Re: HEADS UP: SIOCGIFDATA renumbered
On Tue, 29 May 2012 16:19:26 +0800, Sepherosa Ziehau wrote: [..] I don't think you will need to recompile non-pf related packages (are there any pf related packages?) pftop, at least -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: postgresql904 did not install
Either run bmake update or deinstall older 9.0.x versions before. hth Jan Am 03.05.2011 22:14, schrieb 78dd085bd...@gmail.com: my system is 2.11.0.111, when i compile postgresql904 in pkgsrc, i got: dfly# bmake install = Bootstrap dependency digest=20010302: found digest-20080510 === Checking for vulnerabilities in postgresql90-client-9.0.4 === Install binary package of postgresql90-client-9.0.4 pkg_add: Conflicting PLIST with postgresql90-client-9.0.3: include/postgresql/server/parser/analyze.h pkg_add: 1 package addition failed *** Error code 1 Stop. bmake: stopped in /usr/pkgsrc/databases/postgresql90-client *** Error code 1 Stop. bmake: stopped in /usr/pkgsrc/databases/postgresql90-client *** Error code 1 Stop. bmake: stopped in /usr/pkgsrc/databases/postgresql90-client thanks for any suggestion. -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: dntpd
Am 01.05.2011 15:01, schrieb Pierre Abbat: Is there a way in dntpd.conf to specify from which hosts dntpd will accept time requests? Maybe via tcp-wrappers (/etc/hosts.allow)? Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: DragonFly 2.10 RELEASED!
Am 26.04.2011 20:57, schrieb Matthew Dillon: Hello everyone! 2.10 has finally been released. hooray! :) Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: Tests of RAID adapters
Am 25.04.2011 09:12, schrieb Francois Tigeot: [...] Conclusions --- If you want a RAID adapter to use with DragonFly, Areca and 3Ware are the two best choices of the moment, my first choice beeing Areca. [...} This is very interesting. Thanks a lot for the effort Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: postgresql start-script
On Thu, 13 Jan 2011 23:12:44 +0800, shi hd 78dd085bd...@gmail.com wrote: I don't know if there is someone already did that, I constructed myself. It does work though it is a little bit primitive and rudimentary. Any modifications and improvements are welcomed. Any special reason you do not use the one coming with pkgsrc? Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Disk dying or different problem?
During nightly hammer clean the system disk was set to read-only: Dec 24 03:01:51 epia kernel: hammer: debug: changed on reblocker uncache Dec 24 03:06:09 epia kernel: HAMMER(ROOT): Critical error inode=4357331932 error=5 while syncing inode Dec 24 03:06:09 epia kernel: HAMMER(ROOT): Forcing read-only mode In the morning I tried to mount the disk rw again which resulted in a panic: Dec 24 09:01:31 epia kernel: HAMMER read-only - read-write Dec 24 09:01:31 epia kernel: panic: assertion: hammer_oneref(buffer-io.lock) in hammer_recover_flush_buffer_callback Dec 24 09:01:31 epia kernel: Trace beginning at frame 0xd139296c Dec 24 09:01:31 epia kernel: panic() at panic+0xe8 Dec 24 09:01:31 epia kernel: panic(c059d5bb,c060ec28,c0588140,0,0) at panic+0xe8 Dec 24 09:01:31 epia kernel: hammer_recover_flush_buffer_callback(d1310498,d1392a08,0,0,dc5b2bf8) at hammer_recover_flush_buffer_callback+0xb2 Dec 24 09:01:31 epia kernel: hammer_buf_rb_tree_RB_SCAN(cf1c7034,0,c04b09d5,d1392a08,cf1c7000) at hammer_buf_rb_tree_RB_SCAN+0xad Dec 24 09:01:31 epia kernel: hammer_recover_flush_buffers(cf1c7000,c2aabb90,1,c0669580,0) at hammer_recover_flush_buffers+0x20 Dec 24 09:01:31 epia kernel: hammer_vfs_mount(c2c934a8,bfbffab7,bfbff810,cc452e58,5001) at hammer_vfs_mount+0x407 Dec 24 09:01:31 epia kernel: vfs_mount(c2c934a8,bfbffab7,bfbff810,cc452e58,c2bb6af8) at vfs_mount+0x45 Dec 24 09:01:31 epia kernel: sys_mount(d1392cf0,1e8d,0,dbc0dee0,246) at sys_mount+0x647 Dec 24 09:01:31 epia kernel: syscall2(d1392d40) at syscall2+0x20e Dec 24 09:01:31 epia kernel: Xint0x80_syscall() at Xint0x80_syscall+0x36 Dec 24 09:01:31 epia kernel: Uptime: 4d10h1m32s Dec 24 09:01:31 epia kernel: Physical memory: 999 MB Dec 24 09:01:31 epia kernel: Dumping 341 MB: 326 310 294 278 262 246 230 214 198 182 166 150 134 118 102 86 70 54 38 22 6Copyright (c) 2003-2010 The DragonFly Project. Unfortunatley savecore doesn't find anything, so I don't have a dump :( After reboot disk was recovered and mounted no problem: Dec 24 09:01:31 epia kernel: HAMMER(ROOT) recovery check seqno=05d10b56 Dec 24 09:01:31 epia kernel: HAMMER(ROOT) recovery range 313cd3c0-334476a8 Dec 24 09:01:31 epia kernel: HAMMER(ROOT) recovery nexto 313cd3c0 endseqno=05d42195 Dec 24 09:01:31 epia kernel: HAMMER(ROOT) recovery undo 313cd3c0-334476a8 (34054888 bytes)(RW) Dec 24 09:01:31 epia kernel: HAMMER(ROOT) Found REDO_SYNC 313ce170 Dec 24 09:01:31 epia kernel: HAMMER(ROOT) recovery complete Dec 24 09:01:31 epia kernel: HAMMER(ROOT) recovery redo 313cd3c0-334476a8 (34054888 bytes)(RW) Dec 24 09:01:31 epia kernel: HAMMER(ROOT) Embedded extended redo 313ce170, -3504 extbytes Dec 24 09:01:31 epia kernel: HAMMER(ROOT) End redo recovery Is this disk near end of life or is something else going own? The FS is rather fresh, I reinstalled this box a few weeks ago. It's 2.8.2/i386. Jan
Re: avalon out of sync?
