Re: Changing SendMail Port Number
On Jun 5, 2004, at 16:49, Gerard Seibert wrote: This is probably a stupid question, but how do I change the SMTP port number that SendMail listens in on? I want to change it to something else, like perhaps 24. My ISP is blocking 25 and I want to get around that problem. I use the following in the mc file: DAEMON_OPTIONS(`Port=25, Name=MTA')dnl DAEMON_OPTIONS(`Port=26, Name=MTA')dnl It responds to both ports 25 and 26. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Changing SendMail Port Number
On Jun 5, 2004, at 17:35, Mark wrote: Gerard Seibert wrote: This is probably a stupid question, but how do I change the SMTP port number that SendMail listens in on? I want to change it to something else, like perhaps 24. My ISP is blocking 25 and I want to get around that problem. And how will clients (the world) find you then, on port 24? Besides, are you sure your ISP blocks *incoming* port 25? That is somewhat unusual; *outgoing* 25, yes (for dialup users), but incoming? Regardless, same difference: you can start sending on port 24, but since the world is listening on port 25, that will do you little good. There are ISPs out there that block port 25 to any destination other than their mail server. If you are connected to one of them there is no way to access your ISP's mail server. Thats why we provide support for both ports 25 and 26. I have never seen port 26 blocked. Almost all mail clients provide the ability to change the port it uses. We provide instructions to our users on how to make that change if they need it sl that they can send mail through our server. We do require the use of SMTP-AUTH to avoid an open relay. Blocking port 25 is an attempt to prevent the use of open relays. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Top Consistency
I am running FreeBSD 4.6 and top does not show consistent data (at least in my understanding). The cpu states line shows the percent of time in user state. I would expect the percent processor used by all the active processes to add up to something close to that. (single processor machine). However, it never seems to come close. Often it will show 25% user and the sums of the active processes utilizations will be around 2%. Other times it will show 2% user and the sum of the processes is over 10%. Is top wacky or is my understanding wrong? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
File deletion problem
I have a situation that I have not been able to track down where on one of my servers some process is writing a log file (I presume) and it is getting rotated out from under it. The net result is that the log continues to be written to the original file which eventually is deleted thus leaving no trace of who or what. It takes several months before its size becomes noticable, but eventually get grows to consume remaining disk space. Given that the file has an inode but no directory entry, how do you find it? All I have been able to come up with is to use fstat to find all the open files inodes and then to search with ls for each by hand and removing those I can find. Unfortunately this is a large web server with lots of files. Today I moved some of the log files onto a different disk to see if the problem moves. That would narrow down the search considerably. But I suspect I will have to wait a couple months before I can see the effects of the hidden file. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Bind 8 vs. Bind 9
I have a large mail server with a couple of zones defined where the sum of the zone definition files is 153 MB. When I use Bind 8 the VSIZE for bind jumps to 250 MB. Thats with nothing going on using bind. When I switch to Bind 9 and load the same files the VSIZE jumps to 353 MB. I was hoping to use the max-cache-size feature in bind 9 but the extra size of it makes it impractical. Why is it that much larger? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
INN Problems
I have sent the request below to the INN maillist but got no response. I have gotten nowhere trying to figure this out. Any help will be appreciated. I am running inn 2.4.0 and a few days ago postings by my users no longer get sent back to the news feed server. I have verified with them they are not receiving them from us. The postings are in the files here and can be seen by our users. Nothing apears in the outgoing file for the feed site. nntpsend.log shows the connections to the feed site, but nothing is ever sent. Traces of nnrpd and innd so no attempts to access the outgoing file. errlog, news.crit, and news.err are all empty. How can I find out what has gone wrong? Thanks, -- Doug ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: I need to resend messages from dead.letters
On Jan 13, 2004, at 04:18, Matthew Seaman wrote: On Tue, Jan 13, 2004 at 09:24:21AM +, Jez Hancock wrote: On Mon, Jan 12, 2004 at 07:23:20PM -0800, Doug Hardie wrote: There was a problem last night with my mail server and a bunch of mail went into the dead.letters mailbox rather than being sent. I have that mailbox and need a way to send all of those messages. I split them out into individual files, but there are just too many to send by hand. Is there a way to cause them all to be resent? Or to split up the dead.letter mailbox into individual numbered messages: % formail -s /bin/sh -c 'cat msg.$FILENO' dead.letter and you can pipe each message into sendmail as above to re-send it: % /usr/sbin/sendmail -v -t -oiee msg.999 Nb. be careful when doing this sort of thing, or you'll spray e-mails all over the place and make yourself quite unpopular. Thanks. I had missed the -t option to sendmail. That does exactly what I needed. -- Doug ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ftps server (ftp with SSL, not sftp)
On Feb 26, 2004, at 13:46, Dan Rue wrote: Hey Gang, I need to find a good drop in ftpd-ssl server. Please don't tell me to use sftp - I would love to but sometimes I don't get my druthers. I see there's a BSDftpd-ssl, and there's a couple others in ports - are any of them widely used? This is on a high traffic production server, so I can't drop in some beta software and cross my fingers. I am using BSDftpd-ssl on a production machine to provide restricted access to users' web pages. It seems to work fine. I have never encountered any problems with it. However, I don't have many users with web pages so I wouldn't call this a high traffic feature. I probably don't get more than a hand full of connections daily. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Syslog
FreeBSD 4.6. I have a server running that logs to syslog for recording interesting information. It uses LOG_DAEMON facility so give the standard syslog.conf entries of: *.err;kern.debug;auth.notice;mail.crit /dev/console *.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages all of those records go to both console and messages in addition to the desire file specified with a ! statement. Is there a way to modify the statements above such that log entries from the specified program are not sent to console or messages? I couldn't find anything in the man pages on this. I had thought I could add a !prog after mail.crit in the first entry to do that, but it appears that my memory is corrupt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: log off with process running
On Mar 25, 2004, at 17:27, Augusto Jun Devegili wrote: nohup is a possible solution; check its man page. Example: $ nohup wget http://server/big.iso On Fri, 2004-03-26 at 05:22, Robert Storey wrote: I want to log off and hang up the modem. The question is, how to do so? With the above process running, I can't even get back to the command line to type exit (and wouldn't typing exit kill any process I'm running?). Ditto if I hit ctrl-c. I suppose I could just hang up the modem, but that's not elegant. I use nohup for that all the time. Works fine. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Reboot of 5.2.1
I am testing 5.2.1 in preperation for moving production servers eventually from 4.6 to 5.x. Most of the issues I have figured out, but there is one that I cannot get to work - shutdown -r now. Rebooting dies consistently. With the GENERIC kernel I get the message: Rebooting... Keyboard reset did not work, attempting CPU shutdown In NOTES is a dexcription of BROKEN_KEYBOARD_RESET so I added that and rebuilt the kernel. Now all I get is the Rebooting... line and nothing more. Granted the system I am using for testing is not at all like the production hardware, but rebooting worked fine on 4.6 with this system. I am very reluctant to convert any production systems unless I can be sure they can successfully be rebooted without having a person on-site. These machines are all unattended and quite far away. Is there a workaround for this issue? -- Doug ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Reboot Problem with 5.2.1
On Sun, 4 Apr 2004 23:23:06 -0700 Doug Hardie [EMAIL PROTECTED] wrote: I am testing 5.2.1 in preperation for moving production servers eventually from 4.6 to 5.x. Most of the issues I have figured out, but there is one that I cannot get to work - shutdown -r now. Rebooting dies consistently. With the GENERIC kernel I get the message: Rebooting... Keyboard reset did not work, attempting CPU shutdown In NOTES is a dexcription of BROKEN_KEYBOARD_RESET so I added that and rebuilt the kernel. Now all I get is the Rebooting... line and nothing more. Granted the system I am using for testing is not at all like the production hardware, but rebooting worked fine on 4.6 with this system. I am very reluctant to convert any production systems unless I can be sure they can successfully be rebooted without having a person on-site. These machines are all unattended and quite far away. Is there a workaround for this issue? Try toggeling hw.acpi.disable_on_poweroff with sysctl. Regards, Stephen Hilton Setting both the BROKEN_KEYBOARD_RESET and hw.acpi.disable_on_powerff to 0 fixed my problem. Now the systems reboot properly. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Unusual login requirement
I am trying to figure out how to implement an unusual login requirement and haven't found a good approach yet. What I need is to have a specific user id that when it is logged in it executes a specific script and then immediately logs out. Basically what it needs to do is run a make that builds a CD from a bunch of files and then burns the CD. Obviously a blank CD would need to be in the burner first. I don't want a general login as this would be used by a person who should not have access to the system. I just need him to be able to burn a CD frequently. My first throught was to create a script and set it as the shell in the passwd file and add it to /etc/shells. Is that the best approach? I am not concerned about the user breaking out of the script as he is trusted. I just don't want to create a regular user account for him. The server is running FreeBSD 4.6. Thanks, -- Doug ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Water Damage
My church had a fire in the computer room today. The equipment was not directly damaged by the fire as the sprinkler system put it out very quickly. However, the sprinklers ran directly on the equipment for a couple hours. There are several servers, routers, hubs etc. Most of them had water pouring out when we picked them up. All but one spare router were on during this. I have carefully dried out all the units. However, one of the hubs appears to be toast. Some of the burning residue fell down and was pulled into the hub by the fan and is imbedded into some of its chips. I didn't bother with cleaning that one up. However, there is no visible damage to the remaining gear. I am letting it sit tonight and will try a power cycle on it tomorrow. Presuming that any of it is still working, the question is can it be trusted for unattended operations anymore? While the cost of most of it is not significant, the configuration time is. It would be much easier to use it rather than set up new gear. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Water Damage
Thanks for all the suggestions. Here is the latest update. The water from the sprinklers was purer than that from the tap. There was no residue from it anywhere. A bit of head (oven and hair drier used) and it was easily evaporated. However, all of the units except for one router were powered on and in use. The 2 hubs were directly below the fire and burning strands of something fell down and were sucked into them by their fans. The strands were hot enough that the melted into the chip bodies. I didn't hold much hope for them and was not surprised. Neither showed any form of life. Not even the fans came on. Also keep in mind that the ethernet cables came down from the ceiling and had no excess so water running down them had a straight forward path directly into the RJ-45 jacks. The operating router's sealed power brick is totally dead. Since its watertight, something obviously failed in the router and shorted out the brick. Trying another brick in that router caused every light on it to come on. It didn't do anything but light the lights. The non-operating router works fine. The one server that I have responsibility for (mailserver running FreeBSD 4.6) took awhile to get rewired properly. When it was yanked out, some of the internal cables were disconnected. Had to find the motherboard book to figure out how to set them back up properly. Once that was done, the machine came up and worked fine. However, its inlet fan was severly disfigured by the falling burning stuff. Since its at the bottom of the unit, the junk only marred the bottom of the frame. There were no electronics there for it to damage. The fan sounds funny now and I wouldn't trust it. However, the keyboard connector is now defective. You can't plug a keyboard into it. I couldn't find anything visibly wrong with it, it just doesn't work. I have no idea how that happened since there was a keyboard plugged in during the flooding. My only guess is that whoever unplugged it did so via the grab case and run method - leaving the keyboard to catch and disconnect itself. None of the MS servers survived. None had backups either. I suspect that will be a significant problem. However, I do have backups for the mail server and did recover the complete disk and dumped it to my laptop so that will be a simple restore. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Water Damage
On Tuesday, Dec 31, 2002, at 02:32 US/Pacific, Rob O'Donnell wrote: If it's a PS/2 type keyboard connector (small plug) there is a plastic pin that often gets broken off and left in the socket if connectors are pulled out violently, blocking a new keyboard being inserted. (Seen it often with mice.) If this is so, I've had success getting them out by using 'blue tack' (a semi-adhesive goo used to hold the kids drawings on the wall) on the end of a matchstick to grab hold of it. Right on. Thats exactly what happened. I guess I didn't have enough light to see that yesterday. I didn't get a chance to pop it out as the insurance adjuster arrived and is going over everything now. Thanks for the info. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
BIND configuration problem
