Re: too little space on /

[Michael Powell]

Zbigniew Szalbot wrote:

> Hello,
> 
> Volodymyr Kostyrko:
>>  3. What catalogs are your spacehogs? Examine the output of:
>> 
>> find / -type d -maxdepth 1 -mindepth 1 -exec du -hd0 {} \;
> 
> Searching for bigger dirs turned out that my /boot was bigger than needed
> 
> 114M/boot
> 
> So a way to go would be to either:
> 
> 1/ define "nomakeoptions DEBUG" in kernel
> 
> 2/ Stop building all of the modules implying WITH_MODULES or NO_MODULES
> to not omit module building at all.
> 
> 3/ Stop building megakernel and move to minikernel loading everything
> else from modules
> 
> In case you wonder how come I am so wise - I am not. This was all with
> suggested by a friendly and kind member of this list.
> 
> Many thanks!!!
> 
>
 
You can also add STRIP= -s to /etc/make.conf if you don't do development or
debugging. The next buildworld/...kernel.../installworld and you'll have a
smaller /.

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Is the freesbie project dead????????

[Michael Powell]

FBSD1 wrote:

> I can't reach http://www.freesbie.org/ to official site for the project.
> 
> Has this project disbanded?
>
 
Usually when an organized project calls it quits they will leave some form
of notification up for people to see. In this case I'd bet it's either the
server has failed or a router to the server has failed. Sometimes these can
take several days to get fixed. Be patient and try back in a bit, like
maybe even a few days or so.

traceroute 83.149.156.188 ends here:

22  host031-132.consiagnet.it (83.149.132.31)  143.493 ms  140.976 ms 
141.988 ms
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD 7.1 BETA and update to RELEASE

[Michael Powell]

Fernando Apesteguía wrote:

> Hi all,
> 
> I tried to install FreeBSD 7.0 on my computer but my NIC was not
> supported, so finally I didn't install it.
> Yesterday I tried 7.1 Beta bootinst and the network card was
> recognized during the installation. I was planning to install 7.1 Beta
> now, but I have some questions:
> 
> - Is it difficult/painful to update from 7.1 Beta to 7.1 Release when
> it comes available?

No
 
> - Should I expect big problems?

Probably not.
 
> - Is 7.1 Beta stable enough?

Can't say definitively based on presented information. However, it does
sound as if you are in a situation where you don't really have a choice: If
you really want FreeBSD, and you know 7.0-Release isn't working, then give
7.1 Beta a try.

If you do experience problems you can be helpful to the community in general
by filing PR(s). The purpose of the Beta and Release Candidate issues are a
final shakedown in preparation for labeling something a "Release".

If the Beta installs and runs successfully you won't have any problem
updating the system when 7.1-Release makes it out the door. I'd be willing
to bet the probability is pretty high you'll have no trouble. The biggest
caveat there being the hardware you're trying to install it on. Give it a
go, see what happens.

-Mike
 



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: sound card and freebsd v7.0

[Michael Powell]

jonathan michaels wrote:

> greetings, freebsd-questions,
> 
> i recently got a handme-down box, some sort of hp desktop machine ? not
> sure what it is called, the source was more or less vague about its
> name/configuration ??? i put in a freebsd v7 cd and these bit fell out,
> 
> after pluging some speakers there was no sound, i suppose ?no driver
> attached"  line explains that one ??
[snip] 
> Sep 26 13:26:46 hostid kernel: pci0:  at device 4.3 (no driver
> attached) Sep 26 13:26:46 hostid kernel: csa0:
>  mem
> 0xf410-0xf4100fff,0xf400-0xf40f irq 10 at device 6.0 on pci0
> Sep 26 13:26:46 hostid kernel: csa: card is Unknown/invalid SSID (CS4614)
> Sep 26 13:26:46 hostid kernel: csa0: [GIANT-LOCKED] Sep 26 13:26:46 hostid
> kernel: csa0: [ITHREAD] Sep 26 13:26:46 hostid kernel: pcm0:  Audio> on csa0 Sep 26 13:26:46 hostid kernel: pcm0:  AC97 Codec> Sep 26 13:26:46 hostid kernel: pcm0: [GIANT-LOCKED] Sep 26
> 13:26:46 hostid kernel: pcm0: [ITHREAD]
> 
[snip]

Theoretically placing snd_csa_load="YES" in /boot/loader.conf should enable
this card. If it is loading OK kldstat will show it and you should get
output from cat /dev/sndstat confirming.

[EMAIL PROTECTED]:0:6:0:class=0x040100 card=0x42801013 chip=0x60031013
rev=0x01 hdr=0x00

is matching the #define CS4614_PCI_ID 0x60031013 in the driver code so it
really ought to work. If it doesn't try not loading the acpi module at
boot. But if HP did something really non standard when they wired this up
you could be SOL.

-Mike
 


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Installation Question

[Michael Powell]

Ray Madigan wrote:

> I am trying to move a couple of machines from Suse Linux to FreeBSD and I
> am
> having an installation issue on the first machine.  I have a 1.8GHZ
> Pentium
> on an ASUS mainboard.  DUring installation I give the geometry of the
> drive on the machine, a Western Digital WD8000JB, the drive geometry that
> I find
> on their website 16383/16/63 in FDisk.  The disk was used for the Suse
> installation so the partitions are correct.  So I press Q on the keyboard.
> I go through the installation until I get to DiskLabel and the drive
> doesn't
> show up on the top of the screen.  The screen is blank except for the
> options section.
> 
> Does anyone know what could be going wrong here.
[snip]

You need to completely wipe the disk of whatever was on it before. On
machines with a floppy sometimes I boot from Dos and use it's fdisk, but
really any fdisk will do this. Just delete and write back to the drive and
start over.

I have a WD800JB here and as far as specifying drive geometry that is
generally not required. Just make sure you have LBA mode activated in the
BIOS.

A quick note about sysinstall: many times it will display an error screen
complaining about CHS values being wrong immediately prior to going into
fdisk. This is really an error in sysinstall and most people just totally
ignore it. So don't pay that screen any attention, it is bogus.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Can't add new 1TB disk in FreeBSD 6.1

[Michael Powell]

Don O'Neil wrote:

> I just swapped out an old 500G disk with a 1TB one and I'm trying to label
> it and mount it...
> 
> If I run bsdlabel -w ad4, I get:
> 
> bsdlabel: Geom not found
> 
> If I run sysinstall, it tells me that it can't write to the disk.
> 
> I've tried an old 'bypass': sysctl kern.geom.debugflags=16, but that
> didn't help.
> 
> Can anyone help me get this new disk installed without having to boot off
> a recovery CD? The server is 500 miles away from me and I don't have
> direct console access.
> 

Uhmm... This may seem silly, but did you use fdisk to create a slice first
before you tried partitioning?

-Mike-



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: php5 segfault

[Michael Powell]

Jeremy Chadwick wrote:

> On Wed, Oct 08, 2008 at 02:51:00PM +0200, Laszlo Nagy wrote:
[snip]
>>
>> So it is using -O2 and -pipe. Is this something that I can disable?
> 
> If you want.  "make config" in /usr/ports/lang/php5 will give you a
> menu option for DEBUG; turn it on.
> 
> I'm not sure what the compile options you're showing have *anything* to
> do with the segfault you're reporting.  I don't see any backtraces or
> details of the segfault.

I've used -pipe -O2 for years and never had it cause me trouble.
 
>> It might be because we are using postgresql connections. For pages
>> without pgsql connection, there is no segfault.

Still using MySQL so I can't speak to PostgreSQL PHP connectivity.
 
> I've personally used PHP5 (as a CGI only, not as an Apache module)
> with PostgreSQL and experienced no segfaults.
> 
>> It must be noted that the segfault happens on cleanup. E.g. all web
>> sites are working fine, except that we are getting many many segfault
>> messages in the logs all the time.

This will inhibit performance. The ones that are failing are having the
script(s) restarted. If you can fix this performance will improve.
 
> Many people have found that re-ordering the "extensions" lines in
> /usr/local/etc/php/extensions.ini has solved odd segfaults.  I
> personally have never seen this, nor have ever needed to adjust that
> file, but it has worked for others.

One quickie shortcut to try as experimentation is to just comment out
hash.so in extensions.ini. I have had trouble with this one, ie to the
extent Apache wouldn't even start.

I've read/heard about the reorder thing too and never needed it. What I
suspect is there is a possibility that what happened is people went in
after the fact and installed xyz extensions after the first main install
after discoverring they forgot or left out something they needed. This
results in the line(s) just getting tacked on at the bottom. If they had
wiped all PHP and done it again from scratch the list in extensions.ini
would then be correct. Only a theory on my part.
 
> Also, you cannot use a threaded Apache (e.g. threaded MPMs) with PHP
> since not all extensions support threading.  Your Apache needs to be
> built without threads and use a non-thread model (e.g. prefork).  I've
> also had success with Apache-ITK-mpm.

This is very true for mod_php, but less so if PHP is run as FastCGI. I am
currently running a box at work with the event mpm and mod_fcgid for
testing and it seems to be doing well. YMMV
 
> Search the mailing lists for this situation, try the recommendations,
> and then if nothing fixes it, provide a backtrace.
> 

The normal default of error_reporting = E_ALL & ~E_NOTICE is present, but if
you want it to log to it's own file uncomment ;error_log = filename (or
syslog if you prefer). You may need to do a 'touch on the  and
make it's permissions match those the webserver runs under.

If things get really bad take a look at http://www.xdebug.org/
I don't think this really belongs on a production machine (IMHO), but I have
used it on my development server. Better as a last ditch effort probably.

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Weird FS behavior tru FTP on CD9660

[Michael Powell]

Sdävtaker wrote:

> Hey,
> I found a weird situation today,
> I mounted a DVD with the mount_cd9660 and accessed it through
> "filezilla". I got 2 times every file in the list, go back to the
> original Pc and checked with "ls" and they appear only once. :-/
> Im using last version Filezilla in MSW, and ftpd in FBSD7.0r.
> I think it can be reading both TOCs in the DVD, but it is weird since
> it doesnt happen when doing ls.
> Can someone try reproduce it in another setup?
> Sdav

I believe this is fixed in RELENG_7.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: How to get my Dad's Win2k system to access internet through my FreeBSD 6.2 system

[Michael Powell]

Jeremy Chadwick wrote:
[snip]  
>> > 
>> > Doesn't he need to also set sysctl net.inet.ip.forwarding=1 for his
>> > box to act as a gateway?  Or is this handled by the NAT portion?
>> > 
>> The gateway_enable="YES" in /etc/rc.conf sets this.
> 
> Right, but it wasn't in your /etc/rc.conf example (see your mail), so I
> figured the OP would come back saying "Okay I did what you said but it
> still doesn't work!"

Well that is going to happen anyway. ;-) I wasn't trying to write a
tutorial, but rather an overview of what's involved. It's up to him to do
the necessary RTFM to fill in the blanks.

Yes - I agree it should have included it in the example snippet. By the time
I got to that portion my thinking was fixated on the firewall aspect. It
would have been clearer, perhaps, had it been so.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: How to get my Dad's Win2k system to access internet through my FreeBSD 6.2 system

[Michael Powell]

Jeremy Chadwick wrote:

> On Tue, Oct 14, 2008 at 04:55:11AM -0400, Michael Powell wrote:
[snip] 
>> Next, you will want to configure your FreeBSD machine as a NAT gateway.
>> In your /etc/rc.conf you will want something like gateway_enable="YES"
>> and some form of firewall initialization[1]. The gateway_enable is what
>> allows the forwarding of packets between your rl0 and your rl1, but the
>> activation of NAT functionality is usually a function contained within a
>> firewall. So conceptually, the firewall will be "in between" rl0 and rl1.
>> 
>> There are three different firewalls you can choose from. Configuring the
>> firewall is usually where the inexperienced get stuck. This subject
>> material is beyond the scope of this missive, and you would do well to
>> start reading in the Handbook. But essentially, when you configure NAT in
>> the firewall your rl0 (connected to the ISP) will be assigned a "Public"
>> IP address and the NAT function will translate between "Public" and
>> "Private".

With respect to "NAT", the caveat here is the assumption that your DSL/Cable
modem is *not* already performing NAT. The situation you do not want to get
into is having *two* NATs. The content herein is assuming that the external
(rl0) interface is getting assigned a "Public" IP from the ISP. 
 
[snip]
> 
> Doesn't he need to also set sysctl net.inet.ip.forwarding=1 for his
> box to act as a gateway?  Or is this handled by the NAT portion?
> 
The gateway_enable="YES" in /etc/rc.conf sets this.

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: How to get my Dad's Win2k system to access internet through my FreeBSD 6.2 system

[Michael Powell]

Manish Jain wrote:

> 
> Hi,
> 
> I am poor at networking and need a little bit of help. My dad has a
> Windows 2000 machine with a network card but does not have a connection
> to the internet. My freebsd 6.2 box is connected to the internet and has
> 2 network cards, rl0 and rl1. rl0 connects to the ISP and rl1 is
> directly connected via a long Ethernet cable to the NIC on my dad's
> machine. While I can access the internet easily, I want my dad to be
> able to connect to the internet with my freebsd box serving as the
> gateway. Can anyone please explain to me in easy steps how to accomplish
> this ?
> 

Although to many old-timers this is easily achieved, to someone new to
networking it is difficult to explain it in "easy steps". It involves a set
of pieces that have to fit together correctly in order to work. You will
need to do some proper reading on the underlying concepts first.

First, establish that there exists basic network connectivity between your
machine and your dads. You may need to use a crossover cable. You will want
to assign a static IP address in the "Private" IP space range to your rl1
interface. This is also known as RFC 1918. You will also want to manually
configure a static IP on your dad's machine that is in the same network,
instead of allowing it to come up on the link.local of 169.254.x.x. An
example would be your rl1 == 192.168.10.1 netmask 255.255.255.0 and your
dad's machine == 192.168.10.2 netmask 255.255.255.0. For DNS at this stage
you can use hosts files on each host for name resolution. Ensure that each
machine can be ping'd by the other.

Next, you will want to configure your FreeBSD machine as a NAT gateway. In
your /etc/rc.conf you will want something like gateway_enable="YES" and
some form of firewall initialization[1]. The gateway_enable is what allows
the forwarding of packets between your rl0 and your rl1, but the activation
of NAT functionality is usually a function contained within a firewall. So
conceptually, the firewall will be "in between" rl0 and rl1.

There are three different firewalls you can choose from. Configuring the
firewall is usually where the inexperienced get stuck. This subject
material is beyond the scope of this missive, and you would do well to
start reading in the Handbook. But essentially, when you configure NAT in
the firewall your rl0 (connected to the ISP) will be assigned a "Public" IP
address and the NAT function will translate between "Public" and "Private".

The next sticky point that will happen, should you get this far, is name
resolution. You will want to place the IP addresses of the name servers of
your ISP in your /etc/resolv.conf. You will also want to enter these into
the TCP configuration of your dad's machine. In addition, on your dad's
machine you will enter the IP address you used on your rl1 as the "default
route".

The subject is much too broad for exhaustive coverage here. If your
DSL/Cable modem has router ports on it, it might just be easier to plug
your dad's machine up there and forget about all of this. Much reading will
be required of you, and once you know most of it then you will know what
specific questions to ask when you encounter sticking points. This is
intended only as a very generic form of overview.

-Mike

[1] For example, a couple of lines from my /etc/rc.conf:

pf_enable="YES"
pf_rules="/etc/pf.conf"
pf_flags="-e"
pflog_enable="YES"
pflog_logfile="/var/log/pflog"
pflog_flags=""

and the NAT line from my /etc/pf.conf:

nat on $ExtIF inet from $INTERNAL to any -> ($ExtIF)

Please note that these are for illustrative purposes only, and by themselves
will do nothing for your specific situation. There is much more that you
will have to dig out of the documentation, understand, and configure
appropriately.

 

   


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Breach of Contract Reported for FREEBSD.ORG

[Michael Powell]

David G Lawrence wrote:

>> Dear Customer,
>> 
>> It has been brought to our attention that some or all of the information
>> associated with your domain name FREEBSD.ORG is outdated or incorrect.
>> These types of complaints are brought to our attention in one of two
>> ways.
>> 
>> The most common type of complaint is received from the Internet
>> Corporation for Assigned Names and Numbers (ICANN). ICANN is the
>> non-profit corporation responsible for accrediting domain name
>> registrars. ICANN requires domain name registration customers to keep
>> their account information current. ICANN mandates that outdated contact
>> information can be grounds for domain name cancellation.
> 
> Michelle,
> 
>The registration information for freebsd.org is correct. The only thing
> that is out of date is one of the email addresses ([EMAIL PROTECTED]), which I
> have tried to change, but have been unable to due to a problem with the
> Network Solutions website.
>I don't know who reported that the information was incorrect, but they
> are mistaken. I will additionally follow up in the other ways mentioned
> in your message.
> 
[snip]

ICANN requires registrars to verify the domain info once a year. I just went
through this with GoDaddy. I think the registrars see this as an
opportunity to market services. Different registrars bungle their marketing
effort in different ways. GoDaddy sent me instructions on what to do in
order to correct errors, but had absolutely nothing on how to proceed if
the information was correct. So I viewed this as something they could take
advantage of in order to get me to their site for a "hard sell" campaign.

-Mike
  


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: How to get my Dad's Win2k system to access internet through my FreeBSD 6.2 system

[Michael Powell]

Da Rock wrote:

[snip] 
> I'm assuming the problem with double nat'ing is the confusion in packet
> traffic. So if the OP is using his ADSL modem to connect to the net,
> then it could be safe to assume the public IP would be to the modem
> itself, and not his box (barring the possible use of USB), so then the
> nat'ing would already be done. Therefore, the best and easiest way would
> be to simply bridge his interfaces- correct? Less overheads, etc, plus
> simplicity of setup.
>

There is another option, a variant of which I use. My el cheapo deluxe DSL
modem has really crappy broken firewall and DNS implementations. Wireshark
showed Windows Messenger service spam leaking past and as soon as I saw
that I assumed it was probably the tip of the iceberg.

You can also bridge the modem (disabling it's NAT as well). In a fully
bridged configuration your FreeBSD gateway will have to perform PPPoE
handshake and login as well. 

I use a second option called split-bridge, which they have named "IP
Passthrough". This allows the DSL modem to be responsible for the PPPoE
session. It works by passing the WAN public IP to the Internet facing NIC
in my FreeBSD box via DHCP. So, while my interior LAN NIC is static, my
outside NIC is ifconfig_xl0="DHCP". It gets assigned whatever IP Verizon
sends.

I just like this particular arrangement better. I run a caching/hybrid DNS
server on the gateway as well. I've used this configuration for about 2
years now and it has served me well. I also use ALTQ to prioritize outgoing
acks, as this seems to be helpful when using asymmetric DSL.
 
[snip]

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Breach of Contract Reported for FREEBSD.ORG

[Michael Powell]

Jeremy Chadwick wrote:
 
>> [snip]
>> 
>> ICANN requires registrars to verify the domain info once a year. I just
>> went through this with GoDaddy. I think the registrars see this as an
>> opportunity to market services. Different registrars bungle their
>> marketing effort in different ways. GoDaddy sent me instructions on what
>> to do in order to correct errors, but had absolutely nothing on how to
>> proceed if the information was correct. So I viewed this as something
>> they could take advantage of in order to get me to their site for a "hard
>> sell" campaign.
> 
> So how do you folks who comply with ICANN's requirement deal with this?
> http://blog.forret.com/2004/12/domain-registry-of-america-scam/ -- This
> organisation is now known as "Domain Renewal Group", by the way.

What is described in the above URI looks very very similar to what I saw
when I first went to check up on the ICANN whois confirmation email I
received from GoDaddy. Initially they seemed to be touting their
new "TDNAM" service, which I gather is some form of bulk auction. GoDaddy
took over the domains from the RegisterFly debacle so they have a few
million domains to monetize. A perfect example of "registrar gone bad".

At first I was alarmed - "Why am I in some danger of losing my domains?" is
what I thought. As I went deeper into it by examining my account, I
confirmed that I indeed had "Auto Renew" on, so it would just bill my
credit card even if I took no action. However, I tend to do it manually
just so I'm satisfied it's done. So in the end this was just a "hard sell"
for a new service they wanted to push, for which I have no use. There must
have been complaints because when I just went looking for what I saw a few
weeks ago it seems to have vanished.