Am 18.12.2010 23:45, schrieb Antonio Huete Jiménez: Hi Would it be worth setting up some kind of monitoring on the core servers (leaf,crater,avalon,...) so we can watch the availability and certain incidents in order to decrease downtime of the services? People could be notified via email for example. Cheers, Antonio Huete I would agree to that. A full disk isn't really an incident that you want to bring down your service nowadays. As I am running an nagios installation already I could offer to set up the monitoring. Basic monitoring would be just the reachability of certain services (anything that has an open port basically). More sophisticated monitoring (disks full level, SMART, load, w/e) would be quite easy also with standard nagios tools and setting up OpenVPN tunnels between the machines and my nagios host. I run a OpenVPN server already and do such checks with my brother's server in a hosting farm (including backups to my Bacula installation). If there is interest in setting up something like that let me know, I would offer to basically make all the configuration. I would only need help from the respective machine owners when setting up local checks and creating VPN tunnels as long as I am not granted root access, but it should be quite easy anyway. Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: /usr/src/sys/config/GENERIC.MP:76: unknown option APIC_IO
On Mon, 8 Nov 2010 13:37:16 +0530, Siju George sgeorge...@gmail.com wrote: Hi, Got this error while compiling my SMP kernel with old KERNCONF. You need to remove that option, it is a sysctl tunable now (see commit messages). Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: How to expand HAMMER running under LVM?
elekktrett...@exemail.com.au schrieb: I mean some equivalent of growfs for HAMMER. Im aware of hammer volume-add /dev/diskname, but it seems kind of redundant with LVM since it's supposed to manage the volumes on behalf of HAMMER. Lets say I have an LVM volume to which i add a disk to expand it, how should i grow the filesystem? via volume-add? I am not sure if there is a way to do that right now, if not, it is definitley the next logical step to have a hammer_grow or such. Jan
Re: MC not starting
On Thu, 4 Nov 2010 19:58:25 +0100, Przemysław Pawełczyk pp...@o2.pl wrote: I wrote in September a post etitled Unknown terminal: cons25 in DragonFly BSD (in point 3): http://www.mail-archive.com/users@crater.dragonflybsd.org/msg10993.html that: Why mc says Unknown terminal: cons25? I'm not able to run mc at present. See: http://pp.blast.pl/www.png/dfbsd/df_10.png; See the present screenshot (the message is the same): http://pp.blast.pl/www.png/dfbsd/df_13.png The second link isn't working. Did you try to set the TERM variable to another value as suggested, e.g. vt100? Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: MC not starting
On Thu, 4 Nov 2010 20:37:17 +0100, Przemysław Pawełczyk pp...@o2.pl wrote: 2. set export TERM=vt100 both in .profile and .login (I hope I did it rightly): the message remains the same. I assume you logged out/in or sourced .profile and checked (echo $TERM) that TERM is set correctly? Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: 2 questions regarding PF
Hi, On Wed, 3 Nov 2010 00:28:29 +0100, Przemysław Pawełczyk pp...@o2.pl wrote: Hi, 1. Why PF 4.2 not 4.7 or 4.8? Going from pf as included in OpenBSD 3.5 to the version in OpenBSD 4.2 already included changing some ten thousands line of code, including changing network subsystems that are not used soley by pf (e.g. mbuf headers, altq). It is not, as you seem to think, just replacing some source files and recompile. But if you were really interested you could have found out by looking at the corresponding commits. I have been working on this for approximatley 4 month several hours a day, and guess what, this is not my daily job, but my hobby. Sure, 4.7, 4.8 or whatever is actual by the time I get there is the final goal, but I'd rather do it in smaller, but working and tested steps, than incorporating 7 or 8 years of development on the OpenBSD side in one hasty rush. Maybe we will be on the same version than OpenBSD with 2.10, mabye with 2.12 or 2.14, I don't know yet. But this has already been discussed on the MLs, to this is actually just a summarized repetition. As far as documentation is concerned, the pf man pages have been updated and include, at least to my knowledge, the DF specific differences (which are fairq and pickups) and you can work quite well with the OpenBSD examples on their website, of course using the appropriate