I am trying to setup a master DNS server on a test network (not connected to the internet). The network has an address of 10.0.1.xxx as that happend to require the least setup. However, I am unable to get the reverse DNS file to load properly. The error messages are: Jan 5 14:59:27 freebie named[469]: home.net.rev:6: SOA for 10.in-addr.arpa not at zone top 1.0.10.in-arpa.arpa Jan 5 14:59:27 freebie named[469]: Zone 1.0.10.in-arpa.arpa (file home.net.rev): no NS RRs found at zone top I have tried using 1.0.10.in-arpa.arpa and 10.in-arpa.arpa (example above). Obviously neither is correct. The forward DNS file loads correctly and resolves properly.Line 6 of the rev file is: 10.in-addr.arpa.IN SOA home.net. ops.lafn.ORG. ( To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Determining Ram
On Sunday, Feb 2, 2003, at 18:39 US/Pacific, Dragoncrest wrote: Cool. That worked. A little more info than I wanted to sort through, but now that I know about that, I now have more information to pick through later on should I need any of that information that Dmesg listed. At 01:02 AM 2/3/03 +, David Larkin wrote: Dragoncrest wrote: I've got a rather odd question, but I'm looking for the easiest way to determin how much ram I have on a given system without rebooting it. I'm sure that there is some kind of console command that tells me that info, but I have no idea where to begin looking to find out. Does anybody know? Thanks. use the command dmesg If your machine has been running too long the boot info will no longer be available through dmesg. However, it is retained in /var/run/dmesg.boot. That will always show the boot messages from the previous boot. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: qpopper pop3 and SSL experiences
I am using qpopper 4.0.3 for an ISP and it works fine for all the various SSL mail clients. Configuration may be a bit difficult for the client as some of them use the interim SSL mail port and some use the standard POP3 port. I have to run 2 separate POP servers with different ports to handle them. Likewise the users have to try the 2 different client configurations to see which one works for their specific client. Eudora on the Mac was simple. I have tested it on the PC also and I have a large number of users using it. The two config files I use are: set bulldir=/var/bulletins set reverse-lookup=false set home-dir-mail=.mail reset keep-temp-drop set fast-update reset check-old-spool-loc set tls-support=stls set tls-private-key-file=/www/certs/mail.key.pem set tls-server-cert-file=/www/certs/mail.cert.pem set trim-domain=true set bulldir=/var/bulletins set reverse-lookup=false set home-dir-mail=.mail reset keep-temp-drop set fast-update reset check-old-spool-loc set tls-support=alternate-port set tls-private-key-file=/www/certs/mail.key.pem set tls-server-cert-file=/www/certs/mail.cert.pem set trim-domain=true Here are the instructions we provide our users for Eudora: Some e-mail clients do support RFC 2595 and they work differently. They use port 110 which is the standard POP3 port. Here are the configuration instructions for Eudora 5.1: Go to Tools, Options and then select the icon for Checking Mail. Set the Secure Sockets when Receiving to If Available, STARTTLS. Then select OK and download mail. It will fail with a certificate problem. Go back to Tools, Options, Checking Mail and select the button Last SSL Info. That will display the LAFN certificate. Select the Certificate Information Manager button just above the OK button. That displays a different view of the certificate. Press the Add To Trusted button. Then press Done, OK etc. back out. Then download mail again and it should work. On Sunday, Jul 27, 2003, at 13:09 US/Pacific, Matt Staroscik wrote: To make a long story short, I have been unable to get qpopper 4.0.5 + SSL to work with Eudora 5.2.1. Using my self-signed cert I can get a secure connection to Apple's OS X mail client, but not Mac or Windows Eudora. On the Mac I see handshake errors, on Windows I get errors which I may be able to get around but without Mac support it isn't worth it. From Googling I have learned that there are many others having issues with qpopper, Eudora and SSL but I haven't found a workaround. Has anyone found a pop3 daemon with SSL support that works with a wide variety of email clients? Oh, FWIW my MTA is Exim and I should be able to switch to maildir instad of /var/ mail storage easily enough, if required, as the system is not in production yet. Thanks! Cheers, Matt ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Doug ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: POP Before SMTP
On Saturday, Aug 9, 2003, at 05:30 US/Pacific, Matthew Seaman wrote: Hmmm... Don't know precisely about pop before sendmail, but setting up sendmail so that it requires authentication before it will relay a message from a foreign location is quite do-able, and can easily be integrated with the standard system sendmail. Probably the easiest way to get going is to follow the instructions at http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/smtp- auth.html The handbook seems to be missing some instructions. I tried what it says and sendmail does not accept authentication requests. There is an error in the maillog about /usr/local/etc/sasldb.db having group permissions. Changing that to 700 changes the error to one where it can't access the file. Changing the owner of that to root eliminates the error messages. Sendmail then acknowledges that it has auth capability. But it doesn't authenticate anything. A ktrace shows that it tries to access a pipe in /var/pwcheck/pwcheck. The directory exists, but it is completely empty. Something else is needed to get whatever its trying to communicate with up. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Sendmail address rewriting
I have what is most likely a simple misunderstanding of the sendmail.cf file configuration. But, nothing I have tried works. Basically I have one machine (zoon) which is the mail host for all received mail. All user mailboxes are on that machine and it is the host identified in the MX records. I have the send mail server on zoot. When a message is sent out without a domain in the to address, zoot is filling it in with zoot.lafn.org which makes the reply functions useless. Zoot does not accept incoming mail. How do I get zoot's sendmail to use the domain lafn.org in these cases? Here is zoot's mc file VERSIONID(`$Id: ZOOT.mc,v 1.1 2000/05/31 22:21:02 gshapiro Exp $') OSTYPE(bsd4.4)dnl DOMAIN(generic)dnl dnl set SASL options TRUST_AUTH_MECH(`GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl define(`confAUTH_MECHANISMS', `GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl define(`confDEF_AUTH_INFO', `/etc/mail/auth-info')dnl MASQUERADE_AS(`lafn.org')dnl MASQUERADE_DOMAIN(`lafn.org')dnl FEATURE(`masquerade_entire_domain')dnl FEATURE(`masquerade_envelope')dnl FEATURE(`relay_entire_domain')dnl FEATURE(`access_db', `hash -TTMPF /etc/mail/access')dnl FEATURE(`virtusertable', `hash -TTMPF /etc/mail/virtusers')dnl FEATURE(`delay_checks', `friend')dnl FEATURE(`no_default_msa')dnl FEATURE(`use_ct_file')dnl define(`confBIND_OPTS', `WorkAroundBroken')dnl define(`confTO_QUEUERETURN',`3d')dnl define(`confTO_QUEUEWARN',`5d')dnl define(`LOCAL_RELAY',`mail.lafn.org')dnl LOCAL_USER(`root')dnl MODIFY_MAILER_FLAGS(`LOCAL', `+S')dnl MAILER(local)dnl MAILER(smtp)dnl ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Create a hot backup server machine?
On Sunday, Mar 30, 2003, at 14:18 US/Pacific, Ralph Dratman wrote: I'm trying to create an offsite hot backup of a FreeBSD server. If the primary server fails, I want to transport the spare machine to the existing site and bring it up as a replacement, with little or no reconfiguration necessary. Nightly mirroring would be adequate in this situation. The system is not running live transaction processing or anything comparable. Is there a straightforward, automated way to mirror a whole FreeBSD system, using open source software? I'm testing ftpcopy to remotely mirror the files and directories. Ftpcopy performs an incremental comparison using dates and file sizes, which should minimize the nightly backup time and traffic load. So far that part seems to be working well. But I haven't figured out how to get the users, groups and permissions mirrored. There are about 200 users. And there may be other gotchas I haven't thought of yet. The approach I am using is to tar the system to a file on the production machine and then rsync that file with my off-site backup machine. I leave it as a tar file on the backup as its almost impractical for me to move that machine to the production site. I would replace the machine on the production site and then copy the file back from the backup machine and un-tar it. In your case I would create the tar file, rsync it to the backup machine and then un-tar it there. Tar retains permissions and ownership properly. Leave the previous tar file on the backup machine as rsync will use it to reduce the download time. My backup file (4 servers) is just over 4 GB. The rsync transfer only sends 1/16th of it. Much of the archived data does not change very often. -- Doug ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Backup Tar
On Saturday, Jun 28, 2003, at 05:48 US/Pacific, Bill Moran wrote: DanB wrote: If I tar my files on freebsd box then FTP them to a window 98 box can I use that file to reinstall on a new Freebsd box? You're a little vague ... But as long as you do the FTP transfer in binary mode you'll be able to unpack the tar archive again. If you properly tarred up everything you need, you should be able to restore the system. reinstalling is a slightly different matter, as you'll have to first create the proper partitions, newfs the filesystems and install boot blocks. I find it easier to do a new system install on the new computer first to get everything set that tar doesn't handle and then untar the backup on top of it. That way the system will always boot properly. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Airsnort
At 1511 -0400 7/25/2002, Justin L.Boss wrote: Just worndering if someone has been able to get airsnort working with FreeBSD using a Cisco airownet 350? I have it working with the 340 if thats of any interest. -- -- Doug To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Secure FTPd
On Sunday, Oct 6, 2002, at 10:50 US/Pacific, Socketd wrote: I have read about adding SSL support to ftpd, but I can't remember where I read it. I am running a ftp server using the ftpd in the base system and now I want to only allow encrypted ftp connections. What should I do? Use /usr/ports/security/stunnel, to make universal SSL support to POP3, IMAP and FTP? Or is there a better way? (I don't want to use ssh's ftpd). Can I also use SSL with SMTP? I read that it was done once, but people don't use it anymore? The problem with adding SSL to ftpd is the clients. You would have to create an ftp client with SSL added also. ssh's sftp has that capability and there are 2 generally available clients - sftp and scp. I believe there are clients for most computers. qpopper provides SSL for POP3 which works with most of the common mail clients. You may have to provide a popper port for both 110 and 995 in order to pick up both the older and newer clients. I have had to provide both. SSL can be used with sendmail. There is a lot of information available at www.sendmail.org. I have not tried that yet. Its on the list of things to do someday. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Secure FTPd
On Sunday, Oct 6, 2002, at 15:05 US/Pacific, Socketd wrote: Original Message On 10/6/02, 11:52:16 PM, Doug Hardie [EMAIL PROTECTED] wrote regarding Re: Secure FTPd: The problem with adding SSL to ftpd is the clients. You would have to create an ftp client with SSL added also. ssh's sftp has that capability and there are 2 generally available clients - sftp and scp. I believe there are clients for most computers. Well, all my users use windows and there a some ftp clients that loves SSL (like CuteFTP). You would have to emulate their SSL interface - which is that provided by ssh's sftpd. It could be done, but would take some research. qpopper provides SSL for POP3 which works with most of the common mail clients. You may have to provide a popper port for both 110 and 995 in order to pick up both the older and newer clients. I have had to provide both. Ok. Performance-wise all services should run their own SSL support, but it there one for the default ftpd? Not that I am aware of. Everyone appears to be using ssh. However, it is lacking chroot support. SSL can be used with sendmail. There is a lot of information available at www.sendmail.org. I have not tried that yet. Its on the list of things to do someday. Ok, but it is not widely used? No idea. The clients supposedly support it but I have never tried it. Br socketd To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Secure FTPd
On Sunday, Oct 6, 2002, at 15:20 US/Pacific, Socketd wrote: Original Message On 10/7/02, 12:09:14 AM, Doug Hardie [EMAIL PROTECTED] wrote regarding Re: Secure FTPd: Well, all my users use windows and there a some ftp clients that loves SSL (like CuteFTP). You would have to emulate their SSL interface - which is that provided by ssh's sftpd. It could be done, but would take some research. Eehhh? CuteFtp can use SSL, so when they want to connect, cuteftp first handle the SSL setup and then acts like a normal ftp client. Could be. I haven't chased through ssh well enough to know how they do it. It would be handy to have a SSL ftpd so if you do it, make it available. Ok. Performance-wise all services should run their own SSL support, but it there one for the default ftpd? Not that I am aware of. Everyone appears to be using ssh. However, it is lacking chroot support. Jep, sadly! Br socketd To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Secure FTPd
On Monday, Oct 7, 2002, at 17:18 US/Pacific, Eric Parusel wrote: Hmm, I think you two *may* be doing down the wrong path... There's a (proposed) standard for encrypted FTP, it's called FTP over TLS ... Here's a link: http://www.ford-hutchinson.com/~fh-1-pfh/ftps-ext.html A number of proposed approaches for secure login and ftp have been floated over the years. Only scp, sftp, and sshd have made it into the FreeBSD base. I will keep watching. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: SSH/FTP Access
On Wednesday, Oct 9, 2002, at 21:28 US/Pacific, [EMAIL PROTECTED] wrote: Just wondering is there a way to limit SSH access (when adding a user or period) so that user can only use SSH to access or effect their home directory? Not with the installed sshd Also is there a way to give (and limit) a user FTP access to another users home directory? Yes. add the user ids or groups to /etc/ftpchroot. See the manpage. That will restrict users to their home directory and its sub directories. Thanks! To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Max Email Users
On Tuesday, Oct 29, 2002, at 06:03 US/Pacific, Matt Delaine wrote: We are running FreeBSD 4.6 on a PIII 600 with 256 Meg RAM as our mail server. At what point (how many users) will we start running into trouble (have problems allowing us to send and receive email?) Thanks. I run an ISP and was using a PIII 200 MHz machine with 512 Meg Ram and supporting around 4000 active email accounts. It also handled outgoing mail, our admin functions, name service, YP master and some other low usage functions. I recently upgraded to a newer machine because it was available an had more disk space. With the old machine, I only say idle times under 90% when a user had their POP3 client set to not delete mail from the server and their mailbox grew to 100 MB or so. Then the POP3 server has to do a lot of I/O to get to the new messages. The issue is not so much the disk space as the time it takes to wade through all the old stuff. I try to convince users to correct their configurations. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Using iBook OS X 10.2 CD Writer to create a FBSD on Intel Boot CDROM
