : portmaster dies on py-cairo
On Mon, Jul 06, 2009 at 02:50:35PM +0530, manish jain wrote: 2009/7/6 b. f. bf1...@googlemail.com After running pkgdb -F, I find that there hundreds of ports depending on python2.5. You shouldn't have 2.5 installed at all. It should be upgraded to 2.6 and changes propagated to all dependent ports, see /usr/ports/UPDATE entry from 20090608. I've 99 ports depending on python 2.6, and my update was quite smooth, IIRC. 1) How do I find or set PYTHON_DEFAULT_VERSION ? 2) What workaround would be needed in make.conf to get 2.5-hardwired ports to use 2.6 instead ? I never had to mess with this, and I don't think it is a good idea. What I would probably do in your situation, is delete python2.5 forcefully, reinstall python2.6, and then reinstall any port which complains. -- Anton Shterenlikht Room 2.6, Queen's Building Mech Eng Dept Bristol University University Walk, Bristol BS8 1TR, UK Tel: +44 (0)117 928 8233 Fax: +44 (0)117 929 4423 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Urgent help needed : portmaster dies on py-cairo
manish jain wrote: 1) How do I find or set PYTHON_DEFAULT_VERSION ? It's defined in /usr/ports/Mk/bsd.python.mk -- the default is 'python2.6' since 2009-06-08. If you want to use a non-default value you can override the default by adding eg.: PYTHON_DEFAULT_VERSION= python2.5 to /etc/make.conf. You can see what actual value value is used by issuing the following command in any port that uses python: happy-idiot-talk:...ports/graphics/py-cairo:% make -V PYTHON_DEFAULT_VERSION python2.6 Note that 'PYTHON_DEFAULT_VERSION' is the python version any add-on modules will be compiled against. The similar 'PYTHON_VERSION' variable indicates which version of python you'ld get by running the command 'python'. Please read the descriptions at the top of bsd.python.mk for more detail. 2) What workaround would be needed in make.conf to get 2.5-hardwired ports to use 2.6 instead ? You can't do it that way. Previously installed ports have to be modified to use py26, as described in the 20090608 entry in /usr/ports/UPDATING: Once the installed Python has been updated to 2.6, by using the method above, it is required to run the upgrade-site-packages target in lang/python to assure that site-packages are made available to the new Python version. If using portupgrade: # cd /usr/ports/lang/python make upgrade-site-packages If using portmaster: # cd /usr/ports/lang/python make upgrade-site-packages -DUSE_PORTMASTER The portmaster case can take quite some time to complete due to the lack of cached information that the portupgrade suite uses (specifically pkg_which). This is not the fault of portmaster. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: Urgent help needed : portmaster dies on py-cairo
On 7/6/09, manish jain invalid.poin...@gmail.com wrote:
2009/7/6 b. f. bf1...@googlemail.com
After running pkgdb -F, I find that there hundreds of ports depending on
python2.5.
Most of these are probably indirectly dependent, and may not be
seriously affected. Many, for example, may have been dragged in by
xorg's silly dependency on python via libxcb.
Looks to me it will be easier to backup my dstfiles and reinstall
the whole system afresh a 3rd time rather than trying to fix the existing
ports. This time I will install no packages from the installation media, and
build directly from ports instead. The first 2 ports I will build this time
will be lang/python26 followed by lang/python.
Sounds good.
I suppose this should set the
systemwide default python version to 2.6.
As the others have mentioned, you don't need to do this unless you
wish to use a version of python other than 2.6, which is now the
default.
1) How do I find or set PYTHON_DEFAULT_VERSION ?
2) What workaround would be needed in make.conf to get 2.5-hardwired ports
to use 2.6 instead ?
1) See above.
2) I didn't mean, as Seaman seemed to think, and you may have, that
you can use ports built against 2.5 with 2.6. That would only rarely
work, and most likely lead to all sorts of problems. Instead you
should proceed with your plan, and rebuild all dependent ports via:
pkgdb -L
pkgdb -F
portupgrade -fvrx lang/python26 lang/python26
rm -r /usr/local/lib/python2.5
or rebuild just that subset of ports that are most likely to be broken
by the change, via the upgrade-site-packages target in lang/python, as
Seaman suggested.
What I meant by my original comment was, that if you should happen to
want to build a port against 2.6, but find that it is hardwired in the
port Makefile via USE_PYTHON to another version or versions, and you
don't want to go to the trouble of patching the port Makefile, and
then preserving this local modification when you merge in updates to
the port tree, you can add a workaround in /etc/make.conf. Say, for
example, you see that mail/py-spambayes has:
USE_PYTHON= -2.5
in the port Makefile, and you want to install spambayes, but you don't
want to have to reinstall python 2.5 or an earlier version of python.
If you add:
.if${.CURDIR:M*/mail/py-spambayes*}
PYTHON_VERSION=python2.6
NO_IGNORE=yes
.endif
to /etc/make.conf, you can override the spambayes port Makefile
without patching it. Now, you are _not_ supposed to do this, and you
will probably have to deal with any consequences of such a local
change on your own. Many ports have these restrictions for a good
reason, but such an override can be occasionally useful.
b.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Urgent help needed : portmaster dies on py-cairo
Hi, This is not a portmaster problem, but a problem of getting py-cairo to build following an update in the ports directory. 3 days back I ran 'portsnap fetch extract'. Then yesterday I ran 'portsnap fetch update' followed immediately by 'portmaster -a -B' After 3-4 hours, portsnap died on graphics/py-cairo saying : cannot find python headers /usr/ports/graphics/py-cairo/work/pycairo-1.8.4/config.log says : configure:4734: cc -E -I/usr/local/include conftest.c conftest.c:10:28: error: ac_nonexistent.h: No such file or directory configure:4741: $? = 1 cd /usr find . -name 'ac_nonexistent.h' #no results py-cairo-1.8.4 needs python2.6. My system has both python2.5 and python2.6 installed, with their headers under /usr/local/include/python2.5 and /usr/local/include/python2.6 respectively. Any help on enabling py-cairo locate the python headers would be greatly appreciated. My system is totally messed up, half of it updated by portmaster and the other half waiting for the update once py-cairo can locate the python headers. -- Regards Manish Jain invalid.poin...@gmail.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Urgent help needed : portmaster dies on py-cairo
Manish Jain wrote: After 3-4 hours, portsnap died on graphics/py-cairo saying : cannot find python headers I'm guessing you meant portmaster died here ... /usr/ports/graphics/py-cairo/work/pycairo-1.8.4/config.log says : configure:4734: cc -E -I/usr/local/include conftest.c conftest.c:10:28: error: ac_nonexistent.h: No such file or directory configure:4741: $? = 1 cd /usr find . -name 'ac_nonexistent.h' #no results As the name suggests, this header doesn't really exist. It's just a dummy header used during a test in the configure script to see how the compiler reacts when a header isn't there, in preparation for testing for the presence of real headers. That shouldn't be the problem: are you sure the configure script really failed at that point? If so, something is probably wrong with your compiler or toolchain, and that's usually bad news. :( py-cairo-1.8.4 needs python2.6. My system has both python2.5 and python2.6 installed, with their headers under /usr/local/include/python2.5 and /usr/local/include/python2.6 respectively. Why do you have both versions installed? 2.6 is largely backwards-compatible with 2.5, so why not just rip out 2.5 and use 2.6 exclusively? You'll save some trouble and disk space. Make sure your ports tree is up-to-date, so that PYTHON_DEFAULT_VERSION defaults to python2.6. Then deinstall lang/python25 and reinstall lang/python26. In particular, check to see that /usr/local/bin/python is present is a link to /usr/local/bin/python2.6. If it isn't, then something is wrong -- perhaps you have PYTHON_VERSION or PYTHON_DEFAULT_VERSION defined to the wrong value, or your ports tree is corrupt. Then rebuild all of the ports that depend upon python, and remove any vestige of the old /usr/local/lib/python2.5 directory tree. If you've stale ports that are still wired to use python2.5 for no good reason, you can patch them or their port Makefiles, or put a workaround in make.conf. Any help on enabling py-cairo locate the python headers would be greatly appreciated. What is the output of: make -C /usr/ports/graphics/py-cairo -V CONFIGURE_ENV If PYTHON is in there, properly defined as the path to the python2.6 binary, and the binary actually exists, then the configure script should succeed. If not, something is wrong. The configure script uses: PYTHON_INCLUDES=`$PYTHON-config --includes 2/dev/null` to find the proper Python.h. Is /usr/local/bin/python2.6-config missing or broken on your system? What about /usr/local/include/python2.6/Python.h? b. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Urgent help needed please: Gvinum problem
Hi, We had a power lost even though we have ups and generators (still investigating it) and when the machine rebooted one of the disk seems to be failed : The system complains about fsck repaired failed and that I must run it manually. It then boots in single user mode. I entered gvinum and pressed l to see the status of the drive and I get this: My volume is UP My plex is shown as degraded I have 3 of the 4 subdisks shown as UP the 4th is shown as down. Running gvinum /dev/gvinum/RAID5 which is the name of my volume gets me this error: ** /dev/gvinum/RAID5 Cannot find file system superblock Ioctl (GCINFO): Inapropriate ioctl for device fsck_ufs: /dev/gvinum/RAID5: cant read disk label I tried bsdlabel gvinum/RAID5 it tells me there is no valid label found Does anyone knows what I can try to try to put back system online (at least, so I can restore a backup on the disk) Thanks ~~ Ian Lord MSD Informatique 1711 Montée Major Terrebonne (Québec) J7M 1E6 Tél: (514) 776-MSDI - (514) 776-6734 Sans Frais: 1(877) 776-MSDI - 1(877) 776-6734 http://www.msdi.ca ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Urgent help needed please: Gvinum problem
Hi, We had a power lost even though we have ups and generators (still investigating it) and when the machine rebooted one of the disk seems to be failed : The system complains about fsck repaired failed and that I must run it manually. It then boots in single user mode. I entered gvinum and pressed l to see the status of the drive and I get this: My volume is UP My plex is shown as degraded I have 3 of the 4 subdisks shown as UP the 4th is shown as down. Running gvinum /dev/gvinum/RAID5 which is the name of my volume gets me this error: ** /dev/gvinum/RAID5 Cannot find file system superblock Ioctl (GCINFO): Inapropriate ioctl for device fsck_ufs: /dev/gvinum/RAID5: cant read disk label I tried bsdlabel gvinum/RAID5 it tells me there is no valid label found Does anyone knows what I can try to try to put back system online (at least, so I can restore a backup on the disk) Thanks p.s. Please reply to me also as I am a digest member thanks ~~ Ian Lord MSD Informatique 1711 Montée Major Terrebonne (Québec) J7M 1E6 Tél: (514) 776-MSDI - (514) 776-6734 Sans Frais: 1(877) 776-MSDI - 1(877) 776-6734 http://www.msdi.ca ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Urgent help needed please: Gvinum problem
