Re: User root can't get email
Hello. Silly me didn't tought about doing a service sendmail onerestart before sending this email. Executing that command solved my problem. Thank you. -Mensaje original- From: Efraín Déctor Sent: Friday, May 04, 2012 5:13 PM To: Jason Hellenthal Subject: Re: User root can't get email Hello. Silly me didn't tought about doing a service sendmail onerestart before sending this email. Executing that command solved my problem. Thank you. -Mensaje original- From: Jason Hellenthal Sent: Friday, May 04, 2012 12:07 AM To: Efraín Déctor Cc: freebsd-stable@freebsd.org Subject: Re: User root can't get email And possibly /etc/mtree/BSD.sendmail.dist On Fri, May 04, 2012 at 01:05:05AM -0400, Jason Hellenthal wrote: On Thu, May 03, 2012 at 06:02:35PM -0500, Efraín Déctor wrote: > Hello. > > I have a FreeBSD Server 8.2, the past few days I’ve noticed that the > user root was not recieving email. I ran a test simply by using: > > mail root > > Then in /var/log/messsages I got this message: > > May 3 22:47:56 edh sendmail[74022]: q3RFM513074022: SYSERR(root): > Cannot reopen ./dfq3RFM513074022: No such file or directory > May 3 22:47:56 edh sendmail[74022]: q3RFM514074022: SYSERR(root): > putbody: Cannot open ./dfq3RFM513074022 for MAILER-DAEMON from root: No > such file or directory > > Im not using this server as a email server, but it is very important to > me because I have some scripts running by cron that send the output by > email to the user that is running them, in this case root. > If you have recently been working on upgrading your system in any way I would check the perms on all the directories in /var and possibly other systems as can be advised in a upgrade procedure within the handbook. You may also attempt the following which may fix it but it comes with a disclaimer and you should know how to fix it if it breaks. mtree -deU -f /etc/mtree/BSD.var.dist Before doing the above, I would seriously ask myself... What did I do in those last few days or week or so... and at least attempt to backtrack to a conclusive result. Good luck. -- - (2^(N-1)) -- - (2^(N-1)) ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: Make filesystem type configurable for periodic(8)?
on 04/05/2012 19:08 Bryan Drewery said the following:
> On 05/04/2012 11:05 AM, Freddie Cash wrote:
>> A few of the periodic(8) scripts in FreeBSD have constructs similar to
>> the following to get which filesystems to scan for various things:
>> MP=`mount -t ufs,zfs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
>>
>> For systems with large ZFS pools, and many ZFS filesystems, these
>> periodic scripts can grind it to its knees, and then some. For
>> backups servers where we don't really care about the
>> ownership/permissions of files from the FreeBSD perspective, we really
>> don't want the ZFS filesytems to be scanned; only the UFS ones for the
>> FreeBSD OS install. To that end, I have to manually edit these files
>> to remove the ",zfs":
>> MP=`mount -t ufs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
>>
>> Would it be worthwhile to anyone else to make the filesystem type(s)
>> to scan via the periodic(8) scripts a variable that's set by default
>> in /etc/defaults/periodic.conf and that user's can override via
>> /etc/periodic.conf?
>>
>> Or, am I the only one that's suffering here? :)
>>
>> If there's interesting in this, I can look into coming up with some
>> patches. But wanted to check if anyone else would find it useful.
>>
>
> I would find this useful. But further, I have a ZFS root pool as well as
> a ZFS backup pool. I don't want to exclude all of ZFS, just certain
> pools, or even certain datasets.
Guys,
why do you think that FS type is significant for these periodic security checks?
Why ZFS (or some other FS) must be immune to a rogue suid script or some other
permissions-based security threat?
If you are sure that your ZFS datasets can not be a source of such an attack,
then why not:
1) either disable the periodic security check altogether?
2) or mark the appropriate datasets as noexec or nosuid to ensure your belief?
--
Andriy Gapon
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: High load event idl.