On Wednesday, Oct 30, 2002, at 12:41 US/Pacific, paul beard wrote: Ev Batey WaSixCre wrote: Subj is the question .. Where can I find a map of how I build a Unix (esp F.BSD) CD Using Apple iBook running OSX 10.2 CD-R / CD-RW burner. All clues are welcome. Or how to overcome us govt politics ... /Everett/ man mkisofs to learn how to make a disk image and then burn that with whatever Apple provides. The image should be mountable with DiskCopy: that will indicate if it's what you want. Once you have a iso format from mkisofs you can use Toast to burn the CD. I use that approach often. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
vm error
I am getting a rash of vm errors that started today: vm_page_cache: attempting to cache busy page I don't seem to find anything obviously wrong in the system. How do I tell which process is causing the problem? It looks like something is hung, but I don't see any obvious candidates. Everything is working file and there are no obviously hung processes. The vm_page_cache module shows that the indicated condition is occuring, but no additional info. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
File Counts
How do I get a count of the files in directories? I need to be able to get a listing of the number of files in a directory and counts for the files in each sub-directory. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: File Counts
Thanks to all who responded. The approach below does just what I needed. On Monday, Dec 2, 2002, at 12:02 US/Pacific, Nathan Kinkade wrote: On Mon, Dec 02, 2002 at 02:42:28PM -0500, Kliment Andreev wrote: How do I get a count of the files in directories? I need to be able to get a listing of the number of files in a directory and counts for the files in each sub-directory. % ls -l | wc -l(In a directory) % ls -lR | wc -l (Including sub-directories) Or, if you are looking for subtotals, something close to this might be helpful. Beware that this will include a count for the . and .. entries. $ for dir in `find . -type d`; do echo $dir ; ls -l $dir | wc -l; done There is probably a better way to do this. Nathan To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message -- Doug To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Mail resending
One of our system accounts had all its mail blocked and there now are over 500 emails in dead.letter that need to be resent. Is there a way to send them (either from dead.letter or from separate files) without having to do each one individually? I haven't been able to find any way using mail or sendmail. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: [OT] file synchronization between two machines
On Tuesday, Mar 25, 2003, at 08:01 US/Pacific, Louis LeBlanc wrote: Hey all. Sorry for the OT question, but here goes. Anyone know of a tool or method that can check the last modification date of two files under these conditions and keep them in sync? I've never tried this, but you might give rsync with the -u option a try (test it first on unimportant files). I believe you would need to run it on both machines as it would only update in one direction. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
5.3 Building Kernel/World
The instructions for building world/kernel for 4.x are straight forward and work fine. However, I seem to have munged two 5.3 installations now. I have been through all the UPDATING notes and the handbook and something is obviously not clear. The approach I used is: Clean install from 5.3 distribution. make buildworld create new config file LAFN make buildkernel KERNCONF=LAFN make installkernel KERNCONF=LAFN reboot make installworld reboot At that point It appeared I was using the LAFN kernel rather than generic. However, tonight I tried to make a new kernel. NO go: ERROR: version of config(8) does not match kernel! config version = 500012, version required = 500013 So I tried to reinstall the kernel: make installkernel KERNCONF=LAFN install -o root -g wheel -m 555 acpi.ko /boot/kernel install: acpi.ko: No such file or directory How are you supposed to build a new kernel that works? How do I recover this? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 5.3 Building Kernel/World
On Jan 16, 2005, at 22:05, Kris Kennaway wrote: On Sun, Jan 16, 2005 at 09:51:13PM -0800, Doug Hardie wrote: The instructions for building world/kernel for 4.x are straight forward and work fine. However, I seem to have munged two 5.3 installations now. I have been through all the UPDATING notes and the handbook and something is obviously not clear. The approach I used is: Clean install from 5.3 distribution. make buildworld create new config file LAFN make buildkernel KERNCONF=LAFN make installkernel KERNCONF=LAFN reboot make installworld reboot At that point It appeared I was using the LAFN kernel rather than generic. However, tonight I tried to make a new kernel. NO go: ERROR: version of config(8) does not match kernel! config version = 500012, version required = 500013 So I tried to reinstall the kernel: make installkernel KERNCONF=LAFN install -o root -g wheel -m 555 acpi.ko /boot/kernel install: acpi.ko: No such file or directory How are you supposed to build a new kernel that works? How do I recover this? The only way I can think for this to happen is if your source tree was inconsistent (i.e. not completely updated), or you updated your sources after you did the installworld, and the kernel depends on the newer version of config than the one you have built (in this case the 'safe' buildworld/buildkernel/installkernel method you used to begin with should still work). Kris those instructions were typed just as noted with nothing inbetween. I have replaced kernel with kernel.old so the system will boot. But now I have an old kernel and new world (possibly). Nothing for reconstruction seems to work. buildkernel continues to give the above error. I guess I'll try a buildworld again tomorrow. Don't know what else to do. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 5.3 Building Kernel/World
On Jan 16, 2005, at 22:05, Kris Kennaway wrote: On Sun, Jan 16, 2005 at 09:51:13PM -0800, Doug Hardie wrote: The instructions for building world/kernel for 4.x are straight forward and work fine. However, I seem to have munged two 5.3 installations now. I have been through all the UPDATING notes and the handbook and something is obviously not clear. The approach I used is: Clean install from 5.3 distribution. make buildworld create new config file LAFN make buildkernel KERNCONF=LAFN make installkernel KERNCONF=LAFN reboot make installworld reboot At that point It appeared I was using the LAFN kernel rather than generic. However, tonight I tried to make a new kernel. NO go: ERROR: version of config(8) does not match kernel! config version = 500012, version required = 500013 So I tried to reinstall the kernel: make installkernel KERNCONF=LAFN install -o root -g wheel -m 555 acpi.ko /boot/kernel install: acpi.ko: No such file or directory How are you supposed to build a new kernel that works? How do I recover this? The only way I can think for this to happen is if your source tree was inconsistent (i.e. not completely updated), or you updated your sources after you did the installworld, and the kernel depends on the newer version of config than the one you have built (in this case the 'safe' buildworld/buildkernel/installkernel method you used to begin with should still work). Kris Well, I tried makeworld again. Dies in Step 3. Reloaded all source from the distribution CD. makeworld dies in exactly the same place: === gnu/usr.bin/binutils/libbfd cc -O -pipe -I. -I/usr/src/gnu/usr.bin/binutils/libbfd/i386 -I/usr/src/gnu/usr.bin/binutils/libbfd -I/usr/src/gnu/usr.bin/binutils/libbfd/../libbfd -I/usr/obj/usr/src/i386/usr/src/gnu/usr.bin/binutils/libbfd/../libbfd -I/usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/ include -D_GNU_SOURCE -I/usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd -DSELECT_ARCHITECTURES= bfd_i386_arch -DHAVE_bfd_elf32_i386_freebsd_vec -DHAVE_bfd_elf32_i386_vec -DSELECT_VECS= bfd_elf32_i386_freebsd_vec ,bfd_elf32_i386_vec -DDEFAULT_VECTOR=bfd_elf32_i386_freebsd_vec -I/usr/obj/usr/src/i386/legacy/usr/include -c /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ cpu-i386.c In file included from /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ cpu-i386.c:23: /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ libbfd.h:114: error: syntax error before _bfd_add_bfd_to_archive_cache /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ libbfd.h:115: warning: data definition has no type or storage class /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ libbfd.h:116: error: syntax error before _bfd_generic_mkarchive /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ libbfd.h:117: warning: data definition has no type or storage class /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ libbfd.h:120: error: syntax error before bfd_slurp_armap /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ libbfd.h:121: warning: data definition has no type or storage class /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ libbfd.h:122: error: syntax error before bfd_slurp_bsd_armap_f2 /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ libbfd.h:123: warning: data definition has no type or storage class /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ libbfd.h:126: error: syntax error before _bfd_slurp_extended_name_table /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ libbfd.h:127: warning: data definition has no type or storage class /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ libbfd.h:128: error: syntax error before _bfd_construct_extended_name_table /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ libbfd.h:129: error: syntax error before bfd_boolean /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ libbfd.h:129: warning: data definition has no type or storage class /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ libbfd.h:130: error: syntax error before _bfd_write_archive_contents /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ libbfd.h:131: warning: data definition has no type or storage class /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ libbfd.h:132: error: syntax error before _bfd_compute_and_write_armap /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ libbfd.h:133: warning: data definition has no type or storage class /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd/ libbfd.h:143: error: syntax error before bfd_false /usr/src/gnu/usr.bin/binutils/libbfd/../../../../contrib/binutils/bfd
Re: 5.3 Building Kernel/World
On Jan 16, 2005, at 23:19, Kris Kennaway wrote: On Sun, Jan 16, 2005 at 11:15:23PM -0800, Doug Hardie wrote: On Jan 16, 2005, at 22:05, Kris Kennaway wrote: On Sun, Jan 16, 2005 at 09:51:13PM -0800, Doug Hardie wrote: The instructions for building world/kernel for 4.x are straight forward and work fine. However, I seem to have munged two 5.3 installations now. I have been through all the UPDATING notes and the handbook and something is obviously not clear. The approach I used is: Clean install from 5.3 distribution. make buildworld create new config file LAFN make buildkernel KERNCONF=LAFN make installkernel KERNCONF=LAFN reboot make installworld reboot At that point It appeared I was using the LAFN kernel rather than generic. However, tonight I tried to make a new kernel. NO go: ERROR: version of config(8) does not match kernel! config version = 500012, version required = 500013 So I tried to reinstall the kernel: make installkernel KERNCONF=LAFN install -o root -g wheel -m 555 acpi.ko /boot/kernel install: acpi.ko: No such file or directory How are you supposed to build a new kernel that works? How do I recover this? The only way I can think for this to happen is if your source tree was inconsistent (i.e. not completely updated), or you updated your sources after you did the installworld, and the kernel depends on the newer version of config than the one you have built (in this case the 'safe' buildworld/buildkernel/installkernel method you used to begin with should still work). Kris Well, I tried makeworld again. Dies in Step 3. Reloaded all source from the distribution CD. makeworld dies in exactly the same place: Really, this all points to something else having changed on your system in the meantime. Try cd /usr/src make cleandir make cleandir make buildworld Kris Wish I had seen that earlier. I just tried a cvs from RELENG_5_3. I thought that would only have security fixes. Its downloading a ton of stuff. Obviously I can't stop it. Seems like just about all the userland source files are being changed. Lots of deletes too. I'll give the above a try when this finishes. Why so many files from cvs? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 5.3 Building Kernel/World
On Jan 17, 2005, at 11:07, Kris Kennaway wrote: On Sun, Jan 16, 2005 at 11:32:31PM -0800, Doug Hardie wrote: The only way I can think for this to happen is if your source tree was inconsistent (i.e. not completely updated), or you updated your sources after you did the installworld, and the kernel depends on the newer version of config than the one you have built (in this case the 'safe' buildworld/buildkernel/installkernel method you used to begin with should still work). Kris Well, I tried makeworld again. Dies in Step 3. Reloaded all source from the distribution CD. makeworld dies in exactly the same place: Really, this all points to something else having changed on your system in the meantime. Try cd /usr/src make cleandir make cleandir make buildworld Kris Wish I had seen that earlier. I just tried a cvs from RELENG_5_3. I thought that would only have security fixes. Its downloading a ton of stuff. Obviously I can't stop it. Seems like just about all the userland source files are being changed. Lots of deletes too. I'll give the above a try when this finishes. Why so many files from cvs? The number of changes between RELENG_5_3_0_RELEASE and RELENG_5_3 is very small. If you're seeing lots of changes, it means that you didn't actually have a 5.3-RELEASE source tree installed before now, which explains the problems you were seeing in compiling it. Kris Thats interesting. I was using the 5.3 release CD. The checksums match those listed. It was installed onto a re-formatted drive as I wanted the UFS-2. The source was installed as part of the original installation. Anyway, either the cvsup or the cleandirs worked. I was able to buildworld and a new kernel. Installation of both appears to have gone correctly. uname gives the new kernel and strings of /boot/kernel/kernel also shows the new name. uname before said 5.3-RELEASE. It would appear that when I build the production systems I will immediately after instalation cvsup to RELENG_5_3 and then run make cleandir before anything else. Fortunately right now I am playing with test systems. It it at all possible to not have to buildworld when building a new kernel? For example, I was trying to add option atapicam. It would seem that buildworld would not be necessary in that situation. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Which Way to Partition.