Ian Lord wrote: Hi, We had a power lost even though we have ups and generators (still investigating it) and when the machine rebooted one of the disk seems to be failed : The system complains about fsck repaired failed and that I must run it manually. It then boots in single user mode. I entered gvinum and pressed “l” to see the status of the drive and I get this: My volume is UP My plex is shown as degraded I have 3 of the 4 subdisks shown as UP the 4th is shown as down. Running “gvinum /dev/gvinum/RAID5” which is the name of my volume gets me this error: ** /dev/gvinum/RAID5 Cannot find file system superblock Ioctl (GCINFO): Inapropriate ioctl for device fsck_ufs: /dev/gvinum/RAID5: can’t read disk label I tried “bsdlabel gvinum/RAID5” it tells me there is no valid label found Does anyone knows what I can try to try to put back system online (at least, so I can restore a backup on the disk) I'm trying to find my vinum notes, but can't as of yet... What does a: # fsck -y /dev/gvinum/RAID5 ...yield...anything? Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: Urgent help needed please: Gvinum problem
Hi, We had a power lost even though we have ups and generators (still investigating it) and when the machine rebooted one of the disk seems to be failed : The system complains about fsck repaired failed and that I must run it manually. It then boots in single user mode. I entered gvinum and pressed l to see the status of the drive and I get this: My volume is UP My plex is shown as degraded I have 3 of the 4 subdisks shown as UP the 4th is shown as down. Running gvinum /dev/gvinum/RAID5 which is the name of my volume gets me this error: ** /dev/gvinum/RAID5 Cannot find file system superblock Ioctl (GCINFO): Inapropriate ioctl for device fsck_ufs: /dev/gvinum/RAID5: can't read disk label I tried bsdlabel gvinum/RAID5 it tells me there is no valid label found Does anyone knows what I can try to try to put back system online (at least, so I can restore a backup on the disk) I'm trying to find my vinum notes, but can't as of yet... What does a: # fsck -y /dev/gvinum/RAID5 ...yield...anything? Steve ~ Same :( But thanks all, I just did a newfs and currently restoring backups on it Strange... Last time I will will gvinum, nothing as stable as a hardware controller I guess :( ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: Urgent help needed please: pecl-memcache problem after upgrade of php
-Original Message- From: B. Cook [mailto:[EMAIL PROTECTED] Sent: 13 août 2007 13:54 To: Ian Lord Subject: Re: Urgent help needed please: pecl-memcache problem after upgrade of php Have you tried rebuilding the port? memcache to reflect your current version of php? Thats usually what I need to do. cd /usr/ports/www/memcache (or whatever it is..) make clean make make deinstall make install sync then try a php -v or php-cgi -v and see what happens. Ian Lord wrote, On 8/13/07 10:49 AM: Hi, I just did a portupgrade -a and now memcache doesn't work anymore in php. Here are the version portupgrade installed: pecl-memcache-2.1.2 memcached-1.2.2 php5-5.2.3_1 In php/error.log I can see this error message [13-Aug-2007 10:38:20] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/20060613/memcache.so' - /usr/local/lib/php/20060613/memcache.so: Undefined symbol quot;php_session_create_idquot; in Unknown on line 0 Can anyone help please If not able to fix (might be a problem with the port, what is the easiest way to go back to previous version) Thanks p.s. Please reply to me directly as I am only registered on the digest list ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- B. Cook Network Analyst Poughkeepsie City School District Mobile: 845.264.5827 | Desk: 845.451.4791 Thanks for your help... The problem was not with the memcache port but with the pecl-memcache port... Doing as you suggested, fixed the problem make clean, followed by a make deinstall and make install Before sending the message I already tried a make deinstall / make reinstall and it didnt work. Any idea why 1- Portupgrade broke the thing ? 2- a make clean/make deinstall/make install is better than a make deinstall/make reinstall ? Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Urgent help needed please: pecl-memcache problem after upgrade of php
On Tue, 14 Aug 2007 03:01:15 -0400
Ian Lord [EMAIL PROTECTED] wrote:
1- Portupgrade broke the thing ?
portupgrade upgraded libraries that were referenced by other objects...for some
reason, pecl / php stuff is very picky. Maybe the ports need to be updated in
unison / force upgrades of the other (if installed)...
2- a make clean/make deinstall/make install is better than a make
deinstall/make reinstall ?
not sure, make clean forces a full rebuild of the port ... i think it goes back
to the point that portupgrade may not realise it needs to update the other
port...if u tell it exactly what to update then it should work too with
portupgrade
_
{Beto|Norberto|Numard} Meijome
Never take Life too seriously, no one gets out alive anyway.
I speak for myself, not my employer. Contents may be hot. Slippery when wet.
Reading disclaimers makes you go blind. Writing them is worse. You have been
Warned.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Urgent help needed please: pecl-memcache problem after upgrade of php
Hi, I just did a portupgrade -a and now memcache doesn't work anymore in php. Here are the version portupgrade installed: pecl-memcache-2.1.2 memcached-1.2.2 php5-5.2.3_1 In php/error.log I can see this error message [13-Aug-2007 10:38:20] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/20060613/memcache.so' - /usr/local/lib/php/20060613/memcache.so: Undefined symbol quot;php_session_create_idquot; in Unknown on line 0 Can anyone help please If not able to fix (might be a problem with the port, what is the easiest way to go back to previous version) Thanks p.s. Please reply to me directly as I am only registered on the digest list ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Urgent help needed please: pecl-memcache problem after upgrade of php
On Mon, 13 Aug 2007 10:49:48 -0400
Ian Lord [EMAIL PROTECTED] wrote:
Hi,
I just did a portupgrade -a and now memcache doesn't work anymore in php.
best practice is to test upgrades before applying them to production :)
Here are the version portupgrade installed:
pecl-memcache-2.1.2
memcached-1.2.2
php5-5.2.3_1
In php/error.log I can see this error message
[13-Aug-2007 10:38:20] PHP Warning: PHP Startup: Unable to load dynamic
library '/usr/local/lib/php/20060613/memcache.so' -
/usr/local/lib/php/20060613/memcache.so: Undefined symbol
quot;php_session_create_idquot; in Unknown on line 0
it could be that memcache and php got out of sync with the php modules. try
rebuilding all the php modules ( portupgrade -fp php-* ) . the -p will make
binary packages after installing the ports
[...]
If not able to fix (might be a problem with the port, what is the easiest
way to go back to previous version)
- have you kept packages of the previously installed versions? you an use them
to revert back
- you can try to move the ports tree back to before those upgrades happened,
and force a downgrade to those versions.
i still think the fastest way is to rebuild php*
good luck,
B
_
{Beto|Norberto|Numard} Meijome
Egotism is the anesthetic that dulls the pain of stupidity.
Frank Leahy
I speak for myself, not my employer. Contents may be hot. Slippery when wet.
Reading disclaimers makes you go blind. Writing them is worse. You have been
Warned.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: routing and networking help. (urgent help please)
FIXED, ignore this email.. However no one has answered. Hello Gurus, This is an Urgent help, as everything pending, waiting.. a FreeBSD Solution. and I appologize if I will explain in details, please be patient with me. Just yesterday, our ISP installed 2 routers (both 3com) at our main office. One router acting for Datalink between the office and the branch (datarouter) One for the internet connection.(internet router) one short cable connected from the internet router to datalink router So everyone on the WAN has internet access which we donot want. So we decided to have our FreeBSD 6.1-R server, managing all the job. So I installed a FreeBSD box, with NATd enabled, this is how it works Internet router --- rl0 192.168.0.3 freebsd dc0 192.168.1.1 --- switch --- all clinets also a cat5 cable hookedup from the datalink router to the switch. So the switch having the clinets+datalink router + lan freebsd cable. The datalink router connected to the branch site also WAN. the internet router has the following configurations. IP 192.168.0.2 gateway 192.168.0.254 and the datalink configuration has the follow gateway 192.168.0.253 WAN (branch site) IPs of 192.168.2.xx gateway 192.168.0.254 ALL can ping each other and see each other..(if there is no freebsd server) also wan works perfectly.. with no FreeBSD server.. Here is the problem the problem when I configure my fbsd lan interface to 192.168.1.1 and my clinets will have the IP 192.168.1.x/24 with gateway 192.168.0.254 wthey will have the internet.. and will NOT see any datalink clients, nor will see the WAN on the branch site. (diffrences of IPs and gateways) because clinets directed to the fbsd server which regonize 192.168.0.254 (internet router) If I configure my clients behind fbsd nat server to IPs of 192.168.0.x/24 and gateway 192.168.0.253 (Insted of 192.168.1.x and gw 192.168.0.254) they will see the datalink and wan but no internet. How would I make all clinets have my fbsd lan ips 192.168.1.x/24 and freebsd will have the ability to see the two gateways 192.168.0.254 (internet router) and 192.168.0.253 (datalink router) In short words, all clinets should be connected to FreeBSD server lan interface but in the same time, freebsd will route and manage to the requests for wan. Second problem: If i have rl0 to host my internet router real IP and defautlrouter to the NAT ip, internet will not work. ifconfig_rl0=inet 62.215.x.6 netmask 255.255.255.252 defaultrouter=62.215.x.5 #internet router IP No Internet. but if i host my rl0 to 192.168.0.3 and defaultrouter to 192.168.0.254 (internet router gateway) internet will work... ifconfig_rl0=inet 192.168.0.3 netmask 255.255.255.0 defaultrouter=192.168.0.254 The first case, disabling nat from router and having it to freebsd only second case, having the router to NAT and again freebsd doing another nat. Sorry Gurus for the long emails, excuse me, and waiting your reply asap. -Marwan Sultan. _ FREE pop-up blocking with the new MSN Toolbar - get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
routing and networking help. (urgent help please)
Hello Gurus, This is an Urgent help, as everything pending, waiting.. a FreeBSD Solution. and I appologize if I will explain in details, please be patient with me. Just yesterday, our ISP installed 2 routers (both 3com) at our main office. One router acting for Datalink between the office and the branch (datarouter) One for the internet connection.(internet router) one short cable connected from the internet router to datalink router So everyone on the WAN has internet access which we donot want. So we decided to have our FreeBSD 6.1-R server, managing all the job. So I installed a FreeBSD box, with NATd enabled, this is how it works Internet router --- rl0 192.168.0.3 freebsd dc0 192.168.1.1 --- switch --- all clinets also a cat5 cable hookedup from the datalink router to the switch. So the switch having the clinets+datalink router + lan freebsd cable. The datalink router connected to the branch site also WAN. the internet router has the following configurations. IP 192.168.0.2 gateway 192.168.0.254 and the datalink configuration has the follow gateway 192.168.0.253 WAN (branch site) IPs of 192.168.2.xx gateway 192.168.0.254 ALL can ping each other and see each other..(if there is no freebsd server) also wan works perfectly.. with no FreeBSD server.. Here is the problem the problem when I configure my fbsd lan interface to 192.168.1.1 and my clinets will have the IP 192.168.1.x/24 with gateway 192.168.0.254 wthey will have the internet.. and will NOT see any datalink clients, nor will see the WAN on the branch site. (diffrences of IPs and gateways) because clinets directed to the fbsd server which regonize 192.168.0.254 (internet router) If I configure my clients behind fbsd nat server to IPs of 192.168.0.x/24 and gateway 192.168.0.253 (Insted of 192.168.1.x and gw 192.168.0.254) they will see the datalink and wan but no internet. How would I make all clinets have my fbsd lan ips 192.168.1.x/24 and freebsd will have the ability to see the two gateways 192.168.0.254 (internet router) and 192.168.0.253 (datalink router) In short words, all clinets should be connected to FreeBSD server lan interface but in the same time, freebsd will route and manage to the requests for wan. Second problem: If i have rl0 to host my internet router real IP and defautlrouter to the NAT ip, internet will not work. ifconfig_rl0=inet 62.215.x.6 netmask 255.255.255.252 defaultrouter=62.215.x.5 #internet router IP No Internet. but if i host my rl0 to 192.168.0.3 and defaultrouter to 192.168.0.254 (internet router gateway) internet will work... ifconfig_rl0=inet 192.168.0.3 netmask 255.255.255.0 defaultrouter=192.168.0.254 The first case, disabling nat from router and having it to freebsd only second case, having the router to NAT and again freebsd doing another nat. Sorry Gurus for the long emails, excuse me, and waiting your reply asap. -Marwan Sultan. _ FREE pop-up blocking with the new MSN Toolbar - get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Need urgent help to get Sendmail running again