 
> I'm quite interested in knowing; it might be tolerable if you've only
> one domain, but if you're a hosting provider and have 100?
> 

I'm not qualified for this because these days I only carry two .com domains.
At work we are a large .org entity and we have an entire group of people
whose sole function is to deal with this. Relatively low down in the
hierarchy my DNS servers are only slaves to those higher up. It is a
function handled by others and is out of my hands.

But a scam is a scam and the first thing which needs to occur is recognizing
a scam when you see it. Most legitimate businesses recognize the need for
large scale management and more than likely market some form of service of
assistance. It's a matter of trade-off of the fees they charge versus
whether it is worth it to you time/money wise to pay for the service. For
something like this I would only consider a service of this type offerred
by the registrar I'm already dealing with. And even then, I'd double check
behind them as I had time.

Back in the day I worked 2 blocks from Network Solutions and had a friend
that worked there as a DBA. So I had the proverbial "someone you know"
insider access. He no longer works for them and moved to California some
years ago. But it goes to the point of the working relationship you
maintain with your registrar. I'm fairly cynical so I tend to believe large
companies only pay attention to large accounts and have a certain tendency
to ignore and forget to service the little guy. In that vein it's a "YMMV",
depends on who represents you on the other end of the circuit.   

-Mike
 


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD 7.0-RELEASE (GENERIC) firefox3 /usr/bin/ld: cannot find -lgio-2.0

[Michael Powell]

David Christensen wrote:

> mdh wrote:
>> The answer is to upgrade your devel/glib20 port to the latest version,
>> then try to install or upgrade libgiofam, then install the other
>> software.
> 
> Thank you for your response.  :-)
> 
> 
> Here's my attempt to carry out your suggestions:
> 
> 20081026-122203 [EMAIL PROTECTED] ~
> # portsnap fetch update
> Looking up portsnap.FreeBSD.org mirrors... 3 mirrors found.

Since I use csup and have no experience with portsnap I can't speak to it's
efficacy.

> Building new INDEX files... done.
> 
> 20081026-122344 [EMAIL PROTECTED] ~
> # cd /usr/ports/devel/glib20
> 
> 20081026-122615 [EMAIL PROTECTED] /usr/ports/devel/glib20
> # make

If you previously had glib20-2.14.6 installed, you will need to do a 'make
deinstall' prior to 'make reinstall'. 

> gmake[1]: Leaving directory `/usr/ports/devel/glib20/work/glib-2.16.5'
> 
> 20081026-125854 [EMAIL PROTECTED] /usr/ports/devel/glib20
> # cd ../gio-fam-backend

This is wrong somehow. You should be able to make && make deinstall && make
reinstall the glib20 port without it going anywhere else.

> 20081026-125954 [EMAIL PROTECTED] /usr/ports/devel/gio-fam-backend
> # make

Also please note that both the glib20 port *and* the gio-fam-backend both
utilize the same glib20 tarball. It's just you need to build/install the
glib20 (current version == 2.16.5) port first, then follow up by doing the
gio-fam-backend port.

Something is wrong with your setup as I just successfully built the
gio-fam-backend port on my test machine with no difficulties encountered.

-Mike 
[snip]

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD 7.0-RELEASE (GENERIC) firefox3 /usr/bin/ld: cannot find -lgio-2.0

[Michael Powell]

David Christensen wrote:

[snip]
> 
> 
> devel/glib20 and gio-fam-backend seemed to go okay.  I think I got
> further into firefox3, but it failed:

checking for cairo >= 1.6.0 freetype2 fontconfig... Requested 'cairo >=
1.6.0' but version of cairo is 1.4.10

This is telling you the cairo you have installed is old and needs to be
updated, probably freetype2 and fontconfig as well. Essentially you have
out of date dependencies, with the most common reason for this is having
installed packages straight from the release ISOs and subsequently not
upgrading them.

Many old time FreeBSD'ers only install the system from the ISO, update their
ports tree, and then install software. This ensures everything is current
and all dependencies are tracked. What you have is a jumble of outdated
dependencies which require updating.

> 
>  configure: error: Library requirements (cairo >= 1.6.0 freetype2
> fontconfig) not met
> 
> 
> What's next?
> 
[snip]

You can update things manually one or two at a time[1], as you did for the
glib20 port. Or you can automate the process. I use portupgrade for this.
Now portupgrade has it's own learning curve, but it can make it easier to
keep large numbers of ports all up to date.

You probably need to learn a little more about how the ports system works.
Once you have a more in depth understanding of how to install and maintain
software on a FreeBSD system you won't see this kind of situation again. So
rather than fixate on just bouncing from dependency to dependency, ad
infinitum ad nauseum, try going back and reading up on this subject some
more until you understand the process.

-Mike

[1] Like you did with glib20: make && make deinstall && make reinstall


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: freebsd installation order

[Michael Powell]

pwn wrote:
[snip]   
>>> on this page
>>> http://www.freebsd.org/doc/en/books/handbook/kernelconfig-building.html
>>> it says:
>>> Tip: By default, when you build a custom kernel, all kernel modules will
>>> be rebuilt as well. If you want to update a kernel faster or to build
>>> only custom modules, you should edit /etc/make.conf before starting to
>>> build the kernel:
>>> 
>>
>> It would take more time to edit /etc/make.conf than you would
>> save in the kernel build.If you are doing lots of kernel
>> builds while doing development, maybe then this would be worthwhile,
>> but kernel builds do not take enough time on modern machines to
>> bother speeding them up trivial amounts.   Basically, this is
>> saying you can fix things up so that it only builds those modules
>> that you are changing when you do a rebuild and skips the others.
>>
>> This is not relevant to general system performance, just kernel
>> builds.
[snip]   
> 
> i got it =), although, imho kernel builds always affect system
> performance.(maybe not in general)
> i was just asking myself a away for simplify at extreme this tasks that
> sometime can take many time, i guess after configure FreeBSD on a
> machine i should copy some configuration files like, /etc/make.conf and
> a custom kernel in attempt to avoid repetitive tasks.

Note the docs are a little out of date wrt to 7.x and newer. While the
make.conf will still be used by gcc when building ports software(s), for
the system/kernel/modules this functionality has been moved
to /etc/src.conf. Reading man src.conf will explain the details.

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: pyhton apache

[Michael Powell]

tethys ocean wrote:

> Hi all
> 
> I have a problem, a freebsd box that is apache22 and python25-2.5.2_3,
> mod_python-3.3.1_2   after upgrading phyton web site has stoped with this
> error "Internal Server Error"
[snip]
> [Fri Oct 31 05:05:15 2008] [notice] Digest: done
> [Fri Oct 31 05:05:16 2008] [notice] Apache/2.2.6 (FreeBSD) mod_ssl/2.2.6
> OpenSSL/0.9.7e-p1 mod_python/3.3.1 Python/2.4.4 PHP/5.2.4 with
 
Well Apache seems to think it is still using Python 2.4.4. 

> Suhosin-Patch configured -- resuming normal operations
> [Fri Oct 31 10:06:21 2008] [error] [client 195.217.151.57] client sent
> HTTP/1.1 request without hostname (see RFC2616 section 14.23):
> /w00tw00t.at.ISC.SANS.DFind:)
> 
[snip] 

I can't be of much help with this as I am not a Python expert by any means,
but the first thing that occurs to me is to ask: did you rebuild/reinstall
mod_python after you upgraded to python25? If not you might want to try
that first. Restart Apache and see if it no longer shows the Python 2.4.4.

As far as the Python environment(s), you may want to ensure that all
vestiges of the old python24 are truly gone (especially prior to rebuilding
mod_python).

You may also try and find confirmation somehow whether or not the code that
is failing on the web server is even compatible with python25. In such a
case either update the failing code or downgrade back to python24. 

If the server is "production" and you just need it back up fast you may
consider returning it to its pre-python25 upgrade condition. Then conduct
your python25 experimentation on a non-production test box.

Before any major change of this sort I _always_ do backup dumps of my
server. So if something goes south I can immediately restore the server to
the state it was in prior to mucking it up.

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: (no subject)

[Michael Powell]

SAM HAYNES wrote:

> Greetings, O Learned Ones
> from:  Sam Haynes, Pathfinders 2008
> 
> I haven't the foggiest as to how you came to be in my favorites list,
> other than that I probably tagged you in an ongoing search for both or
> either something to replace Win XP  and or build my own personal server.
> 
> I have been usining XP for several years now.  Recently, I tried to
> install XP from my OEM cd and was notified by Gates and Company that XP
> would no longer be supported. Bummer! So what else is new?  Time to part
> company with Bill? Vista was tha final straw.
> 
> I need something that will replace XP in all the essentials but without
> a useless bag full of coverups for poor performance..
> 
> Debian was the first encouraging encounter. It was recommended as a
> cheap entry into the personal server concept, using a two to three year
> old PC chassis. Sounded good but I could never figure out just how to
> download it.
> 
> So, FreeBSD appears in my fave list and server appears in the same
> paragraph as operating system.  Here is my plan.
> 
> I am 76, a retired Master Electrician, PC builder since '87, have a wife
> of 40 plus years, debilitating medical problems and a strong belief that
> I can milk a living out of internet affiliate marketing despite the
> current economic crisis.
> 
> My current model is to generate a basic website, use my existing isp to
> promote two consistent converting products, bootstrap the proceeds from
> that into building my own dedicated server to market 'how-to' products
> over a hundred or more websites.
> 
> All using ready to serve apps and a WYSIWYG HTML  generator.
> 
> I appreciate your time reading this over long monologue... I'd
> appreciate it even more if you could take some time to throw some
> suggestions back at me..
> 
[snip]

Just some ideas from the $.02 department:

As far as replacing XP with something else to be used as a desktop machine,
ala the GUI route, my own personal preference is the KDE desktop. I've been
using it so many years now it is second nature, but there are
just "useability" patterns which I've become so accustomed to that make it
so I don't want to use XP any longer. I just like KDE as a GUI instead of
the XP interface. It is also, imho an easier transition from Windows for
someone with little or no Unix experience.

I used KDE on FreeBSD as my main desktop for many years, but I finally gave
in to openSUSE 10.3 on my workstation as I really found a need for
Virtualbox and being able to run virtual machines. I have three Linux
browsers, a VM with Windows XP SP2 and IE6, and a Windows XP SP3 VM with
IE7, Opera, Firefox, and Safari. I confirm that all xhtml-transitional web
pages I write look the same in all of these. And I can do this with no
rebooting the machine.

If you are totally new to Linux/Unix and have zero experience and just want
an easy, out of the box "something other" than XP you might try the latest
incarnation of Kubuntu. I know in a FreeBSD list these comments are
sacrilege, but the broader picture is what your needs truly are.


Now on the server side things are much different. In spite of the steep
learning curve associated with being a newbie to Unices, I still feel
FreeBSD makes a better server platform. You just need to recondition your
expectations to administrating it largely via command line, as most
sysadmins who operate FreeBSD servers do not install any GUI software on
them. I know I don't. You will find maintaining a FreeBSD server much less
aggravating than Linux. It is coherent, clean, well documented, a well
thought out and very complete operating system. Performance is pretty good
too. Especially when you factor in what you payed for it! :-)

As far as setting up server(s) at your home, this is a good way for
learning. It is also a test platform for any web sites you may be running.
Keep a mirror at home to make and evaluate changes thoroughly _before_
uploading them to your active site(s). Never make changes that you haven't
tested out first.

Now running a real live "Web" presence out of your house is probably not
really a good idea if it has anything to do with business. A personal blog
can go down for indefinite periods and no harm done, but a business site is
a different story. First, the reason for having your servers located in a
data center is they are sitting directly on the "fat pipes" of the
Internet. Second, these data centers are "multi homed" in their peerage to
other backbones. If one connection path develops a problem your site is
still going to be accessible via one of the other paths. You simply will
never have the kind of connectivity found in a real data center at home.

I do not approve of HTML WYSIWYG editing abominations such as Dreamweaver
and their ilk. They make it seem like anyone can write a Web page but in
reality what they output isn't standards compliant. Over the years I've
looked at a few, and found they all output crap. The only way to write
technically profici

Re: (no subject)

[Michael Powell]

Chad Perrin wrote:

> On Fri, Nov 07, 2008 at 06:28:07AM -0500, Michael Powell wrote:
>> 
>> If you are totally new to Linux/Unix and have zero experience and just
>> want an easy, out of the box "something other" than XP you might try the
>> latest incarnation of Kubuntu. I know in a FreeBSD list these comments
>> are sacrilege, but the broader picture is what your needs truly are.

I take that back - I just examined the latest Kubuntu. It is the simplest to
install of just about anything I've seen, but once installed is just so
excruciatingly annoying! Ease of install doesn't make up for the short
sightedness of Canonical.
 
> I'd suggest PC-BSD instead, and not only because it's a FreeBSD spin-off.
> It also provides PBI for software management, which will surely provide a
> gentler transition for people used to the Microsoft way of installing
> software, and doesn't make a lot of the design mistakes I see in Ubuntu
> and its spin-offs.
> 
> DesktopBSD is a pretty good choice along those lines, too.  Still better
> than Ubuntu, in my opinion.
> 
> Furthermore . . . they both use KDE by default, and you don't have to use
> a red-headed stepchild or second-hand citizen like Kubuntu to get it.
> 

Yes, I like this suggestion better - I've just never used either one but
rather just built KDE out from ports. I just took some brief looks at
Kubuntu 8.10 in a VirtualBox VM and it still annoys me no end. I had used
it some time in the past and needed reminding why I quit. Fedora 9 looks a
trifle better, and the openSUSE 11.1 Beta is a train wreck. So my desktop
will probably stay openSUSE 10.3 as this allows me to get work done. If
none of the "newer, improved and advanced" Linuxes get their act together
soon I will probably be returning to KDE on FreeBSD in the not very distant
future. I just can't spend all my time screwing around with b***cr**.

>> 
>> Now running a real live "Web" presence out of your house is probably not
>> really a good idea if it has anything to do with business. A personal
>> blog can go down for indefinite periods and no harm done, but a business
>> site is a different story. First, the reason for having your servers
>> located in a data center is they are sitting directly on the "fat pipes"
>> of the Internet. Second, these data centers are "multi homed" in their
>> peerage to other backbones. If one connection path develops a problem
>> your site is still going to be accessible via one of the other paths. You
>> simply will never have the kind of connectivity found in a real data
>> center at home.
> 
> Make sure the colocation facility of your choice is multi-homed before
> simply assuming it is.  Some aren't.
> 

I wouldn't want one with less than 3 peerages, and I'm in favor of full mesh
arrangements. But at this stage of the game I think the OP is better served
by learning how it all works before he starts co-locating or leasing
dedicated boxen. Baby steps first, so to speak.

-Mike
 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Server Freezing Solid

[Michael Powell]

Chris Maness wrote:
[snip]
>> For this reason, I'd advise that either you leave the PC unplugged for
>> 10 minutes or so after you've cleaned it to let any residual moisture
>> dry, or purchase an inline water filter.

Should always put a drier on a compressor. You'll learn the hard way if you
invest in pneumatic tools; you will kill them if you don't.

[snip]
> I ran
> into a couple of post stating that the Abit VP6 had issues with
> components that fail.  This seems to have happened.  The old 1U box I
> switched the hardrive to yesterday is working flawlessly.  However,
> this machine is a little on the underpowered side.
> 

Without actually checking, if memory serves there were a number of products
from that time frame that used inferior electrolytic filter caps. You can
easily spot these by examining the top where there is metal showing through
in the center surrounded by the plastic wrapper. In the caps that fail the
plastic wrapper part will be swelled up and puffy looking, possibly even so
far as to have cracks with goo oozing out of them.

I have an Abit KD7A powering a small home development server that I've been
really lucky with, it just sits there and keeps on doing it's thing. But I
have a feeling you may have hit the bad cap problem with the VP6.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: virtualbox networking setup

[Michael Powell]

Paul Cartwright wrote:

> I'm new to the group, and I'm new to setting up VirtualBox guest hosts.
> right now I have a Debian linux box, and I setup Virtual box. I installed
> FreeBSD on it, but I can't seem to get the networking to work. I tried to
> rerun sysinstall, but I'm not sure what options to change or why it isn't
> working. I have the command line terminal window up, but in the virtualbox
> window, I cannot copy & past to here, so I can't paste the ifconfig info..
> it does say inet 0.0.0.0, but it does say UP, BROADCASTING...
> 
> I looked at the usermanual, but I didn't see anything about actually
> setting up the network, using DHCP...
> I hae a home network, with a router, gateway 192.168.10.1, and my desktop
> is in that subnet 192.168.10.x
> not sure what to do now...
> 
> thanks,
> I grew up with AT&T UNIX SYS V, but it's been a few years:)

Don't know about Debian, and I haven't actually tried FreeBSD as a guest in
VirtualBox, but have used it for other things.

The default install of vbox sets up a logical NAT/DHCP server internally, so
all you would do is use vi to put something like ifconfig_rl0="DHCP" in
your /etc/rc.conf. Substitute the according vbox interface. When you
configure your new VM in the OSE the default NIC type will be PCnet-FAST
III (Am79C973) in vbox 2.0.4. This is supported by the pcn driver so your
line would be ifconfig_pcn0="DHCP". 

IF you get the interface to come up examine it with ifconfig -a. I believe
vbox settles for a 10.0.2.0/24 network, but YMMV. You may need to play
around with defaultrouter="something" and name services in resolv.conf or
fiddle with dhclient.conf. The best is to ensure that dhclient.conf is
pulling the info from DHCP rather than trying to manually stuff numbers in
places.

Also, if the pcn driver doesn't seem to want to play and if you are using
VirtualBox 2.0.4 there are 2 Intel Nics you can try (not sure if they
are "Windows" exclusive, or not - will find out in the next few days as I
plan on trying Nexenta this way) instead which are supported by the "em"
driver (ifconfig_em0="DHCP"). This just has to match whatever you set up in
the VM.

-Mike
 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: "High Noonn" DVD??

[Michael Powell]

Gary Kline wrote:

> 
> Do any of you guys know why the DVD version of HIGH NOON won't play on my
> computers?  I've tried everything I can think of.  Zero.   I watched the
> *original* in the theater (I think); then have watched the tape in '98,
> and the DVD just now.  I'm not that nutty to waste a DVD-R on it; I'm
> just wondering my none of my players won't play it.
> 
> thanks,
> 
> gary
> 
> 
> 
 Missing libdvdcss?

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: firewall rules for bitlord, yahoo, limewire

[Michael Powell]

Fbsd1 wrote:

[snip] 
> 
> Limewire is a windows only application.
> So how can you say it runs on solaris which is a flavor Unix?
> 

Limewire is a Java program. It will run on any platform which has a 
working Java run time environment installed. It is definitely not 
"Windows only".

-Jason



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: pf or ipf rules to allow p2p Limewire through

[Michael Powell]

Fbsd1 wrote:
[snip] 
> The only way i can run limewire is
> to disable my firewall and that does not make me happy.

This is simply not true. I have at one time or another run Limewire on
each of the three different firewalls. Currently for a little over
one year now it has been pf. The difference is just syntax.

> I think the conclusion is that all 3 of the freebsd firewalls are unable
> to monitor packet exchange of p2p applications. These firewalls were
> designed before p2p applications were developed and their (p2p) inherent
> design is to defeat standard firewall designs.

I really do not understand most of the above paragraph, it makes little
sense to me. Non sequitur.

The OSI reference stack has 7 layers. These firewalls are simple packet
filtering firewalls and only reach Layer 4. The Application layer is
Layer 7, and these firewalls do not perform the deep packet inspection
or decoding required to filter at Layer 7.

As far as reading the docs is concerned it should become apparent that
there are 3 modalities for configuring Limewire. In my situation I have
a FreeBSD server acting as a gateway with pf and DNS running. The UPnP
option is for a typical Windows user who may have a router device that
will assist a UPnP service to autoconfigure the Windows box. Proceed to
examining the second option, Manual Port Forward. I'll ignore the third
as it is "Do Nothing", which is useless.

So on the Limewire "Advanced -> Firewall" config page enter a port 
number, such as 6346 in both the "Listen on Port" and the "Manual Port
Forward" boxes.

Then after your NAT rule in pf.conf enter something like the following:

rdr on $ExtIF proto tcp from any to any port 6346 -> 192.168.10.2 port 6346

and a corresponding filter pass rule:

pass in quick on $ExtIF inet proto tcp from any to 192.168.10.2 port 6346 keep 
state

192.168.10.2 is my desktop machine where I use Limewire. It works just fine.