On Jan 21, 2005, at 19:32, Greg 'groggy' Lehey wrote: On Friday, 21 January 2005 at 22:01:14 -0500, Peterhin wrote: I am new to FreeBSD, and have only used Linux for less than a year. I have read the Handbook, also FreeBSD An open-source system for your personal computer, they both suggest that I do a standard installation, whereas in The Complete FreeBSD by Greg Lehey, his suggestion is to do the custom installation. Any suggestions as to which way to go.? I recommend the custom installation. I also say why. Well, I am looking at the 3rd Edition page 71 where it appears you recommend the custom and the novice installations. The only real comment about the custom installation is that it takes you back to the top menu after each step. I have installed may copies of versions 2,3,4, and not 5 and don't see what the advantage of that might be. The only reason that comes to mind is if you botch something you can go back and redo it. That doesn't seem like much of a big deal to me, but... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Which Way to Partition.
On Jan 21, 2005, at 23:20, Greg 'groggy' Lehey wrote: [Format recovered--see http://www.lemis.com/email/email-format.html] Long/short syndrome. On Friday, 21 January 2005 at 20:58:35 -0800, Doug Hardie wrote: On Jan 21, 2005, at 19:32, Greg 'groggy' Lehey wrote: On Friday, 21 January 2005 at 22:01:14 -0500, Peterhin wrote: I am new to FreeBSD, and have only used Linux for less than a year. I have read the Handbook, also FreeBSD An open-source system for your personal computer, they both suggest that I do a standard installation, whereas in The Complete FreeBSD by Greg Lehey, his suggestion is to do the custom installation. Any suggestions as to which way to go.? I recommend the custom installation. I also say why. Well, I am looking at the 3rd Edition page 71 where it appears you recommend the custom and the novice installations. The only real comment about the custom installation is that it takes you back to the top menu after each step. I have installed may copies of versions 2,3,4, and not 5 and don't see what the advantage of that might be. The only reason that comes to mind is if you botch something you can go back and redo it. That doesn't seem like much of a big deal to me, but... It's not a big deal, but it helps. You're less likely to need to go back when you're proficient, but it doesn't harm to have the facility. It doesn't cost you anything. That makes sense. Glad to know there isn't something I missed. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Possible SCSI address conflicts
FreeBSD 5.3-P5 with device atapicam in the kernel. From dmesg.boot: Waiting 15 seconds for SCSI devices to settle da1 at ahc0 bus 0 target 6 lun 0 da1: MAXTOR ATLAS10K4_36WLS DFL0 Fixed Direct Access SCSI-3 device da1: 40.000MB/s transfers (20.000MHz, offset 8, 16bit), Tagged Queueing Enabled da1: 35074MB (71833096 512 byte sectors: 255H 63S/T 4471C) cd0 at ata1 bus 0 target 0 lun 0 cd0: CDWRITER IDE5224 001H Removable CD-ROM SCSI-0 device cd0: 33.000MB/s transfers cd0: Attempt to query device size failed: NOT READY, Medium not present - tray c losed cd1 at ata1 bus 0 target 1 lun 0 cd1: MATSHITA DVD-RAM LF-D310 A117 Removable CD-ROM SCSI-0 device cd1: 33.000MB/s transfers cd1: Attempt to query device size failed: NOT READY, Medium not present da0 at ahc0 bus 0 target 0 lun 0 da0: IBM DDRS-34560D DC1B Fixed Direct Access SCSI-2 device da0: 40.000MB/s transfers (20.000MHz, offset 8, 16bit), Tagged Queueing Enabled da0: 4357MB (8925000 512 byte sectors: 255H 63S/T 555C) Mounting root from ufs:/dev/da1s1a dc0: failed to force tx and rx to idle state dc0: failed to force tx and rx to idle state dc0: failed to force tx and rx to idle state It looks like there is a scsi conflict. Both da0 and cd0 have the bus numbers. I won't be back on site till next Friday to try the drive. Is this an issue? Other than changing jumpers on the drives is there a way to resolve it if needed? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Reboot Hangs
FreeBSD 5.3-P5 with optionsBROKEN_KEYBOARD_RESET in the kernel. System was first built on hardware that required that option to be able to avoid hanging on reboot. However, now I have installed it on a newer system. It still has the option defined. And it hangs. I suspect that I don't need the option on this system. Is there a way to disable it without having to rebuild the system? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Disk Label Problem
I have a system with two SCSI disks. da1 has a complete working system on it that I need to clone onto da0. The disks are different sizes. So I went to sysinstall and used 'disk label' to create the desired structure. Thats where the problems started. If I create the first partition and set the mount point to / and the second as a swap partition and the third to mount at /usr then when writing the changes there are a number of errors generated because it can't mount to those points - they are in use. So then I tried to use 'disk label' and create the structure using /mnt and /mnt1 (which do exist). That worked fine and did the newfs. However, it created partitions d and e rather than a and d. So I went back and reestablished the structure using / and /usr to set the partitions to a and d and then went back and changed the mount points to /mnt and /mnt1 before the write. However, this generated an error that it couldn't write label. Obviously I am doing something wrong since I have don this using sysinstall and completing the system installation from CD. However, in this case the machine is a long way away and the CD drive is empty. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
SCSI Problem
I have a system that was running fine with 2 SCSI drives. Both on the same line, the last one terminated. I removed the first one leaving the one with the termination. Now when the system boots I get the strangest messages and the results are quite unusual. Here are the console messages during the boot process: Waiting 15 seconds for SCSI devices to settle ahc0: Recovery Initiated Dump Card State Begins ahc0: Dumping Card State in Command phase, at SEQADDR 0x170 Card was paused ACCUM = 0x80, SINDEX = 0xac, DINDEX = 0xc0, ARG_2 = 0x4 HCNT = 0x0 SCBPTR = 0x0 SCSISIGI[0x84]:(BSYI|CDI) ERROR[0x0] SCSIBUSL[0x80] LASTPHASE[0x80]:(CDI) SCSISEQ[0x12]:(ENAUTOATNP|ENRSELI) SBLKCTL[0x2]:(SELWIDE) SCSIRATE[0x0] SEQCTL[0x10]:(FASTMODE) SEQ_FLAGS[0x0] SSTAT0[0x7]:(DMADONE|SPIORDY|SDONE) SSTAT1[0x2]:(PHASECHG) SSTAT2[0x0] SSTAT3[0x0] SIMODE0[0x0] SIMODE1[0xac]:(ENSCSIPERR|ENBUSFREE|ENSCSIRST|ENSELTIMO) SXFRCTL0[0x88]:(SPIOEN|DFON) DFCNTRL[0x4]:(DIRECTION) DFSTATUS[0x6d]:(FIFOEMP|DFTHRESH|HDONE|FIFOQWDEMP|DFCACHETH) STACK: 0x37 0x0 0x16a 0x19a SCB count = 20 Kernel NEXTQSCB = 1 Card NEXTQSCB = 19 QINFIFO entries: 19 18 9 0 7 6 17 8 15 14 5 4 3 2 Waiting Queue entries: Disconnected Queue entries: QOUTFIFO entries: Sequencer Free SCB List: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Sequencer SCB Info: 0 SCB_CONTROL[0x0] SCB_SCSIID[0x10] SCB_LUN[0x0] SCB_TAG[0x10] 1 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) SCB_LUN[0xff]:(SCB_XFERLEN_ODD|LID) SCB_TAG[0xff] 2 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) SCB_LUN[0xff]:(SCB_XFERLEN_ODD|LID) SCB_TAG[0xff] 3 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) SCB_LUN[0xff]:(SCB_XFERLEN_ODD|LID) SCB_TAG[0xff] 4 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) SCB_LUN[0xff]:(SCB_XFERLEN_ODD|LID) SCB_TAG[0xff] 5 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) SCB_LUN[0xff]:(SCB_XFERLEN_ODD|LID) SCB_TAG[0xff] 6 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) SCB_LUN[0xff]:(SCB_XFERLEN_ODD|LID) SCB_TAG[0xff] 7 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) SCB_LUN[0xff]:(SCB_XFERLEN_ODD|LID) SCB_TAG[0xff] 8 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) SCB_LUN[0xff]:(SCB_XFERLEN_ODD|LID) SCB_TAG[0xff] 9 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) SCB_LUN[0xff]:(SCB_XFERLEN_ODD|LID) SCB_TAG[0xff] 10 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) SCB_LUN[0xff]:(SCB_XFERLEN_ODD|LID) SCB_TAG[0xff] 11 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) SCB_LUN[0xff]:(SCB_XFERLEN_ODD|LID) SCB_TAG[0xff] 12 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) SCB_LUN[0xff]:(SCB_XFERLEN_ODD|LID) SCB_TAG[0xff] 13 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) SCB_LUN[0xff]:(SCB_XFERLEN_ODD|LID) SCB_TAG[0xff] 14 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) SCB_LUN[0xff]:(SCB_XFERLEN_ODD|LID) SCB_TAG[0xff] 15 SCB_CONTROL[0x0] SCB_SCSIID[0xff]:(TWIN_CHNLB|OID|TWIN_TID) SCB_LUN[0xff]:(SCB_XFERLEN_ODD|LID) SCB_TAG[0xff] Pending list: 2 SCB_CONTROL[0x0] SCB_SCSIID[0xf0]:(TWIN_CHNLB|TWIN_TID) SCB_LUN[0x0] 3 SCB_CONTROL[0x0] SCB_SCSIID[0xe0]:(TWIN_CHNLB) SCB_LUN[0x0] 4 SCB_CONTROL[0x0] SCB_SCSIID[0xd0]:(TWIN_CHNLB) SCB_LUN[0x0] 5 SCB_CONTROL[0x0] SCB_SCSIID[0xc0]:(TWIN_CHNLB) SCB_LUN[0x0] 14 SCB_CONTROL[0x0] SCB_SCSIID[0x90]:(TWIN_CHNLB) SCB_LUN[0x0] 15 SCB_CONTROL[0x0] SCB_SCSIID[0x80]:(TWIN_CHNLB) SCB_LUN[0x0] 8 SCB_CONTROL[0x0] SCB_SCSIID[0x70]:(TWIN_TID) SCB_LUN[0x0] 9 SCB_CONTROL[0x0] SCB_SCSIID[0x60] SCB_LUN[0x0] 18 SCB_CONTROL[0x0] SCB_SCSIID[0x30] SCB_LUN[0x0] 19 SCB_CONTROL[0x0] SCB_SCSIID[0x20] SCB_LUN[0x0] 16 SCB_CONTROL[0x0] SCB_SCSIID[0x10] SCB_LUN[0x0] 17 SCB_CONTROL[0x0] SCB_SCSIID[0xb0]:(TWIN_CHNLB) SCB_LUN[0x0] 6 SCB_CONTROL[0x0] SCB_SCSIID[0xa0]:(TWIN_CHNLB) SCB_LUN[0x0] 7 SCB_CONTROL[0x0] SCB_SCSIID[0x50] SCB_LUN[0x0] 0 SCB_CONTROL[0x0] SCB_SCSIID[0x40] SCB_LUN[0x0] Kernel Free SCB list: 13 12 11 10 Untagged Q(1): 16 Untagged Q(2): 19 Untagged Q(3): 18 Untagged Q(4): 0 Untagged Q(5): 7 Untagged Q(6): 9 Untagged Q(7): 8 Untagged Q(8): 15 Untagged Q(9): 14 Untagged Q(10): 6 Untagged Q(11): 17 Untagged Q(12): 5 Untagged Q(13): 4 Untagged Q(14): 3 Untagged Q(15): 2 Dump Card State Ends (probe14:ahc0:0:11:0): SCB 0x11 - timed out sg[0] - Addr 0x174d41c0 : Length 32 (probe14:ahc0:0:11:0): Other SCB Timeout ahc0: Issued Channel A Bus Reset. 15 SCBs aborted ahc0: Timedout SCBs already complete. Interrupts may not be functioning. ahc0: Recovery Initiated Dump Card State Begins Same as before Dump Card State Ends (probe14:ahc0:0:11:0): SCB 0x5 - timed out sg[0] - Addr 0x174d4060 : Length 32 (probe14:ahc0:0:11:0): Other SCB Timeout ahc0: Issued Channel A Bus Reset. 15 SCBs aborted ahc0: Timedout SCBs already complete. Interrupts may not be functioning. cd0 at ata1 bus 0 target 0 lun 0 cd0: CDWRITER IDE5224 001H Removable CD-ROM SCSI-0 device cd0: 33.000MB/s transfers cd0: Attempt to query device
