Digitally Signed Binaries w/ Kernel support, etc.
Does FreeBSD have support for digitally signed binary checking, similar to what Linux has with bsign and DigSig, where system binaries are signed and this signature is verified before being run in the kernel? This would be very useful to have to further tighen-down the system. Thanks. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Order of devices listed in "ifconfig"
I'm certain I read up on this somewhere before... When you install a FreeBSD system (6.1 here), the devices don't always configure "in order". For example, I have a few Dell PowerEdge systems, upon which 2 are FreeBSD The devices would normally appear "in order" (similar to Linux) where they are physically attached... first, em0 and em1 would be the motherboard NICs, then any PCI cards. So, I look at them physically, expecting to hook em1 into a separate network, but em1 is actually another port. BOTH systems are different, too. That's the best way I can think of to describe it. Anyone know how to solve this problem in FreeBSD-6.x. Thanks. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Error in "ntpd" manpage
There is an error in the NTPD manpage. The option -L means "do NOT listen to Virtual IPs" the present manpage (FreeBSD-6.1-STABLE) says: -L Listen to virtual IPs. looking at the code in /usr/src/contrib/ntpd/cmd_args.c shows this: /* * Definitions of things either imported from or exported to outside */ extern char const *progname; int listen_to_virtual_ips = 1; and further down: case 'L': listen_to_virtual_ips = 0; break; I found this bug while reading external documentation about setting up NTPD I'm glad I read this ;-) _F ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Kerberos5 on 6.1
I have FreeBSD-6.1 and it appears the default installation has a full complement of Kerberos5. But, /usr/src/kerberos5/README states: This subtree is world-exportable, as it does not contain any cryptographic code. At the time of writing, it did not even contain source code, only Makefiles and headers. Please maintain this "exportable" status quo. Thanks! MarkM [EMAIL PROTECTED] 20th Sept 1997 I'm guessing the README is a bit out-of-date... The HANDBOOK suggests more needs to be obtained from the security/heimdal port. I see all the libraries in /usr/lib etc., so which is it... do we have a full install as a part of 6.1 or is the security/heimdal still needed to bring it up to speed. _F ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
dhclient wedged
I reported this problem a few OS versions back... pre-6. I'm on FreeBSD-6-STABLE, and I've found the dhclient once again "wedged" in a mode that was eating a lot of CPU. The solution is to kill it, and restart. I'm on Comcast's network, so I don't really know if their DHCP server is doing something that FreeBSD's stock dhclient doesn't like; however, I wonder if someone else has noticed this problem, etc. _F ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
sendmail_enable="NO"
Isn't this supposed to tell FreeBSD not to start up the sendmail daemon processes? It doesn't on my system, just confirmed this via a new system build. FYI. FreeBSD-6.0 _F ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: device em0 not showing up at boot