Hi, I had a recent downtime on the mailserver I'm running due to remote location and trouble with upgrading FreeBSD. I upgraded from 4.7 STABLE to the latest 4.11 with complete make world and new kernel, at first the machine didn't come back up again due to a disk error, but now it's online again. However I'm having big trouble getting Sendmail up and running normal again. I used to have sendmail configured with Spamassassin and Spamass-Milter, but I have now removed both of them from the .mc file and uninstalled both the programs and startup files. When the machine is rebooted I get the following errors: pid 86 (sendmail), uid 0: exited on signal 11 pid 87 (sendmail), uid 0: exited on signal 11 Sendmail version 8.13.1 Here are the first lines from /var/log/maillog (server startup) Jun 26 15:13:44 malibu sm-mta[86]: starting daemon (8.13.1): [EMAIL PROTECTED]:30:00 Jun 26 15:13:44 malibu sm-msp-queue[91]: starting daemon (8.13.1): [EMAIL PROTECTED]:30:00 Jun 26 15:13:45 malibu sendmail[95]: k5QDDjPI95: from=root, size=427, class=-60, nrcpts=1, msgid=200606261313.k5QDD [EMAIL PROTECTED], [EMAIL PROTECTED] Jun 26 15:13:45 malibu sendmail[95]: k5QDDjPI95: to=ftp, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer =relay, pri=138427, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1] Jun 26 15:13:45 malibu sendmail[97]: k5QDDjQl97: from=root, size=433, class=-60, nrcpts=1, msgid=200606261313.k5QDD [EMAIL PROTECTED], [EMAIL PROTECTED] Jun 26 15:13:45 malibu sendmail[97]: k5QDDjQl97: to=root, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, maile r=relay, pri=138433, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1] Jun 26 15:13:46 malibu sendmail[99]: k5QDDjsQ99: from=root, size=455, class=-60, nrcpts=1, msgid=200606261313.k5QDD [EMAIL PROTECTED], [EMAIL PROTECTED] Jun 26 15:13:46 malibu sendmail[99]: k5QDDjsQ99: to=ftp, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:00, mailer =relay, pri=138455, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1] Jun 26 15:13:46 malibu sendmail[103]: k5QDDkGH000103: from=root, size=427, class=-60, nrcpts=1, msgid=200606261313.k5QD [EMAIL PROTECTED], [EMAIL PROTECTED] There seems to be a lot of messages waiting to be sent, Ie. from the forum I run. Jun 26 15:13:57 malibu sm-msp-queue[92]: k5QAVQCT89: to=www, delay=02:35:22, xdelay=00:00:00, mailer=relay, pri=8425 88, relay=[127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [ 127.0.0.1] Jun 26 15:13:57 malibu sm-msp-queue[92]: k5QAVQCY89: to=www, delay=02:35:22, xdelay=00:00:00, mailer=relay, pri=8425 92, relay=[127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [ 127.0.0.1] Jun 26 15:13:57 malibu sm-msp-queue[92]: k5QAVQCW89: to=www, delay=02:35:22, xdelay=00:00:00, mailer=relay, pri=8425 93, relay=[127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [ 127.0.0.1] Jun 26 15:13:57 malibu sm-msp-queue[92]: k5QAVQCe89: to=www, delay=02:35:21, xdelay=00:00:00, mailer=relay, pri=8425 95, relay=[127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [ 127.0.0.1] /var/spool/clientmqueue contains many messages. Also, I can't get Sendmail to accept new messages for the people who are users on this system. Mails I send from Ie. this gmail account do not reach my account on the mailserver.I don't understand this. MX record is fine. local-host-names contain all hostnames on the system. virtusertable is OK. ??? Anyone help greatly appreciated! Thanks! Andreas ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need urgent help to get Sendmail running again
You email didn't state if you rebuilt sendmail too, when you rebuilt world. This is an option in /etc/make.conf. The current sendmail is 8.13.7 so you may not have rebuilt sendmail. The logs show that you are not able to authenticate to localhost, but your email didn't state how you have sendmail configured to do authentication. I have seen this error a number of times, when the authentication you have configured in your .cf files is not matched by the sendmail compiler flags. Also in /etc/make.conf you should have any special sendmail compile options. -Derek At 08:41 AM 6/26/2006, Andreas Widerøe Andersen wrote: Hi, I had a recent downtime on the mailserver I'm running due to remote location and trouble with upgrading FreeBSD. I upgraded from 4.7 STABLE to the latest 4.11 with complete make world and new kernel, at first the machine didn't come back up again due to a disk error, but now it's online again. However I'm having big trouble getting Sendmail up and running normal again. I used to have sendmail configured with Spamassassin and Spamass-Milter, but I have now removed both of them from the .mc file and uninstalled both the programs and startup files. When the machine is rebooted I get the following errors: pid 86 (sendmail), uid 0: exited on signal 11 pid 87 (sendmail), uid 0: exited on signal 11 Sendmail version 8.13.1 Here are the first lines from /var/log/maillog (server startup) Jun 26 15:13:44 malibu sm-mta[86]: starting daemon (8.13.1): [EMAIL PROTECTED]:30:00 Jun 26 15:13:44 malibu sm-msp-queue[91]: starting daemon (8.13.1): [EMAIL PROTECTED]:30:00 Jun 26 15:13:45 malibu sendmail[95]: k5QDDjPI95: from=root, size=427, class=-60, nrcpts=1, msgid=200606261313.k5QDD [EMAIL PROTECTED], [EMAIL PROTECTED] Jun 26 15:13:45 malibu sendmail[95]: k5QDDjPI95: to=ftp, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer =relay, pri=138427, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1] Jun 26 15:13:45 malibu sendmail[97]: k5QDDjQl97: from=root, size=433, class=-60, nrcpts=1, msgid=200606261313.k5QDD [EMAIL PROTECTED], [EMAIL PROTECTED] Jun 26 15:13:45 malibu sendmail[97]: k5QDDjQl97: to=root, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, maile r=relay, pri=138433, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1] Jun 26 15:13:46 malibu sendmail[99]: k5QDDjsQ99: from=root, size=455, class=-60, nrcpts=1, msgid=200606261313.k5QDD [EMAIL PROTECTED], [EMAIL PROTECTED] Jun 26 15:13:46 malibu sendmail[99]: k5QDDjsQ99: to=ftp, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:00, mailer =relay, pri=138455, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1] Jun 26 15:13:46 malibu sendmail[103]: k5QDDkGH000103: from=root, size=427, class=-60, nrcpts=1, msgid=200606261313.k5QD [EMAIL PROTECTED], [EMAIL PROTECTED] There seems to be a lot of messages waiting to be sent, Ie. from the forum I run. Jun 26 15:13:57 malibu sm-msp-queue[92]: k5QAVQCT89: to=www, delay=02:35:22, xdelay=00:00:00, mailer=relay, pri=8425 88, relay=[127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [ 127.0.0.1] Jun 26 15:13:57 malibu sm-msp-queue[92]: k5QAVQCY89: to=www, delay=02:35:22, xdelay=00:00:00, mailer=relay, pri=8425 92, relay=[127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [ 127.0.0.1] Jun 26 15:13:57 malibu sm-msp-queue[92]: k5QAVQCW89: to=www, delay=02:35:22, xdelay=00:00:00, mailer=relay, pri=8425 93, relay=[127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [ 127.0.0.1] Jun 26 15:13:57 malibu sm-msp-queue[92]: k5QAVQCe89: to=www, delay=02:35:21, xdelay=00:00:00, mailer=relay, pri=8425 95, relay=[127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [ 127.0.0.1] /var/spool/clientmqueue contains many messages. Also, I can't get Sendmail to accept new messages for the people who are users on this system. Mails I send from Ie. this gmail account do not reach my account on the mailserver.I don't understand this. MX record is fine. local-host-names contain all hostnames on the system. virtusertable is OK. ??? Anyone help greatly appreciated! Thanks! Andreas ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL
Re: Need urgent help to get Sendmail running again
Andreas Widerøe Andersen wrote: Hi, I had a recent downtime on the mailserver I'm running due to remote location and trouble with upgrading FreeBSD. I upgraded from 4.7 STABLE to the latest 4.11 with complete make world and new kernel, at first the machine didn't come back up again due to a disk error, but now it's online again. However I'm having big trouble getting Sendmail up and running normal again. I used to have sendmail configured with Spamassassin and Spamass-Milter, but I have now removed both of them from the .mc file and uninstalled both the programs and startup files. When the machine is rebooted I get the following errors: pid 86 (sendmail), uid 0: exited on signal 11 pid 87 (sendmail), uid 0: exited on signal 11 Sendmail version 8.13.1 Here are the first lines from /var/log/maillog (server startup) Jun 26 15:13:44 malibu sm-mta[86]: starting daemon (8.13.1): [EMAIL PROTECTED]:30:00 Jun 26 15:13:44 malibu sm-msp-queue[91]: starting daemon (8.13.1): [EMAIL PROTECTED]:30:00 Jun 26 15:13:45 malibu sendmail[95]: k5QDDjPI95: from=root, size=427, class=-60, nrcpts=1, msgid=200606261313.k5QDD [EMAIL PROTECTED], [EMAIL PROTECTED] Jun 26 15:13:45 malibu sendmail[95]: k5QDDjPI95: to=ftp, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer =relay, pri=138427, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1] Jun 26 15:13:45 malibu sendmail[97]: k5QDDjQl97: from=root, size=433, class=-60, nrcpts=1, msgid=200606261313.k5QDD [EMAIL PROTECTED], [EMAIL PROTECTED] Jun 26 15:13:45 malibu sendmail[97]: k5QDDjQl97: to=root, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, maile r=relay, pri=138433, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1] Jun 26 15:13:46 malibu sendmail[99]: k5QDDjsQ99: from=root, size=455, class=-60, nrcpts=1, msgid=200606261313.k5QDD [EMAIL PROTECTED], [EMAIL PROTECTED] Jun 26 15:13:46 malibu sendmail[99]: k5QDDjsQ99: to=ftp, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:00, mailer =relay, pri=138455, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1] Jun 26 15:13:46 malibu sendmail[103]: k5QDDkGH000103: from=root, size=427, class=-60, nrcpts=1, msgid=200606261313.k5QD [EMAIL PROTECTED], [EMAIL PROTECTED] There seems to be a lot of messages waiting to be sent, Ie. from the forum I run. Jun 26 15:13:57 malibu sm-msp-queue[92]: k5QAVQCT89: to=www, delay=02:35:22, xdelay=00:00:00, mailer=relay, pri=8425 88, relay=[127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [ 127.0.0.1] Jun 26 15:13:57 malibu sm-msp-queue[92]: k5QAVQCY89: to=www, delay=02:35:22, xdelay=00:00:00, mailer=relay, pri=8425 92, relay=[127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [ 127.0.0.1] Jun 26 15:13:57 malibu sm-msp-queue[92]: k5QAVQCW89: to=www, delay=02:35:22, xdelay=00:00:00, mailer=relay, pri=8425 93, relay=[127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [ 127.0.0.1] Jun 26 15:13:57 malibu sm-msp-queue[92]: k5QAVQCe89: to=www, delay=02:35:21, xdelay=00:00:00, mailer=relay, pri=8425 95, relay=[127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [ 127.0.0.1] /var/spool/clientmqueue contains many messages. Also, I can't get Sendmail to accept new messages for the people who are users on this system. Mails I send from Ie. this gmail account do not reach my account on the mailserver.I don't understand this. MX record is fine. local-host-names contain all hostnames on the system. virtusertable is OK. Why is the server trying to connect to localhost, anyway? Did you do special configuration in order to have Sendmail deliver mail to 127.0.0.1 as part of your (former) configuration with Spamassassin? If so, did you undo these statements so that Sendmail would now deliver normally? Just curious, Kevin Kinsey ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need urgent help to get Sendmail running again