Re: SCSI Problem
On Feb 5, 2005, at 15:59, Doug Hardie wrote: I have a system that was running fine with 2 SCSI drives. Both on the same line, the last one terminated. I removed the first one leaving the one with the termination. Now when the system boots I get the strangest messages and the results are quite unusual. Here are the console messages during the boot process: . From here on out the system completes booting as normal and runs just fine. Everything works properly except that the system thinks it has 16 SCSI drives. There is only one, but camcontrol shows it on all targets and disklabel gives the real disk label for all values of /dev/da0s1 through /dev/da14/s1. The physical disk has no jumpers. Any ideas what might cause this? I have never seen anything like it before. I can't imagine what I did to cause this. Here is the camcontrol devlist -v output: scbus0 on ahc0 bus 0: IBM DDRS-34560D DC1B at scbus0 target 1 lun 0 (pass0,da0) IBM DDRS-34560D DC1B at scbus0 target 2 lun 0 (pass1,da1) IBM DDRS-34560D DC1B at scbus0 target 3 lun 0 (pass2,da2) IBM DDRS-34560D DC1B at scbus0 target 4 lun 0 (pass3,da3) IBM DDRS-34560D DC1B at scbus0 target 5 lun 0 (pass4,da4) IBM DDRS-34560D DC1B at scbus0 target 6 lun 0 (pass5,da5) IBM DDRS-34560D DC1B at scbus0 target 7 lun 0 (pass6,da6) IBM DDRS-34560D DC1B at scbus0 target 8 lun 0 (pass7,da7) IBM DDRS-34560D DC1B at scbus0 target 9 lun 0 (pass8,da8) IBM DDRS-34560D DC1B at scbus0 target 10 lun 0 (pass9,da9) IBM DDRS-34560D DC1B at scbus0 target 11 lun 0 (pass10,da10) IBM DDRS-34560D DC1B at scbus0 target 12 lun 0 (pass11,da11) IBM DDRS-34560D DC1B at scbus0 target 13 lun 0 (pass12,da12) IBM DDRS-34560D DC1B at scbus0 target 14 lun 0 (pass13,da13) IBM DDRS-34560D DC1B at scbus0 target 15 lun 0 (pass14,da14) at scbus0 target -1 lun -1 () I have made some progress. Pulling the SCSI cable and reseating the controller eliminated the error messages. However, the above devlist still occurs. The controller is an Adaptec 2940UW. The adaptec configuration software shows one disk on ID 0 and the controller on ID 7. The above listing doesn't find the disk on target 0. My other systems with the same setup do. I won't be back on site till Friday so I am looking for ideas on what to check or try. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH terminal locking up from OS X to FreeBSD
On Feb 22, 2005, at 13:50, [EMAIL PROTECTED] wrote: * Eric F Crist [EMAIL PROTECTED] [2005-02-22 15:35:53 -0600]: On Feb 22, 2005, at 3:11 PM, [EMAIL PROTECTED] wrote: What version of Mac OS X are you using? All of my workstations are Mac OS X, and all but one server (an old cobalt raq 2) are running FreeBSD 5.3, and I have never seen a problem with using ssh from a terminal to a FreeBSD system. OS X is always the latest, currently 10.3.8. I have no control over the version this particular FreeBSD system, but this problem has persisted for several versions of Mac OS X and FreeBSD. I have been using ssh from my Macs to FreeBSD versions from 2.5 and up. Currently I have servers running 4.6 and 5.3. My connections stay active for one hour without problems. The one hour limit is from an undocumented feature in Apple's Airport that terminates a connection if there is no activity for an hour. The configuration on both ends is out of the box except that I force version 2 on both machines and have changed the port away from 22. To see what is happening using tcpdump do the following on both machines as root: 1. tcpdump -xXs1500 port 22 xxx (xxx is some file name to save the trace) 2.open the connection and cause it to fail 3. terminate the tcpdumps. 4. The traces in the xxx files will be time stamped and you should be able to check them side by side and watch what happens. One or the other will probably stop responding. Another thing that may help is to use (as root) ktrace on the sshd server and on the ssh client. That will generate a lot of output but may help with the tcpdump to see why the problem is occuring. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH terminal locking up from OS X to FreeBSD
On Feb 22, 2005, at 22:57, Jim Freeze wrote: * Chad Leigh -- Shire.Net LLC [EMAIL PROTECTED] [2005-02-22 22:58:17 -0700]: Just for giggles, what happens when you try a different encryption method with the ssl client? For example, -c blowfish Ok, so I tried this, but it still locks up. However, I was able to do RETURN~C to get a command line and RETURN~^Z to background the ssh terminal, but I was never able to re-activate it. I did manage to log the IP activity through tcp dump, and I discovered that after the 'lock up', there are no IP messages originating from the remote machine. Also, the IP blocks are of type FP, whatever that is. (Hmm, maybe I need to clear out the known hosts on the remote machine.) An abbreviated version is below. The full log file is at: http://www.freeze.org/tcpdump3b.log 00:22:59.999439 IP localhost.53245 remotemachine.com.ssh: S 611378943:611378943(0) win 65535 mss 1360,nop,wscale 0,nop,nop,timestamp 1996513030 0 00:23:00.053942 IP remotemachine.com.ssh localhost.53245: S 77400915:77400915(0) ack 611378944 win 57344 mss 1460,nop,wscale 0,nop,nop,timestamp 1100668230 1996513030 00:23:00.054039 IP localhost.53245 remotemachine.com.ssh: . ack 1 win 65535 nop,nop,timestamp 1996513030 1100668230 00:23:00.331844 IP remotemachine.com.ssh localhost.53245: P 1:24(23) ack 1 win 57964 nop,nop,timestamp 1100668258 1996513030 00:23:04.922358 IP localhost.53245 remotemachine.com.ssh: . ack 3512 win 65535 nop,nop,timestamp 1996513040 1100668711 # Long break - remote terminal stops responding but data is still flowing as you can see. # RETURN 00:34:05.662885 IP localhost.53245 remotemachine.com.ssh: P 1519:1559(40) ack 3512 win 65535 nop,nop,timestamp 1996514361 1100668711 00:34:07.284836 IP localhost.53245 remotemachine.com.ssh: P 1519:1559(40) ack 3512 win 65535 nop,nop,timestamp 1996514364 1100668711 00:34:09.285235 IP localhost.53245 remotemachine.com.ssh: P 1519:1559(40) ack 3512 win 65535 nop,nop,timestamp 1996514368 1100668711 00:34:43.290382 IP localhost.53240 remotemachine.com.ssh: FP 0:48(48) ack 1 win 65535 nop,nop,timestamp 1996514436 1100663377 # RETURN~? 00:35:09.294870 IP localhost.53245 remotemachine.com.ssh: P 1519:1719(200) ack 3512 win 65535 nop,nop,timestamp 1996514488 1100668711 00:37:17.308387 IP localhost.53245 remotemachine.com.ssh: FP 1519:2655(1136) ack 3512 win 65535 nop,nop,timestamp 1996514744 1100668711 #Closed terminal The localhost is trying to send the 40 bytes in its buffer. It is not receiving and ACK from remotemachine so it retries until it eventually gives up. The F flag is localhost issuing a FIN to remotemachine to drop the TCP connection. It tries a couple times and then likewise gives up. I would recommend a ktrace on the server to see if it yields any additional information. My guess is that the sshd process has died. syslog might not be set to catch the error it may be generating. ktrace will show all the syslog calls. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Port Problem
I seem to have done something to a port that is causing a problem. The port is dspam and I first did a make on it. Up cam this nice configuration option window (similar to sysinstall) where I select what turns out to be incompatable options. However, that wasn't obvious at the time. The patching and configuration completed successfully. All the various required ports installed properly. However, the make of dspam failed because of the incompatable options. The error message made it all obvious. However, I can't find a way to go back to that configuration option window to correct the problem. Make just takes me back to the compile error. Removing the work directory and the tar file results in a new download and then a silent return to the same problem. Make clean does essentially the same thing. The configuration options are being stored somewhere and I suspect I need to delete them, but where? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
su from root
I have encountered an unusual issue where the behavior is different between FreeBSD 4.6 and 5.3. If I login and then su to root successfully, then do a su to a non-root user I get: pam_login_access: pam_sm_acct_mgmt: user-id is not allowed to log in on /dev/ttyv0 In chasing this down it appears that the restriction is coming from login.access which does have a limitation to prevent the non-root user from logging in. Only members of the wheel group are permitted to login. That restriction is essential to this system. However, I don't understand why su is concerned about that. I need su to switch me to that user. I suspect this may be controlled by PAM but haven't been able to figure out just where that would be. How can I make su work like it does in 4.6? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Disk Error
I have been getting the following disk errors consistently for the last month. ad2s1e: hard error reading fsbn 6934399 of 3467168-3467295 (ad2s1 bn 6934399; cn 431 tn 164 sn 52) status=59 error=40 spec_getpages:(#ad/0x20014) I/O read failure: (error=5) bp 0xc5678f94 vp 0xcb5f3a80 size: 65536, resid: 65536, a_count: 65536, valid: 0x0 nread: 0, reqpage: 0, pindex: 504, pcount: 16 vm_fault: pager read error, pid 35441 (expireover) How do you figure out which file has the problem? expireover's logs are all buffered so you don't get the last partial buffer. I don't know yet if I can mark that particular sector as bad, but if I can find the file I can at least move to someplace where it won't get deleted. I chased through the core dump and the only directory indicated but all of those files are good. I have also tar'd the entire news directory elsewhere and no errors were encountered. The sector is the same every day. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Disk Error