Jack Vogel wrote: On 11/29/05, *Mike Tancsa* <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> wrote: At 09:29 AM 29/11/2005, Lowell Gilbert wrote: >Forrest Aldrich <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> writes: > > > I have an older PC (Compaq AP200) that I'm running FreeBSD-6.0 on. > > > > I have an Intel Gigabit interface installed in one of the PCI slots, > > along with another dual 10/100 Intel in another. > > > > The "em0" device does not show up at boot time, and therefore the > > firewall rules fail. > >It's not detected in the boot messages at all? What does pciconf -lv show ? ---Mike There are some adapters that are not in the driver. I am the person within Intel LAD responsible for FreeBSD, we are going to try and update PCI IDs for new devices shortly. If you can report what Mike asked we can see what the device is and I might have a patch I can put together. Cheers, Jack Hi Jack, Mike, Thank you for your responses. Sorry it took me a day to get to this. Here is the output per the above command. Thanks again, Forrest [EMAIL PROTECTED]:0:0: class=0x06 card=0x chip=0x71908086 rev=0x03 hdr=0x00 vendor = 'Intel Corporation' device = '82443BX/ZX 440BX/ZX CPU to PCI Bridge (AGP Implemented)' class= bridge subclass = HOST-PCI [EMAIL PROTECTED]:1:0: class=0x060400 card=0x chip=0x71918086 rev=0x03 hdr=0x01 vendor = 'Intel Corporation' device = '82443BX/ZX 440BX/ZX AGPset PCI-to-PCI bridge' class= bridge subclass = PCI-PCI [EMAIL PROTECTED]:13:0: class=0x02 card=0x11768086 chip=0x10768086 rev=0x00 hdr=0x00 vendor = 'Intel Corporation' device = '82547EI Gigabit Ethernet Controller' class= network subclass = ethernet [EMAIL PROTECTED]:14:0:class=0x060400 card=0x00dc chip=0x00241011 rev=0x03 hdr=0x01 vendor = 'Digital Equipment Corporation' device = '21151/2 PCI to PCI Bridge' class= bridge subclass = PCI-PCI [EMAIL PROTECTED]:16:0:class=0x03 card=0x08003d3d chip=0x000a3d3d rev=0x01 hdr=0x00 vendor = '3Dlabs, Inc. Ltd' device = 'Permedia 3' class= display subclass = VGA [EMAIL PROTECTED]:20:0:class=0x060100 card=0x chip=0x71108086 rev=0x02 hdr=0x00 vendor = 'Intel Corporation' device = '82371AB/EB/MB PIIX4/4E/4M ISA Bridge' class= bridge subclass = PCI-ISA [EMAIL PROTECTED]:20:1: class=0x010180 card=0x chip=0x71118086 rev=0x01 hdr=0x00 vendor = 'Intel Corporation' device = '82371AB/EB/MB PIIX4/4E/4M IDE Controller' class= mass storage subclass = ATA [EMAIL PROTECTED]:20:2:class=0x0c0300 card=0x chip=0x71128086 rev=0x01 hdr=0x00 vendor = 'Intel Corporation' device = '82371AB/EB/MB PIIX4/4E/4M USB Interface' class= serial bus subclass = USB [EMAIL PROTECTED]:20:3:class=0x068000 card=0x chip=0x71138086 rev=0x02 hdr=0x00 vendor = 'Intel Corporation' device = '82371AB/EB/MB PIIX4/4E/4M Power Management Controller' class= bridge [EMAIL PROTECTED]:4:0: class=0x02 card=0x10f08086 chip=0x12298086 rev=0x05 hdr=0x00 vendor = 'Intel Corporation' device = '82550/1/7/8/9 EtherExpress PRO/100(B) Ethernet Adapter' class= network subclass = ethernet [EMAIL PROTECTED]:5:0: class=0x02 card=0x10f08086 chip=0x12298086 rev=0x05 hdr=0x00 vendor = 'Intel Corporation' device = '82550/1/7/8/9 EtherExpress PRO/100(B) Ethernet Adapter' class= network subclass = ethernet ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
device em0 not showing up at boot
I have an older PC (Compaq AP200) that I'm running FreeBSD-6.0 on. I have an Intel Gigabit interface installed in one of the PCI slots, along with another dual 10/100 Intel in another. The "em0" device does not show up at boot time, and therefore the firewall rules fail. However, if I go in and manually type "ifconfig em0" it then becomes available and I'm able to run dhclient on it, etc. etc. I just did a buildworld/installworld today, so the OS is fairly current. In /etc/rc.conf I have a simple ifconfig_em0="DHCP". I wonder if this is a known problem... ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Tarpitting Spam Traffic using PF...
I read about the spamd redirect in pf.conf. However, I wonder if it might be useful to set up a redirect to something like this: http://www.fresh.files2.serveftp.net/smtarpit/ I suppose it doesn't make a difference, but I do want to make it extremely painful for any spammers. What are other people doing on this part? ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
PF rule statistics (hits) on individual rules....