Why is the server trying to connect to localhost, anyway? Did you do special configuration in order to have Sendmail deliver mail to 127.0.0.1 as part of your (former) configuration with Spamassassin? If so, did you undo these statements so that Sendmail would now deliver normally? Not quite sure actually, but the mails are generated from a php forum on this server. However, I got sendmail running and the server is receiving mails again. I compiled sendmail one more time with some new DAEMON settings I didn't have and that did it. Still, it crashes every 30 minutes with this message: (dmesg) pid 12388 (sendmail), uid 0: exited on signal 11 (/var/log/messages): Jun 26 23:10:15 malibu /kernel: pid 12487 (sendmail), uid 0: exited on signal 11 I think it tries do queue or send mails every 30 minutes, but how can I see a list of these jobs or do anything about it? Is there another way for me to get more detailes on what this crash actually is? (By the way, sendmail build was enabled in make.conf as far as I could understand) Thanks! Andreas ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Urgent Help needed: How to boot in single user mode with usb keyboard
Hi, I am currently in a maintenance window trying to rebuildworld... I am doing it on a dell poweredge with a built in drac wich emulate a usb keyboard... When I need to boot on the drac, I need to use boot with usb keyboard in the menu... Now I need to boot in single mode WITH usb keyboard and I can't figure out... I saw in a post that I could do the following in boot loader: set hint.atkbd.0.flags=0x1 boot -s But it doesnt work... Any help would be greatly appreciated Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Urgent Help needed: How to boot in single user mode with usb keyboard
Ian Lord wrote: Hi, I am currently in a maintenance window trying to rebuildworld... I am doing it on a dell poweredge with a built in drac wich emulate a usb keyboard... When I need to boot on the drac, I need to use boot with usb keyboard in the menu... Now I need to boot in single mode WITH usb keyboard and I can't figure out... I saw in a post that I could do the following in boot loader: set hint.atkbd.0.flags=0x1 boot -s Is the kernel you boot built with support for usb keyboard? if not, I think you can do something like load ukbd boot -s you may also need some other modules depending on your hardware. Cheers, Erik -- Ph: +34.666334818 web: www.locolomo.org S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F06.crt Subject ID: 9E:AA:18:E6:94:7A:91:44:0A:E4:DD:87:73:7F:4E:82:E7:08:9C:72 Fingerprint: 5B:D5:1E:3E:47:E7:EC:1C:4C:C8:3A:19:CC:AE:14:F5:DF:18:0F:B9 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need urgent help regarding security
Mark Jayson Alvarez [EMAIL PROTECTED] writes: Suggestions are welcome... very much welcome. I just need to collate everything. Start with security(7). In future, keep up with Security Advisories. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need urgent help regarding security
Mark Jayson Alvarez wrote: Now we have a couple of inputs, we just have to figure out which is the proper combination. Here they are: 1. Use private key for ssh logins (should bring the private key always... and if it is stolen.) Private keys can (and should) be passphrase protected. Then the key itself is worthless without the passphrase and it (usually) takes social engineering to get that. There is plenty of security info out there about writing security policies and you cannot forget social engineering. For keys you can't passphrase protect (used for cron jobs for example) the keys can be limited to perform only specified actions. There are plenty of manual pages and HowTo's out there. Don't allow root logins. Limit root users. Enforce good password practices. Investigate sudo, perhaps. 3. Constantly upgrade third party softwares (ssh, ssl, apache, bind) etc.. (too much work.. there are so many of them(postgres, proftp, mysql, php) must be member of various security mailing lists and discussions). If this is too much work then maybe you are in the wrong business. Keeping software up-to-date against security patches is priority number one for any responsible system administrator irrespective of what OS they run. Reading bugtraq takes me maybe 20 minutes a day, and that's only because I choose to read messages that are interesting, even if irrelevant. Portaudit can be run over night and email you output (and does that out-of-the box on 5.4, probably earlier too). Time to check email from even a dozen servers is small. If they are all the same, then you only really *need* to read one message. Also decide if you really *need* all these services. Proftpd pops up as one that, in some circumstances, is easily got rid of and replaced with ssh/sftp -- not always possible, but it's one less difficult-to-configure package to worry about. Is proftpd actually buying you anything over regular ftpd? 4. Constant Os upgrade(or should we shift to OpenBSD like one of our boss recommended(need to familiarize first, it is a *nix no problem... but it is still OpenBSD :)Also, was it really the 4.8 that has been hacked or the old version of BIND running on it? Anyway, its 6.0 now, guess we really have to upgrade now. 5.4 is still supported (as is 4.11 I believe, but I can no longer find the relevant pages on the revamped website). If 6.0 works, then it's a good time to choose it. What OS you run is simply irrelevant if you don't keep up-to-date with security fixes. If you keep up-to-date with security fixes you can run a version as long as it is supported. I am not aware that there are any outstanding security issue in any of 4.11, 5.4 or 6.0. For a production server, an OS version upgrade should not be taken lightly. No project can test a new release against every combination of h/w and s/w and most especially they cannot test it against *your* h/w and s/w. If you really care about stability then you can pick a server, upgrade just it and burn it in. Once it proves stable you can upgrade others like it. You can also plan for OS upgrade at install time. These days, I always leave minimally sized spare partitions specifically for installing a new (especially major) version e.g. going from 5.X to 6.X. If you don't leave that space at install time, you'll never get it once a server is running without adding a new disk. Minor version upgrades usually go just fine using simple src upgrade, but for production systems you should still do one and burn in before committing to doing them all. But what OS you run (FreeBSD 4/5/6, OpenBSD) is pretty much irrelevant if you can't be bothered keeping your software up-to-date with respect to security issues and have your servers and security practices nailed down to start with. OpenBSD will fall just as fast as FreeBSD if you leave an insecure sshd running on it, or give a root password away. Given that your root password was apparently found on the servers, you likely had much bigger problems than any switch of OS or version would solve. Was your root password a simple word (i.e. did a password cracker get it)? Or did you log in with telnet as root so a network monitor caught it? 11. Use ip forwarding so that public servers will never again face the Internet directly( does this require a supers strong machine that will act as firewall? or perhaps an appliance(brand new) can we acquire this right away? It's not clear to me how you think this would actually help. If all your machines are internet-facing (and from your ip forwarding comment, it seems that they are) what good will forcing all the packets through one machine do? If you have a buggy service on a hidden machine, but you just forward packets to it from your firewall, what difference has the firewall made? Maybe I misunderstand. If you are trying to hide mostly internal hosts and forward only a limited
Re: Need urgent help regarding security
Good day again!! This has something to do with my previous email about finding an IRC bouncer installed into one of our freebsd servers(4.9). Someone suggested here to run a rootkit finder... I installed an rkhunter and eventually found an ascii text file inside the /dev/ named saux and to my surprise, it contains all of our username and passwords we used to login to other servers from that machine. Afterwards, we didn't even run the same root kit finder into other machines and just looked for that file(saux) and walla!! all machines have one!! We immediately killed all remote administration daemons and allow only root console access. Now we have a lot of work to do. more than 10 servers have been compromised founded the same file(saux) containing our passwords. Critical servers such as dns, proxy, mail etc. Even two of our cisco routers are 80% possibly compromised as well.. The question is: Now what?? I guess we will be spending 7 days of work starting from this day till we have a properly created policies, not just for user accounts... but I guess for everything, as in everything. And it wouldn't be only for a short period of time...I'm sure though. The bigger question is: Where should we start? Investigate how the cracker got into the system? Why? perhaps we should bring back the server first into their functional state because hundreds of thousands of people are relying to them?? Or should we tell our Director first, in case he might wonder why he is not receiving his emails on Monday morning or cannot telnet into the cisco router? Now we have a couple of inputs, we just have to figure out which is the proper combination. Here they are: 1. Use private key for ssh logins (should bring the private key always... and if it is stolen.) 2. Use kerberos for ssh logins? useful for cisco telnet authentication too. Should we replace the existing radius for the routers? Do we have enough time? can we afford to run a compromised server while setting up these servers? 3. Constantly upgrade third party softwares (ssh, ssl, apache, bind) etc.. (too much work.. there are so many of them(postgres, proftp, mysql, php) must be member of various security mailing lists and discussions). 4. Constant Os upgrade(or should we shift to OpenBSD like one of our boss recommended(need to familiarize first, it is a *nix no problem... but it is still OpenBSD :)Also, was it really the 4.8 that has been hacked or the old version of BIND running on it? Anyway, its 6.0 now, guess we really have to upgrade now. 5. Use nmap versioning etc. constantly check for unknown services (must audit all of the services running on every machine) 6. Always compile into a jail environment 7. Create a standard firewall ruleset template, (if it is a web server... uncomment this etc.) 8. use a livecd... (use for binary trojaning) 9. remote sysloging (I thought -ss flag is recommended?) 10. Implement kernel secure level chflags(undeletable, firewall unchangeable) 11. Use ip forwarding so that public servers will never again face the Internet directly( does this require a supers strong machine that will act as firewall? or perhaps an appliance(brand new) can we acquire this right away? What else?? Do you have anymore idea? Right now I am about to reformat one of our proxy server and install 6.0 on it. Perhaps I should check the squid config throughly... Suggestions are welcome... very much welcome. I just need to collate everything. - Yahoo! FareChase - Search multiple travel sites in one click. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Need urgent help regarding security
On Wed, Nov 16, 2005 at 09:51:08PM -0500, Steve Bertrand wrote:
Most *((cr/h)ackers* (and I use that term VERY loosely (aka:
script kiddies)) are interested in rooting a box, and setting up a
storage/sharing area that is free to them. This may not be
the case,
but it's better to 'observe' your foreign presence first.