I doubt that its dying. There is only one bad sector. The drive is in constant use. Its ran at 100% for almost 12 hours while copying the files and no errors were detected. Its always the same sector with the error. On Mar 7, 2005, at 09:54, Aftab Jahan Subedar wrote: ASAP 1. fsck -y 2. tunefs ( enable softupdate) 3. backup to new hard disk 4. remove this faulty hard disk Your hard disk is dyeing . Doug Hardie wrote: I have been getting the following disk errors consistently for the last month. ad2s1e: hard error reading fsbn 6934399 of 3467168-3467295 (ad2s1 bn 6934399; cn 431 tn 164 sn 52) status=59 error=40 spec_getpages:(#ad/0x20014) I/O read failure: (error=5) bp 0xc5678f94 vp 0xcb5f3a80 size: 65536, resid: 65536, a_count: 65536, valid: 0x0 nread: 0, reqpage: 0, pindex: 504, pcount: 16 vm_fault: pager read error, pid 35441 (expireover) How do you figure out which file has the problem? expireover's logs are all buffered so you don't get the last partial buffer. I don't know yet if I can mark that particular sector as bad, but if I can find the file I can at least move to someplace where it won't get deleted. I chased through the core dump and the only directory indicated but all of those files are good. I have also tar'd the entire news directory elsewhere and no errors were encountered. The sector is the same every day. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: tech question
On Mar 6, 2005, at 23:45, Chad Leigh -- Shire.Net LLC wrote: On Mar 7, 2005, at 12:31 AM, Michael C. Shultz wrote: On Sunday 06 March 2005 11:28 pm, popbox wrote: Excuse me for foolish question and pig latin. I'm a new user of FreeBSD and I have a trouble with mounting DVD. There is no separated information in your documentation (Handbook) about this question. I tried to mount DVD the same way as CD. It is not enough, I think. You looked at http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/creating- dvds.html This does not seem to answer the OP question. That pages deals with creating various sorts of writable DVDs. Chad I have mounted DVD-Rs numerous times on 4.6 using mount -t cd9660 /dev/ /mnt and that has worked fine. That also works on 5.3. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Mar 10, 2005, at 01:49, Ted Mittelstaedt wrote: The only long term solution that is going to work is modding the DNS records to designate an official SMTP server for each domain, such a plan has been in the works for a while among the standard bodies that know what they are doing. SPF is only going to address one form of spam distribution. Unfortunately it does nothing for the spammers who get their own domain and establish their own SPF records. They can continue to spam away at will. Likewise SPF will not close any of the open relays run by the organizations that are pushing SPF. Those will continue to forward spam like they do today. I suspect the open relays are ahead of their SPF checking as we continue to receive mail through them even theough they claim SPF is in use. Spam will only go away when people no longer respond to it. When there is no revenue generated to cover the cost of spamming then it will end. Since spamming is so cheap, it only takes a couple of responses to cover the costs. Probability of finding a couple of morons out there is 1.00. People still respond to the Nigerian scams. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Mar 10, 2005, at 15:24, Anthony Atkielski wrote: As it is, sometimes I can't answer clients by e-mail because their own ISPs (e.g., anything run by Time-Warner) simply throw away my e-mail because it doesn't come from a Big ISP. I doub't thats the reason. I am presuming you are referring to wanado.fr. I know we have its MTA blocked because of the unresolved spam complaints over the years. I suspect thats the same for others also. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Mar 10, 2005, at 17:38, Anthony Atkielski wrote: Doug Hardie writes: I doub't thats the reason. I am presuming you are referring to wanado.fr. No, I'm referring to e-mail sent directly from my own server (not relayed through Wanadoo). Time-Warner and a few other ISPs either reject it openly or silently throw it away. Can't say then. However we are a fairly small ISP and Time-Warner takes our mail. I doub't size is the issue. I know we have its MTA blocked because of the unresolved spam complaints over the years. I suspect thats the same for others also. What about the millions of legitimate subscribers using this ISP? We don't receive much legitimate mail from them. Get a lot more spam. -- Anthony ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Mar 10, 2005, at 18:30, Warren Block wrote: milter-greylist works great with sendmail. Here's a somewhat-dated article I wrote about using it and clamav-milter with sendmail: http://www.wonkity.com/greylist.pdf I am getting a no such file back on that. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
NIS server selection
I have NIS running on a few servers. I have had them configured with the -S option with only their host name so they would use the local resolver. However, after a few problems with ypserv dying I tried adding additional servers to the -S list. Everything was as normal till I killed ypserv on the local machine. Then it switched to the first host listed after the local name in the -S list. Access to NIS records worked fine. Then I tried to revert back to the local server. Restarting ypserv had no effect. NIS requests were still sent to the other server. I killed ypbind and restarted it with the full list. All requests were still sent to the other server. I killed ypbind again and restarted it with just the local server in the -S list. The request then were split about half and half with the local server and other server. How does ypbind know about the other server anymore? I had to kill ypserv on the other server, wait for some requests to timeout (ypbind is a persistent bugger) and then it switched. Surely there has to be an easier way to do this. I am trying to have ypbind use the local server if its working and otherwise one of the other servers. If the local ypbind gets restarted i would like it to revert back to using it. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NIS server selection
On Jul 8, 2004, at 13:44, Dan Nelson wrote: In the last episode (Jul 08), Doug Hardie said: I have NIS running on a few servers. I have had them configured with the -S option with only their host name so they would use the local resolver. However, after a few problems with ypserv dying I tried adding additional servers to the -S list. Everything was as normal till I killed ypserv on the local machine. Then it switched to the first host listed after the local name in the -S list. Access to NIS records worked fine. Then I tried to revert back to the local server. Restarting ypserv had no effect. NIS requests were still sent to the other server. I killed ypbind and restarted it with the full list. All requests were still sent to the other server. I killed ypbind again and restarted it with just the local server in the -S list. The request then were split about half and half with the local server and other server. How does ypbind know about the other server anymore? Running processes will talk to the server they originally made a connection to, until that connection fails. Only then will they contact their local ypbind and ask for another server. ypbind is not contacted on every lookup. I had to kill ypserv on the other server, wait for some requests to timeout (ypbind is a persistent bugger) and then it switched. Surely there has to be an easier way to do this. I am trying to have ypbind use the local server if its working and otherwise one of the other servers. If the local ypbind gets restarted i would like it to revert back to using it. The best you can do is make sure ypwhich points to the local machine so that subsequent processes will use it. You can't force existing processes to switch. Thanks. I have now set 3 servers in the -S list. ypwhich shows the one currently being used. I need to be able to change that. It appears that ypset is the way to do that. However, when I start ypbind with the -ypsetme argument I still get sorry, cannot ypset for domain NAME on host. I am running ypset on that server. That message comes from a request to rpc prog 14 which is registered to rpserv so I don't see how an argument to ypbind would help this. I don't find any similar arguments to ypserv. How do you make ypset work without opening it up to the entire world? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NIS server selection
On Jul 8, 2004, at 18:34, Dan Nelson wrote: In the last episode (Jul 08), Doug Hardie said: On Jul 8, 2004, at 13:44, Dan Nelson wrote: The best you can do is make sure ypwhich points to the local machine so that subsequent processes will use it. You can't force existing processes to switch. Thanks. I have now set 3 servers in the -S list. ypwhich shows the one currently being used. I need to be able to change that. It appears that ypset is the way to do that. However, when I start ypbind with the -ypsetme argument I still get sorry, cannot ypset for domain NAME on host. I am running ypset on that server. That message comes from a request to rpc prog 14 which is registered to rpserv so I don't see how an argument to ypbind would help this. I don't find any similar arguments to ypserv. How do you make ypset work without opening it up to the entire world? From looking at the source, the -S flag resets the -ypset and -ypsetme flags. See if putting -ypsetme after the -S xxx arguments helps. That did it. Somehow I missed that in the source. Thanks. I appreciate the assistance. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: pop3s server?
On Jul 12, 2004, at 16:16, Chris wrote: On Monday 12 July 2004 06:01 pm, Eric Crist wrote: What can I use as a secure (SSL) pop3 server. I'm trying to eliminate all instances of passwords being transmitted to my network unencrypted. Mail is all that is left. I want to setup pop as a secure service, before I worry about fighting with sendmail and SSL. qpopper offers both SSL and APOP options. I use qpopper with SSL quite successfully. Its straight forward to setup. However, getting the clients to work with that protocol can be quite difficult. Eudora in particular has a broken TSL implementation so you have to disable TSL and let it default to SSL before it will work. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: OFF-TOPIC but ... you will laugh !!