-Mike
 


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: reporter on deadline seeks comment about reported security bug in FreeBSD

[Michael Powell]

Przemyslaw Frasunek wrote:

> Giorgos Keramidas wrote:
>> Przemyslaw should email security-officer with any details he thinks are
>> relevant.  Then the security team will make sure to fix the bug for all
>> affected releases of FreeBSD, release a patch with the fix, issue an
>> advisory through the usual channels, and post the details online at our
>> security information web pages at <http://www.FreeBSD.org/security/>.
> 
> I see that I received a lot of criticism after disclosing 6.4
> vulnerability. Please read some facts:
> 
> I send few mails: on 29th Aug to security team, on 2nd Sep and 11th Sep
> directly to security officer. None of them were responded. I haven't
> filled any PRs, because it would disclose details of vulnerability to the
> public and allow blackhats to exploit it.
> 
> I won't publish anything more than video, before official security
> advisory. The exploit is private to me and it won't be given to the
> "community".
> 
> Michael Powell wrote:
>> Quoted from ~freebsd.security.general:
>> "The bug was fixed in 6.1-STABLE, just before release of 6.2-RELEASE, but
>> was not recognized as security vulnerability."
> 
> This is another bug. The former one affected only 6.1, this one affects
> everything up to 6.4-STABLE.
> 

Please allow me to express my appreciation for your efforts in this matter. 
Your work will only improve FreeBSD and I would like to thank you kindly for 
that. I apologize if any, or all, of my comments appeared critical of your 
work. 

I was trying to express criticism of the writer whose only imperative was to 
generate a sensationalist headline. 

-Mike
   


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Microsoft "Dynamic DNS"

[Michael Powell]

stan wrote:

> I have a situation at work, where I need  a FreeBSD machine to be in the
> corporate DNS. We have been bought out, and the new owner says "no static
> DNS entries". They use some Microsoft technogly where the client machiens
> register thier names with the corprate DNS.

In a correctly configured $MS environment the DHCP servers and DNS servers 
are twins of each other. The DHCP server is what actually updates the DNS 
server's database.
 
> My Windows laptop for instance, may get different IP addresses using DHCP
> depending on what physical location I connect it in. but it's always the
> same DNS name.
> 
> Can anyone sugest where to look for information as to how this works, and
> how I cna make my FreeBSD machine participate in this?
> 

I did this once a long time ago after googling for a quick fix, Not sure I 
remember everything.

IIRC it was putting an empty hostname in /etc/rc.conf like: hostname=""

and something like the following in /etc/dhclient.conf:

interface "em0" {

send host-name "workstation";

}

In Windows, the hostname would be the "machine name", and since you know 
it's always the same (as per above) sounds like you know the hostname. 
Substitute for your interface and hostname.

The way this should work is your box does a "force send hostname" to the 
DHCP server and the DHCP server should update the DNS server. At least if 
the $MS boxen are setup correctly.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DHCP client questions

[Michael Powell]

Mel Flynn wrote:

> On Sunday 20 September 2009 21:19:28 stan wrote:
> 
>> I have several machines (such as a mailserver) which _MUST_ have fixed
>> names. I have played around with /etc/dhcllient.conf, but not managed to
>> get this working. I can get IP addresses, and various things such as
>> default routers, and DNS servers, but I have not managed to get the
>> suggested name put in their DNS.
> 
> Ok, I know you're trying to make clear what your problem is, but it's
> still not. So, let's try step by step,, using a FreeBSD mailserver as the
> example: 1) Does the mailserver have a fixed HOSTNAME or can the HOSTNAME
> change if the DHCP server wants it to?
> 
> 2) When you say "but I have not managed to get the suggested name put in
> their DNS", does this mean you expect the FreeBSD mailserver to enter
> itself into the Microsoft DNS? Or can you not get the FreeBSD mailserver
> to name itself according to what the DHCP server tells them to?
> 

Don't seem to have all the details either, but from what little I can piece 
together is his company being bought by another necessitates the melding of 
his old systems with the new companies' Windows based environment. This 
could very well be an incorrect assumption on my part.

In a Windows environment when DHCP is used, as it hands out IP addresses it 
then updates the IP/hostname pair in the DNS server database. This is 
configured to operate by the admins. Usually there are at least two DHCP 
scopes minimum for the dynamically assigned IPs, but there can also be 
configured a scope for static IPs for things such as mail servers. So it is 
still possible for a mail server to initialize networking via DHCP and be 
assigned the same statically assigned IP every time. It is the 
responsibility of the Windows DHCP servers to sync with the DNS server 
database. If you are not going to have static services such as a mail server 
initialize via DHCP then a system admin will have to manually enter this 
information into the DNS server database. Without possessing the 
administrative authority to do this things will get very frustrating.

Bottom line is, if what I think is going on is correct, he can fight this 
battle in myriad different directions but inevitably all will lead back to 
the system admins of the purchasing company must get involved in order to 
properly meld the 2 networks together. All 10,000 different paths which can 
be pursued will ultimately lead back to this, so they ought to just bite the 
bullet and get it over with.

(If one wants to run his own Unix based DNS servers so as to have this under 
his/her control set up for file based zone transfer from the Windows DNS 
servers. The key to making this work is to manually config the zone 
transfers on the Windows DNS machines to ascii instead of UTF8 or else the 
Unix box DNS zone files will be endlessly polluted with garbage characters. 
Of course this all is moot if you are not allowed to be delegated or be 
authoritative for your little piece of the DNS tree. Here again, this is 
still going to have to be handled by the purchasing companies' admins as 
they are the ones in the drivers seat. This type of melding of heterogeneous 
systems absolutely requires both sides to work together.) 

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: net.inet.ip.random_id possible ASA problems?

[Michael Powell]

Steve Bertrand wrote:

> B. Cook wrote:
> 
> [ big snip ]
> 
>> So after 6 hours of cisco techs.. all they could come up with is a "...
>> possible duplex mis-match.. "
>> 
>> *sigh*
>> 
>> So dropping my pf rules (which contain scrub settings) made no
>> difference, I found the above URL which seeme to point to
>> net.inet.ip.random_id.
>> 
>> I can not find any 'freebsd.org' documentation pertaining to it
>> regarding what it actually does.  I do however find it scattered amongst
>> tons of 'FreeBSD hardening' docs..
>> 
>> Can anyone shed some light on what this does?
> 
> IIRC, random_id allows initial TCP sequence numbers to be randomized.
> 
> Some OS sequence TCP packets in an incremental fashion, thereby making
> it quite easy for an attacker using a TCP Idle Scan to hijack a session,
> and extremely easy while the box is under very light network load.
> 
> https://www.kb.cert.org/vuls/id/498440

In earlier versions this was in the kernel conf and associated with ipfw. 
This was changed when default firewall was stripped from GENERIC in favor of 
selecting one of the three available by module for flexibility. It was 
replace by the sysctl net.inet.ip.random_id MIB.

I don't recall if it defaults to on or off, it is easily checked by sysctl 
net.inet.ip.random_id. If it is "1", you might try setting to "0" in 
/etc/sysctl.conf. Also pull any scrub rules from pf to eliminate another 
variable.
 
> I've never seen this setting cause any detriment, but we only use Cisco
> routers, not ASA's. AFAIK, random_id is off by default.
> 
> It would be rather handy if they would provide you with some of the
> ASA's config snips, and perhaps interface counts and logs.
> 
> You may also want to capture a pcap on the 'problematic' box to see if
> you can find anything interesting:
> 
> # tcpdump -n -i em0 -s 0 -w /home/steve/packet-cap.pcap
> 
> Steve

This step is going to be needed to develop more info on the problem. You may 
also want to research these:

net.inet.tcp.rfc1323=1 # Enable RFC1323 extensions (TCP window scaling)
net.inet.tcp.inflight.enable=0# Use automatic TCP window-scaling

Perhaps the adaptive sliding window scaling algorithms in FreeBSD are 
incompatible and need to be disabled. A correlation comparison of the 
tcpdump capture and the Cisco engineers' debug dumps may shed light if this 
is somehow related.

-Mike




___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Warning: PHP Update from 5.2.10 to 5.2.11 and FastCGI

[Michael Powell]

Today I did a portupgrade of PHP from 5.2.10 to 5.2.11. 

This broke both lighttpd and Apache web servers, on which I run PHP as 
FastCGI. I do not know if this affects those who use mod_php as I do not use 
it. I use mod_fcgid instead.

Execute php -v at a prompt and it will spew the following and segfault.

testbed suhosin[48982]: ALERT - canary mismatch on efree() - heap overflow 
detected (attacker 'REMOTE_ADDR not set', file 'unknown') 

If you are using FastCGI the workaround is to do make config in lang/php5 
and deselect the Suhosin option. There is something very broken in the 
Suhosin patch as far as CLI and FastCGI is concerned.

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Warning: PHP Update from 5.2.10 to 5.2.11 and FastCGI

[Michael Powell]

Jerry wrote:

> On Sat, 26 Sep 2009 13:34:25 -0400
> Michael Powell  wrote:
> 
[snip] 
>> If you are using FastCGI the workaround is to do make config in
>> lang/php5 and deselect the Suhosin option. There is something very
>> broken in the Suhosin patch as far as CLI and FastCGI is concerned.
>> 
>> -Mike
> 
> No problems on my machines.
> 
> PHP 5.2.11 with Suhosin-Patch 0.9.7 (cli) (built: Sep 24 2009 19:08:59)
> Copyright (c) 1997-2009 The PHP Group
> Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies
> 
> Did you rebuild all of the ports that depend on PHP? I used portmanager
> with the '-p' option to update all dependencies.
> 
> portmanager -u -l -y -p
> 
> That should get everything working.Update you ports system first
> however.

Ports was updated immediately prior to this. The only thing that depends on 
php5 is php5-extensions. I completely removed all PHP and rebuilt manually, 
same problem. Removed all and did again without using the Suhosin patch and 
now all is fine. Except for running without the hardening benefits of 
Suhosin.

I run both lighttpd and Apache on this box with PHP as FastCGI and it took 
them both down. 

Will look into it a little more later. The error I got was periodically a 
PHP bug on and off for years. I think there is something wrong with the 
patch I got. I use cvsup11 because it closest to me (in the Verizon 
datacenter in Ashland, Va.) but I have had that server go stale before. 
Might try csupping ports again from something a little higher up in the 
hierarchy.

-Mike
  


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Warning: PHP Update from 5.2.10 to 5.2.11 and FastCGI

[Michael Powell]

Matthias Fechner wrote:

> Hi Michael,
> 
> Michael Powell schrieb:
>> patch I got. I use cvsup11 because it closest to me (in the Verizon
>> datacenter in Ashland, Va.) but I have had that server go stale before.
>> Might try csupping ports again from something a little higher up in the
>> hierarchy.
> 
> why not using portsnap?
> 
> Bye
> Matthias

First rule of maintenance: "If it ain't broke don't fix it". I tend to stick 
with what has worked well in the past, even though at some point the move 
towards more current approaches does indeed need to happen.

I checked and this had nothing to do with cvsup11 being stale. Same code as 
mirrored elsewhere. Did find problem, see other reply.

-Mike
 


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Warning: PHP Update from 5.2.10 to 5.2.11 and FastCGI

[Michael Powell]

Michael Powell wrote:

> Jerry wrote:
[snip]
>> 
>> No problems on my machines.
>> 
>> PHP 5.2.11 with Suhosin-Patch 0.9.7 (cli) (built: Sep 24 2009 19:08:59)
>> Copyright (c) 1997-2009 The PHP Group
>> Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies
>> 
[snip]
> 
> Will look into it a little more later. The error I got was periodically a
> PHP bug on and off for years. I think there is something wrong with the
> patch I got. I use cvsup11 because it closest to me (in the Verizon
> datacenter in Ashland, Va.) but I have had that server go stale before.
> Might try csupping ports again from something a little higher up in the
> hierarchy.
> 

Found the problem. The mailheader patch for 5.2.10 clashes with the Suhosin 
patch for 5.2.11. I rebuilt PHP with Suhosin and without mailheader patch 
and now it's all happy again. Now my php -v reads like Jerry's.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Whic mail server?

[Michael Powell]

Aflatoon Aflatooni wrote:

> Hi,
> I am running a server that is acting as the mail server for only internal
> users (about 50 users). Currently we are running Sendmail, but reading on
> other discussions I noticed that qmail and other programs are suggested. I
> am wondering if qmail is thought to be better than sendmail. Is there a
> matrix of features and functionalities that would compare the different
> mail servers? Any suggestions on spam filters like spam-assassin?
> 
> 
> Thank you

This is, of course, my own personal bias here but I wouldn't touch qmail 
with a ten foot pole. I know many have used it successfully and been happy 
with it. 

It is very easy to begin with a single domain for local delivery to 
configure sendmail as per the instructions in the Handbook. Postfix is 
designed to be a drop in replacement for Sendmail, and for a simple Sendmail 
already configured, Postfix will just take over and work when installed.

Additions such as MySQL for virtual domains and users, spamd, etc., can then 
be plugged in to the basic setup one at a time. There is a pretty fair 
amount of documentation in the Postfix world for such things.

If you are looking to change out Sendmail my vote would be Postfix as it is 
easier to build on and build up from the setup you're currently using. 

However, I'd like to point out if you have only one mail server you probably 
should do this on a second duplicate machine and then once it is proved to 
work properly swap them. There is a pretty good chance if you only have one 
mail server you're going to take it down while mucking about.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Warning: PHP Update from 5.2.10 to 5.2.11 and FastCGI

[Michael Powell]

Jerry wrote:

> On Sun, 27 Sep 2009 10:03:37 -0400
> Michael Powell  wrote:
> 
>> Found the problem. The mailheader patch for 5.2.10 clashes with the
>> Suhosin patch for 5.2.11. I rebuilt PHP with Suhosin and without
>> mailheader patch and now it's all happy again. Now my php -v reads
>> like Jerry's.
> 
> Did you file a PR for this?
> 

I emailed the port maintainer. Think I should formally file the PR too?

Thanks.

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Warning: PHP Update from 5.2.10 to 5.2.11 and FastCGI

[Michael Powell]

Jerry wrote:

> On Sun, 27 Sep 2009 10:03:37 -0400
> Michael Powell  wrote:
> 
>> Found the problem. The mailheader patch for 5.2.10 clashes with the
>> Suhosin patch for 5.2.11. I rebuilt PHP with Suhosin and without
>> mailheader patch and now it's all happy again. Now my php -v reads
>> like Jerry's.
> 
> Did you file a PR for this?
> 

Done.

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: ports have made me lazy

[Michael Powell]

Vince Sabio wrote:

> I need to install zlib (not zlibc), and AFACT it is not included in
> ports. When I look at the zlib web site, I see that there are several
> (not a lot, but several) dependencies for the installation -- and I
> think, "OH NO, NOT DEPENDENCIES!" Or something like that.
> 
> I blame it on ports. They have made me lazy. I am a victim. ;-)
> 
> Anyway, and more to the point, am I missing something? Is zlib really
> not included in ports? If not, is there an automated/semi-automated
> means of installing it -- or am I back to the old days of installing
> dependencies manually?

Why not use the one that came with the system? /lib/libz.so.4 You won't be 
happy if you manage to get two of them installed; use the one already 
present in the system by default.
 
> (I have had two servers go toes up in three days, so if I've missed
> the obvious here, well, it wouldn't surprise me. Just administer clue
> in the standard manner, and I'll get with the program.)

This is different. If by some odd chance you are talking about this in 
php.ini: zlib.output_handler = /lib/libz.so.4 - I have noticed a problem a 
time or two in the past with certain PHP apps. I run with mod_deflate also 
and sometimes PHP apps balk at running with both. The advantage of using 
libz in php.ini is it compresses the PHP output stream, while mod_deflate is 
only good for static content.

The above is kind of confusing, but wrt PHP there can be a difficulty if the 
app has written in it's own zlib compression routines internally.  You can't 
do the compression in PHP twice.  

On apps where I have experienced problems, it was either turn off libz 
compression in php.ini or disable the .gz compression setting in the app's 
setup/configuration utility. I always opted for the latter, as this would 
maintain the ability for other apps in a default fashion. You'll know if 
this problem is present if when you try and access a PHP page you either get 
a page full of garbage or the server errors/crashes with a 500 server error.

Just to be thorough, there is also a php5-zlib extension, which the 
construction of some apps may require.

-Mike
 



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: FreeBSD "Projects"

[Michael Powell]

Chris Stankevitz wrote:

> 
> Hello,
> 
> I recently stumbled across "The FreeBSD GNOME Project" webpage which is
> filled with detail and great instructions.  It is located at
> http://www.freebsd.org/gnome/index.html
> 
> Q1: Where can I find the FreeBSD page that links to "The FreeBSD GNOME
> project" webpage?
> 
> Q2: Where can I find a list of other such "projects"?
> 

http://www.freebsd.org/projects/projects.html

Some content may be old, outdated, or stale.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Apache server imap.so ssl_once_only_init error

[Michael Powell]

Robert Huff wrote:

> 
> David Southwell writes:
> 
>>  /libexec/ld-elf.so.1: /usr/local/lib/php/20060613/imap.so:
>>  Undefined symbol "ssl_onceonlyinit"
> 
> I look at this and ask (knowing very little about either) "is
> this a problem with Apache, or a problem with PHP?".
> 
> 

Easy enough to see - comment out the imap.so module in 
/usr/local/etc/php/extensions.ini and see if Apache will start. If it does 
the problem is the imap module. A more generic way to drive this wedge is to 
temporarily comment out the LoadModule php5_module line from httpd.conf.

If it starts without this module it isn't Apache. Some PHP modules have 
dependencies in that they need the other modules loaded before they load. 
Try moving the imap.so line in extensions.ini to the bottom of the file so 
all the other crypt modules such as openssl, hash, mcrypt, etc are loaded 
first.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Apache server imap.so ssl_once_only_init error

[Michael Powell]

David Southwell wrote:

>> Robert Huff wrote:
>> > David Southwell writes:
>> >>  /libexec/ld-elf.so.1: /usr/local/lib/php/20060613/imap.so:
>> >>  Undefined symbol "ssl_onceonlyinit"
>> >
>> > I look at this and ask (knowing very little about either) "is
>> > this a problem with Apache, or a problem with PHP?".
>> 
>> Easy enough to see - comment out the imap.so module in
>> /usr/local/etc/php/extensions.ini and see if Apache will start. If it
>> does the problem is the imap module. A more generic way to drive this
>> wedge is
>>  to temporarily comment out the LoadModule php5_module line from
>>  httpd.conf.
>> 
>> If it starts without this module it isn't Apache. Some PHP modules have
>> dependencies in that they need the other modules loaded before they load.
>> Try moving the imap.so line in extensions.ini to the bottom of the file
>> so all the other crypt modules such as openssl, hash, mcrypt, etc are
>> loaded first.
>> 
>> -Mike
>> 
>> 
>> 
> Mike you are right on the ball.
> 
> When I comment out the imap.so line in extensions.ini the server starts up
> normally. So now we have the culprit. That is after doing a portupgrade
> -frR mail/php5-imap.
> 
> The question is where do I go from here??

Hrmmm. Probably need to look into more details. I am running Apache-
event-2.2.13 here with PHP5-5.2.11 and extensions-5.2.11, with PHP running 
as FastCGI via the apache module mod_fcgid instead of mod_php. I presume you 
are just doing the normal mod_php method.

Upon thinking about it a little more, I'm guessing that when you tried 
relocating the extension=imap.so to the bottom of extensions.ini it had no 
effect. Sometimes this is an easy and quick answer when the problem is just 
load order. Another to consider is if you really do not require the imap 
module just leave it commented out, although this is not elegant as it does 
not attack the root source of the problem.

What I'm thinking (after looking at the actual error message again) is this 
is a build-time problem and not runtime. I believe that these kinds of 
symbol errors arise mostly from libraries being mismatched at build time.

To elaborate a little, I'm wondering if when you built mod_php at one point 
in time and then built the php5-extensions at a later time if they were not 
slightly different versions. Also, IIRC there was once a problem with the 
imap module in that it could not be used with the recode and yaz modules. I 
have the recode module present so I doubt it is a problem, but do not use 
the yaz module. Might look and see about yaz.