I understand the rationale behind this advice, but I
disagree. I made my suggestion plain in another part of this
thread, but (in
general) the first priority should be to disrupt the attack.
For some organizations (universities, especially), computing
resources are our number one asset. We have oodles of cycles
and network bandwidth -- a rooted box directly targets our
valuables, even if it's only doing IRC or warez.
I do agree with you. When it happened to me, generally the whole process
of finding out where the origination of the attack (at least the network
it was launched from), what they had done on the box, how they intruded
in the first place etc was 15 minutes. I understand that in a critical
environment where important data can be compromised it has to be taken
offline as quickly as possible.
Moreover, the longer the hole remains open, the greater the
chance that the attacker will extend the breach. In most
every scenario I can imagine, this is unacceptable. Real
forensic investigation can't really even be performed until
the box is offline; looking at /tmp and other likely trouble
spots is excellent advice, but should come later in the process.
Agreed again. However in at least 3 cases I've dealt with, they were
pretty much the same other than some minor differences. I've always had
backups too. However there is always that fear that they could have
infiltrated other boxen on the network, which if you just 'broke' one
aspect of their intrusion suddenly, may provoke them to do something
nastier then they originally intended.
I guess it's a lose-lose situation any way you look at it.
For now, take a snapshot of the network activity (using lsof,
ngrep, tcpdump, etc); I recommended lsof because it will
reveal all open files and network sockets very quickly. Dump
the output to a file and unplug the machine. tcpdump and
friends will work well, too, and give you a more indepth look
at the network activity, but will also require you to keep
the box up for longer than I'd be comfortable.
OP has some asset that is being threatened or diminished by
this attack, be it his bandwith, CPU cycles, host/network
integrity or self confidence. He needs to identify that asset
and work quickly to protect it. In most cases, this will mean
immediately removing the box and preparing to rebuild the
machine; if he's interested in investigating, he can do that
on an image of the disk (since investigations are of little
use if they ruin the evidence).
Allowing the attack to proceed may be moderately
enlightening, but (from the OP's message) it seems like the
basic problem is known.
Crufty machines attract attacks.
--
o--{ Will Maier }--o
| jabber:[EMAIL PROTECTED] | email:[EMAIL PROTECTED] |
| [EMAIL PROTECTED] | [EMAIL PROTECTED] |
*--[ BSD Unix: Live Free or Die ]--*
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
[EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Need urgent help regarding security
[...] You can easily rebuild a new kernel with: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT_1000 Then create a script blocking ALL ports exept those what you need. Especially only allowing SSH access to the box from limited IP's. If you need help, just ask. Thanks for the suggestion. I personally have no experience with IPFW (I have played with IPF a little bit on a test box here) so I will have to think on that a little. I am guessing you suggest IPFW as opposed to IPF correct? I read up on IPFW and IPF in the handbook when I was experimenting with firewalls and the rule syntax and things seemed more logical to me with IPF, but I did not look that far in depth. I only recommend IPFW because that is what I am familiar with. I don't want to start a flame war, as I've been told by others that IPF is just as good. If you are experienced with IPF and understand the syntax of it's rules, by all means, go for it. My servers are also remote so I would have to make sure I didn't firewall myself out when enabling any firewall. ;) Yes, that is always a concern. I've been there/done that before on more than one occasion. There are scripts that can 'reset' to a previous config if this does happen though (I learned the hard way ;) Have you checked your daily cron outputs lately? What do they say? All I see is legit cronjobs from a billing system that I run and some from cPanel such as cpumonitor and backups. Sorry, I meant the security run outputs that get sent at around 0300 every day. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
nullfs [was: Need urgent help regarding security]
On Wed, Nov 16, 2005 at 10:16:16PM -0700, Chad Leigh -- Shire.Net LLC wrote: I then create one or more jails that use nullfs to READ ONLY mount specific parts of the master hierarchy into the jail. This is very interesting to me, as I are currently working on a jail design and nullfs has a number of question marks next to it, mainly due to the scary man page warning. Here are a few of the questions: How did you decide it was trustworthy? Does it result in lower RAM usage? (The program that is run, for example, Apache, comes from the same spot on the disk across all jails.) Is it currently maintained? The man page includes a maintainer solicitation. Have you had any problems in production? Have you used it for long? m ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Need urgent help regarding security
--On Wednesday, November 16, 2005 20:29:55 -0500 Steve Bertrand [EMAIL PROTECTED] wrote: I think we have a serious problem. One of our old server running FreeBSD 4.9 have been compromised and is now connected to an ircd server.. 195.204.1.132.6667 ESTABLISHED Ran into this recently. Please post the entire output from: # top # w # last # ps -aux # uname -a Just keep in mind that any or all of these could be hacked versions designed to hide everything the attacker is doing. Once a box has been hacked, you can no longer trust any of the binaries unless you can verify their integrity with MD5 sums from the same binaries on a known good box. Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/ir/security/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: nullfs [was: Need urgent help regarding security]
On Nov 17, 2005, at 7:36 AM, Mark Bucciarelli wrote: On Wed, Nov 16, 2005 at 10:16:16PM -0700, Chad Leigh -- Shire.Net LLC wrote: I then create one or more jails that use nullfs to READ ONLY mount specific parts of the master hierarchy into the jail. This is very interesting to me, as I are currently working on a jail design and nullfs has a number of question marks next to it, mainly due to the scary man page warning. Here are a few of the questions: How did you decide it was trustworthy? I did a few tests and read some archived posts from others using it. I was previously using a localhost nfs mount but wanted to eliminate nfs from the mix due to another issue I was having. Does it result in lower RAM usage? (The program that is run, for example, Apache, comes from the same spot on the disk across all jails.) Don't know. Never did any tests. Is it currently maintained? The man page includes a maintainer solicitation. Don't know. However, archived posts lead me to believe that bugs have been fixed etc recently and the man page may be out of date. Have you had any problems in production? Not that I know of. Seems to be running fine with over 40 jails on the machine. Most are READ ONLY but I do have one jail with a RW / usr so it can install ports etc. I have a /usr/public I install ports into for all jails to use. Have you used it for long? A few months. Previously I was happily doing the same thing with the localhost nfs mount. best Chad m ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions- [EMAIL PROTECTED] --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Need urgent help regarding security
Good Day! I think we have a serious problem. One of our old server running FreeBSD 4.9 have been compromised and is now connected to an ircd server.. 195.204.1.132.6667 ESTABLISHED However, we still haven't brought the server down in an attempt to track the intruder down. Right now we are clueless as to what we need to do.. Most of our servers are running legacy operating systems(old versions mostly freebsd) Also, that particular server is running - ProFTPD Version 1.2.4 which someone have suggested to have a known vulnerability.. I really need all the help I can get as the administration of those servers where just transferred to us by former admins. The server is used for ftp. Thanks.. __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Need urgent help regarding security
Good Day! I think we have a serious problem. One of our old server running FreeBSD 4.9 have been compromised and is now connected to an ircd server.. 195.204.1.132.6667 ESTABLISHED However, we still haven't brought the server down in an attempt to track the intruder down. Right now we are clueless as to what we need to do.. Most of our servers are running legacy operating systems(old versions mostly freebsd) Also, that particular server is running - ProFTPD Version 1.2.4 which someone have suggested to have a known vulnerability.. I really need all the help I can get as the administration of those servers where just transferred to us by former admins. The server is used for ftp. Thanks.. __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Need urgent help regarding security
I think we have a serious problem. One of our old server running FreeBSD 4.9 have been compromised and is now connected to an ircd server.. 195.204.1.132.6667 ESTABLISHED Ran into this recently. Please post the entire output from: # top # w # last # ps -aux # uname -a ...after that, depending on the intruders knowledge and depending on what/if they are covering up, we can probably tell what is going on via further troubleshooting. The output from: # ls -la /tmp would probably help too. However, we still haven't brought the server down in an attempt to track the intruder down. Right now we are clueless as to what we need to do.. Most of our servers are running legacy operating systems(old versions mostly freebsd) Also, that particular server is running - ProFTPD Version 1.2.4 which someone have suggested to have a known vulnerability.. I really need all the help I can get as the administration of those servers where just transferred to us by former admins. The server is used for ftp. First...just relax. Do not panic. Just let them do what they are going to do (with hopes you have backups), and the problem can be found and eradicated. Now, answer these: - do you have an external firewall in front of this box - do you have a firewall running on this box - is this box Internet facing - is this machines ONLY purpose FTP Another thing...what is the IP of the box. I can quickly nmap it, give you instructions on how to config IPFW firewall into the mix, tell you what ports are listening/responding and send you a ruleset to block all ports in/out to/from that IP. Don't be concerned about finding out who did what at this point...again, relax. Running IRC usually doesn't appear they are malicious. THey are likely just trying to use your bandwidth/resources. Provide the above, and something can be done. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need urgent help regarding security
Mark Jayson Alvarez wrote: Good Day! I think we have a serious problem. One of our old server running FreeBSD 4.9 have been compromised and is now connected to an ircd server.. 195.204.1.132.6667 ESTABLISHED I believe I'm having the same issue as you, except on FreeBSD 5.4-RELEASE. I notice a connection to the same IP and port as you posted (which by the way is an Undernet IRC server). I also see a psyBNC server listening on port 7978: server# sockstat -l4 | grep psybnc USER COMMANDPID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS wicked6 psybnc 15819 3 tcp4 *:7978*:* Funny thing is there is no process by wicked6 (or by anyone currently) called psybnc. I can connect to an IP on that server on port 7978 and get a psyBNC though. I've checked for other processes by wicked6, nothing. It's trying to make a connection on 6667 to that IP as I said: server1# netstat -n | grep 6667 tcp4 0 0 xx.xx.xx.xx.64243195.197.175.21.6667SYN_SENT top lists nothing using up much CPU. /tmp doesn't show much except many session files. I found a psybnc.tar.gz file in a user's home directory but cannot find any directories with psybnc config files or binaries. Port 6667 is blocked by my datacenter so this is not actually doing any damage against the target, but I wanted to post here and let you know I'm having the same problem on a different version of FBSD with everything up to date. To Steve: I don't want to post the full outputs of those since this is a client server, but I will say the following points: - top lists nothing significant. 97% idle CPU - w only shows myself and one other legit user logged in who is editing config files with vi - last shows nothing but myself and that one other user - ps -aux doesn't say anything about psyBNC or bnc. everything looks normal as of now - It's a FreeBSD 5.4-RELEASE machine with a generic kernel except with quota support -Mark -- GnuPG Public Key: http://www.mkproductions.org/mk_pubkey.asc Internet Radio: Party107 (Trance/Electronic) - http://www.party107.com Rock 101.9 The Edge (Rock) - http://www.rock1019.net IRC: MIXXnet IRC Network - irc.mixxnet.net (Nick: MIXX941) signature.asc Description: OpenPGP digital signature