Not surprising. Gates and Microsoft didn't develop DOS. They bought it. On Nov 2, 2005, at 20:27, Moffatt, Chris wrote: It is a reserved word from the DOS days (like prn) I think it stands for console Actually, you can't create a folder named: CON, PRN, AUX, CLOCK$, NUL, COM1, COM2, COM3, COM4, COM5, COM6, COM7, COM8, COM9, LPT1, LPT2, LPT3, LPT4, LPT5, LPT6, LPT7, LPT8, and LPT9 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Aggelos Sent: Wednesday, November 02, 2005 8:31 PM To: freebsd-questions@freebsd.org Subject: OFF-TOPIC but ... you will laugh !! An Indian discovered that nobody can create a FOLDER anywhere named as con. This is something pretty cool...and unbelievable... At Microsoft the whole Team, including Bill Gates, couldn't answer why this happened! Try it out yourself... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions- [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions- [EMAIL PROTECTED] !DSPAM:43699b10336331518010033! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Upgrade from 5.3 to 6.0
I am in the midst of upgrading via source from 5.3 to 6.0. All is going fine, but the instructions in UPDATING do not include a make installkernel command. I know that needs to be done somewhere. I suspect between the buildkernel and the reboot. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Upgrade from 5.3 to 6.0
On Nov 6, 2005, at 22:15, Hans Nieser wrote: Doug Hardie wrote: I am in the midst of upgrading via source from 5.3 to 6.0. All is going fine, but the instructions in UPDATING do not include a make installkernel command. I know that needs to be done somewhere. I suspect between the buildkernel and the reboot. I think it says make kernel ..., which apparently does both I see that now. But, then how do you build multiple kernels? I maintain all source on one system and build all the kernels there. I don't want to install them as they won't work. Also, I don't want to build them on the production machines, just install them. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Upgrade from 5.3 to 6.0
On Nov 7, 2005, at 00:10, Hans Nieser wrote: Doug Hardie wrote: On Nov 6, 2005, at 22:15, Hans Nieser wrote: Doug Hardie wrote: I am in the midst of upgrading via source from 5.3 to 6.0. All is going fine, but the instructions in UPDATING do not include a make installkernel command. I know that needs to be done somewhere. I suspect between the buildkernel and the reboot. I think it says make kernel ..., which apparently does both I see that now. But, then how do you build multiple kernels? I maintain all source on one system and build all the kernels there. I don't want to install them as they won't work. Also, I don't want to build them on the production machines, just install them. I think you can still use the buildkernel and installkernel targets for that purpose, they are still mentioned in the Makefile at least. I verified that is correct. Thanks. I was able to build multiple kernels successfully without having to install them all. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
make buildworld
I am upgrading a server to 6.0 and encountered an error in make buildworld. However, I don't know what the error was as I piped stdout to a file, but not stderr. It was fairly near the end so I really hate to restart from the beginning again. The master server is a fairly slow machine. When something like this happens, is there a way to restart the make where it died? Is there an easy way to build the specific module that failed to get the complete errors? In this case the module was /usr/libexec/telnet. I went to /usr/src/ libexec/telnet and did a make. It completed without any problems. So, I ended up restarting the make from the top again, but would like to know for future situations. Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to know that make buildworld finished
On Mar 5, 2006, at 19:25, Olivier Nicole wrote: For testing purposes, I am trying to build a quite old (read slow) machine. It happens that every time I start a buildworld, I will have to leave before the end. And next morning the shell I was using to run the buildworld will have terminated for some reason. So I cannot see if the make did finished successfully or not. Is there a way to check that make buildworld did finished successfully? I use nohup make buildworld xxx That saves the buildworld output in xxx. It does get fairly large and I seem to recall it ends by rebuilding the man indexes. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Finding an LBA after a disk error
After much revision I finally have a tool that does a pretty good job of identifying the usage of an LBA. Its not perfect, but its normally only used with a disk with a bad sector. It no longer needs the complete source distribution but can be built from the normal libraries. It has been tested on FreeBSD 5.3 and 6.0. One of the libraries it uses was introduced in 5.1 so its not likely to work on anything earlier. It works on ufs1 and ufs2 formats and there is even a man page now. It could be mnade into a port, but I am out of time right now. A quick look at the documents for creating ports shows that it will take quite a bit of time to figure out that part. Contact me off-list if you would like to get it. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Motherboards
I have a number of servers that are reaching end of life. They are over 7 years old and I can no longer find IDE drives that work with the slower controllers they have. These are all towers and use ASUS motherboards. Those were quite cheap at the time and the boards have worked very well over the years. However, I am now hearing rumers that ASUS motherboards are no longer the best quality and probably should be avoided. Don't need much on the machines, but do have to have 2 NICs and a SCSI controller on each. What are good, rock solid, motherboards with FreeBSD 6.0? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
cvs
I have been building a cvs structure for a bunch of code and have a couple questions I have not been able to find answers to in the archives/documentation. When you run ident on many FreeBSD modules you see the identifier FreeBSD used frequently. It appears that cvs is properly updating the information in those entries, but I don't see how cvs is configured to make that happen. FreeBSD is not one of the cvs recognized keywords. I would like to use a unique keyword for my stuff. ident finds it fine in the files, but cvs does not update the version information. I suspect that somehow I need to tell cvs about the keyword. Also, in the process of going through all the source to put into cvs I found a number of modules that are no longer in use. cvs remove deletes them from the cvs archive. However, occasionally I need something that is no longer in use and would like to be able to save deleted modules somwhere in cvs. I don't want them to be returned in a normal checkout but would like them to be available somehow. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cvs
On May 5, 2006, at 11:04, Giorgos Keramidas wrote: On 2006-05-05 10:45, Doug Hardie [EMAIL PROTECTED] wrote: I have been building a cvs structure for a bunch of code and have a couple questions I have not been able to find answers to in the archives/documentation. When you run ident on many FreeBSD modules you see the identifier FreeBSD used frequently. It appears that cvs is properly updating the information in those entries, but I don't see how cvs is configured to make that happen. FreeBSD is not one of the cvs recognized keywords. I would like to use a unique keyword for my stuff. ident finds it fine in the files, but cvs does not update the version information. I suspect that somehow I need to tell cvs about the keyword. See this article for details of the FreeBSD CVS setup: http://www.freebsd.org/doc/en_US.ISO8859-1/articles/cvs-freebsd/ Part of this explains how our `cfg_local.pm' works and you can use a similar trick for any custom $FreeBSD$-like keyword you want. Thanks. I did figure it out. For anyone else who wants the simple way: To have XXX and Id work as a keywords edit the config file in CVSROOT in the repository. Add the following two lines: tag=XXX=CVSHeader tagexpand=iXXX,Id Only the XXX and Id keywords will then expand. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Monitoring a PPP Connection
I have a device that connects via PPP on a phone line (V.90) to my ISP. However, I am seeing significant delays on the connection but can't find a cause. I am looking for something that will monitor the phone line - like tcpdump for a phone line. I know that there are some expensive devices out there that do that, but this doesn't warrant spending that much. I don't see any easy way to capture both the uplink and downlink signals though. Regular modems only monitor the downlink side. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: lost man pages after reinstalling and upgrading macosX
On Dec 12, 2003, at 06:35, John Minter wrote: Since I have reinstalled macosx (v 10.2) and upgraded to current v 10.2.8, i no longer can reach my man pages or many of my commands. on startup of terminal i get message saying system cannot find manpath or grep. I have tried to track down the problem, but can't seem to get the system to recognize many of my basic commands, including cp and man, for example. Please help. I'm a newbie to UNIX, and have been reading trying to learn it. I understand the mac's darwin is based on BSD. Thanks and forgive me if I've intruded on this list with an improper question. Run Repair Disk Permissions. Its in Utilities - Disk Utility (?). I not sure of the exact name since it changed for Panther. You may have to run it a couple times before all the problems are corrected. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: halt while booting: recovering vi editor sessions /kv
If the first one or two DNS server entries are not working you will see this behavior. On Dec 28, 2003, at 15:23, Kai Vermehr wrote: While booting I get the message recovering vi editor sessions and the booting process is halted for a couple of minutes. I'm new to FreeBSD so I don't know where to look. Booting is resumed and some time later I get a message that sendmail is starting -- again taking a long time ... Any ideas how to fix this? thanks! -- 'K:) ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Doug ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
I need to resend messages from dead.letters
There was a problem last night with my mail server and a bunch of mail went into the dead.letters mailbox rather than being sent. I have that mailbox and need a way to send all of those messages. I split them out into individual files, but there are just too many to send by hand. Is there a way to cause them all to be resent? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Backup Mail Server Questions
On Sep 27, 2004, at 11:39, Nico Meijer wrote: Regular folks don't understand how mail works. They have no clue whatsoever. They don't _want_ to have a clue either. They are just behaving like consumers, again. Do you *really* want to know what's on your plate at dinner? ;-) I do, maybe you too, but most people don't. If I had a dime for every time I have had to discuss how mail delivery actually works to Joe Average or his Windows NT/2000 systems administrator... boy. Again, I have many _very_ strong opinions on how email should be managed, this is one of them. I happen to have a very strong opinion on the grim state of humanity in general and regular, everyday, Joe Average computer users in particular. I am therefore strongly biased. ;-) When Joe Average computer user sends an order to Jane Trader to sell his stock in xxx because its the highest its ever been and that email sits in your secondary MX until after xxx falls to penny stock status, then Joe Average computer user will have plenty of world class lawyers on his doorstep with big dollar signs in their eyes. They will have no problem convincing Joe Sub-Average juror (of which there will be more than enough to go around) that you were the cause of Joe Average computer users' loss of his entire retirement savings. After all, you accepted the email and acknowledged it and failed to deliver it to Jane in a timely fashion. Any technical arguments you make about the server down etc., will not faze the judge (who couldn't care less - he gets paid the same no matter who wins) or Joe Sub-Average juror who is only interested in who is putting on the better entertainment (you or the soap opera he is missing at home). ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Upgrade to 5.3
I am doing some testing of 5.3 in preperation to converting a number of production boxes from 4.6. A couple questions I have not been able to find answers for: One of my systems has a very large IDE drive that is used to hold some long term very large files that are rarely created but occasionally referenced. The system disks are all SCSI. When I convert that system will the IDE drive (UFS format obviously) be mountable on 5.3? Or do I need to reformat it also? I don't have any easy way to preserve those files because of their size. The port pstack doesn't work on the basic 5.3 install. It expects /proc to be there. I can mount /proc and then pstack works just fine. My guess is that proc was removed for a reason. However, is there a replacement for pstack or do I need to mount /proc? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Root login at console
I am setting up some 5.3 systems and have encountered a situation I can't figure out. I have had the following (and only) active line in 4.6 systems /etc/login.allow: -:ALL EXCEPT user1 user2 user3: ALL That only permitted logins from those 3 users and not root. The users had to su to get to root - even on the console. However that same line in 5.3 doesn't let anyone su to root (terminal or console). I have to add root to the list: -:ALL EXCEPT root user1 user2 user3: ALL Then the users can su to root. However root can login on the console directly which I don't want. I have tried a few diferent approaches to make this work but none have succeeded. What am I missing? Thanks. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Root login at console
On Nov 12, 2004, at 23:18, Ted Mittelstaedt wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Doug Hardie Sent: Friday, November 12, 2004 10:52 PM To: f-questions List Subject: Root login at console I am setting up some 5.3 systems and have encountered a situation I can't figure out. I have had the following (and only) active line in 4.6 systems /etc/login.allow: -:ALL EXCEPT user1 user2 user3: ALL That only permitted logins from those 3 users and not root. The users had to su to get to root - even on the console. However that same line in 5.3 doesn't let anyone su to root (terminal or console). I have to add root to the list: -:ALL EXCEPT root user1 user2 user3: ALL Then the users can su to root. However root can login on the console directly which I don't want. I have tried a few diferent approaches to make this work but none have succeeded. What am I missing? Thanks. I don't think that the /etc/login.allow should have blocked root login at the console. If it did in 4.x that is a bug and 5.3 corrected it. If you want to block root login at the console then edit /etc/ttys and change the keyword from secure to insecure for the console. Ted Thanks. I just checked ttys in my 4.6 system and they all say secure. I see the instructions in ttys now and that makes sense. A quick check also shows it works. I guess there was a bug in 4.6. The instructions seem to indicate that removing the secure keyword is all that is required. Thats what I checked and it worked. I presume thats the same as using the insecure key which I really didn't see mentioned. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
jabberd
Has anyone succeeded in making mu-conference work with jabberd v2 on FreeBSD 5.x? I can get jabberd working fine but it never seems to route anything to mu-conference. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: mac osx disklabels
On Jun 20, 2005, at 07:59, Chad Leigh -- Shire.Net LLC wrote: On Jun 20, 2005, at 8:12 AM, Bob Bomar wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: | I went to mount a UFS filesystem on an OSX prepared drive and discovered | that apparantly FreeBSD can't read mac disklabels? Is this true or am I | missing something? | OS X Uses HFS+ which FreeBSD can not read. Its an Apple format. There were some tools in ports to read HFS fs's, but not HFS+. OS X also supports a form of UFS btw If the drive was formatted using Disk Utility there is a very hidden option for Apple Partitioning Scheme or PC Partitioning Scheme. The Apple Partitioning Scheme is the default. The only documentation I could find on those options is a note that if you want to be able to mount the drive on a PC you must use the PC Partitioning Scheme. I suspect that the Apple Partitioning Scheme uses a different format for the partition map which may not be handled by anything else. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD and NetZero