I suspect the core of the problem is that mod_php and the extensions are 
slightly out of sync with one another. A very sloppy thing to do would be to 
just remove all the PHP stuff, including mod_php, update the ports tree 
fresh and reinstall all of it at one time together. This may not be wise on 
a production server however, as this will entail downtime. As I said - 
"sloppy, scattergun approach". I have done this a time or two, but don't 
really like doing it. YMMV

If mod_php and the extensions were built at different times, with maybe a 
ports tree update in between, they may need to be all recompiled so they all 
get linked correctly.

-Mike

P.S. - And the biggest assumption of all I'm making is that Apache was built 
with SSL support in the first place. A variable which should be eliminated.


 


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Apache server imap.so ssl_once_only_init error

[Michael Powell]

Michael Powell wrote:

> David Southwell wrote:
> 
>>> Robert Huff wrote:
>>> > David Southwell writes:
>>> >>  /libexec/ld-elf.so.1: /usr/local/lib/php/20060613/imap.so:
>>> >>  Undefined symbol "ssl_onceonlyinit"

Oh - forgot - this is what an ldd of my imap.so looks like on 7.2:

testbed# pwd
/usr/local/lib/php/20060613
testbed# ldd /usr/local/lib/php/20060613/imap.so
/usr/local/lib/php/20060613/imap.so:
libssl.so.5 => /usr/lib/libssl.so.5 (0x281a2000)
libcrypto.so.5 => /lib/libcrypto.so.5 (0x2830)
libc-client4.so.9 => /usr/local/lib/libc-client4.so.9 (0x28458000)
libcrypt.so.4 => /lib/libcrypt.so.4 (0x281e3000)
libpam.so.4 => /usr/lib/libpam.so.4 (0x2855)
libc.so.7 => /lib/libc.so.7 (0x28089000)

For comparative purposes.  

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How can I get >100 connections in FIN_WAIT_2 state from the same IP?

[Michael Powell]

Chuck Swiger wrote:

> On Oct 13, 2009, at 10:33 AM, Martin Turgeon wrote:
>> I would like to know if anyone knows the reason why I get a lot of
>> connections (more than 100) from the same IP in FIN_WAIT_2 state.
> 
> That IP is probably running a web proxy or possibly some kind of
> spider.  It could also be malicious, trying to exploit webserver
> vulnerabilities, etc-- search your logs for that IP and see what it is
> doing.
> 
>> In this case the connections are on port 80. Is it a problem with the
>> client's browser or OS? Is it possible that some mobile devices
>> doesn't
>> close their connections correctly to save bandwidth and battery?
> 
> Yes, it's not uncommon for various platforms to simply drop
> connections rather than closing them properly.  You can run tcpdrop to
> forcibly get rid of them, but they should time out within a few
> minutes anyway.  If you believe the remote IP is being abusive,
> consider firewalling it
> 

This is also common from the differences in TCP/IP stacks across various 
platforms. Windows, Linux, Solaris, etc are all slightly different in this 
regard.

If you're running a web server you can set the following in /etc/sysctl.conf 
in an attempt to mitigate. Don't know if the timeout period can be altered.

net.inet.tcp.fast_finwait2_recycle=1

This won't stop it from happening but it will trim the pool down some.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: phpMyAdmin install stopped in dependency 'libXau-1.0.4'

[Michael Powell]

Kikachi Kozumi wrote:

> Hi,
> 
> I tried installing phpMyAdmin in an ezjail created jail already
> installed with apache22, mysql and php5 running FreeBSD 7.1-RELEASE
> i386 with no X11 (headless).
> The port install failed when dependency 'libXau-1.0.4' configure
> couldn't find gnome-config:
> 
> ...
> checking for XAU... gnome-config: not found
> configure: error: Package requirements (xproto) were not met.
> ...
> 
> I'm not sure if this issue is specific to my system or is it a ports
> issue but I found that libXau-1.0.4 was in the ports tree since
> January 2009 so it's less likely to be an issue with the port itself.
> 
> Right now I'm not sure if the required gnome-config is lost from my
> system or was never there in the 1st place. What can I do to continue
> with phpMyAdmin installation?
> 
> I'm also curious why the phpMyAdmin port requires libX11 libraries to
> build while the phpMyAdmin website states that php, mysql and apache
> are the requirements for running phpMyAdmin?
> 
[snip]

Try placing WITHOUT_X11=yes into /etc/make.conf so it will build without the 
X related nonsense.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: I hate to bitch but bitch I must

[Michael Powell]

PJ wrote:
[snip]
>>
>>   
> I think you're trying to take the meaning of "should" a little too
> far... to keep it simple, and without trying to intellectualize it, it
> simply means (and this can change within certain contexts) "normally, it
> should work" (in our context, here) but there is no implication of any
> warnings or dangers ... the "normally" is implied, the rest you can do
> with it as you wish, obviously at your rist... but even then the
> interpretation goes too far. As I suggested to Polytropon, in this
> particular case the instructions for the implementation of the procedure
> are very clear: use on an inactive system or SUM... so where's the
> bug... to suggest that it "should work" on an active system is confusing
> - if the author thought it important that it wouldl not work on an
> active system, perhaps he should have merely said "do not use on an
> active system"... that would be consistent and very clear. ;-)

Sorry, I'm not totally clear on everything either, but it is clearly 
contained within a section called 'BUGS'. This should set the context and 
will affect how the comment should be construed. If it were located anywhere 
else in the man page the context would be different, this altering the 
intended meaning or purpose.

Content within any 'BUGS' section should not be considered for normal usage 
of a command, unless it is something you think you can/should try and it is 
warning you not to do so. It is more of a disclosure of 'gotcha' potential, 
aka 'here be dragons' or other potential method by which an admin may shoot 
him/herself in the foot.

Just my meager $.02, fwiw 

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: PHP5 + fastcgi + apache2.2 ... how to for FreeBSD?

[Michael Powell]

Marc G. Fournier wrote:

> 
> Is there one somewhere?  I'm finding *alot* of Debian ones dealing with
> their whole apget stuff, but would like to find something that "speaks
> normally" :)
> 
[snip]

Install your choice of flavor of Apache. Me, I'm using the event-mpm for 
testing to verify the way to use non-thread safe PHP with a threaded server 
is FastCGI.


Install lang/php5 with various CLI options, as opposed to and instead of 
mod_php. This is set of options I used:

# This file is auto-generated by 'make config'.
# No user-servicable parts inside!
# Options for php5-5.2.11
_OPTIONS_READ=php5-5.2.11
WITH_CLI=true
WITH_CGI=true
WITHOUT_APACHE=true
WITHOUT_DEBUG=true
WITH_SUHOSIN=true
WITH_MULTIBYTE=true
WITHOUT_IPV6=true
WITHOUT_MAILHEAD=true
WITH_REDIRECT=true
WITH_DISCARD=true
WITH_FASTCGI=true
WITH_PATHINFO=true

Do not try and use MAILHEAD and SUHOSIN together; that combination is 
broken. Install the /lang/php5-extensions you require. Currently there seems 
to be a problem with extension=sqlite.so, and since I don't use/need it's 
commented out of my extensions.ini.


Install www/mod_fcgid from ports. In httpd.conf use:

LoadModule fcgid_module libexec/apache22/mod_fcgid.so

instead of the usual:

LoadModule php5_modulelibexec/apache22/libphp5.so


Also, further down in httpd.conf:

[...]
# This should be changed to whatever you set DocumentRoot to.
#


[...]



# added to enable mod_fcgid


  AddHandler fcgid-script .fcgi .php
  SocketPath /var/run/fcgidsock/
  IPCConnectTimeout 10
  IPCCommTimeout 20
  OutputBufferSize 0



#
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#

DirectoryIndex index.html index.php

[...]


If all went well you should be able to restart Apache and be in business. A 
phpinfo(); should execute and provide details. Any problems the quickest way 
to check PHP is to just execute php -v at a shell prompt. If it doesn't 
segfault it will print out a short descriptive output text.

I believe this is better than the usual script based approach you will 
locate on the web. It starts/spawns PHP as a long running process when 
Apache starts instead of starting a new CGI each time PHP script is 
executed. 

The mod_fcgid is configurable:

http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html

I believe this project was fairly recently folded into the Apache.org 
umbrella, but when I began it was separate and standalone. The docs on the 
Apache site look like they are for the upcoming 2.3 update to 2.2, and there 
may be discrepancies present. I had originally used the docs from the old 
site and I don't know if they are even still available.

-Mike


P.S. - Also, if you need to use Alias they will look like this:

Alias   /xcache-admin   "/usr/local/share/examples/xcache/admin/"

#SetHandler None
FCGIWrapper /usr/local/bin/php-cgi .php
Options ExecCGI
Order allow,deny
Allow from 192.168.10.2
Deny from none





___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: incorrect info in mysql docs

[Michael Powell]

Chris Whitehouse wrote:

> hi,
> 
> I just noticed this at
> http://dev.mysql.com/doc/refman/5.1/en/automatic-start.html
> 
> On FreeBSD, startup scripts generally should go in /usr/local/etc/rc.d/.
> The rc(8) manual page states that scripts in this directory are executed
> only if their basename matches the *.sh shell file name pattern. Any
> other files or directories present within the directory are silently
> ignored. In other words, on FreeBSD, you should install the mysql.server
> script as /usr/local/etc/rc.d/mysql.server.sh to enable automatic startup.

That was before the import of the rc.subr subsystem from NetBSD. Sounds like 
the docs may be a trifle stale.
 
> That's not actually right is it? My mysql is started by
> /usr/local/etc/rc.d/mysql-server. rc(8) says *.sh is for older style
> startup scripts or for scripts that are to be read into the current shell.
> 

The rc.subr start up system was imported from NetBSD quite some time ago, I 
think it might have been sometime around the 6.0 to 6.2 time frame. I know 
this bit me because I had mostly not bothered with executing mergemaster 
during updates and at some point only scripts with the .sh extension would 
run. When others told me they did not experience this I got to looking for 
the culprit and it was that I had failed to update the /etc/rc.d properly 
with mergemaster to bring in the newly imported rc.subr subsystem.

Before the rc.subr import from NetBSD the .sh extension was correct; some 
other OS's call these "legacy" start up scripts. After the rc.subr import 
the .sh extension is no longer required for scripts that are written in 
compliance to the new spec. If you examine a very old start up script from 
the pre rc.subr days and what is currently in use you will see a slight 
difference in the way the scripts are constructed internally.

The .sh extension "legacy" scripts may still run if marked as executable, 
but the difference is that they do not contain the rc.subr hooks, and 
therefore will require the .sh extension for operation, as per the man page 
you described above.

-Mike
 


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: howto use https in favour of http

[Michael Powell]

Steve Bertrand wrote:

> Alexander Best wrote:
>> Olivier Nicole schrieb am 2009-10-27:
>>> Hi,
>> 
 i've added the following line to my /etc/hosts:
>> 
 permail.uni-muenster.de:25  permail.uni-muenster.de:443
>> 
 so what i want is for freebsd to never use http, but https for that
 address.
 unfortunately hosts doesn't seem to support this syntax.
>> 
[snip]
>> 
>> i'm not using a webserver or anything. i'm just a regular user. the point
>> is: i often forget to specify https://... for that specific address in
>> apps like lynx or firefox. that's why the non-ssl version of that site is
>> being loaded. i'd like freebsd to take care of this so even if the app is
>> trying to access the non-ssl version it should in fact be redirected to
>> the ssl version by freebsd.
> 
> I thought that this is what you were originally after.
> 
> FreeBSD, in itself, can't do this... much like Mac OS or Windows can't
> do this.
> 
> Most applications such as Firefox can't even do this (inherently).
> 
> If you are trying to enforce this as a personal/company policy, you will
> need to write a 'wrapper' around your application (lynx/firefox) to do
> this.
> 
> Note that your example was :25->:443, which implied SMTP over SSL...
> 
> Nonetheless, FreeBSD can't make these decisions inherently (thankfully).
> 
> Steve

I think the OP does not have a clear grasp on how the various protocols 
operate. Evidenced by confusing http with mail services. Yes, I know there 
is 'web mail', but even web based mail is still a web server.

It is up to the server operator to configure the services on the server end 
of things. Whether its SMTP with SSL/TLS, HTTP/HTTPS, pop3 or imap with SSL, 
etc., all of these things are made to work at the server end. True enough a 
client may need to be configured to talk on port 995 for pop3/SSL or port 
993 for IMAP/SSL but for the web a client shouldn't need to do anything.

The web server operator configures which locations in his URI space should 
be served up on port 443, and the client's browser should automatically 
switch to HTTPS based upon this. The OP doesn't seem to understand that he 
doesn't need to make this happen on his end, at least as far as HTTP/HTTPS 
goes.

If he is actually trying to configure a mail client to talk TLS or SSL to an 
SMTP server, then he needs to tell the email client software this. E.g., 
"This connection requires encryption" and whether it is SSL or TLS. Mail 
servers on port 25 do not use HTTP or HTTPS, but rather SMTP.

So it seems as if he is just very confused.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: howto use https in favour of http

[Michael Powell]

Scott Bennett wrote:


>>> Alexander Best wrote:
> Hi,
 
>> i've added the following line to my /etc/hosts:
 
>> permail.uni-muenster.de:25  permail.uni-muenster.de:443
 
>> so what i want is for freebsd to never use http, but https for that
>> address.
[snip] 

Perhaps the easiest direct solution is to bookmark 

https://permail.uni-muenster.de/ in the browser bookmarks instead of

http://permail.uni-muenster.de/


-Mike
 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Why is sendmail is part of the system and not a package?

[Michael Powell]

Jerry McAllister wrote:

> On Tue, Oct 27, 2009 at 05:03:12PM -0200, Gonzalo Nemmi wrote:
> 
>> On Tuesday 27 October 2009 4:32:45 pm Erik Norgaard wrote:
>> > Jonathan McKeown wrote:
>> > > Just as a matter of interest, if you want to rip sendmail out of
>> > > the base system, which MTA would you like to replace it with? Or
>> > > are you suggesting the system ship with no way to handle mail?
[snip]
>> 
>> Dear Erik:
>> 
>> Contrary to your belief the thread isn't moving of topic from OP, it's
>> just taking the same default route it has been taking for ages:
>> 1) telling the OP the OS needs an MTA
>> 2) telling the OP he can replace the default MTA
>> 3) telling the OP he can remove given MTA from base
>> 4) telling the OP about "historical reason"
>> 5) Not telling the OP why has FreeBSD has left so many historical reason
>> behind to persuit new goals but retained Sendmail as the default
>> MTA "for historical reasons".
>> 
>> Sorry .. but that's the way it goes every time someone asks the same
>> question.

Sounds like FAQ material. 
 
> I will add one more that covers it best.
> Sendmail works just fine and there is no ACTUAL CURRENT reason to
> get rid of it.Years ago it had some weaknesses which have been
> fixed.
> 
> So, that leaves personal preference as the only real reason
> for wanting to replace it.
> In that case, if your personal preference is to replace it, go ahead.
> There are several candidates and an earlier post described well how
> to do it.
> 
> As for putting it in ports and taking it out of base, well, some
> message system is often needed before ports are installed.  Sendmail
> fills the bill.Some other could also, but since Sendmail works
> just fine and is already there, then it is.
> 
[snip]

I'm no mail server guru, but I liked how one could fairly easily get a base 
configuration going of Sendmail by following the page in the Handbook. Once 
done Postfix could be installed from ports and it would Just Work, because 
it would adopt the Sendmail config. Tweaking can start from a known good 
configuration.

This doesn't include addon complexities such as virtual domains and users, 
spam and anti-virus, etc., but I've always found it better to start with a 
functional base and add the additional stuff one thing at a time. 

Yes - I favor Postfix, but it may not be the right cup of tea for all 
situations. However, my own personal preference is to leave the Sendmail 
thingy the way it is. I still use Sendmail for some things. There's just too 
many other fish that need to be fried. It works, supplies basic necessary 
functionality as is, is largely trouble free these days, and easily replaced 
with some other personal preference should it be desired. 

The guy in charge also actively maintains the FreeBSD bits. Compare the way 
Sendmail works in FreeBSD with lets say, ahem, Adobe's Flash. Opposite ends 
of the spectrum. Just my $.02 for sure, but I like the "status quo" being 
what it is. Now returning to the painting of my bikeshed...   :-)

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Bad sectors: how bad can it be

[Michael Powell]

Michaël Grünewald wrote:

[snip]
> 
> I have backups of the data contained in the broken, so the data on this
> disc are not a concern. I have however a question: How do I verify that
> a hard-drive is accurately working if its firmware will hide the bad
> sectors as long as possible?
> 
[snip]

As Polytropon indicated the smartctl commands for testing contained within 
the smartmontools port will extract the error logs from within the drive's 
firmware. There are two modes you can select from (basically a long and a 
short) that you can execute "now" at a command prompt. It can also be run as 
a daemon for continual monitoring. The data returned is somewhat arcane and 
can be semi difficult to interpret.

There are various levels of usability which can vary by hardware. Some RAID 
controllers may get in the way of direct communication to some hard drives. 
Other controllers, as you go up the 'expensive high dollar' ladder will 
often do built-in SMART monitoring and will beep and/or send emails when it 
detects error conditions from a drive. Some even either contain, or have an 
external utility which provide a web based browser accessible view in real 
time. The purpose is to attempt to detect a drive that is about to fail.

As far as the most basic level goes, you would look for numbers which 
indicate that the bad sector remap area has filled. Once this space gets 
filled any new bad sectors that develop can no longer be mapped out. This 
usually shows up in the operating system as some generic form of 
"unrecoverable read/write error" message and Bad Things begin to happen.

I have not used Spinright in a very long time, but it may buy some life on 
such a drive. If it can clear the bad sector remap area after adjusting the 
remap table it can give new life to a drive. The same thing used to be 
possible on SCSI drives by running the low level format utility usually 
contained within the controller firmware. 

Such "fixes" should only be viewed as extremely temporary in nature, as the 
general pattern with regard to magnetic media failure is that once it starts 
to get bad spots it will keep on getting bad spots on a fairly regular basis 
afterwords.

Interesting reading:

http://www.usenix.org/publications/login/2008-06/openpdfs/bairavasundaram.pdf

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: dhcpd related issue - not giving up

[Michael Powell]

Dánielisz László wrote:

> I don't give it up, doing some tcpdump on my BSD I can see the dhcp
> request reaches the machine, the dhcpd is running, but why doesn't gives
> any IP?
> 
> # tcpdump -i rl1 -n port 67 or port 68
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on rl1, link-type EN10MB (Ethernet), capture size 96 bytes
> 11:51:43.086597 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request
> from 00:24:03:f1:bd:36, length 300 11:51:45.102260 IP 0.0.0.0.68 >
> 255.255.255.255.67: BOOTP/DHCP, Request from 00:24:03:f1:bd:36, length 300
[snip]

I only have a couple if ideas. First, is it possible to substitute some 
other non rl or re NIC for rl1? I seem to recall something about these cards 
having some sort of problem like this. This test would eliminate that idea.

Also, right after a client machine requests a lease examine your arp tables 
on both machines. Maybe the dhcpd server is confused and sending the reply 
out the wrong interface? sockstat -4l can confirm which/what interface dhcpd 
is listening on, compare with arp results. Theoretically if dhcpd is bound 
to and listening on rl1 there shouldn't be any replies going out rl0. Check 
to eliminate.

Wrt to a managed switch blocking ports, I think you probably ruled this out 
by connecting the machines to each other. Note that for GigE, or NICs that 
do MDI-X properly any cable will work. However, on many older 100baseTX 
cards this would need to be using a crossover cable to function correctly.

You can also broaden your tcpdump to include arp traffic. When the output 
files become cumbersome to examine it's easier to look at them in Wireshark. 
I have a hunch if rl1 could be replaced with some old fxp or sk card lying 
around it might work. YMMV

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Why after packages update my 'startx' gives me a message: Protocol not supported by server.