I'm migrating one of my systems to PF from IPFW. In so doing and planning, I've reviewed the manpages and some online docs. I've become dependent upon "ipfw -t" to determine hits on various spam rules I've implemented - some of them large lists of /24's. I've not been able to determine that there is an equivalent in PF - though I imagine there must be some method to accomplish this. I'd appreciate if someone could help point in the right direction. Thanks. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
SATA on FreeBSD-4.x
Is there an issue with SATA drives (Silicon Image controller) on FreeBSD-4.x? I'm able to see only the master drives on 4.10 and 4.9 -- whereas, on 5.x I'm able to see both the master and slave drives. _F ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Weird error when using VI on FreeBSD-4.x
I'm getting this error from time-to-time when using VI under FreeBSD_4.9-prerelease: Error: input: Resource temporarily unavailable Basically, VI just exits/crashes (no core dump). The load average is pretty low: 4:18PM up 10 days, 23:42, 4 users, load averages: 0.13, 0.21, 0.21 And I don't seem to have any other problems with the system. Wondering what this might be, or if it's a known problem, etc. Thanks. _F ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
problems with groff
Why would this be happening, and how can I fix this - the man subsystem hasn't been working because of this for a while. This is FreeBSD-4.9-Prerelease: # gdb man man GNU gdb 4.18 (FreeBSD) This GDB was configured as "i386-unknown-freebsd"...(no debugging symbols found)... /usr/share/tmac/man: No such file or directory. And when I go to run a manpage, I sometimes get this error: # man troff Formatting page, please wait...troff: fatal error: can't find macro file tty-char Done. But clearly tty-char is in: # ls -l /usr/share/tmac/tty-char.tmac -r--r--r-- 1 root wheel 5102 Sep 10 11:16 /usr/share/tmac/tty-char.tmac This can't be that difficult to fix... where is the problem? Installing again from /usr/src doesn't make any different here, so I wonder if it's a config issue? _F ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
CVSup Delete failures
FYI, over the last few days, I've been seeing this error while doing a CVSUP of the code for both FreeBSD-STABLE (4.7) and Current: Delete src/contrib/gcc/INSTALL Cannot delete "/usr/local/src/freebsd/5.0/src/contrib/gcc/INSTALL": Directory not empty If I manually delete that directory, it gets recreated, and then this error pops back on the next run. Permissions on the directories aren't the issue, that I can tell -- nothing really changes manually here in the src directories. F To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Kernel compile problems.... 2
In follow-up to my own post... I've done a CVSUP this evening, and have tried this again. The system will compile to a certain point, then freeze (ie: disconnect me, I'm on ssh). I get this message again: Oct 29 22:15:00 m25 /usr/sbin/cron[11442]: (root) CMD (/usr/libexec/atrun) Oct 29 22:16:37 m25 /kernel: pid 12200 (cc1), uid 0: exited on signal 4 (core dumped) Oct 29 22:16:37 m25 /kernel: Oct 29 22:16:37 m25 /kernel: pid 12200 (cc1), uid 0: exit ed on signal 4 (core dumped) And the system rebooted. The last part of the kernel compile was this time: cc -c -O -pipe -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissin g-prototypes -Wpointer-arith -Winline -Wcast-qual -fformat-extensions -ansi -nostdin c -I- -I. -I/usr/src/sys -I/usr/src/sys/../include -I/usr/src/sys/contrib/ipfilter -D _KERNEL -include opt_global.h -elf -mpreferred-stack-boundary=2 /usr/src/sys/netinet /accf_data.c Might this be a memory(RAM) issue? Forrest To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Kernel compile problems....
I installed a system recently from the latest 4.7 ISO images.When compiling a new kernel, the system initially froze and disconnected all users - then reconvened. No log messages (strange). I'm now able to get (with syslog *.*) this info: [ from SYSLOG ] Oct 29 22:15:00 m25 /usr/sbin/cron[11442]: (root) CMD (/usr/libexec/atrun) Oct 29 22:16:37 m25 /kernel: pid 12200 (cc1), uid 0: exited on signal 4 (core dumped) Oct 29 22:16:37 m25 /kernel: Oct 29 22:16:37 m25 /kernel: pid 12200 (cc1), uid 0: exited on signal 4 (core dumped) [ from nohup.out ] cc -c -O -pipe -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissin g-prototypes -Wpointer-arith -Winline -Wcast-qual -fformat-extensions -ansi -nostdin c -I- -I. -I/usr/src/sys -I/usr/src/sys/../include -I/usr/src/sys/contrib/ipfilter -D _KERNEL -include opt_global.h -elf -mpreferred-stack-boundary=2 /usr/src/sys/kern/vf s_subr.c {standard input}: Assembler messages: {standard input}:1764: Warning: end of file not at end of a line; newline inserted cc: Internal compiler error: program cc1 got fatal signal 4 *** Error code 1 Stop in /usr/obj/usr/src/sys/m25. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. {standard input}:3771: Error: unknown pseudo-op: `.l8' This sounds like a bug somewhere - but perhaps I have a hardware issue going on? Pointers would be appreciated, thanks. Forrest To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Support for INTEL high-end server cards
Is there support somewhere for the high-end Intel (fxp) server optimized network cards? This one I have has the Intel i960 chip, the model number might be 687231-006. I ask because the lastest FreeBSD 4.5 snapshot installation did not pick up this card, so I used a lower-end 3com. Thanks. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
World build failure
Make world is failing on /usr/src/games/morse (despite my telling make.conf not to build games). Can someone please fix this. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
TTY console
I have a Dell PowerEdge server. Using FreeBSD-4.2 (recently built and updated), I can only force the serial console IF I have a keyboard plugged in. It doesn't matter what flags I use -P -D -h or just -h. Is this a bug, or? _F To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message