RE: Need urgent help regarding security
# ls -la /tmp also /var/tmp Indeed, many people would install with a /var partition, which would put /tmp under /var via symlink, but a good point. if you run awstats or phpBB - upgrade... Agreed, but even phpBB may not be the fault. Many problems with PHP come with the binary, not necissarily the app that uses it. However...like I said before...it's best not to panic, and what you DON'T want, is for the invader to know you are looking. It's best (IMHO), to walk around him/her, until you find their access point and intention, then go from there. Most *((cr/h)ackers* (and I use that term VERY loosely (aka: script kiddies)) are interested in rooting a box, and setting up a storage/sharing area that is free to them. This may not be the case, but it's better to 'observe' your foreign presence first. If it is a real blackhat, you don't want to go pissing all over his work before you have evidence, lest he pisses back on you...as he will. Otherwise, if it's a kiddie, there are simple ways to deal with that, and learn from your vulnerabilities...always with the expectation that the next hack will be from someone who didn't just download a vulnerability from the 'net, and come across you with a point-and-click-type scanner in a GUI interface. Only my .02 Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Need urgent help regarding security
also /var/tmp Indeed, many people would install with a /var partition, which would put /tmp under /var via symlink, but a good point. My mistake...symlink was the wrong word to use here, for those who create a /var partition without physically making a /tmp partition. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Need urgent help regarding security
- top lists nothing significant. 97% idle CPU Irrelavent, the process is probably idle right now. - w only shows myself and one other legit user logged in who is editing config files with vi Perhaps they aren't currently logged in. - last shows nothing but myself and that one other user What is the last entry that last shows (no pun intended)...ie: what is the date? - ps -aux doesn't say anything about psyBNC or bnc. everything looks normal as of now Ok, here's what to do: # pkg_add -r nmap # rehash # nmap -sS -P0 my.ip.server.com ...then (probably futile): # nmap -sU -P0 my.ip.server.com which will tell you if you are listening on ports you *shouldn't* have open. - It's a FreeBSD 5.4-RELEASE machine with a generic kernel except with quota support You still didn't answer the FTP question. What services should be running on it? You can easily rebuild a new kernel with: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT_1000 Then create a script blocking ALL ports exept those what you need. Especially only allowing SSH access to the box from limited IP's. If you need help, just ask. This sounds like a brute-forced password hack via remote access, or overflow via a vulnerable software that should not be Internet facing. Don't give me your IP if you don't want, just tell us (or me personally) what should be Internet facing (as far as services), and get you fixed up. Have you checked your daily cron outputs lately? What do they say? nmap is your friend, and so is IPFW. Figure out exactly what you need to face the Internet, and staple the rest closed. Steve -Mark -- GnuPG Public Key: http://www.mkproductions.org/mk_pubkey.asc Internet Radio: Party107 (Trance/Electronic) - http://www.party107.com Rock 101.9 The Edge (Rock) - http://www.rock1019.net IRC: MIXXnet IRC Network - irc.mixxnet.net (Nick: MIXX941) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Need urgent help regarding security
First, I want to thank you all for replying. For now what I just did is to just pulled the utp cable from its ethernet port. Now, no one can access it. However I tried once to put it back and then the ircd connection went up silently. It is confirmed that we are running psybnc like what someone who replied has experienced too, installed in a folder(pnybnc) inside etc that is named with a special character... hard to get inside, but we've managed to read some files using find and grep... The chat logs are still there.. seems like it has been turned into a sex chatroom.. also the config of psybnc which contains the username/password the intruder used in connecting... Now what I want to do is to just reinstall the whole operating system and secure it as possible as I can. Like someone told, its just a waste to try to track it down because the intruder might be located somewhere on the other side of the world. To others who replied... I will just answer you all one by one... Thanks again. - Yahoo! FareChase - Search multiple travel sites in one click. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Need urgent help regarding security
Now what I want to do is to just reinstall the whole operating system and secure it as possible as I can. Like someone told, its just a waste to try to track it down because the intruder might be located somewhere on the other side of the world. They are always on the other side of the world...this is the Internet. If that is your solution, I would recommend reconfiguring your FTP servers DNS entries, and applying another IP to the box,lest you be affected again. However, that won't even fix it, becuase it will just be found again by someone else. Unplugging the box just informs the attacker that you are aware of them. Moving the IP just makes people re-locate you. The solution is make the box accessible to only those who need it...and only the services they need. .02 Steve To others who replied... I will just answer you all one by one... Thanks again. Yahoo! FareChase - Search multiple travel sites in one click. http://us.lrd.yahoo.com/_ylc=X3oDMTFqODRtdXQ4BF9TAzMyOTc1MDIE X3MDOTY2ODgxNjkEcG9zAzEEc2VjA21haWwtZm9vdGVyBHNsawNmYw--/SIG=110oav78o/* *http% 3a//farechase.yahoo.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need urgent help regarding security
On 11/16/05, Mark Kane [EMAIL PROTECTED] wrote: I also see a psyBNC server listening on port 7978: server# sockstat -l4 | grep psybnc USER COMMANDPID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS wicked6 psybnc 15819 3 tcp4 *:7978*:* Funny thing is there is no process by wicked6 (or by anyone currently) called psybnc. I can connect to an IP on that server on port 7978 and get a psyBNC though. I've checked for other processes by wicked6, nothing. It's very common for them to overwrite argv[0], or use setproctitle stuff to hide the real name of the program. Some programs don't read that -- sockstat and top are two that don't read the modified program name. It's trying to make a connection on 6667 to that IP as I said: server1# netstat -n | grep 6667 tcp4 0 0 xx.xx.xx.xx.64243195.197.175.21.6667SYN_SENT netstat -aAn (specifically, the -A) instructs netstat to prepend each line with the memory address of the network connection. If you run that you'll see something like: f0d710c0 tcp4 0 0 xxx.xxx.xxx.xxx.29 211.119.136.240.66 ESTABLISHED (sometimes, the port numbers get truncated, so you may have to grep for the destination IP instead of the port number.) You can take that address and run fstat | grep address: $ fstat | grep f0d710c0 www iroffer191333* internet stream tcp f0d710c0 In this specific case, it's an iroffer program run from some PHP backdoor someone installed on the server (see http://malformed.org/2005/11/15/zend-encoder-bad-for-the-internet/ for a description of the present/near-future of these PHP backdoors). In your case it may be that you're running suexec or suPHP, or it may not have been started from the web at all. If that's the case, you may be able to find out what else is going on by ensuring /proc is mounted and then run: ps -uxwwep pid: ps -uxwwep 19133 USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND www 19133 0.0 0.0 1244 424 ?? S22Oct05 12:52.03 ... DOC_ROOT=/usr/home/user/websites/domain.com ... You may also see SCRIPT_FILENAME or PWD or other environment variables that may give you hints as to where this was started from. There are some other programs that'll do all this for you, I think 'lsof' is one. I dunno. I prefer to use base system utilities. But to each their own. Of course, if the listening process isn't showing up at all, but you can still connect to the port, then you may have some sort of hacked kld loaded or hacked ps, in which case the attacker has root, which is a far more serious situation. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Need urgent help regarding security
Steve Bertrand [EMAIL PROTECTED] wrote: Now what I want to do is to just reinstall the whole operating system and secure it as possible as I can. Like someone told, its just a waste to try to track it down because the intruder might be located somewhere on the other side of the world. They are always on the other side of the world...this is the Internet. If that is your solution, I would recommend reconfiguring your FTP servers DNS entries, and applying another IP to the box,lest you be affected again. However, that won't even fix it, becuase it will just be found again by someone else. Unplugging the box just informs the attacker that you are aware of them. Moving the IP just makes people re-locate you. The solution is make the box accessible to only those who need it...and only the services they need. .02 Steve No, that is not the solution I'm thinking of.. You see right now, that machine contains at least 200 Gb of important files... I'm just paranoid that the intruder might just launch an rm -rf. Right now we don't have a backup of those files yet. I'm really eager to know how the intruder got into our machine, I'm just afraid that he might be reading everything I am typing in the terminal. I am also dissapointed because most of our server configuration files are in my home directory but doing the ls /tmp I found those files. Those files are our proxy configurations containing all of our peer proxies (ipaddress) and also the squid.conf which I'm afraid that the intruder can use to launch an attack to our proxy farm. You see those proxies aren't in a much secure mode yet but they are the MOST critical service in our company because all of our partners are passing through that proxies. Now what I really wan't to do is to just do the right thing but only one by one. I got so many replies, someone even suggested finding out the irc channel and try to have a little chat with the intruders. Someone suggested putting up a firewall before it and try to dump the packets to retrieve relevant informations. I'm really so confused right now as to where to start Right now, the server is currently inaccessible from the network, but it is still running( I just remembered someone suggested not shutting it down because the script the intruder used might get automatically erased). From there... where should I start.? Thank you very much. - Yahoo! FareChase - Search multiple travel sites in one click. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need urgent help regarding security
On Wed, Nov 16, 2005 at 09:51:08PM -0500, Steve Bertrand wrote:
Most *((cr/h)ackers* (and I use that term VERY loosely (aka:
script kiddies)) are interested in rooting a box, and setting up a
storage/sharing area that is free to them. This may not be the
case, but it's better to 'observe' your foreign presence first.
I understand the rationale behind this advice, but I disagree. I
made my suggestion plain in another part of this thread, but (in
general) the first priority should be to disrupt the attack. For
some organizations (universities, especially), computing resources
are our number one asset. We have oodles of cycles and network
bandwidth -- a rooted box directly targets our valuables, even if
it's only doing IRC or warez.
Moreover, the longer the hole remains open, the greater the chance
that the attacker will extend the breach. In most every scenario I
can imagine, this is unacceptable. Real forensic investigation can't
really even be performed until the box is offline; looking at /tmp
and other likely trouble spots is excellent advice, but should come
later in the process.