[Michael Powell]

Yuri wrote:

> It keeps repeating this line in original terminal, putting line ".." in
> between. So it looks like this:
> Protocol not supported by server.
> ..
> Protocol not supported by server.
> ..
> Protocol not supported by server.
> ..
> 
> 
> Now I have to start just 'Xorg', it starts bare X. And from another
> terminal I have to start kde: "DISPLAY=localhost:0.0
> /usr/local/kde4/bin/kde"
> Then it works ok.
> 
> My .xinitrc looks like this:
> 
> export LANG=en_US.UTF-8
> export XMODIFIERS='@im=SCIM'
> export GTK_IM_MODULE=scim
> export QT_IM_MODULE=scim
> export XIM=SCIM
> export XIM_PROGRAM=SCIM
> exec scim -d &
> /usr/local/kde4/bin/startkde
> 

My first wild guess would be take out all the scim lines in your .xinitrc 
and see if the messages disappear. I know xorg.conf isn't supposed to be 
'needed' any longer, what with Xorg's supposed ability to auto configure, 
but you might want to look at the Xorg docs for configuring scim in Xorg. I 
don't use it myself but have seen something about it in the docs. Once the 
support has been added/configured then look in the KDE desktop config 
utility and set it up there too.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: /etc/fstab + embedded spaces

[Michael Powell]

carmel_ny wrote:

> I was attempting to create this entry in the /etc/fstab file. It is to
> a WinXP machine.
> 
> //u...@bios/My Documents /laptop smbfs rw,noauto  0  0
> 
> It fails because 'fstab' does not allow embedded spaces in device
> names, not does it allow enclosing the name in quotes.
> 
> I did some Googling and discovered that I am not the only one annoyed
> by this behavior. I discovered this patch that had been submitted awhile
> ago.
> 
> http://lists.freebsd.org/pipermail/freebsd-bugs/2007-October/026469.html
> 
> Changing the share name is not really an option. Is there some way of
> making this work in 'fstab'? I can use the name including spaces in
> 'mount_smbfs' so that is how I am currently mounting the share. It just
> seems strange that 'fstab' by not accepting the use of quoting is not in
> step with how FreeBSD usually operates.
> 

Don't know if this works for fstab, but the normal way to escape spaces is 
with a \, like this:

//u...@bios/My\ Documents /laptop smbfs rw,noauto  0  0

May not work in fstab but you can try it and see.

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Help understanding basic FreeBSD concepts (ports, updates, jails)

[Michael Powell]

Roger wrote:

> Hello all,
> 
> I have another concept that I'm confused about, the source distribution.
> Some ports, like "lsof" require the existence of /usr/src.
> What I don't understand is which version to use to keep synchronized
> with the production release.
> When the installed was performed the release was 7.2 but after doing
> "freebsd-update" the release is now
> 7.2-p4. 

A RELEASE such as 7.2 has a maintenance period during which the security 
team will apply security patches to the OS. Only the patches are applied, 
the rest of the bulk of /usr/src is untouched. This is what the -p4 means. 
The security support period for different releases can be located on the web 
site. Some releases are designated "extended support", while others have 
shorter time frames.


> According to the documentation, I can track CURRENT, STABLE plus
> other. Which one is the recommended one for a production server. I have
> not build that many
> packages that need the sources present so now would be a good time to
> find out which one
> I should use.
> 

I don't use the binary freebsd-update myself, but still use the old csup the 
source in /usr/src and the make buildworld/buildkernel/install dance. So I 
tend to think in terms of CVS tags. The tag RELENG_7_2_0_RELEASE would fetch 
the original release bits that never change. The tag RELENG_7_2 would fetch 
the /usr/src that has the security patches applied.

The -p4 you observed means that freebsd-update used binaries built with 
security patches applied. If there exists any question as to whether your 
/usr/src is in sync you can simply csup your source with the RELENG_7_2 tag 
in the supfile.

There is also another way to patch, and that is to apply patches manually. 
Let's say, for example, the built in bind had a file or two that got 
patched. You could rebuild just this one thing and after installing the bits 
simply restart the daemon. Sometimes this is preferred when one needs to 
prevent a security hole but doesn't want to reboot a server. A downside is 
when you do this it does not register the "-p4" like you noticed.

For a production server I feel it is best to use production release. IMHO 
there is one possible cause to consider STABLE for a production server and 
that is if there is new code "Merged From Current" that addresses and 
corrects a very specific problem. Let's say you have a particular NIC in 
your server that is exhibiting an exact same (and reproducible) condition as 
described in a bug report. If code which fixes this exact problem becomes 
available it will be written in CURRENT, and after some testing if deemed to 
be of sufficient quality it will be merged back to STABLE. Upgrading to 
STABLE will then pull in this fix. IMHO I wouldn't normally consider this 
unless there is an exact match between problem and fix.

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: networking won't come back up until reboot after ISP outage

[Michael Powell]

umage wrote:

> On 7. 11. 2009 19:07, Jason wrote:
>> Have you tried restarting routing?
>>
>> /etc/rc.d/routing restart
>>
>> I have found the same symptoms with other outages and not performing the
>> above.
>>
>> I have done "/etc/rc.d/netif restart" and "/etc/rc.d/routing restart".
>>
[snip]
>>>
> Thank you for the hint, I will try it when this happens again.
> Note: the output of netstat -r was identical to what it is currently...
> FYI: I've been using freebsd 6.2 -> 7.2 until now, and I never had to
> intervene - the system resumed networking as usual. It might have
> something to do with migrating to 8rc1 (most likely not), or that I'm
> now using DHCP and there's a glitch somewhere (maybe).

My configuration is most likely different from yours in that my DSL modem-
router is configured for split-bridge. This allows the DSL modem to handle 
the PPPoE connection and login but passes the WAN IP to my FreeBSD gateway 
box via DHCP. So the NIC on my gateway is getting it's lease from the DSL 
modem instead of directly from Verizon. Your DHCP lease is probably coming 
directly from the ISP I would presume.

When the connection goes down and comes back up it will take 5 minutes 
before my FreeBSD gateway box checks the lease and decides if a renewal is 
in order. This is automatic. If I am sitting in front of my computer and I 
want to speed this up I issue /etc/rc.d/netif restart on the gateway and it 
will come up and be happy in about 10 seconds, rather than waiting out the 5 
minute time out.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: networking won't come back up until reboot after ISP outage

[Michael Powell]

umage wrote:

[snip]
>> In my case the router does get the renewed ip, as I described earlier.
>> However, even after waiting 8+ hours, the system will not recover from
>> the outage properly (reason unknown). That's what this thread is all
>> about.
> When I started the system today, I found that again it had no
> connectivity. I did some checks and then found that 'natd' was not
> running. But this is not happening that frequently, and seems to only
> have started after the last system update. Could be some sort of race
> condition. Is there a logfile that natd writes to, so that I may
> investigate the reason why it is exiting?

My first gut instinct about your problem was to blame dhclient first. But no 
NATD would definitely be a problem. I am assuming we are talking about IPFW 
and NATD here, and it has been many years since I've used it. I migrated to 
IPFILTER and then on to PF quite some time ago.

Most logging related to IPFW is already present, but IIRC to log NATD you 
need to turn it on, and possibly configure it in syslog.conf should you 
desire the output somewhere other than /var/log/alias.log.

Keep in mind there are two ways to pass options. You can use something like 
natd_flags="-l" in /etc/rc.conf. Man natd will provide a list. The second 
method is to place the options in a file such as natd.conf and pull them in 
like natd_flags="-f /etc/natd.conf".

I looked in my notes and here is a snippet from an old /etc/rc.conf:

natd_enable="YES"
natd_interface="ppp0"
natd_flags="-f /etc/natd.conf"

My /etc/natd.conf:

interface ppp0
use_sockets yes
same_ports yes
dynamic yes

You could add a 'log yes' line here; it does the same as the -l described 
above. Note that you might need the 'dynamic yes' switch for an interface 
that changes. In my case I was using it for a ppp dial-up connection, change 
interface as needed.

Sounds like you are narrowing down the culprit(s). Also note that it could 
possibly be a timing issue related to the order things start up. If the NATD 
is attempting to start before the interface has come up it will die. 
Shouldn't happen, but...   YMMV

-Mike
  

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to do a custom install?

[Michael Powell]

Gary Kline wrote:

> 
> due to strange disk problems i was down for around 30 hours.  i am
> currently wiping dos/win off in favor of 7.2-R and i have a question
> about doing a "custom" install that would let me slice the drive into
> more that four pieces.
> 
> i am building, by default,
> 
> /,
> /var
> SWAP,  and
> /usr
> 
> it has been years since my custom install where [[*some*]] technique
> let me slice something like, say,
> 
> /,
> /var,
> /tmp,
> /usr/local/
> SWAP,  and
> /usr
> 
> anybody remember what keys to hit in the installation procedure?
> 
> tia,
> 
> gary
> 
> 

Not sure about the terminology in use here. The old standard was to create 
one, or more, slice(s) and then partition with bsdlabel. In the sysinstall 
step for this it will run fdisk. Note that playing by the $MS standard the 
normal maximum number of slices would be 4, e.g. aka "primary partitions" in 
the Dos/Windows world. Fdisk makes "slices". An example of a slice on an IDE 
drive would be ad0s1.

After the fdisk step would next come bsdlabel. This is the step that creates 
partitions within the "slice" previously made with fdisk. Note the 
difference in terminology: what Dos/Windows refers to as a "primary 
partition" in the Unix world this is a "slice". 

Partitions are created within a slice with bsdlabel. On the sysinstall 
Custom menu these two options are one above the other, e.g. Fdisk and Label. 
Select the Fdisk and create a slice, exit fdisk returning to sysinstall and 
proceed to select the Label menu option to bring up bsdlabel. (IIRC also 
called disklabel.) 

An example of a partition would be ad0s1a, ad0s1b for swap, ad0s1c is a 
reserved wrapper entity, ad0s1d, e, f, g. Usually ad0s1a will be your root, 
b will be swap, d might be /usr, e might be /var. etc. In the bsdlabel 
utility there is the option to choose both the partition type and size as 
well as it's mount point. 

It is actually possible to have more than 4 slices even when playing by the 
$MS Dos/Windows standard. Fdisk will allow for the creation of what on Dos 
are called "extended partitions". The numbering for these starts at 5. You 
won't be able to boot from them and from a *Nix point of view are semi 
useless except within the context of Dos/Win compatibility.

If this is just going to be a FreeBSD machine no need for the so-called 
"extended partition" of the Dos/Win world. Just create a slice [fisk], and 
break that up into partitions [bsdlabel].

If everything goes according to plan after Fdisk, Label, Return to previous 
menu, etc, at some point later on (IIRC after choosing packaging 
distributions) sysinstall will later perform the actions you configure in 
these preparatory steps. For reference peruse the Handbook; it's probably 
written clearer than I can accomplish.

-Mike
 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: panic? i386 on dell duo

[Michael Powell]

Gary Kline wrote:

[snip]
> 
> my network bud down in dallas is helping me get the dell as my
> new server.  my old hp kayak is from 1998 and on its death-bed.
> 
> okay: i have 7.2-R, i386.  installs fine.   jon horne changed the
> IP that the op sys | DHCP suite chose from 10.47.0.112 to
> 10.47.0.230.  i do not know why, but he change the ifconfig line in
> /etc/rc.conf from ="DHCP" to ="inet 10.47.0.230 netmask 10.0.0.255"
  ^^

Can't speak to most of the post but this netmask certainly looks strange.

-Mike
  


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: BTX Loader crashes -- Help wanted

[Michael Powell]

Ronald F. Guilmette wrote:

> 
> Who should I be talking to if the BTX loader is crashing on my
> specific hardware configuration, and what specific info do I
> need to be gathering for him/her in order to have hope of getting
> the problem rectified?
> 
> I'd pulled stuff out of the system in question until there's
> practically nothing left and I'm at my wit's end with this problem.
> 
> System:
> AMD Athlon 64 1640B CPU
> MSI K9VGM-V motherboard
> 1GB 667 DDR (Kingston)
> LG DVD Burner Black SATA Model GH22NS50 - OEM
> floppy drive
> 
> That's it. I've yanked out all the non-essential cards, _and_ I've
> even taken out the hard drive, and I'm still having BTX crashes.
> 
> The problem(s) occurs with FreeBSD 6.3-RELEASE/i386 disk1 (CD),
> 7.0-RELEASE/i386 disk1 (CD), 7.2-RELEASE/i386 Live Filesystem (CD), and
> 7.2-RELEASE/amd64 Live Filesystem (CD).

Try 8RC3 and see if any difference. I believe some work in this area may 
have occurred. In any event, these RELEASE versions are static and will not 
change. The only hope in this area would be if a fix from the 8.0 work has 
been MFC'd back to 7 STABLE.
 
> The symptoms are different depending on which of the above I'm trying to
> boot from.  In the case of the first two, the crash results in a bunch of
> register values being displayed on my screen, after which the system is
> dead.  In the case of the last two above, it appears that the BTX loader
> actually starts to load a kernel (well, anyway, the little twisty thing
> starts turning), but then the screen goes completely black, after which
> my monitor senses that the video signal has gone completely dead, and
> at that point the system is just frozen, and needs a power-cycle or hard
> reset to get going again.

I don't believe you are the first to experience this.
 
> Curiously, with the same motherboard (_and_ the same boot CDs), I have no
> problems at all booting off of any of the above boot CDs, AS LONG AS I am
> using a different (PATA) CD/DVD drive.  But I have tried two different
> recent vintage SATA CD/DVD drives (Optiarc & the LG mentioned above) and
> both result in the booting failures described above.

You can try disabling ACPI at boot, as well as toggling the BIOS between 
Enhanced and Legacy mode if this option is available. Probably your best 
approach will be to use a SATA hard drive while using a PATA CD-ROM. This is 
most likely what you will have to do if 8RC3 doesn't make any difference and 
you just want to get the box going. 
 
> I'm bumbed.  I really had hoped to start moving my machines over to SATA,
> but so far things are just not working out smoothly at all.

If 8 does the same thing file a PR in order to bring the attention of the 
developers. There may be one, or more, already on the subject. Since the old 
releases are static the place to get the bits fixed is in the ongoing work.

-Mike
 





___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: BTX Loader crashes -- Help wanted

[Michael Powell]

Ronald F. Guilmette wrote:
[snip]
>>Try 8RC3 and see if any difference. I believe some work in this area may
>>have occurred.
> 
> I just tried it.  Alas, same result.

I follow the -CURRENT and -STABLE mail lists as well as this one. Though 
this particular problem does not pertain to me, I seem to recall some 
traffic off and on about this subject occasionally. So it is known. The 
place to get the developers to look is wrt to 8.0, so if the problem is well 
documented they may be more inclined to look into it. If the bootonly, 
install CD, or LiveFS CD for 8-RC3 can be used to reproduce the problem 
concentrate here.
 
>>I don't believe you are the first to experience this.
 
> Well, I'm just about to file a new PR on this, but I'll refrain if
> someone else has alreadyt done so.  Do you have an eisting PR number
> on this?

There are quite a number and a few of which are very similar in that they 
directly reference boot loader crashes. You could review the ones that seem 
to match the closest to your situation directly (e.g. hardware and crash-
dump wise), particularly the BTX crash associated with booting from SATA 
CD/DVD. Eye them towards using as a template to get started. The more 
exacting and succinct the PR the more likely to stimulate interest. You can 
reference the handful that match the closest by number in your own PR.

Be very exact to localize the trouble to specifically SATA CD/DVD hardware. 
If the box will boot and install fine from a PATA CD/DVD drive to a SATA 
hard drive be sure to include this. You have a VIA VT8237A controller on 
that board so that aspect should work. This will serve to isolate and 
confine the problem to be examined to a very specific issue. This increases 
the chances someone may look into it. 

 
[snip]
> 
> Shsh! I literally _just_ bought this new SATA DVD drive, and I went
> with SATA because I believed that (a) the world is slowly but surely
> switching everything over to SATA and (b) SATA has been around long enough
> now that FreeBSD related bugs should have all been shaken out by now.
> 
> Please excuse my snarkiness, but... I guess I was wrong about the latter.
> 
>>If 8 does the same thing file a PR in order to bring the attention of the
>>developers. There may be one, or more, already on the subject.
> 
> Well, I did a search on the PR database for "BTX" and I'm looking at all
> those PRs... some of them going back to 2004, which doesn't exactly
> inspire confidence about a possible timely fix... and I don't see anything
> in the subjects that quite matched up to what I'm talking about.

If you just need the box to work immediately use a PATA CD/DVD. If you have 
the time to deal with it, attract the attention of developer(s), and have 
the time to work with them it serves the interests of the larger community. 
Others have had and will have your problem and getting it fixed for you will 
just mean many others will not go through what you are currently 
experiencing.
 
> And ah... while we are on the subject...
> 
> If I do file a PR on this, then at long last I'll need to know the answers
> to the two questions that have been in the back of my mind for ages,
> regarding PRs...
> 
>1)  What do the various severity codes mean?
>2)  What do the various proirity codes mean?

http://www.freebsd.org/doc/en_US.ISO8859-1/articles/problem-reports/

http://www.freebsd.org/doc/en_US.ISO8859-1/articles/pr-guidelines/

Might be good reading. I should read them again myself. It's been a while.

> 
> I've never filed a PR with severity "critical" or with priority "high"
> because I've always figured that this may be a good way to get the
> developers to view _all_ one's future (and past) PRs with a suspicious/
> jaundiced eye...  you know... the-boy-who-cried-wolf syndrome.
> 
> I don't want to be labeled as a nut case or an incessant complainer, but
> for _this_ issue I'm thinking that severity==critical and/or
> priority==high
> may be appropriate.  I mean jeezzz Louise!  If one can't even install from
> the distribution CDs/DVDs on perfectly good hardware...  (And it's not
> like the whole SATA interface standard is exactly ``new'' or anything
> anymore.)
> 
> So?  Any advice?  Should I stick my neck out and label this PR either
> severity==critical or priority==high ?
> 

There is always going to be a certain subjectivity present here. What is 
life and death important to one person may not be to another. I believe a 
commonly accepted dividing line can be found when you consider the usage of 
the system(s) in question. If you are a sysadmin or consultant who is being 
paid money to maintain mission critical servers then it warrants a higher 
level of concern than a single user at home with a desktop PC.

If you are racking a hundred Dell 2950's and have a problem it is critical. 
If you are a single PC user at home with a desktop, not so much. I do 
understand your concern wrt to "the boy who cried wolf" and it does matter. 
You stand more of a c

Re: mysql60-server??

[Michael Powell]

Matthew Seaman wrote:

> Gary Kline wrote:
>> kwik one:
>> 
>> in his build-server stuff [6.2], jon horne said to use
>> mysql50-server.  i see the latest is mysql60
>> 
>> should i go ahead and use the latest mysql database? or just do as the
>> 
>> instruction say?
[snip]
> 
> Prior to that we have:
> 
> mysql51 -- MySQL's current GA (generally available) release offering. It's
>got a number of new features like stored procedures but
>depending on your workloads it may or may not be faster than...
> 
> mysql50 -- The previous GA version, and still the most widely deployed
> version at
>the moment.  It is still being actively maintained even if it
>is pretty
>much down-played on MySQL's website.  This is a version that
>has been in all sorts of production use for years and pretty
>thoroughly debugged, hence a very safe choice.
> 
> In summary: choose either of mysql50 or mysql51 according to preference or
> your particular requirements.
> 

A lot of people are still using 50 and many consider it faster than 51. I 
think the main difference performance wise is 51 might have a tad heavier 
thread handling performance for the latest and greatest high end quad socket 
quad core boxen. 50 may offer better performance on older more down level 
commodity boxen. I've been running 51 for a quite a while now and haven't 
had any trouble with it, but I'm not hammering it either. If the hardware 
isn't quite up to snuff 50 may actually be a better choice, especially in 
the scenario where web and database are running on the same, albeit slower 
machine. Another factor in the decision might be to consider when EOL may be 
scheduled.  

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: NO_PROFILE versus WITHOUT_PROFILING

[Michael Powell]

Pieter de Goeje wrote:

> On Friday 27 November 2009 12:45:54 Frank Staals wrote:
>> When I was setting up my system for a complete rebuild I came across
>> something unclear to me; I always used NO_PROFILE in my make.conf,
>> however from what  I've read specific make options to build the
>> kernel/base system should be in /etc/src.config. The manpage of src.conf
>> specifies the option WITHOUT_PROFILING, which seemed to be the flag that
>> I was looking for. Just to be certain I always keep the 'Rebuilding
>> World' chapter of the handbook close, however that still specifies to
>> use NO_PROFILE in make.conf.
>> 
>> So now my question: What is the desired way of turning of profiling:
>> NO_PROFILE in make.conf or WITHOUT_PROFILING in src.conf ?
>> 
>> Thanks in advance
>> 
> WITHOUT_PROFILING in src.conf. The NO_xxx options are obsolete and should
> not be used.
> 

Yes - src.conf is used for the system. make.conf will contain options you 
want to apply to building ports. They were split to separate them.