Le 27/04/2012 ? 22:30:13+0200, Albert Shih a écrit > Hi all > > I'm running 9-stable on all my computer. (csup yesterday). > > On my desktop everything is fine. But I've two laptop, (both are Dell). On > both latptop I've problem about the load, event when I do nothing I got a > load between 0.5-1. > > Here the result of a «top» on the laptop : > > last pid: 2434; load averages: 0.63, 0.67, 0.59 up 0+00:23:59 22:25:29 > 57 processes: 3 running, 54 sleeping > CPU: 2.7% user, 0.0% nice, 3.7% system, 1.4% interrupt, 92.2% idle > Mem: 89M Active, 92M Inact, 198M Wired, 13M Cache, 100M Buf, 3529M Free > Swap: 4096M Total, 4096M Free > > Here on the desktop : > > last pid: 61010; load averages: 0.00, 0.00, 0.00 up 2+11:02:42 22:29:08 > 126 processes: 1 running, 125 sleeping > CPU: % user, % nice, % system, % interrupt, % idle > Mem: 803M Active, 2874M Inact, 1901M Wired, 112M Cache, 620M Buf, 202M Free > Swap: 6144M Total, 36M Used, 6107M Free > > On attachment the dmesg. > > Any idea ? > Any news about this problem ? I make a buildworld/kernel yesterday and nothing change. Regards. JAS -- Albert SHIH DIO bâtiment 15 Observatoire de Paris 5 Place Jules Janssen 92195 Meudon Cedex Téléphone : 01 45 07 76 26/06 86 69 95 71 xmpp: j...@obspm.fr Heure local/Local time: ven 4 mai 2012 21:43:25 CEST ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: Make filesystem type configurable for periodic(8)?
On Fri, May 4, 2012 at 11:02 AM, Freddie Cash wrote:
> On Fri, May 4, 2012 at 9:08 AM, Bryan Drewery wrote:
>> On 05/04/2012 11:05 AM, Freddie Cash wrote:
>>> A few of the periodic(8) scripts in FreeBSD have constructs similar to
>>> the following to get which filesystems to scan for various things:
>>> MP=`mount -t ufs,zfs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
>>>
>>> For systems with large ZFS pools, and many ZFS filesystems, these
>>> periodic scripts can grind it to its knees, and then some. For
>>> backups servers where we don't really care about the
>>> ownership/permissions of files from the FreeBSD perspective, we really
>>> don't want the ZFS filesytems to be scanned; only the UFS ones for the
>>> FreeBSD OS install. To that end, I have to manually edit these files
>>> to remove the ",zfs":
>>> MP=`mount -t ufs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
>>>
>>> Would it be worthwhile to anyone else to make the filesystem type(s)
>>> to scan via the periodic(8) scripts a variable that's set by default
>>> in /etc/defaults/periodic.conf and that user's can override via
>>> /etc/periodic.conf?
>>>
>>> Or, am I the only one that's suffering here? :)
>>>
>>> If there's interesting in this, I can look into coming up with some
>>> patches. But wanted to check if anyone else would find it useful.
>>>
>>
>> I would find this useful. But further, I have a ZFS root pool as well as
>> a ZFS backup pool. I don't want to exclude all of ZFS, just certain
>> pools, or even certain datasets.
>
> Would you mind testing the attached patch? It adds four new variables
> for use in periodic.conf (defaults shown):
>
> daily_status_security_chksetuid_fs="ufs,zfs"
> daily_status_security_chksetuid_fs_ignore=""
> daily_status_security_neggrpperm_fs="ufs,zfs"
> daily_status_security_neggrpperm_fs_ignore=""
>
> The _fs variables take filesystem types, as would be passed to
> mount(8). These limit the entire search based on type, so an all or
> nothing approach.
>
> The _fs_ignore variables are space separated lists of mountpoints to
> skip. So you can leave zfs in the _fs list, and then list specific
> filesystems here that you do not want to be scanned.
>
> I don't claim to be any great shell script writer, but this appears to
> do the job. Any suggestions, pointers, comments, etc welcomed. :)
Guess I should mention how to use the patch. :)
cd /etc
patch -p0 < /path/to/periodic-fs-type.patch
--
Freddie Cash
fjwc...@gmail.com
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: Make filesystem type configurable for periodic(8)?