For now, take a snapshot of the network activity (using lsof, ngrep,
tcpdump, etc); I recommended lsof because it will reveal all open
files and network sockets very quickly. Dump the output to a file
and unplug the machine. tcpdump and friends will work well, too, and
give you a more indepth look at the network activity, but will also
require you to keep the box up for longer than I'd be comfortable.
OP has some asset that is being threatened or diminished by this
attack, be it his bandwith, CPU cycles, host/network integrity or
self confidence. He needs to identify that asset and work quickly to
protect it. In most cases, this will mean immediately removing the
box and preparing to rebuild the machine; if he's interested in
investigating, he can do that on an image of the disk (since
investigations are of little use if they ruin the evidence).
Allowing the attack to proceed may be moderately enlightening, but
(from the OP's message) it seems like the basic problem is known.
Crufty machines attract attacks.
--
o--{ Will Maier }--o
| jabber:[EMAIL PROTECTED] | email:[EMAIL PROTECTED] |
| [EMAIL PROTECTED] | [EMAIL PROTECTED] |
*--[ BSD Unix: Live Free or Die ]--*
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need urgent help regarding security
On Wed, Nov 16, 2005 at 05:16:37PM -0800, Mark Jayson Alvarez wrote:
Good Day!
At first I thought I was confused, but then I realized that you had
cross-posted your message to freebsd-security@ and
[EMAIL PROTECTED] Please don't do this, as it fragments the
discussion.
Good luck.
--
o--{ Will Maier }--o
| jabber:[EMAIL PROTECTED] | email:[EMAIL PROTECTED] |
| [EMAIL PROTECTED] | [EMAIL PROTECTED] |
*--[ BSD Unix: Live Free or Die ]--*
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need urgent help regarding security
Steve Bertrand wrote: - top lists nothing significant. 97% idle CPU Irrelavent, the process is probably idle right now. I understand, but I was trying to give you the results of the commands that you asked Mark Alvarez to run. - w only shows myself and one other legit user logged in who is editing config files with vi Perhaps they aren't currently logged in. It doesn't look like someone got SSH access, it looks more to me like it's a vulnerable PHP script or something. Not sure, but that would be my guess. - last shows nothing but myself and that one other user What is the last entry that last shows (no pun intended)...ie: what is the date? The dates on last range from Nov 1st to today. All but 2 are from my IP logging in, and the other are users who just edit config files and untar files on the server (I've verified that it's their real legit IP's) - ps -aux doesn't say anything about psyBNC or bnc. everything looks normal as of now Ok, here's what to do: # pkg_add -r nmap # rehash # nmap -sS -P0 my.ip.server.com ...then (probably futile): # nmap -sU -P0 my.ip.server.com which will tell you if you are listening on ports you *shouldn't* have open. I will email you off the list with that info. - It's a FreeBSD 5.4-RELEASE machine with a generic kernel except with quota support You still didn't answer the FTP question. What services should be running on it? Well I am a different Mark than originally posted. I just saw this on the list and found a connection attempt through netstat to the same IP and port as the original Mark that posted. I, unlike Mark Alvarez run more than just an FTP server. I will email you with those services. You can easily rebuild a new kernel with: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT_1000 Then create a script blocking ALL ports exept those what you need. Especially only allowing SSH access to the box from limited IP's. If you need help, just ask. Thanks for the suggestion. I personally have no experience with IPFW (I have played with IPF a little bit on a test box here) so I will have to think on that a little. I am guessing you suggest IPFW as opposed to IPF correct? I read up on IPFW and IPF in the handbook when I was experimenting with firewalls and the rule syntax and things seemed more logical to me with IPF, but I did not look that far in depth. My servers are also remote so I would have to make sure I didn't firewall myself out when enabling any firewall. ;) This sounds like a brute-forced password hack via remote access, or overflow via a vulnerable software that should not be Internet facing. Don't give me your IP if you don't want, just tell us (or me personally) what should be Internet facing (as far as services), and get you fixed up. I will email you the services that need to be open. Have you checked your daily cron outputs lately? What do they say? All I see is legit cronjobs from a billing system that I run and some from cPanel such as cpumonitor and backups. nmap is your friend, and so is IPFW. Figure out exactly what you need to face the Internet, and staple the rest closed. Steve Thanks again for your help. -Mark Kane -- GnuPG Public Key: http://www.mkproductions.org/mk_pubkey.asc Internet Radio: Party107 (Trance/Electronic) - http://www.party107.com Rock 101.9 The Edge (Rock) - http://www.rock1019.net IRC: MIXXnet IRC Network - irc.mixxnet.net (Nick: MIXX941) signature.asc Description: OpenPGP digital signature
Re: Need urgent help regarding security
On Nov 16, 2005, at 9:38 PM, Will Maier wrote: OP has some asset that is being threatened or diminished by this attack, be it his bandwith, CPU cycles, host/network integrity or self confidence. He needs to identify that asset and work quickly to protect it. In most cases, this will mean immediately removing the box and preparing to rebuild the machine; One thing I have done to minimize the threat of crackers is to have my machines built thus: I install FreeBSD and activate only SSH and only SSH with certificates -- no passwords allowed. I then build a master jail hierarchy but I don't actually run a jail in it. I create file backed md devices for most jails to be their root filesystems. Some jails I don't do this with but most of them I do. I then create one or more jails that use nullfs to READ ONLY mount specific parts of the master hierarchy into the jail. namely /bin /lib /libexex /sbin /usr For example: # df -h | grep myjail /dev/md1410290M 108M171M39%/local/jails/myjail /local/jails/master/bin 66G 28G 33G46%/local/jails/myjail/bin /local/jails/master/lib 66G 28G 33G46%/local/jails/myjail/lib /local/jails/master/libexec 66G 28G 33G46%/local/jails/myjail/libexec /local/jails/master/sbin66G 28G 33G46%/local/jails/myjail/sbin /local/jails/master/usr 66G 28G 33G46%/local/jails/myjail/usr procfs 4.0K 4.0K 0B 100%/local/jails/myjail/proc devfs 1.0K 1.0K 0B 100%/local/jails/myjail/dev /etc /var are native to each jail in their own filesystem and /usr/local is set up so that the master has a symlink that resolves to something inside of each separate jails local filesystem so that they can have a RW /usr/local. Any and all other services run inside of one or more jails. You can set up other md devices if you want separate log / tmp / whatever partitions inside your jail... Unless there is a breach in SSH, it is highly unlikely that the root machine itself will be cracked as the ONLY port open is the SSH one and it is restricted to certificate logins only. You can use your firewalls to only allow logins to SSH from certain IP ranges etc if you have that luxury. If someone cracks one of the jails, it is harder for him to screw up the jail system since most of the important system executables are actually mounted read only and they cannot replace system binaries, for example. And if a jail does become compromised, it is much easier to rebuild a jail inside of a good machine than to rebuild your whole native machine... And if one jail gets compromised, I can easily shut it down, rename the root file that is used for the md device (ie, every jail uses an image for it fs) and save it for forensic study later. best Chad --- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need urgent help regarding security
Marco Wertejuk [EMAIL PROTECTED] wrote: try sockstat | grep 6667 to see which process is connecting to irc and try to see what this process is doing with lsof, but depending on what backdoor or rootkit is used, it's possible to see nothing because intelligent rootkits hide themself Ok done this... and I found something First the output of nestat: 10.10.8.140.2994 195.204.1.132.6667 SYN_SENT 10.10.8.140.2993 195.204.1.132.6667 SYN_SENT Then sockstat root adjkernt 4926 445 tcp4 10.10.8.140:2994 195.204.1.132:6667 So.. is it the adjkernt that has been replaced? What should I do with it? P.S. I just plugged this server into our private network in order to access it from my workstation. - Yahoo! FareChase - Search multiple travel sites in one click. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need urgent help regarding security
David Kirchner wrote: On 11/16/05, Mark Kane [EMAIL PROTECTED] wrote: I also see a psyBNC server listening on port 7978: server# sockstat -l4 | grep psybnc USER COMMANDPID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS wicked6 psybnc 15819 3 tcp4 *:7978*:* Funny thing is there is no process by wicked6 (or by anyone currently) called psybnc. I can connect to an IP on that server on port 7978 and get a psyBNC though. I've checked for other processes by wicked6, nothing. It's very common for them to overwrite argv[0], or use setproctitle stuff to hide the real name of the program. Some programs don't read that -- sockstat and top are two that don't read the modified program name. It's trying to make a connection on 6667 to that IP as I said: server1# netstat -n | grep 6667 tcp4 0 0 xx.xx.xx.xx.64243195.197.175.21.6667SYN_SENT netstat -aAn (specifically, the -A) instructs netstat to prepend each line with the memory address of the network connection. If you run that you'll see something like: f0d710c0 tcp4 0 0 xxx.xxx.xxx.xxx.29 211.119.136.240.66 ESTABLISHED (sometimes, the port numbers get truncated, so you may have to grep for the destination IP instead of the port number.) You can take that address and run fstat | grep address: $ fstat | grep f0d710c0 www iroffer191333* internet stream tcp f0d710c0 In this specific case, it's an iroffer program run from some PHP backdoor someone installed on the server (see http://malformed.org/2005/11/15/zend-encoder-bad-for-the-internet/ for a description of the present/near-future of these PHP backdoors). In your case it may be that you're running suexec or suPHP, or it may not have been started from the web at all. If that's the case, you may be able to find out what else is going on by ensuring /proc is mounted and then run: ps -uxwwep pid: ps -uxwwep 19133 USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND www 19133 0.0 0.0 1244 424 ?? S22Oct05 12:52.03 ... DOC_ROOT=/usr/home/user/websites/domain.com ... You may also see SCRIPT_FILENAME or PWD or other environment variables that may give you hints as to where this was started from. There are some other programs that'll do all this for you, I think 'lsof' is one. I dunno. I prefer to use base system utilities. But to each their own. Of course, if the listening process isn't showing up at all, but you can still connect to the port, then you may have some sort of hacked kld loaded or hacked ps, in which case the attacker has root, which is a far more serious situation. Okay well I looked around some more now and found it. It was in /var/tmp/.packlist.0928456/ and it was showing up as [psybnc] (wasn't there before). A kill -9 got rid of it. I'm now grepping to try to find out what may have created that or launched it. Thanks -Mark -- GnuPG Public Key: http://www.mkproductions.org/mk_pubkey.asc Internet Radio: Party107 (Trance/Electronic) - http://www.party107.com Rock 101.9 The Edge (Rock) - http://www.rock1019.net IRC: MIXXnet IRC Network - irc.mixxnet.net (Nick: MIXX941) signature.asc Description: OpenPGP digital signature