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: 2 processes reproducible read same file with different speed

[Michael Powell]

cronfy wrote:

> Hello.
> 
> I've noticed a very weird behavior of 2 Apache processes that shold read
> the same file to process a request (they configured to read it on every
> request). One spends about 6ms to read the file, and second spends about
> 114ms (I used ktrace to find this out). Every time, on every request,
> the problem is reproducible. Apaches are the same, the only difference
> between them that they are working from different users to serve
> different sites. Same binary, same config.
> 
> First Apache used to work in the same way some time ago - it spent
> ~120ms to read the file. But once it changed and now it is working fast.
> 
> Restarts of Apache do not look to affect on anything.
> 
> The file that Apache should read is 315k long. Apache reads it by small
> blocks of 4096 bytes each. May be FreeBSD has some memory about how
> process is working with files and after some time enables some
> optimization or caching? I just do not have any clue... :(
> 
> Can anyone explain this please?
> 

Caching is coming into play if the first read takes longer than subsequent 
reads. It may not be uniform as older objects move in and out of cache being 
replaced by newer. The OS will have some space for buffer caching and when 
Apache makes a 'hit' on this cache retrieval will happen faster. This buffer 
space is dynamic in nature, and will shrink as Apache fills up memory. As 
Apache needs more memory the OS will attempt to provide as much as it can 
within reason by shrinking the buffer allocation space.

If this is a static file which needs to be read by all pages served, some 
other form of caching should be investigated. In the meantime you may want 
to try the following in httpd.conf if not already doing so:

EnableMMAP on
EnableSendfile on

You may also want to see if you can set aside a little RAM and cache it 
there, ala:

http://httpd.apache.org/docs/2.2/mod/mod_mem_cache.html

Another approach is a reverse proxy such as Varnish in front of the web 
server. But the first most immediate thing you can try and measure is to 
turn on sendile() if you're not using it.

-Mike
  


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: malformed man pages

[Michael Powell]

Sagara Wijetunga wrote:

[snip]
> 
> We use /usr/bin/less from ftp://ftp.gnu.org/gnu/less, the
> less-382.tar.gz, unpatched.

Why?
 
> Does the less need to be patched in FreeBSD? If so, is there such a
> patch exist?
> 

Uhmm, this may sound a little strange, but why not use the one included as 
part of the system? In other words, there was no need to 'install' less. 
Remove whatever you installed and use the right one. It even has a man page, 
e.g., man less and you will see a man page for the included one unless 
you've made a total mess of your man pages.

I suspect there may be a possibility of bringing "Linuxisms" to your 
approach to FreeBSD. While there may be some amount of crossover, FreeBSD is 
not Linux. Learn FreeBSD as if it were new to you and leave the Linuxisms 
aside.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: WINE on 6.3

[Michael Powell]

RW wrote:

> On Sat, 05 Dec 2009 13:47:00 +0100
> Andrea Venturoli  wrote:
> 
>> Hello.
>> Is WINE usable on 6.3/i386?
>> I cannot seem to start any win32 program and before I spend time into
>> it, I thought I just ask.
>> 
>> My interest is almost limited to running a simple console app that
>> does very litte beyond reading a text file, processing it, and
>> outputting another text file.
> 
> It's think it's possible that the p13 update "no zero mapping" might
> have an affect on windows/dos programs.
> 
[snip]

Not sure this is present in 6.3, so check first. A quick sysctl 
security.bsd.map_at_zero will return a value of 0 if present. As RW 
indicated it may have been included in the p13 update. 

To elaborate a little, you may need to toggle the security.bsd.map_at_zero: 
0 MIB. Change this to 1 to disable, not sure if loader.conf or sysctl.conf 
is the right place. Would be better not to have to do this because leaving 
it enabled is a security feature. However, WINE may not run without it.

I'm also not sure if the following is related, I just recall reading about 
it at in the same time frame and mostly with regard to Samba. Possibly there 
is a need to place CONFIGURE_ARGS+= --disable-pie in make.conf and recompile 
WINE. This may not apply to WINE at all so if the MIB config mentioned above 
fixes the situation do not proceed with this. I suspect wrt to WINE this is 
irrelevant, but thought I'd mention it anyway.

Should you discover --disable-pie is required leaving it present in 
make.conf is not a very satisfactory arrangement, as it would then apply to 
all ports. Workaround would be to place it just for WINE recompile if 
absolutely necessary and then comment it out when done.

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: geometry does not match label (255h,63s != 16h,63s)

[Michael Powell]

J.D. Bronson wrote:

> What if we tried a custom kernel and removed these lines:
> 
> options GEOM_PART_GPT   # GUID Partition Tables.
> options GEOM_LABEL  # Provides labelization
> 
> I think that might remove these 'errors'.
> 

My kernel already has these removed and yet I also only began getting these 
after upgrading from 7.2 to 8.0 on both servers at home. So far just ignored 
them. Normal csup source and make buildworld/etc dance followed with a 
portupgrade -af and make delete-old-libs. So, yes, another "Me Too". :-)

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: use DD mode or not? and how to set up?

[Michael Powell]

Tom Worster wrote:

> options for setting up gmirror include DD or standard mode. i don't know
> about others.
> 
> i'm about to install 8.0-RELEASE on a system with two 750g sata disks that
> i want to run as a mirrored pair.
> 
> what are the pros/cons of the different options?
> 
> and what about the installation process? set up the mirror before
> installing from the CD or do it like the handbook says?
> 

I believe DD mode is going away. Probably has something to do with adding 
features to loader for GPT support. A GPT places what's called a 
"protective" MBR in the place where the old DOS style MBR would normally 
occupy. I would avoid DD.

Last question is easy if dealing with a true hardware RAID card, as you will 
create the array in the card's BIOS and FreeBSD will just see that as ar0 
and install to that.

As far as a perfect answer I'm not certain. There is one little tidbit that 
may assist though. The metadata gets stored in the last sector at the end of 
an empty disk. As long as there is free space at the end of the drive(s) it 
won't matter which way you do it.

The Handbook is essentially reconfiguring an already virgin install existing 
on the first drive. When rebooted into this changed configuration, the 
second drive is then added to the mirror and replication will take place. 
The less amount of data present will speed this replication and get you to 
mirrored status quicker. I've done this a couple of times and it was pretty 
straightforward.


-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: lynx failure....

[Michael Powell]

Gary Kline wrote:

> Guys, this is what I see both here on my desktop, and on a
> remote server, magnesium.net.  Using lynx:
> 
> 
> Looking up www.thought.org
> Unable to locate remote host www.thought.org.
> Alert!: Unable to connect to remote host.
> 
> lynx: Can't access startfile http://www.thought.org/
> p6 0:03 
> [3]
> 
> 
> Obviously, something is wrong with how my new DBS, mAil, and
> web server, ethic, is configurated.  Can anybody help me here?
> 

A Dig output from my location: Your DNS is somewhat screwed up.

; <<>> DiG 9.6.1-P1 <<>> www.thought.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21126
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;www.thought.org.   IN  A

;; ANSWER SECTION:
www.thought.org.38299   IN  CNAME   aristotle.thought.org.

;; AUTHORITY SECTION:
thought.org.10700   IN  SOA ethic.thought.org. 
hostmaster.thought.org. 2009120801 10800 3600 604800 38400

;; Query time: 1 msec
;; SERVER: 192.168.10.1#53(192.168.10.1)
;; WHEN: Sat Dec 12 03:32:48 2009
;; MSG SIZE  rcvd: 110

I'm certainly no DNS expert. I also have no clue as to how you are 
configuring your DNS. So any comments will be along the lines of text 
editing zone files for BIND. Here is an example of a zone file for my 
internal LAN (a public zone will have different information, but the 
structure should be similar enough for example purposes.



$TTL3600
test.zip.   IN  SOA server.test.zip. testu...@test.zip.  (
20090614; Serial
10800   ; Refresh
3600; Retry
604800  ; Expire
86400 ) ; Minimum
;DNS Servers

IN  NS  server.test.zip.

;MX Records

IN  MX  1   server.test.zip.


;Hosts

server  IN  A   192.168.10.1
workstation IN  A   192.168.10.2
testbed IN  A   192.168.10.3


;nicknames
static  IN  A   192.168.10.3
--

Notice the SOA starts with the domain, here it would be thought.org. See the 
"test.zip." in the above? Period included. Try and use an "A" record instead 
of CNAME. In any case, you will need an "A" record which contains the IP 
address of your server. In the Dig above there is nothing to indicate any IP 
address for the hostname you are trying to resolve.

This is just a quickie to get you looking in maybe the right direction; 
there are others on the list who have much more smarts about DNS than 
myself. I'm just around at odd hours, so take a look and wait a bit for the 
smarter people. Also remember when you make changes update the Serial number 
so zone transfers will propagate, and remember the TTL, refresh, retry, etc 
parameters will mean any change will take time to propagate.

-Mike




___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: disk with high frequency noise only on FreeBSD

[Michael Powell]

James Phillips wrote:

> 
>> Date: Fri, 11 Dec
> 2009 23:52:50 +0200 > From: ly4uk Root 
>> Subject: disk with high frequency noise only on FreeBSD
[snip] 
> 
> Now, this post is interesting. I'm sure many people with a software
> background may be tempted to write this report off as completely
> implausible. The truth is even "non-moving" parts such as inductors
> and possibly capacitors can move in response to an applied signal.
> For example, my ADSL modem with no moving parts makes an audible
> hissing noise louder than the (80mm) fan noise of my BSD server.

It is possible for one or more electronic components to emit a noise, even 
an integrated circuit. This is usually the result of an abnormal operating 
condition which has established a self sustaining oscillation, which 
requires some form of feedback loop to operate.

The quintessential example is the horizontal output transistor in an analog 
television or CRT style monitor. These normally operate at about 15KHz but 
not audibly. When the components around them have altered value enough to 
change bias voltages they will oscillate and produce a loud high pitched 
whine. Failure is what eventually occurs in this situation.

I had one machine that the memory would "sing" only when a make buildworld 
was run in FreeBSD. I have an old British Airways movie headphone set from 
back when their system was acoustic with air tubes. This works really well 
for examining where a sound is coming from.
 
> I have no idea what would be causing this in 8.0-RC2, but I can
> suggest what to look for: anything polling the drive in the audible
> frequency range (20 to 20 thousand times per second). Another
> possiblity is any action the repeats at that rate, but was not
> present in ealier versions. The timer interrupt is in that range, but
> other systems like GNU/Linux (before the tickless kernel) and Windows
> use a similar timer.

There are now 3 timers to choose from, and I think the default changed to 
the acpi fast timer. Interesting analysis, but very well could be related.

> To the original poster: you say this is a laptop. How do you know the
> noise is coming from the hard drive and not some other component like
> the speakers/Network card/fan?
> Regards,
> 

Yes, the noise could be coming from elsewhere. And if it is indeed coming 
from a VLSI type of chip it does not bode well. This indicates some form of 
abnormal operation which is most often eventually destructive in nature. 
There is actually probably very little you can actually do about it, so just 
live with it and "if it ain't broke don't fix it". When it is broke hit 
repeatedly with progressively larger hammers until it's in pieces and you 
now need a new one.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: black hole test

[Michael Powell]

Jonathan McKeown wrote:

> On Wednesday 16 December 2009 22:05:06 Peter Wemm wrote:
>> Daignostic message to trace mailing list processing, please ignore.
> 
> You have heard of freebsd-test@ , haven't you?

Uhmm, he is the mail admin and this list was down; don't you think he should 
be able to test out the problem? 

Thanks Peter for fixing whatever it was...

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: is this booting info correct?

[Michael Powell]

Fbsd1 wrote:

[snip]
> 
> The number of hard drive primary-partitions/slices is determined by the
> motherboard BIOS (Basic input output system), not the operating system.
> Standard motherboard BIOS limits hard-drives to 4 main divisions
> 
[snip]

Not quite true. The only thing contained within the BIOS is an instruction 
to jump to sector 0 of track 0 after a successful POST. 

-Mike
 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Re-compiling PHP changes server responsiveness

[Michael Powell]

Matthew Seaman wrote:

[snip] 
>> I get: "[warn] (2)No such file or directory: Failed to enable the
>> 'httpready' Accept Filter, and no new errors in
>> /var/log/httpd-error.log" four times
>> 
>> Tried adding accf_http="YES" to /boot/loader.conf, and re-booting of
>> course.
> 
> This is just a warning message and doesn't stop apache working or not. 
> Enabling accf_http should give you a bit of a performance boost under
> heavy load and help you withstand certain types of DoS attack, but it's
> not required.
>

I found I needed both accf_data_load="YES" and accf_http_load="YES", but I 
am also running SSL too. I've also noticed that I tend to not receive this 
error when Apache starts after a fresh system boot. Have never tried to 
examine it further as I don't reboot or restart Apache very often. It just 
seemed happier when I added the http_load into the mix and only spews the 
error at non-reboot restarts.
 
[snip] 
>> What else should I look at?
>> 
> 
> Try restarting httpd from the command line: /usr/local/etc/rc.d/apache22
> restart
> 
> This will run a configtest and then try and start up apache.  Then check
> that apache is still running: /usr/local/etc/rc.d/apache22 status
> 
> If apache has mysteriously disappeared and there are no messages in log
> files, then it means apache crashed during the startup process soon after
> daemonising. That's pretty diagnostic for loading a dynamic module that
> disagrees with it.
> 
> At a guess, and given that you've reinstalled all your php modules, I
> think you
> may be being hit by the php module load order problem.  In that case,
> running
> php from the command line will probably also segv on you.  This is
> something that has had quite a lot of attention on this list, but there
> isn't a really good solution yet, other than manually reordering the
> entries in /usr/local/etc/php/extensions.ini
> 
> Also, if you're running eAccelerator, make sure you recompile it at the
> same time you upgrade the main lang/php5 port: eAccelerator will cause
> Apache to crash if you try and run it against a different version of PHP
> than it was originally compiled for.
> 

The same would apply whether it was xcache or the Zendoptimizer.

The way to pin the problem down is to rename extensions.ini temporarily to 
extensions.ini.bak and comment out the 

#LoadModule php5_modulelibexec/apache22/libphp5.so line temporarily.

Start/restart Apache and if it works OK with serving static content it 
confirms the problem is PHP. Then add the Loadmodule line again in 
httpd.conf and restart. If it restarts with no errors and again serves 
static pages fine the PHP module itself is OK. Trying to run something like 
a CMS will still be error prone as the various modules it needs aren't being 
loaded and found, as the extensions.ini file is still renamed.

Note that if Apache is happy with mod_php while extensions.ini is still 
renamed it also confirms no major flaw in the php.ini file.

If Apache runs fine with the mod_php module then the trouble is in the 
extensions. Rename the extensions.ini back to it's original state. There is 
a script that may be run to realize a close approximation of the extension 
loading order problem: fixphpextorder.sh which can be found here: 

http://www.pingle.org/2007/09/22/php-crashes-extensions-workaround

That is a stab at the reordering problem, but in my case was not enough to 
completely solve my problem. I also had to comment out extension=mhash.so 
with a ";". This was arrived at by commenting out line by line one at a time 
until I hit the one causing the breakage. This particular extension has been 
problematic for me for some time now. Some upgrades it works and for some it 
is broken. Remember that each change made requires an apachectl restart.

-Mike  



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: samba3.x - 3.0 won't compile, 3.2 and 3.3 can't be installed

[Michael Powell]

Ewald Jenisch wrote:

> Hi,
> 
> For quite some time now I'm trying to get samba 3.x installed on my
> FreeBSD 7.2 System.
> 
> The symptoms in short:
> 
> o) 3.0 - doesn't compile
> 
> o) 3.2, 3.3 - can't be installed because of installation dependencies
> to samba4-devel-4.0.0.a8_2, talloc-1.3.1 and tdb-1.1.5.
> 
> System:
> FreeBSD test.at 7.2-STABLE FreeBSD 7.2-STABLE #8: Mon Dec 7 12:21:59 CET
> 2009 r...@test.at:/usr/obj/usr/src/sys/GENERIC amd64
> 
> 
> Ports tree is updated and all ports installed up2date.
> 
> Now for the Samba-port(s): Depending on the version of Samba it either
> can't be built at all or fails upon installation.
> 
> In detail:
> 
> 1) Samba3.0:
> 
> Bails out during compilation with the following error:
> 
> Compiling locking/locking.c
> locking/locking.c: In function 'unparse_share_modes':
> locking/locking.c:701: error: invalid operands to binary -
> The following command failed:
> cc -I. -I/usr/ports/net/samba3/work/samba-3.0.37/source  -O -pipe
> -DLDAP_DEPRECATED -D_SAMBA_BUILD_=3 -I/usr/local/include 
> -I/usr/ports/net/samba3/work/samba-3.0.37/source/iniparser/src -Iinclude
> -I./include  -I. -I. -I./lib/replace -I./lib/talloc -I./tdb/include
> -I./libaddns -I./librpc -DHAVE_CONFIG_H  -I/usr/local/include
> -I/usr/local/include -DLDAP_DEPRECATED   
> -I/usr/ports/net/samba3/work/samba-3.0.37/source/lib -D_SAMBA_BUILD_=3
> -fPIC -DPIC -c locking/locking.c -o locking/locking.o *** Error code 1
> 
> Stop in /usr/ports/net/samba3/work/samba-3.0.37/source.
> *** Error code 1
> 
> Stop in /usr/ports/net/samba3.
> *** Error code 1
> 
> Stop in /usr/ports/net/samba3.
> 
> 
> 
> 2) Samba3.2:
> 
> $ make install
> ===>  Installing for samba-3.2.15
> 
> ===>  samba-3.2.15 conflicts with installed package(s):
>   samba4-devel-4.0.0.a8_2
>   talloc-1.3.1
>   tdb-1.1.5
> 
>   They install files into the same place.
>   Please remove them first with pkg_delete(1).
> *** Error code 1
> 
> Stop in /usr/ports/net/samba32.
> *** Error code 1
> 
> Stop in /usr/ports/net/samba32.
> $
> 
> However samba4-devel is needed by (pkg_info -Rx)
> evolution-mapi-0.28.1
> gnome2-2.28.1
> libmapi-0.8.2
> so de-installing them is a no-go since I need gnome2
> 
> 
> 3) Samba 3.3:
> 
> Similar problems as with samba 3.2 above:
> 
> $ make install
> ===>  Installing for samba-3.3.9
> 
> ===>  samba-3.3.9 conflicts with installed package(s):
>   samba4-devel-4.0.0.a8_2
>   talloc-1.3.1
>   tdb-1.1.5
> 
>   They install files into the same place.
>   Please remove them first with pkg_delete(1).
> *** Error code 1
> 
> Stop in /usr/ports/net/samba33.
> *** Error code 1
> 
> Stop in /usr/ports/net/samba33.
> $
> 
> 
> 
> So, here are my questions:
> 
> o) Anybody else seen this before?

I still run 3.0.37, which has been portupgraded with each new rendition 
since 3.0 without any trouble. It began life on 7.2-Release and now runs on 
8.0-Release after system upgrade. But it is a server and has no desktop 
software, e.g., Gnome, to cause problems. Has always run fine and never had 
any trouble compiling.
 
> o) Anything that could be done against this problem?
> 

This may seem dumb, but since you already have Samba4-devel ostensibly built 
and installed why not run that? Or, since you have these other requirements 
which you won't uninstall and if Samba4-devel doesn't run fix that so that 
it does. Either remove Gnome2 and it's MAPI stuff or fix Samba4-devel.

-Mike
 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: location of discussion of lives

[Michael Powell]

leeoliveshackelf...@surewest.net wrote:

> Good morning, dear FreeBSD enthusiast.  Can you help me to negotiate the
> FreeBSD website?  I am trying to find a general discussion about "livefs."
>   I have not been successful at entering the correct sequence of search
> terms to find a general discussion about this topic.  I would like to know
> what this feature does, and the situation in which a user would wish to
> install it.  My question would refer to either release 7 or release 8. 
> Thanks for any and all enlightenment.  Yours truly, Lee S.

The LiveFS is a bootable CD with a very minimal set of utilities present. It 
is somewhat comparable to the minimal install, except booting from a CD. You 
would not necessarily "install it". It is primarily a system admin tool to 
aid in recovery of a damaged system, or can also be used to initially pre-
configure a system in special ways which are not yet included in the 
standard sysinstall. Such things may be GPT partitioning, setting up drives 
for ZFS, and the like. It is more of a fixit/rescue tool, and for other 
advanced sysadmin functions.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: strange find process

[Michael Powell]

Anh Ky Huynh wrote:

> Hi all,
> 
> At 2:00 am today, I turned my laptop on and suddenly found a strange
> process:
> 
> $ ps xauw | grep find
> ... find -sx ./bin -type f
>  ( -perm -u+x -or -perm -g+x -or -perm -o+x )
>( -perm -u+s -or -perm -g+s ) -exec ls -liTd {} +
> 
> What is the purpose of this process? If that is a system check then where
> is the log file?