On Fri, May 4, 2012 at 9:08 AM, Bryan Drewery wrote:
> On 05/04/2012 11:05 AM, Freddie Cash wrote:
>> A few of the periodic(8) scripts in FreeBSD have constructs similar to
>> the following to get which filesystems to scan for various things:
>> MP=`mount -t ufs,zfs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
>>
>> For systems with large ZFS pools, and many ZFS filesystems, these
>> periodic scripts can grind it to its knees, and then some. For
>> backups servers where we don't really care about the
>> ownership/permissions of files from the FreeBSD perspective, we really
>> don't want the ZFS filesytems to be scanned; only the UFS ones for the
>> FreeBSD OS install. To that end, I have to manually edit these files
>> to remove the ",zfs":
>> MP=`mount -t ufs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
>>
>> Would it be worthwhile to anyone else to make the filesystem type(s)
>> to scan via the periodic(8) scripts a variable that's set by default
>> in /etc/defaults/periodic.conf and that user's can override via
>> /etc/periodic.conf?
>>
>> Or, am I the only one that's suffering here? :)
>>
>> If there's interesting in this, I can look into coming up with some
>> patches. But wanted to check if anyone else would find it useful.
>>
>
> I would find this useful. But further, I have a ZFS root pool as well as
> a ZFS backup pool. I don't want to exclude all of ZFS, just certain
> pools, or even certain datasets.
Would you mind testing the attached patch? It adds four new variables
for use in periodic.conf (defaults shown):
daily_status_security_chksetuid_fs="ufs,zfs"
daily_status_security_chksetuid_fs_ignore=""
daily_status_security_neggrpperm_fs="ufs,zfs"
daily_status_security_neggrpperm_fs_ignore=""
The _fs variables take filesystem types, as would be passed to
mount(8). These limit the entire search based on type, so an all or
nothing approach.
The _fs_ignore variables are space separated lists of mountpoints to
skip. So you can leave zfs in the _fs list, and then list specific
filesystems here that you do not want to be scanned.
I don't claim to be any great shell script writer, but this appears to
do the job. Any suggestions, pointers, comments, etc welcomed. :)
--
Freddie Cash
fjwc...@gmail.com
periodic-fs-type.patch
Description: Binary data
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: Make filesystem type configurable for periodic(8)?
On 05/04/2012 11:05 AM, Freddie Cash wrote:
> A few of the periodic(8) scripts in FreeBSD have constructs similar to
> the following to get which filesystems to scan for various things:
> MP=`mount -t ufs,zfs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
>
> For systems with large ZFS pools, and many ZFS filesystems, these
> periodic scripts can grind it to its knees, and then some. For
> backups servers where we don't really care about the
> ownership/permissions of files from the FreeBSD perspective, we really
> don't want the ZFS filesytems to be scanned; only the UFS ones for the
> FreeBSD OS install. To that end, I have to manually edit these files
> to remove the ",zfs":
> MP=`mount -t ufs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
>
> Would it be worthwhile to anyone else to make the filesystem type(s)
> to scan via the periodic(8) scripts a variable that's set by default
> in /etc/defaults/periodic.conf and that user's can override via
> /etc/periodic.conf?
>
> Or, am I the only one that's suffering here? :)
>
> If there's interesting in this, I can look into coming up with some
> patches. But wanted to check if anyone else would find it useful.
>
I would find this useful. But further, I have a ZFS root pool as well as
a ZFS backup pool. I don't want to exclude all of ZFS, just certain
pools, or even certain datasets.
Regards,
Bryan Drewery
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Make filesystem type configurable for periodic(8)?
A few of the periodic(8) scripts in FreeBSD have constructs similar to
the following to get which filesystems to scan for various things:
MP=`mount -t ufs,zfs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
For systems with large ZFS pools, and many ZFS filesystems, these
periodic scripts can grind it to its knees, and then some. For
backups servers where we don't really care about the
ownership/permissions of files from the FreeBSD perspective, we really
don't want the ZFS filesytems to be scanned; only the UFS ones for the
FreeBSD OS install. To that end, I have to manually edit these files
to remove the ",zfs":
MP=`mount -t ufs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
Would it be worthwhile to anyone else to make the filesystem type(s)
to scan via the periodic(8) scripts a variable that's set by default
in /etc/defaults/periodic.conf and that user's can override via
/etc/periodic.conf?