Re: urgent help
On Mon, Dec 27, 2004 at 04:17:38AM -0500, kalin mintchev wrote: the machine would come up. then netsat or ping or ssh will crash it... the first time i had to add the sshd user and group... crash is about as helpful as it's broken!. Are core files generated? Are there any error messages? Does the machine instantaneously reboot? Hard-freeze? You also might want to try running the programs under a debugger. 4.6 to 4.10 is a pretty big jump. Altogether, it'd probably be best to tar up your configuration files, clean-install 4.10 (or 5.3 for that matter) and manually merge your changes in, consulting any documentation available for the 4.6 - 4.7, 4.7 - 4.8, 4.8 - 4.9, and 4.9 - 4.10 upgrades to make sure you get your config files updated properly. -- Adam Fabian ([EMAIL PROTECTED]) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
urgent help
PLEASE REPLY TO [EMAIL PROTECTED] upgraded from 4.6 = 4.10 rel network programs are craching the new system: netstat, ping, the qmail tcp server all of them... sshd is running but when accessing from outside it panics too... what is it? can i turn something off in the kernel?! -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: urgent help
PLEASE REPLY TO [EMAIL PROTECTED] upgraded from 4.6 = 4.10 rel network programs are craching the new system: netstat, ping, the qmail tcp server all of them... sshd is running but when accessing from outside it panics too... what is it? can i turn something off in the kernel?! -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: urgent help
At 09:35 27.12.2004, you wrote: PLEASE REPLY TO [EMAIL PROTECTED] upgraded from 4.6 = 4.10 rel network programs are craching the new system: netstat, ping, the qmail tcp server all of them... sshd is running but when accessing from outside it panics too... what is it? can i turn something off in the kernel?! Did you make world in addition to recompiling the Kernel? Sounds like your system is out of sync. Here's a note about how I did it a while back: http://home.eunet.no/~awand/freebsd-4.6_installasjon.txt (it's in Norwegian, but all commands and order should be understandable. /Andreas --- Norsk Smalfilm Andreas Widerøe Andersen [EMAIL PROTECTED] http://www.smalfilm.no Tel:(+47) 38 17 99 16 Fax:(+47) 38 02 33 84 Mob:(+47) 90 92 61 21 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: urgent help
kalin mintchev [EMAIL PROTECTED] wrote: PLEASE REPLY TO [EMAIL PROTECTED] upgraded from 4.6 = 4.10 rel network programs are craching the new system: netstat, ping, the qmail tcp server all of them... sshd is running but when accessing from outside it panics too... what is it? can i turn something off in the kernel?! What process did you follow to update? It sounds to me like you didn't complete the upgrade process, skipped a step, or did it improperly. There's no reason I can think of that upgrading should cause things to panic, unless you did the upgrade process improperly. -- Bill Moran Potential Technologies http://www.potentialtech.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: urgent help
PLEASE REPLY TO [EMAIL PROTECTED] thank you Bill for rplying... well i did it a few times with the same success. it's not the first time i'm doing it. it's the first time with the 4.x.. i followed the handbook step by step - rebuild devs too.. and then cleaned up obj.. to make it all again - the same problems were happening after every try... the machine would come up. then netsat or ping or ssh will crash it... the first time i had to add the sshd user and group... i mostly installed the new etc files except the passwd, group and hosts... i have a copy of the old etc... what else do i need? kalin mintchev [EMAIL PROTECTED] wrote: PLEASE REPLY TO [EMAIL PROTECTED] upgraded from 4.6 = 4.10 rel network programs are craching the new system: netstat, ping, the qmail tcp server all of them... sshd is running but when accessing from outside it panics too... what is it? can i turn something off in the kernel?! What process did you follow to update? It sounds to me like you didn't complete the upgrade process, skipped a step, or did it improperly. There's no reason I can think of that upgrading should cause things to panic, unless you did the upgrade process improperly. -- Bill Moran Potential Technologies http://www.potentialtech.com -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: urgent help
On Mon, Dec 27, 2004 at 02:40:34PM +0100, Andreas Wider?e Andersen typed: At 09:35 27.12.2004, you wrote: PLEASE REPLY TO [EMAIL PROTECTED] upgraded from 4.6 = 4.10 rel network programs are craching the new system: netstat, ping, the qmail tcp server all of them... sshd is running but when accessing from outside it panics too... what is it? can i turn something off in the kernel?! Did you make world in addition to recompiling the Kernel? Sounds like your system is out of sync. Here's a note about how I did it a while back: http://home.eunet.no/~awand/freebsd-4.6_installasjon.txt (it's in Norwegian, but all commands and order should be understandable. From this document I understand you do a make buildkernel before you do a make buildworld. That's not the recommended order. Build world before you build kernel. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: urgent help
PLEASE REPLY TO [EMAIL PROTECTED] On Mon, Dec 27, 2004 at 02:40:34PM +0100, Andreas Wider?e Andersen typed: At 09:35 27.12.2004, you wrote: PLEASE REPLY TO [EMAIL PROTECTED] upgraded from 4.6 = 4.10 rel network programs are craching the new system: netstat, ping, the qmail tcp server all of them... sshd is running but when accessing from outside it panics too... what is it? can i turn something off in the kernel?! Did you make world in addition to recompiling the Kernel? Sounds like your system is out of sync. Here's a note about how I did it a while back: http://home.eunet.no/~awand/freebsd-4.6_installasjon.txt (it's in Norwegian, but all commands and order should be understandable. how do i make it in sync?! i did buildworld first - as it's in the handbook. i've done 5.x five before without a problem... this is for a mailserver in production... From this document I understand you do a make buildkernel before you do a make buildworld. That's not the recommended order. Build world before you build kernel. -- -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
using port collection problem (URGENT HELP NEEDED PLZ)
Hi, (freebd 5.2-release) I'm not able to use for example: /usr/ports/xyz/someport/ make install The fetch command fails, and it can not retrieve the sources, I can try any port all fail?! === Vulnerability check disabled unzip550.tar.gz doesn't seem to exist in /usr/ports/distfiles/. Attempting to fetch from ftp://ftp.info-zip.org/pub/infozip/src/. fetch: unzip550.tar.gz: local modification time does not match remote Attempting to fetch from ftp://ftp.kddlabs.co.jp/CTAN/tools/zip/info-zip/src//. fetch: unzip550.tar.gz: local modification time does not match remote Attempting to fetch from ftp://ftp.dante.de/tex-archive/tools/zip/info-zip/src//. fetch: unzip550.tar.gz: local modification time does not match remote Attempting to fetch from ftp://gd.tuwien.ac.at/publishing/tex/CTAN/tools/zip/info-zip/src//. fetch: unzip550.tar.gz: local modification time does not match remote Attempting to fetch from ftp://ftp.ntnu.no/pub/tex/CTAN/tools/zip/info-zip/src//. fetch: ftp://ftp.ntnu.no/pub/tex/CTAN/tools/zip/info-zip/src//unzip550.tar.gz: File unavailable (e.g., file not found, no access) Attempting to fetch from ftp://www.t.ring.gr.jp/pub/text/CTAN/tools/zip/info-zip/src//. fetch: unzip550.tar.gz: local modification time does not match remote Attempting to fetch from http://www.t.ring.gr.jp/archives/text/CTAN/tools/zip/info-zip/src//. etc all have the same error message Using the fetch command to retrieve the source manually works without problem! fetch -v ftp://xyz/unzip550.tar.gz The strange thing is the double slash in the output, for example: Attempting to fetch from http://www.t.ring.gr.jp/archives/text/CTAN/tools/zip/info-zip/src//. Here we can see .../info-zip/src// As we use a proxy for http connections I've also added this to make.conf: FETCH_ENV=HTTP_PROXY=http://ourproxy:8080 Fetch was also trying to use the proxy for ftp connections?! Here is the output of my entire make.conf COPTFLAGS= -O2 -pipe -funroll-loops -ffast-math CFLAGS= -O3 -pipe -funroll-loops -ffast-math PERL_VER=5.6.1 PERL_VERSION=5.6.1 PERL_ARCH=mach NOPERL=yo NO_PERL=yo NO_PERL_WRAPPER=yo # DISABLED FETCH_ENV=HTTP_PROXY=http://ourproxy:8080 What can I do?! Thx ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: using port collection problem (URGENT HELP NEEDED PLZ)
On Fri, Feb 06, 2004 at 02:40:33PM +0100, Didier WIROTH wrote: As we use a proxy for http connections I've also added this to make.conf: FETCH_ENV=HTTP_PROXY=http://ourproxy:8080 Fetch was also trying to use the proxy for ftp connections?! Here is the output of my entire make.conf COPTFLAGS= -O2 -pipe -funroll-loops -ffast-math CFLAGS= -O3 -pipe -funroll-loops -ffast-math What does the default make.conf say about your optimization settings? Kris pgp0.pgp Description: PGP signature
Urgent Help
Dear Sir, I'm required to run a.out binaries like foxplus in a recent Intel based hardware. I have chosen FreeBSD 5.1 and successfuly installed. But I could not run a.out binaries like Foxplus. I tried it by load ibcs modules and aout modules in /boot/kernel directory. My foxplus did not work. I require your suggestions regarding this. I may not use FreeBSD 2.1 version as I require driver for Adaptec 7902 (Ultra Wide SCSI 320). Please help me. Any supposrt for Application Binary Interface as in Linux ?.. Thanks, S.Gopinath Chennai, INDIA ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
urgent help
Hi, I am trying to install samba on my freeBSD machine and it says /: write file system full .Looks like the hard disk is not sufficient.How do I solve this issue,meaning to uninstall a few things? thanks shubha __ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: urgent help
On Tue, 10 Dec 2002, [iso-8859-1] shubha mr wrote: Hi, I am trying to install samba on my freeBSD machine and it says /: write file system full .Looks like the hard disk is not sufficient.How do I solve this issue,meaning to uninstall a few things? depending on the packages you have installed you can run pkg_info to see all the installed packages and then remove the ones you don't want to use/need. to do so the easy way go to /usr/ports/sysutils/pkg_remove/ and do a make make install make clean after that you can remove packages by using pkg_remove pkg name emptying the /usr/ports/distfiles should help to :-) i don't know what kind of disk (size) you are using and how it is partitioned so this is about all the help i have for you. Marcel To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
RE: urgent help
Hy, Perhaps you can also do a: 1) cd /usr/ports make clean make distclean (this will take some time an clean up you /usr/ports/dist directory an your /usr/ports directory) You might not need to clean the entire /usr/ports directories perhaps only /usr/ports/x11-wm/kde3 for example if you have compile kde3 from the ports. 2) cd /usr/obj chflags -R noschg * 3) while of course still in the /usr/obj directory rm -rf * (be aware of this command) Point 2 3 are only usefull if you have make world or compile and build stuff from the sources! It will clean up this directories 4) pkg_delete or pkg_remove stuff Good luck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of shubha mr Sent: Tuesday, December 10, 2002 13:17 To: [EMAIL PROTECTED] Subject: urgent help Hi, I am trying to install samba on my freeBSD machine and it says /: write file system full .Looks like the hard disk is not sufficient.How do I solve this issue,meaning to uninstall a few things? thanks shubha __ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