There are some scripts called periodic which execute and perform various 
different things depending upon whether it is a daily, weekly, or monthly. 
The output will get emailed to root, or redirected to an alias of root.

The above looks strangely enough like a snippet of this activity. The daily 
usually runs every morning here at 3AM, the weekly rebuilds the locate and 
whatis database something like 4:15AM Saturday morning, and the monthly is 
an end of the month count of login activity.

More info can be found in man periodic. There is a periodic.conf in 
/etc/defaults, and the scripts themselves live in /etc/periodic and you can 
take a look. My bet is you stumbled upon one of the periodic script runs.

-Mike
 


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: geometry does not match label

[Michael Powell]

Robin Becker wrote:

> I'm just setting up a software raid mirror using geom; everything seems to
> be working fine and the mirror is slowly synchronizing.
> 
> Because of cabling constraints this is a mirror rather than a duplex (I
> haven't used mirror before) so the gm0 components are ad0/ad1 rather than
> ad0/ad2. In dmesg I see
> ..
> GEOM_MIRROR: Device mirror/gm0 launched (1/2).
> GEOM_MIRROR: Device gm0: rebuilding provider ad1.
> GEOM: mirror/gm0s1: geometry does not match label (16h,63s != 255h,63s).
> ..
> Trying to mount root from ufs:/dev/mirror/gm0s1a
> ..
> 
> anyone know if I should worry about the "geometry does not match label"
> message?

>From what I understand, no. I've seen this on all my machines at boot up 
since the recent round of updating. Since the consensus seems to be that it 
is harmless I've ignored it and have experienced no problem of any kind to 
date. This is still a "YMMV" thing, but I'd bet you can ignore it too.

You should know that the ad0/ad1 will result in a fairly drastic performance 
hit. This is a master/slave arrangement on the same channel. You really 
really should get another cable and do the ad0/ad2 arrangement.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: geometry does not match label

[Michael Powell]

Michael Powell wrote:

[snip]
> 
> You should know that the ad0/ad1 will result in a fairly drastic
> performance hit. This is a master/slave arrangement on the same channel.
> You really really should get another cable and do the ad0/ad2 arrangement.
> 

And, of course, as soon as I hit the "Send" button it occurred to me this 
really only applies to a PATA drive set and is meaningless if both drives 
are SATA. Disregard if using SATA!  :-)

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Possible mysql.sock problem | ERROR 2002 (HY000)

[Michael Powell]

jaymax wrote:

> 
> Thanks !!!
> Got it resolved after adding
> mysql_socket="/usr/tmp/mysql.sock" to the rc.conf file
> Removing the /etc/my.cnf file as the aetting were redundant with those
> used in the compilation
> deinstalling and reinstalling both the server and the client
> 
[snip]

The "new" default location for my.cnf as installed by the ports system is 
now /usr/local/etc, although MySQL will still find it if it is in 
mysql_dbdir.
 
MySQL startup will skip it if it has world write permissions on it, more 
specific info is in the docs. I just chmod mine 444 when I'm done with it as 
it is something I don't change once configured. But if you have two of them 
the permissions thingy can be the cause of why it skips over and ignores the 
one you think it should be using.

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: port-MESS with apache22

[Michael Powell]

PJ wrote:

> Thought I'd better get more specific:
> I rebooted, apache is running.
> I deleted the apache2 directories --
> but lo and behold, it is the php5 port that is stubborn and absolutely
> insists on creating these directories.
> What in Hades is going on?
[snip]

Don't know if this pertains to or will fix the PHP building problem, but you 
might try putting USE_APACHE=common22 in /etc/make.conf. 

There has been change(s) the build process and I have as of yet not taken 
the time to research them enough to be sure I understand. You can look at: 
/usr/ports/Mk/bsd.apache.mk for hints. Note the old styles of WITH_APACHE 
and the like is deprecated.

Quote:
# Note: Setting USE_APACHE to "yes" is deprecated. It will set 
# APACHE_PORT to www/apache13 and if WITH_APACHE2 (deprecated too)
# is defined, APACHE_PORT will be set to www/apache20
#

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Setting root password on mysql 5.4

[Michael Powell]

jaymax wrote:

> 
> Does anyone know how to set root password on a new mysql installation from
> the post?

This is the very first thing performed on a brand new fresh install.
The canonical procedure (and I haven't had to do it in a while so it is 
possible it may have changed) looks something like this:

As root at a '#' prompt do: mysql --user=root mysql

This brings up the mysql prompt:

mysql>GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost'[press return or 
enter]

at the -> prompt type in the following command:

IDENTIFIED BY '' WITH GRANT OPTION;   [press return or enter]

The above should exit back the mysql> prompt if all went well. This will 
allow root to login with no password, but only on localhost. If you wish to 
expand this for the same from any host execute the steps again with the 
below differences. Otherwise type quit at the mysql> prompt to exit. The 
main reason the second step may be desirable is to admin from a different 
box using the MySQLAdminGUI for example. Be warned however!: If this box is 
accessible by anyone from anywhere it is a security hole as root has NOT yet 
been assigned a password! And this procedure does NOT assign any password, 
it only sets the access so you can.

mysql>GRANT ALL PRIVILEGES ON *.* TO 'root'@'%'   [press return or enter]

at the -> prompt type in the following command:

IDENTIFIED BY '' WITH GRANT OPTION;   [press return or enter]

Next at mysql> prompt just type quit to exit.

Restart mysql and now root can login with no password. Either use the 
command line to set the password, or the MySQLAdminGUI in the USERS section. 
The GUI is simple but I'll leave as an exercise for you to look up the CLI 
procedure in the MySQL docs should you get this far. You need to follow the 
above procedure first before you can log in as root in order to change the 
password.

To reiterate: the above does NOT assign a password, it only allows root 
initial access so he can then set a password. Check out:

http://dev.mysql.com/doc/refman/5.1/en/default-privileges.html

http://dev.mysql.com/doc/refman/5.1/en/user-account-management.html 
 
> Can it be performed after starting the server with
> /usr/local/bin/mysqld_safe &
> 
> Or for that matter with
> /usr/local/bin/mysql_secure_installation
> 

Sorry but these two are not something I'm really familiar with. If the 
canonical approach doesn't work, maybe you can try to temporarily start it 
with neither of these in the mix, set the password, then restart it with 
these two active again.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

RE: Clean PHP 5.2.12 Build Core Dumping

[Michael Powell]

Don O'Neil wrote:

> Ok... well, your idea is a good one, but it seems that the port is broken.
> 
> I did a port update, which brought in the latest php build info from
> December, but when I run 'make' (without even editing the Makefile to add
> my own other modules I need) I get this:

If installing with the ports system you shouldn't need to be editing any 
Makefiles. make config will give you list of options you may select from. 
Note there is an initial build/install of PHP itself and a second port 
called php5-extensions which you then install for all the modules. Again, a 
make config will list all options. No need to mess with Makefiles.
 
> X11BASE is now deprecated.  Unset X11BASE in make.conf and try again.
> *** Error code 1
> 
> Not even sure where it's getting that error message from, since I can't
> find any reference to X11BASE in any of the files in the package, or in my
> env.
> 
> Any ideas?
> 

Try putting WITHOUT_X11=yes into /etc/make.conf. Some PHP modules such as GD 
try and pull in X dependencies; this will short circuit that.

>> -Original Message-
[snip]
 
-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Converting i386 to amd64

[Michael Powell]

Greetings everyone:

This is probably a pretty dumb question, but it's never really come up for 
me before. I am at a crossroads with regard to some hardware upgrades, and 
for a couple of them I have been putting off making the change to 64 bit. 
These are server boxen with no concerns for desktop use.

Is it possible to change an i386 install to amd64 without needing to start 
from scratch? I was poking around reading some stuff, and ran across this in 
in /usr/src/Makefile:

# If TARGET=machine (e.g. ia64, sparc64, ...) is specified you can
# cross build world for other machine types using the buildworld target,
# and once the world is built you can cross build a kernel using the
# buildkernel target.

Does this mean I can achieve the desired effect with "make buildworld 
TARGET=amd64", et al? It would be a tremendous time-saver for me.

Of course I would follow with a portupgrade -fa and rebuild all ports 
afterward.

Thanks in advance for the wielding of any clue sticks.  :-)

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Converting i386 to amd64

[Michael Powell]

Matthew Seaman wrote:

> Michael Powell wrote:
>> Greetings everyone:
[snip]
>> 
>> Thanks in advance for the wielding of any clue sticks.  :-)
> 
> This sort of process /is/ possible, but it is a lot more involved than
> you're anticipating.  Unless you're the sort of person that likes doing
> terribly complicated and risky procedures for the hell of it, you are
> going to be better off just starting from scratch and reinstalling using
> an AMD64 .iso.  It's going to be quicker to reinstall anyhow.
> 
> Cheers,
> 
> Matthew

OK, that's what I needed to know. It just didn't seem as if something as 
complex as a cross build could be handled with just one little "TARGET=xxx". 
Terrible and complicated for no real gain is not my style. I like KISS. I 
have done scratch reloads before and can handle it just fine, it's more a 
time management fork in the road issue. This tells me I can allocate  
amount of time for a scratch reload as opposed to  time for 'terrible 
and complicated'. It just means more console time instead of coming by once 
an hour for a few minutes. I'll stick with what I know will work then, and 
budget my time accordingly. Thanks for the reply!

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: watching WebEx session on FreeBSD

[Michael Powell]

Matthias Apitz wrote:

> 
> Hello,
> 
> Has someone had luck with watching a WebEx session on FreeBSD based
> desktop? As far as I understand, it is somehow Flash and RDP based, i.e.
> some tools like Firefox with flash and a RDP client are required.
> I'm always forced to launch a VM with XP to watch such sessions and it
> would be good for me to overcome this situation.
> 

I recently returned to using FreeBSD as a KDE 4 desktop after experimenting 
with various Linux incantations for a couple of years. I finally got tired 
of it. I had used KDE for years on FreeBSD, but it was always "the hard 
way". There may be different rough edges, but I've always been convinced 
that KDE largely runs better on FreeBSD, especially wrt to 8.0.

Instead of a regular install and subsequent lots of time installing stuff 
this time I wanted to check out PCBSD. There are some things I'm not crazy 
about but for some reason or another they got Flash 10 working in Firefox 
right out of the box. I chose not to use their PIB packaging system for 
installing additional software that is not part of the default. I rebuilt 
the OS with the make buildworld, etc, dance so my kernel is half the size of 
theirs and chose to use portupgrade to manage keeping ports in line. Have 
been steadily installing stuff with ports and so far so good.

I installed the beta 3 DVD they have released because I was mainly 
interested in FreeBSD 8 and the previous non-Beta is 7.x based. I only used 
it as a launch pad and then took over my own maintenance from there.

Now for some reason or another I thought that when I tried the free 14 day 
test account that it was Java based. I don't know why this stuck in my mind 
at all. However, I am able to look at their Flash demo just fine. So it is 
is achievable on FreeBSD.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: watching WebEx session on FreeBSD

[Michael Powell]

> Matthias Apitz wrote:
> 
>> 
>> Hello,
>> 
>> Has someone had luck with watching a WebEx session on FreeBSD based
>> desktop? As far as I understand, it is somehow Flash and RDP based, i.e.
>> some tools like Firefox with flash and a RDP client are required.
>> I'm always forced to launch a VM with XP to watch such sessions and it
>> would be good for me to overcome this situation.
>> 

OK - I signed up for another 14 day trial, and eventually at some point I 
always arrive at a page that says: "Support Not Available Meeting Center is 
not available for your computer's operating system. For information about 
system requirements, please refer to the  FAQ  support."

I even tried using Konqueror's sending browser ID as IE7 on Win XP. Still 
ultimately ends up here. So FreeBSD is not a supported OS, also not on their 
list in the FAQ either. So it seems they have decided specifically to 
disallow participation by anyone using FreeBSD.

I guess they don't consider anyone using FreeBSD to be commercially viable. 
This sucks, and I will make a complaint when I hunt down their "Feedback" 
area. As far as I can tell (IMHO) so far is I don't see any reason why it 
should not work. I have both functional Flash and Java.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Can clang compile RELENG_9?

[Michael Powell]

Dennis Glatting wrote:

> I get errors when trying to compile RELENG_9 with clang. Is clag suppose
> to work when it comes to compiling the OS or am I missing something:
[snip]

I can't speak to RELENG_9, but I have successfully rebuilt the RELEASE with 
CLANG (make/install world kernel). My /etc/make.conf as per instructions I 
found on the wiki:

.if !defined(CC) || ${CC} == "cc"
CC=clang
.endif
.if !defined(CXX) || ${CXX} == "c++"
CXX=clang++
.endif
.if !defined(CPP) || ${CPP} == "cpp"
CPP=clang-cpp
.endif
# Don't die on warnings
NO_WERROR=
WERROR=
# Don't forget this when using Jails!
NO_FSCHG=

This was with amd64, have not tried any 32 bit. With custom kernel as well.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: gpart usage during install

[Michael Powell]

Robert Simmons wrote:

> I'm just installing a 9.0-RELEASE instance in Virtual Box to check
> things out.  I ran into something odd.  With 8.x I install certain
> things into a geli encrypted partition.  To do this I have to use a
> fixit shell and a manual install.  Now, I'm trying to do the same
> thing in 9.0, but when I get to the partitioning stage of the install,
> and I select the option to setup the partitions in a shell, I get the
> following error from gpart.  What has changed?  What am I doing wrong?
> 
> # gpart create -s GPT ad0
> gpart: arg0 'ad0': Invalid argument

9 is using the new ATA_CAM layer now, so your drive will look like:
ada0 instead of the old ad0.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: apache22 + php5 (package not ports) ~ spawn-fcgi ?

[Michael Powell]

alexus wrote:

> I dont think you really grasping what I was asking..
> I am aware that I can build from source, yet I'm trying to stay away
> from that route due to a lot of overhead going forward...
> I'm also aware that php5 or actually apache22 doesn't come with
> mod_php as well, and as alternative I'm willing to go spawn-fcgi route
> instead, and this is what I'm interested in.
> I'm looking for some blog/howtos of people already done it on freebsd
> and not just a general fastcgi.com site :)
> So, if anyone have an experience or know a good resources that may be
> useful for me at this point of time, I'd highly appreciate if you can
> post it here.


You do not need spawn-fcgi wrt to PHP. I install software by compiling 
through the ports system, as it is just so much more maintainable in the 
long run. Also, you are more able to select build options which are better 
suited to your needs and environment. I have built Apache outside the ports 
tree in the long-ago past, so I do understand how. It's just there really is 
not a great reason to do so.

In my case, I utilize the apache-event MPM in conjunction with FastCGI. 
Originally I began with mod_fcgi, and it seemed to work well. When I learned 
that mod_fastcgi was supposed to work better with PHP-FPM I switched to it 
when I made the change to PHP-FPM. 

PHP-FPM runs on it's own at boot and has it's own startup scripts. You can 
set the options to do this when you build the base PHP port by choosing 
WITH_CLI=true, WITH_CGI=true,  WITH_FPM=true and you will not need spawn-
fcgi; PHP-FPM supplies this functionality [e.g 'long-running process'] by 
design. Also there is a .conf you can use to adjust your PHP CGI pools in a 
much more granular way than with spawn-fcgi.

Irregardless of which MPM you run Apache with, the next step is to connect 
Apache through mod_fastcgi to these running instance(s) of PHP. Here is an 
example from httpd.conf for this:

[...]
LoadModule fastcgi_module libexec/apache22/mod_fastcgi.so

[...]


Alias /php-cgi /usr/local/www/fastcgi/php-cgi
#FastCGIExternalServer /usr/local/www/fastcgi/php-cgi -flush -host 
127.0.0.1:9000
FastCGIExternalServer /usr/local/www/fastcgi/php-cgi -flush -socket /tmp/php-
fm.sock
 AddType application/x-httpd-php .php
 Action application/x-httpd-php /php-cgi

  
 Order deny,allow
 Deny from all
  
Order allow,deny
Allow from all
  
 


Notice I use a socket, and this socket is configured in the php-fpm.conf. The 
normal default is to use the TCP loopback. This also is probably not the 
best config available, but it supplies my very basic needs. If you are trying 
to set up Apache with mod_fastcgi, go with PHP-FPM as your CGI version of 
the PHP port build (set in the make config options) and it will be easy. IMHO 
this is a better way to go than spawn-fcgi, especially wrt to PHP 
specifically.

--Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: 8.3-BETA1 installation problem

[Michael Powell]

Warren Block wrote:

> On Wed, 22 Feb 2012, Omer Faruk SEN wrote:
> 
>> I am trying to install FreeBSD 8.3-BETA1 to a system with ssd disk
>> recognized as ad6. At fixit mode i can dd device but at installer
>> (sysinstall) when I configured disk and using "w" installer is unable to
>> format devices stating that
>>
>> "Unable to find device node for /dev/ad6s1b in dev. The creation of file
>> systems will be aborted"
>>
>> any suggestion on what may be the reason for that or is it a bug on
>> installer
> 
> Using "W"rite is one of the causes for that.  Don't Write, just choose
> Quit after making selections.
> 
> (There are other causes, like old partitioning information on the disk.
> Removing that with gpart destroy or just dd-ing zeros over it is the
> cure in that case.)

If you need to clear the old MBR the "old way", use a LiveFS or Fixit shell 
and do this (as root):

sysctl kern.geom.debugflags=16  and:

dd if=/dev/zero of=/dev/adx oseek=1 bs=512 count=1 

where x equals your drive number. This will zero out any old MBR.

A time or two when I've seen this error this fixed it up and the install 
proceeds as normal. As Warren said before, don't use the "W", just Q and  
sysinstall will queue and issue all the commands at a later point.

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How much space do I need on "/" for a 7.4 to 8 stable upgrade?

[Michael Powell]

Adam Vande More wrote:

> On Wed, Feb 22, 2012 at 11:47 AM, Joe Moore
> wrote:
> 
>>
>> I have 65MB of free space on "/". Is that going to be enough? I've
>> already moved tftpboot to /usr, cleaned out /root, /boot/kernel.old, and
>> /tmp.
>>
>> What else could I clean out if I need more space? I'm thinking some
>> executables in /rescue. "ls -l"  shows most of them being  4MB each but
>> that can't be right.
>>
> 
> I don't know the specific numbers of what you'll need but you can probably
> delete the *.symbol files(they aren't needed by default).  i386 also
> produces smaller files/mem imprint than most equivalent amd64 bins.
> 

I did this and  the only i386 box I have left uses 96MB on / while the amd64 
ones  hover around 105MB, give or take a few. 

I believe adding WITHOUT_PROFILE= true to /etc/src.conf prevents them from 
being built/installed in subsequent builds.

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: 8.3-BETA1 installation problem

[Michael Powell]

Omer Faruk SEN wrote:

[edited to relocate top post]
[snip]
>>
>> If you need to clear the old MBR the "old way", use a LiveFS or Fixit
>> shell and do this (as root):
>>
>> sysctl kern.geom.debugflags=16  and:
>>
>> dd if=/dev/zero of=/dev/adx oseek=1 bs=512 count=1
>>
>> where x equals your drive number. This will zero out any old MBR.
>>
>> A time or two when I've seen this error this fixed it up and the install
>> proceeds as normal. As Warren said before, don't use the "W", just Q and
>> sysinstall will queue and issue all the commands at a later point.

> Already done that but still habe the same issue. I can dd and sysctl but
> after installing without using W at disk label screen still no luck. I
> have also done
> sysctl kern.geom.debugflags=16 on fixit and restarted installation but
> still getting the same error.
> 

I apologize over minor language difficulties, as I'm as guilty as anyone. But 
I do find the above slightly confusing, as I cannot tell for certain whether 
you have executed the commands correctly, or not. I can easily assume that 
you did and the problem indeed is somewhere else.

The purpose of the sysctl command is to make it so that the subsequent dd 
can actually complete it's write to zero the MBR. If you were to examine 
this sector in a hex editor you would see all zeroes if the dd was 
successful. If it's anything other than all zeroes the write did not happen. 
If the write didn't happen then the problem would remain.