Or, am I the only one that's suffering here? :)
If there's interesting in this, I can look into coming up with some
patches. But wanted to check if anyone else would find it useful.
--
Freddie Cash
fjwc...@gmail.com
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
American Express Alert - Personal Security Key Reset
American Express Alert - Personal Security Key Reset American Express Alert - Personal Security Key Reset For your security: _ Dear American Express member, To protect your account(s), we need you to re-authenticate your account by updating your Pers onal Security Key. For authenticate your identity please click on the following link. [1]http://www.americanexpress.com/myca/form/serverstack/action?request _type=75629812604 . As a reminder, your Personal Security Key is not the password associated with your User ID when you log in to [2]www.americanexpress.com. You created this unique key when you activated your Card. We will ask for your Personal Security Key when you call American Express to validate your identification and to securely and promptly service your requests. Your Personal Security Key applies to all of your American Express Card accounts where you are the Basic Cardmember. Thank you for your Cardmembership. Sincerely, American Express Customer Care Cardmember: Account Ending: _ [3]Contact Customer Service [4]View Our Privacy Statement [5]Add Us to Your Address Book Your Cardmember information is included in the upper-right corner to help you recognize this as a customer service e-mail from American Express. Using the spam/junk mail function may not block servicing messages from being sent to your email account. . Copyright 2011 American Express Company. All rights reserved. CASEUPSW0001005 References 1. http://89.38.204.111/home.americanexpress.com/ 2. https://www.americanexpress.com/ 3. http://www.americanexpress.com/Tracking?mid=CASEUPSW0001005C96900389B51EA03A&msrc=MYCA&url=https://www.americanexpress.com/messagecenter 4. http://www.americanexpress.com/Tracking?mid=CASEUPSW0001005C96900389B51EA03A&msrc=MYCA&url=http://www.americanexpress.com/privacy 5. http://www.americanexpress.com/Tracking?mid=CASEUPSW0001005C96900389B51EA03A&msrc=MYCA&url=https://www212.americanexpress.com/dsmlive/dsm/dom/us/addustoyouraddressbook.do?vgnextoid=46c001cc1e65b110VgnVCM10defaad94RCRD ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: Reject Action For SPF
Am 04.05.2012 um 09:45 schrieb Prabhpal S. Mavi: > >> Fix your backup server to have the data required to perform the >> filtering. Don't force the rest of the world to waste cycles and >> bandwidth attempting to send email to a backup MX that you have >> advertised. If you can't do it correctly, DO NOT DO IT. > > Hello Mark. A > > Don't you think you guys are telling that what is SPF and how should we > use it. SPF is in system for a while, almost everyone is aware what it is. > And what it does. Good reading: http://david.woodhou.se/why-not-spf.html > funny enough, no one answered to the actual question. all this info is > available on the web. Anyways You might want to alter http://bazaar.launchpad.net/~kitterman/postfix-policyd-spf-perl/trunk/view/head:/postfix-policyd-spf-perl to return a proper reject-message if no spy-record was found. Best regards, Holger -- Holger Kipp Diplom-Mathematiker Senior Consultant Tel. : +49 30 436 58 114 Fax. : +49 30 436 58 214 Mobil: +49 178 36 58 114 Email: holger.k...@alogis.com alogis AG Alt-Moabit 90b D-10559 Berlin web : http://www.alogis.com -- alogis AG Sitz/Registergericht: Berlin/AG Charlottenburg, HRB 71484 Vorstand: Arne Friedrichs, Joern Samuelson Aufsichtsratsvorsitzender: Reinhard Mielke ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: Reject Action For SPF
> Fix your backup server to have the data required to perform the > filtering. Don't force the rest of the world to waste cycles and > bandwidth attempting to send email to a backup MX that you have > advertised. If you can't do it correctly, DO NOT DO IT. Hello Mark. A Don't you think you guys are telling that what is SPF and how should we use it. SPF is in system for a while, almost everyone is aware what it is. And what it does. funny enough, no one answered to the actual question. all this info is available on the web. Anyways Prabh S. Mavi ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