On Nov 24, 2004, at 23:23, Ted Mittelstaedt wrote: They are called dialup accellerators, and an entire industry has grown up to make and sell these programs, with the sole purpose of shagging money out of stupid people who run ISP's and don't understand you cannot compress jpgs, zips, .mp3s and other precompressed data that people download. You might want to try one first before making those statements. I run an ISP that makes SlipStream available for our users who want it. We find that it does make improvements. However, the amount of improvement is dependent on the settings you configure. JPGs etc can be easily compressed. You re-encode the JPG image using a lower quality setting. You can achieve significant download time savings that way. SlipStream lets to select the image quality setting to give the quality/improvement you want for initial image viewing. You can always reload the original image quality then if you need it. SlipStream also uses a newer compression algorithm than those currently used by PPP. Its not clear just how much more effective this is as its quite difficult to measure. SlipStream is not for everyone. There are other issues where its not totally transparent and it causes issues with some internet services. However, when used properly you can achive significant improvements in download times. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: blacklisting failed ssh attempts
On Dec 1, 2004, at 09:41, Charles Ulrich wrote: This morning I noticed that an attacker spent over a full hour trying to brute-force accounts and passwords via ssh on one of our machines. These kinds of attacks are becoming more frequent. I was wondering: does anyone know of a way to blacklist a certain IP (ideally, just for a certain time period) after a certain number of failed login attempts via ssh? I could change the port that sshd listens on, but I'd rather find a better solution, one that isn't just another layer of obscurity. I tried null routing their addresses and that stops that address. However, a day or so later they are back from a different address. After a couple months of this I changed the ports. Its a real pain. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: sftp and shell access
On Dec 14, 2004, at 02:11, Josh Paetzel wrote: I am looking for a way to give a user an sftp account without giving them a shell. So far I've tried setting their shell to /sbin/nologin, but when they try to log in via sftp it gives them a message to long error. Any pointers would be appreciated...I've tried the FAQ, handbook and google so far. sftp uses a ssh connection to tunnel to ftp. The connection is actually made to your ssh port. There is also ftps which is ftp with ssh imbedded in it (like https). With that the connection is actually made to fhe ftp server port. ftps is available in the ports (BSDftpd-ssl). Since it doesn't use ssh you can set the user to not have login capability. Clients for ftps or sftp are not always easy to find. The web page for BSDftpd-ssl does list a number of compatable clients that are available. I suspect that sometime there will be a general shift to one of those approaches and the other will go away which would make it easier to find clients. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Centralized DB of system users
On Dec 12, 2008, at 10:19, Dan wrote: Wojciech Puchar(woj...@wojtek.tensor.gdynia.pl)@2008.12.12 14:12:45 +0100: this case (though it's very complicated to set up, especially the first why it is right solution? Interoperability. Today, with Linux, tomorrow, Windows or Mac OS X. so not right but interoperable. if i do have only unix systems in LAN, NIS is much better easier and faster. No, it really is right if you want to authenticate email, radius, etc off of LDAP. NIS doesn't do that. Really! I guess I didn't know that before I used it for all those. for windows-only LAN with unix server, simply using samba is OK. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Port 7070
I just ran a netcat (nc -z) on my production servers and found an unusual response: Connection to 7070 port [tcp/arcp] succeeded! I checked on all my production and test servers (7.0 stable as of quite some time ago) and got the same response. I can't figure out why that port is open. It always returns a reset when a connection is opened. netstat -an does not return any 7070 entries. sockstat does not show any 7070 entries. There is no 7070 entry in /etc/services. ktrace of inetd shows nothing. tcpdump on the server shows the SYN and RST packets only. tcpdump on the client machine shows a complete TCP negotiation completion followed by a termination. The client is going across the internet. Running the client on a machine on the servers LAN shows that the port is not open. And tcpdump from both shows only a SYN followed by a RST. This indicates that some router between the original client and the servers is accepting the connection and then forwarding it on. This doesn't happen on other ports (although there may be a couple others I haven't chased down yet though). The only router we have in the path is a Cisco 2501 running a 2000 vintage IOS with nothing like that in its configuration. Its a simple pass everything through setup. Any ideas what is happening here? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Looking for a Good FreeBSD and General Unix Backup System
On Jan 28, 2009, at 16:52, Jaime wrote: On Wed, Jan 28, 2009 at 6:51 PM, Wojciech Puchar woj...@wojtek.tensor.gdynia.pl wrote: dump is perfect. period. Is it possible to pull out individual files? A fellow sysadmin asked me that years ago and I didn't have an answer for him. Most certainly. Use the restore function. Interactive mode is easiest for a small number of files. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Image size manipulation
I am looking for a port that would take an image file (preferably and image format) and convert it to JPEG at a specified pixel size. I couldn't find anything in the ports that appears to provide this capability. If needed I would settle for requiring JPEG input format. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Image size manipulation
On Feb 3, 2009, at 22:16, Manolis Kiagias wrote: Doug Hardie wrote: I am looking for a port that would take an image file (preferably and image format) and convert it to JPEG at a specified pixel size. I couldn't find anything in the ports that appears to provide this capability. If needed I would settle for requiring JPEG input format. You are looking for graphics/ImageMagick. This provides a 'convert' command that does lots of image file manipulations. Thanks. Don't know how I managed to miss it before. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Image size manipulation
On Feb 4, 2009, at 06:38, Mehul Ved wrote: On Wed, Feb 4, 2009 at 11:53 AM, Doug Hardie bc...@lafn.org wrote: You are looking for graphics/ImageMagick. This provides a 'convert' command that does lots of image file manipulations. Thanks. Don't know how I managed to miss it before. Also gd(http://www.libgd.org/Main_Page)? I am currently using gd to create some images from data, but don't see how to resize the images to a specific pixel size. Nothing seems to stand out in the documentation. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Image size manipulation
On Feb 4, 2009, at 08:17, Peter Giessel wrote: On Wednesday, February 04, 2009, at 07:10AM, Doug Hardie bc...@lafn.org wrote: I am currently using gd to create some images from data, but don't see how to resize the images to a specific pixel size. Nothing seems to stand out in the documentation. void gdImageCopyResized doesn't stand out to you? http://www.libgd.org/CopyResize No it didn't. Somehow I missed it in the documentation listing. Thanks for pointing it out. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Use of libgd
I am trying to use libgd to create some images. They are creating properly except there are color changes that I can't seem to figure out. The initial image is basically black and white PNG. I have converted it to GD2 format. There are a number of secondary images that have a couple of colors (black, red, blue etc). Each of them has been converted to GD2 format. When any of these are converted back to PNG format they display properly. However when I load the initial image, and then overlay it with one of the secondary images, the colors in the secondary images change. For example, red can become yellow or black etc. I tried gdImageCopyPalette from the secondary to the primary before the overlay but that seems to have no effect. Clearly I am missing something but can't seem to figure it out. Any ideas? Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Question about forcing fsck at boottime
On Apr 6, 2009, at 11:12, Chris Rees wrote: Can no-one can come up with a reply either quoting a mailing list or giving the circumstances when: a) Background fsck caused data CORRUPTION _and_ b) A foreground fsck would not have done the same ? Yes. When background FSCK first became standard I let it go that way on my production servers. The first time we had a power issue that resulted in a shutdown of a server it tried to come back up when the power was restored. I have a large number of daemons that rely on configure files and other information that is reasonably frequently updated. Some of those files were in the process of being updated when it shut down. As a result background FSCK did not get around to those files till much after the daemons were up and running (or trying to run). Most of them worked ok at the beginning. However after FSCK resolved the problems, the underlying files changed. The daemons couldn't function at that point. While a simple reboot at that point fixed everything, that caused yet another outage for users. Hence, I disabled background FSCK. There have been a few power issues since then and there have been no recovery issues with foreground FSCK other than the restart takes a bit longer. This is reproducible since it happened on several different servers. However, I am not about to go back and subject users to additional downtime when a viable workaround that avoids the problem exists. I doubt that the concept of background FSCK is broken and I suspect that the implementation is good too. The issue is that some services really should not be started till after FSCK (either variety) has completed. I didn't see an easy way to do that using rc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Question about forcing fsck at boottime
On Apr 7, 2009, at 02:34, Chris Rees wrote: \ So, the answer is NO, it does NOT cause data CORRUPTION. A simple reboot solved it? Really, you're advocating guaranteed extended downtime every time there's a power outage, compared with a slight chance of a slightly longer downtime while every other time it comes almost straight up. Any more replies, please, read the damned question. You had better define data corruption then. In my book data that is read and gives garbage back rather than the right data is corrupt. It doesn't matter if it gets fixed by a reboot later. Thats only helpful if you happen to notice that it needs a reboot. If all you are interested in is toy systems then this type of problem is of no interest to you. However, for those of us who run production systems where clients have paid for service this is a serious issue. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Copying files without scp
On Apr 7, 2009, at 16:13, Steve Bertrand wrote: Hi all, To copy data from one server, I normally (always) use scp. I'm looking for a method to perform this copy task without the overhead of encryption for infrequent, high-volume transfers (hundreds to thousands of GB). The data will be transferred server-to-server within a private datacentre. Can someone recommend a *known good* production quality copy mechanism that will act like scp, but without the overhead? rsh? nc? In that environment you can use ftp just fine. Make sure to restrict it to the local IP addresses. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Upgrading from 6.3 to 7.1 -- how dangerous?
On Apr 19, 2009, at 10:06, John Almberg wrote: I need to upgrade a live, production server from 6.3 to 7.1. I can't afford to have any troubles with this server. I have Absolute FreeBSD and a few other BSD books, and the upgrade process looks fairly straightforward. That's the theory... Real world question: how scared should I be? Not at all if you prepare properly (see below). I've thought about setting up a dummy server, just to practice on. Is this a good idea? Or am I just a nervous Nellie? That is an excellent approach. I keep a couple of spare machines around just for that purpose. While most of the update process is waiting for things to complete, mergemaster requires a lot of responses to a ton of questions about updates to configuration files. The vast majority of those will be to install the new version. However, there are some where you really need to review the changes and make sure your unique configuration gets carried over into the new files. Its really easy to get into the i mode and skip right through some of those. The recovery from that will be painful. Take lots of time on the dummy upgrade to think through the merge and keep good records. You are likely to find that you still have to make some changes to those files after the update is complete. Go back and update the records so you don't have to do that a second time on the production server. I also recommend you not let weeks go by between updating the dummy and the production systems. No matter how good you write stuff down, some will get forgotten. Often memory will save you, but if its been too long, perhaps not. The dummy update process will also give you a much better estimate of the time you need to have the production system down. I have been using this approach since FreeBSD 2.5 and have had a couple of disasters in updating my test system. After a few retries I figured it out and none of the production system updates has encountered any issues. I create a script for each update and save them. Often they come in handy in a later update. The script is really helpful when updating a number of production servers. I tend to forget about some steps otherwise after a few iterations. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: pf rules
On 22 January 2010, at 01:45, Erik Norgaard wrote: To debug pf rules: - always add direction to the rule, pass or block, add interface to all rules except default policy, keep state on all pass rules - group your rules per direction, then per interface - add log to all rules and watch pflog to see which rule blocks or passes traffic. - use keyword quick for any decisive rule - check the parsing of your ruleset, pfctl -sr then come back and ask for help. Where do you find the rule information in the pflog output from tcpdump? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: pf rules
On 22 January 2010, at 03:14, Erik Norgaard wrote: Doug Hardie wrote: On 22 January 2010, at 01:45, Erik Norgaard wrote: To debug pf rules: - always add direction to the rule, pass or block, add interface to all rules except default policy, keep state on all pass rules - group your rules per direction, then per interface - add log to all rules and watch pflog to see which rule blocks or passes traffic. - use keyword quick for any decisive rule - check the parsing of your ruleset, pfctl -sr then come back and ask for help. Where do you find the rule information in the pflog output from tcpdump? a snip: alpha# tcpdump -n -e -i pflog0 tcpdump: WARNING: pflog0: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 96 bytes 11:55:20.910140 rule 81/0(match): block in on vr1: 172.16.1.127.52444 172.16.0.1.23: tcp 44 [bad hdr length 0 - too short, 20] rule 81 blocks. Now, problem is that your rules may be more compact, you'll find the rule with pfctl -sr. Now admittedly, I got: pass in quick on vr1 inet proto udp from 172.16.0.0/23 to local_ip port = secret_service keep state ofcourse, that rule didn't block. But two lines down I found: block return in log quick on vr1 inet from 172.16.0.0/23 to local_ip This makes sence, so why the offset 2? The first line of the output from pfctl -sr is scrub all fragment reassemble that shouldn't count as a rule. And then, if pflog starts counting with 0 while vi counts from 1 that explains it. Yet another reason to check the rules as parsed using pfctl -sr. Anyway, not trying to cut corners is the first step, then add log so you can see whats going on, use quick to avoid some packet fall through and being matched by a different rule than intended, organizes your rules so you can easily separate things out. My rules are grouped together like this: # default policy block all block in log general condition pass in quick some packets keep state block in log quick general condition block out log general condition pass out quick some packets keep state block out log quick general condition # Default policy catch all should never apply block log all the conditions for the pass rules should match those of the first block and then be more specific, say, only apply to one port. Doing so, the pf rule parser will optimize the ruleset. Even if I know that a given rule can only match packets on the vr0 interface, I explicitly state the interface. It makes it clear what's going on. Once the ruleset is debugged and working you can remove the log statements. Thanks. That is really helpful. The key is that the rule information is in the link layer. I never guessed that. Now I see it just fine. This approach sure beats monitoring the statistics and the input and trying to correlate them. That was the approach I was using. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org