Historically, I had this problem when I pulled an old backup disk off the 
shelf to swap into a box with a failed drive. The old disk still had the 
previous install of version 6.2 on it. I'm not certain exactly what changed, 
but some fuzzy glint of memory seems to make me think it was some kind of 
change in partition labeling between 6.2 and 7.x which rendered 7.x unable 
to properly read and modify the disk. Trying to install 7.x over the old 6.2 
continually failed with exactly the same error as you describe until I 
booted from a LiveFS CD and did the above 2 commands. Another difference is 
that I have _not_ done this procedure in a FIXIT shell; I'm just assuming 
here that it would work the same way but could be wrong.

There are several other things that jump out at me that I will include for 
ideas. A RAID controller sometimes will store it's metadata on the last 
sector of a disk. I doubt that this would cause a problem until or unless 
you were trying to use a GEOM class like gmirror which does the same thing 
and would clash. If so, you'd need to zero this sector as well. I doubt that 
this is the situation.

You could also play around with BIOS controller configurations as well. For 
example, you would not want to be using Intel MatrixRAID. So "NO" to setting 
the controller to any kind of RAID setting in BIOS - and for an SSD you 
really want to select AHCI. The only other choice is Legacy support. I'm 
also a little apprehensive of installing to ad6 - you might try as an 
experiment unplugging any/all other drives you don't want to take chances 
with and plug up the SSD as ad0 to see if this changes anything. 

I have FBSD 9 installed in a VM for testing, and I believe it has switched 
to the new ATA_CAM layer as default now. I have also configured my 8.2 
machines the same way so the drives are now ada0 instead of the old ad0 
naming scheme. I do not know if this change has gone into the 8.3 Beta you 
are having trouble with. Examine your dmesg output and you can determine 
this. If your drive(s) are showing up as ada0 then possibly sysinstall 
doesn't know how to deal with this. I thought this was supposed to start 
with 9, and do not really know anything about 8.3 Beta.

One thing I'd try is to see if installing 8.2 RELEASE would work. If it did, 
then the devs probably need some kind of PR filed so they will be aware. I 
won't see 8.3 until it becomes RELEASE, as I run production machines and I 
just am not interested in any potential upgrade until 8.3 achieves RELEASE 
status. But if attempting to install 8.2 RELEASE does the same thing it 
would circle me back to believing the crux of the problem is whatever was on 
the drive previously - and that needs to be successfully erased before your 
install will proceed.

You should also reboot the box after doing these 2 commands, don't just try 
and continue on with sysinstall - reboot first.


-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: 8.3-BETA1 installation problem

[Michael Powell]

Warren Block wrote:

> On Fri, 24 Feb 2012, Omer Faruk SEN wrote:
> 
>> Already done that but still habe the same issue. I can dd and sysctl but
>> after installing without using W at disk label screen still no luck. I
>> have also done
>> sysctl kern.geom.debugflags=16 on fixit and restarted installation but
>> still getting the same error.
> 
> [Please don't top-post, it makes responding more difficult.]
> 
>>> If you need to clear the old MBR the "old way", use a LiveFS or Fixit
>>> shell and do this (as root):
>>>
>>> sysctl kern.geom.debugflags=16  and:
>>>
>>> dd if=/dev/zero of=/dev/adx oseek=1 bs=512 count=1
> 
> The sysctl is not necessary.  The dd may not erase enough of the disk.
> It will erase a bsdlabel, but not the MBR/PMBR.  As always, be warned
> that this will erase the partition table on that disk, so make sure it's
> the correct target disk and that you have full backups:
> 
>dd if=/dev/zero of=/dev/adX bs=512 count=34

  
Excellent idea here. It covers GPT too, for as if a Linux distro was on the 
disk previously, or anything else using GPT. For me I only needed the one 
because my problem was only a change from FBSD 6.2 to 7.x something, 
no GPT involved - my problem was only disklabel related.
 
> Replace X with the correct drive number.



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Email issues, relay failure

[Michael Powell]

Jon Radel wrote:

> On 2/25/12 10:26 AM, Bender, Chris wrote:
> 
>>
>> On telnet w IP it says unable to connect.
> ...
>> Its weird that the delivery on A says deferred connection timed out but
>> on tcpdump I see the port 25
> 
> 
> If you can't establish a TCP connection from A to your relay server on
> port 25, I'd expect all of the above.  If you can't establish a TCP
> connection to port 25 at all from A, I'd stop focusing on the details of
> the e-mail server on the relay machine (as they're likely to be beside
> the point) and start focusing on what is blocking the traffic from A.
> Have you audited all the firewalls involved?  To be really focused, if
> you see traffic (both ways) at the relay server when A tries to talk to
> port 25, but A is convinced that no TCP connection is established,
> either you're stomping on things at the relay server (do your attempts
> to telnet to port 25 fail immediately or just sit there for a good long
> time and then fail?), the reply packets from relay to A are getting
> mis-routed, or A is ignoring the packets coming in from the relay.  Can
> you ping from the relay to A?
> 
> There's a distinct difference between failure to establish a TCP
> connection (look to the network stuff) and the e-mail server giving you
> an error response rejecting your attempt to transfer mail or just
> quietly loosing the mail (look to the e-mail servers).
> 

It can also depend on a difference between residential vs business account at 
the ISP between them. If it was working fine and absolutely nothing was 
changed at either end, one posibility is an ISP implemented a policy of 
forcing mail submission to port 587, and whatever blocking they then started 
on port 25 is what broke the connection. 

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Please help me diagnose this crazy VMWare/FreeBSD 8.x crash

[Michael Powell]

Mark Felder wrote:

> Alright guys, I'm at the end of my rope here. For those that haven't seen
> my previous emails here's the (not so) quick breakdown:
> 
> Overview:
> 
> FreeBSD ?? - 7.4 never crash
> FreeBSD 8.0 - 8.2 crashes
> FreeBSD 8-STABLE, 8.3, and 9.0 are untested (Sorry, not possible in our
> production at this time, and we were hoping we could base some stuff on
> 8.3 for long term stability...)
> ESXi: Confirmed ESXi 4.0 - 5.0 has this problem. Haven't tested on others.
> 
[snip]
> 
> 
> I think we've finally found enough data that this is definitely something
> in the FreeBSD world. I'm going to begin prepping some of the known crashy
> servers with more debugging. Any suggestions on what I should build the
> kernel with? They never do a proper panic, but I definitely want to at
> least *try* to get into the debugger the next time it crashes. And when it
> crashes, what the heck should I be running? I've never played with the KDB
> before...
> 
> 
> Thank you for any suggestions and help you can give me

I am definitely out of my league here and this is way over my head, to be 
sure. Just a couple of shots in the dark for possibly covering a couple more 
data points for your research. And I am a tad fuzzy on both as I have never 
needed to dig into either because I've not had any trouble with either.

IIRC there are three different timer subsystems one may choose from. You may 
want to look into expirementation with each of the three, just to see if 
this changes any observed behaviors. Or to possibly rule it out. 

Your situation sounds like a candidate for reverse logic - if I can't get 
any handle on what's wrong I start at the opposite end and try to make a 
list of what is "right" in an attempt to leave a smaller subset to probe.

I also think this most likely has nothing to do with what's happening, but 
for some reason it just pops into my head. Try disabling msi in 
/boot/loader.conf like this:

hw.pci.enable_msi="0"
hw.pci.enable_msix="0"

At least if it makes no difference maybe this will exclude it from being a 
'possible'. Developers who are more in-depth aware of what the differences 
are between 7.x and 8.x/9.x in the development timeline can probably provide 
a better picture so as to narrow the field of what to look at. This is way 
over my head, just wish I could help - I know and have experienced the kind 
of quandary you have here (I feel for you).   :-)

-Mike
 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: ps, clang and make variables

[Michael Powell]

R Skinner wrote:

> Stupid question, but I need to clarify and make sure I'm right here:
> what should I see as the running process if clang is compiling? ATM I
> see cc1plus.
> 
> I'm trying to set CC and friends make variables to clang for a build,
> but it doesn't appear to be 'sticking'. It seems to change the shell env
> to bash, but that shouldn't be the problem. So I'm trying to work out
> whats up.
> 
> FWIW I'm trying to build libreoffice with clang as it doesn't build, or
> more accurately doesn't build and test correctly. It doesn't appear to
> honor the CC variables (CC, CXX, CPP, etc). Worth a shot anyway :)

I have done the buildworld/buildkernel dance with the following in 
/etc/make.conf a few weeks back. Haven't played with it recently though.

.if !defined(CC) || ${CC} == "cc"
CC=clang
.endif
.if !defined(CXX) || ${CXX} == "c++"
CXX=clang++
.endif
.if !defined(CPP) || ${CPP} == "cpp"
CPP=clang-cpp
.endif
# Don't die on warnings
NO_WERROR=
WERROR=
# Don't forget this when using Jails!
NO_FSCHG=

I got this from:

http://wiki.freebsd.org/BuildingFreeBSDWithClang

Good Luck!

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Questions about Jail

[Michael Powell]

James Y Chen wrote:

> Hi
> 
> I think Jail on FreeBSD 8.2 can generate 2 jailed machine using the same
> version of FreeBSD, for example, on a 8.2 AMD64 Jailer, I can create 2
> or more FreeBSD 8.2 amd64 Jailed machine.
> 
> My question is: can I install other version of FreeBSD on the Jailed
> environment? If yes, which steps shall I do? Still using make world or
> other easier way?

In many respects a Jail is more like a super-duper chroot, as opposed to 
other virtualization technologies such as VMWare, Xen, or KVM hypervisor(s). 
The closest parallel is probably Solaris Containers, if you are familiar 
with Solaris.

There will only be one running kernel at the heart of a jail based machine. 
So the bottom line short answer to your question is basically "no".

Possibly you may wish to read this:

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails-intro.html

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: booting a CD-ROM

[Michael Powell]

gs_stol...@juno.com wrote:

>   I have an old  FreeBSD  system that I haven't used for a long time
>   and I have forgotten the passwords.  This machine has  FreeBSD-4.3 
>   and  FreeBSD-4.7  on it, and also  MS'  Windows98 .  I tried getting
>   onto that system by booting with a  CD-ROM  which started going and
>   gave me the following messages:
> boot from  ATAPI  CD-ROM
> CD Loader 1.2
> Building the boot loader arguments
> Relocating the loader and the BTX
>   The system then did not output for a liitle over 5 minutes and then
>   typed:
> Starting the
> and after this I waited for over 5 minutes but the system did not type
> anything else.  Then I tried  booting that  CD-ROM  on another system
> where it booted successfully and the program on it ( FreesBIE version 2)
> ran and I could communicate with it.  I suspect a problem with the  boot
> loader on the first system.
>  Where can I get a new boot loader for that system?Since I want to
>  get a modern  FreeBSD  (version 9.1 or higher), I expect that will
>  include a new multi-system loader on it that I can use on the old
>  system if I can load just that.  How can I load just the boot loader?
>   Also, what is the structure of the  password  files (is this on the 
>  web  with a per system-version note so if it has been changed over
>  time, I can find those I need) on those systems, and how can I find
>  and clear out the password for  root  so I can get in and set its
>  password and then the other passwords?
> Thanks in advance for your help.

You did not specify which/what version of FreeBSD CD-ROM you were 
attempting this with. IIRC way back then bootable CDs used a 
floppy-emulation mechanism. If the hardware and its' BIOS is that old 
a modern day boot CD won't work as it is not emulating a floppy disk 
any longer.

Your best bet would be to locate a FreeBSD version 4.7 disk and try 
that. A long time ago there used to be included 2 floppy images that 
could be written out to floppy disks, thus creating bootable floppies. 
In lieu of not being able to boot from CD-ROM if there is a 1.44MB 
floppy drive in the box you may be able to boot off the floppies.

I'm a little rusty with dim memories, but essentially you want to boot 
into single user mode. I think it used to be you'd break into the loader
by hitting the space bar during the the little "twirlie" period when a '/' 
is spinning in the upper left corner of your screen. 

You would need some basic familiarity with vi such as how to do a basic 
edit and then save the file. Essentially what vipw does is open the password 
file using vi as the editor. You could then null out the root password by 
replacing the crypto string in the second field with a * character. When you 
save the file using vi commands and exit you will see a message about the 
password database being updated.

This is actually a FAQ:

http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/admin.html#FORGOT-ROOT-PW

Note the instructions for mounting / read-write, and the mount -a. The 
vipw lives in /usr/sbin, so /usr needs to be mounted in order to use it.

-Mike



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Re[2]: newfs create to little inodes

[Michael Powell]

Rob Farmer wrote:

> On Mon, Apr 16, 2012 at 10:02 AM, Robert Bonomi
>  wrote:
>>
>> Something about -your- installation is causing you to run out of inodes.
>>
> 
> This is a release engineering issue in 9.0, not just his installation.
> The defaults are screwed up. See bin/162659.
> 

Yes - I experienced this early on with first attempts at looking over 9.0 in 
a Virtualbox VM. I don't remember if it was 5 or 6GB size of the initial 
'everything in one filesystem (/)' install which triggered it, but when I 
increased it to 8GB, and/or larger, the error the OP describes went away.

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: upgrade of portupgrade

[Michael Powell]

n dhert wrote:

> Today, my nightly run of portsnap informed me there is un update for:
> # pkg_version -vIL=
>  portupgrade-2.4.9.3.2  < needs updating (index has 2.4.9.3_1,2)
> 
> Since there is no special entry in /usr/ports/UPDATING about the
> portupgrade  update,
> I started my weekly
> # portupgrade -yaRrpb
> 
> this gives:
> ...
> --->  Upgrade of ports-mgmt/portupgrade started at: Mon, 23 Apr 2012
> 08:37:14 +0
> 200
> --->  Upgrading 'portupgrade-2.4.9.3,2' to 'portupgrade-2.4.9.3_1,2'
> (ports-mgmt
> /portupgrade)
> --->  Build of ports-mgmt/portupgrade started at: Mon, 23 Apr 2012
> 08:37:14 +020
> 0
> --->  Building '/usr/ports/ports-mgmt/portupgrade'
> ===>  Cleaning for portupgrade-2.4.9.3_1,2^M
> ===>  License BSD accepted by the user^M
> ===>  Found saved configuration for portupgrade-2.4.6,2^M
> ===>  Extracting for portupgrade-2.4.9.3_1,2^M
> => SHA256 Checksum mismatch for pkgtools-2.4.9.3.tar.bz2.^M
> ===>  Refetch for 1 more times files: pkgtools-2.4.9.3.tar.bz2 ^M
> ===>  License BSD accepted by the user^M
> ===>  Found saved configuration for portupgrade-2.4.6,2^M
> => pkgtools-2.4.9.3.tar.bz2 doesn't seem to exist in
> /usr/ports/distfiles/.^M
> => Attempting to fetch
> http://heanet.dl.sourceforge.net/project/portupgrade/pkgt
> ools/2.4.9.3/pkgtools-2.4.9.3.tar.bz2^M
> fetch:
> http://heanet.dl.sourceforge.net/project/portupgrade/pkgtools/2.4.9.3/pkg
> tools-2.4.9.3.tar.bz2: Moved Temporarily^M
> it does 5 more at other places, then
> => Attempting to fetch
> http://freefr.dl.sourceforge.net/project/portupgrade/pkgt
> ools/2.4.9.3/pkgtools-2.4.9.3.tar.bz2^M
> fetch: pkgtools-2.4.9.3.tar.bz2: local file (79394 bytes) is longer than
> remote
> file (79377 bytes)^M
> ...
> then 10 more 'Attempting to fetch' with Moved temporarily
> then
> => Attempting to fetch
> ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/pkgtool
> s-2.4.9.3.tar.bz2^M
> ===>  License BSD accepted by the user^M
> ===>  Found saved configuration for portupgrade-2.4.6,2^M
> => SHA256 Checksum mismatch for pkgtools-2.4.9.3.tar.bz2.^M
> ===>  Giving up on fetching files: pkgtools-2.4.9.3.tar.bz2 ^M
> Make sure the Makefile and distinfo file
> (/usr/ports/ports-mgmt/portupgrade/dist
> info)^M
> are up to date.  If you are absolutely sure you want to override this^M
> check, type "make NO_CHECKSUM=yes [other args]".^M
> *** Error code 1^M
> ^M
> Stop in /usr/ports/ports-mgmt/portupgrade.^M
> *** Error code 1^M
> ^M
> Stop in /usr/ports/ports-mgmt/portupgrade.^M
> *** Error code 1^M
> ^M
> Stop in /usr/ports/ports-mgmt/portupgrade.^M
> --->  Build of ports-mgmt/portupgrade ended at: Mon, 23 Apr 2012 08:37:45
> +0200
> (consumed 00:00:30)
> --->  Upgrade of ports-mgmt/portupgrade ended at: Mon, 23 Apr 2012
> 08:37:45 +020
> 0 (consumed 00:00:30)
> 
> What's this problem with  pkgtools ???
> I have a
> $ ls -la /usr/ports/distfiles/pkgtools-2.4.9.3.tar.bz2
> -rw-r--r--  1 root  wheel  79394 Aug 23  2011
> /usr/ports/distfiles/pkgtools-2.4.9.3.tar.bz2
> but no 2.4.9.3_1,2  version
> 
> And, strange: if I try
> http://www.freebsd.org/ports, Search for  pkgtools in All
> it finds nothing  ???  Isn't that package described ??

Search for portupgrade instead.
 
> What's going on here and how to solve it ??

I just did this upgrade utilizing portupgrade 2 days ago - 04/20/12 03:34 
and did not experience any trouble. However, I noticed the name of the file 
that was downloaded here was: pkgtools-pkgtools-b99f3ce.tar.gz. This file was 
98949 bytes in size.

Today I have csup'd my ports tree and did a make fetch for this port and it 
downloaded a file of the same name as you have described. This file is 79377 
bytes in size. I did a make for the port and it again built without error.

Sounds like something was out of sync at the time you tried this. Try 
refreshing your ports again and see if it has been fixed. Also consider the 
possibility that the mirror you were using wasn't completely up to date. 
Either the mirror will have caught up since then, or try another mirror.

-Mike




___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: FreeBSD vice OS X memory management

[Michael Powell]

Adam Vande More wrote:

> On Thu, Apr 26, 2012 at 12:04 AM, jb  wrote:
> 
>> If so, should FreeBSD adopt NetBSD's MM subsys, or just improve itself
>> surgically ?
>>
> 
> You ought first establish there is a problem.  What you have cited is
> recently reinvigorated trend that has taken on the air of  the "BDS is
> dying" troll.  What you have is a set of computer users with no
> understanding of kernel internals attempting to diagnose some sort of
> possibly legitimate problem by reaching conclusion via rumor and
> guesswork.  These people can be taken about as seriously as those who
> insist the moon landing was fake and other bizarre ignorant
> pseudo-science.
> 
> http://workstuff.tumblr.com/post/19036310553/two-things-that-really-helped-
speed-up-my-mac-and
> http://dywypi.org/2012/02/back-on-linux.html
> 
> When you have a test case illustrating your feared FreeBSD VM
> shortcomings, you may at that point begin to attract developer interest.
> 

To the OP:

A potential first test case where the symptom is "my system slows to a crawl 
and starts paging out to disk" might be to build a kernel with the 
SCHED_4BSD scheduler. There have been a couple of edge/corner cases that 
sound like this. That is, if you really have a problem and want to try 
eliminating one possibility.

Another thing that shows up in things like top is it breaks and does not 
report accurate values for anything when userland and kernel are out of 
sync, that is if it runs at all without segfaulting. World and kernel being 
out of sync would be operator error. In this case the values you are using 
to somehow relate the symptom to memory management would be false.

As far as all the rest, such as something being "deeply broken in OS X 
memory management", mentions of NetBSD memory management, etc, are all  
irrelevant. It is this wild mix of stuff seemingly non-related to any problem 
in FreeBSD per se, that makes this look like a troll.

If you really are having a problem with FreeBSD you are going to have to do 
a lot better than this in terms of providing some data points which define 
the problem. I am in agreement with Adam here: either you can work the 
problem or you can troll. I don't see any indication yet of any real problem 
analysis, only a wild mix of stuff non-related to FreeBSD sprinkled with some 
magic 'memory management' dust. 

Sorry if this comes across the wrong way, but this really looks like troll 
material to me too - it has a great resemblance to a pattern trolls have 
used for many years. 

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"