version. I do and did it that way and I don't see why it should be any harder for you. I have to say one thing, too: Your demands towards this project in regard to documentation, actuality, features, etc, are pretty high, but your contributions are really not seeable. As long as this is the case, it would be very kind of you, if you just formulate your emails a little less demanding. I get the impression that you are trying to goad people involved in this project - on purpose or by weakness of character, I haven't found out yet. Of course I hope my impression is totally wrong and you are just honestly seeking help and just don't hit the right tone. Kind Regads, Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: 2 questions regarding PF
On Wed, 3 Nov 2010 15:21:42 +0100, Przemysław Pawełczyk pp...@o2.pl wrote: 1. I understand that someone will put PF 4.2 guide on DF WWW. You just volunteered? [...] 4. I do know nothing about packet filters future implementations in DF: a) was the PF 4.2 implemented verbatim or was it tighter integrated with DF MP kernel and as such it constitutes new - DF - flavor of PFs? One goal was to minimize the diff to the Original OpenBSD source to ease further imports. As already mentioned fairq and pickups support have been kept intact, OpenBSD doesn't have this, nor does any other BSD (to my knowledge). Oh, and yes, we have SMP-capable socket lookups. Still I wouldn't call it an own flavour of pf, as the goal is the opposite. It's pf with df-specific features. b) will PF presence in DF be continued in the future or will it be supplanted with NPF or other MP aware packet filters? From the look in my crystal ball I can tell you... I don't know, nobody knows, as this is all depending on finding individuals willing to invest their spare time. It is not possible to set up a 3-year roadmap as there are no plannable ressources in such a project. I can tell you that my personal goal is to reach version equality with OpenBSD and stay up-to-date from there on, but this is not a promise nor an obligation on my side. If NPF is production ready, I am quite sure I will take a look, too. Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: Something's taking up CPU time
Am 03.11.2010 19:42, schrieb Pierre Abbat: I run top and it says that 55% of the processor time is in user processes and 45% is in system. But the process percentages add up to only 2%, usually just xulrunner-bin (i.e. Firefox). How do I find what else is taking up time? I killed the process that had the most accumulated time, which was a Konqueror window showing on the laptop, but it's still busy. Pierre Try running top -S to see the system threads also Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: Hammer filesystem
Am 03.11.2010 22:11, schrieb Steve: I've obviously read that it's intended for a minimum filesystem size of 50GB, but if I wanted to try it out on a smaller size what sort of problems am I likely to see? Filesystem filling up very quickly. You could try to reduce the amount of historic data to minimize that effect, check man hammer on viconfig. Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: 2.8 release schedule - tentitively Wednesday 27 October.
On Sat, 23 Oct 2010 11:06:05 -0700 (PDT), Matthew Dillon dil...@apollo.backplane.com wrote: :Openssl hardware crypto support is not working yet, wich is a show stopper imo. : :Jan I don't have any crypto hardware to test that with, its up to you guys to figure out what is going on. We know the kernel hw crypto works so it has to be the user library. If we have to MFC it after the release and roll a 2.8.2 we will, but it can't hold up the release any more. -Matt Matthew Dillon dil...@backplane.com My bad, according to http://www.a110wiki.de/wiki/VIA_Padlock you have to use the (undocumented) commandline option -evp if you want to use hw accellaration with openssl speed. If you do, it looks fine: openssl speed -evp aes-256-ecb Doing aes-256-ecb for 3s on 16 size blocks: 895515 aes-256-ecb's in 2.65s Doing aes-256-ecb for 3s on 64 size blocks: 221951 aes-256-ecb's in 2.55s Doing aes-256-ecb for 3s on 256 size blocks: 57388 aes-256-ecb's in 2.63s Doing aes-256-ecb for 3s on 1024 size blocks: 13941 aes-256-ecb's in 2.55s Doing aes-256-ecb for 3s on 8192 size blocks: 1740 aes-256-ecb's in 2.55s OpenSSL 1.0.0a 1 Jun 2010 built on: Sun Oct 10 17:54:52 CEST 2010 options:bn(64,32) rc4(idx,int) des(ptr,risc1,16,long) aes(partial) blowfish(idx) compiler: cc The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes aes-256-ecb 5410.07k 5577.37k 5596.70k 5588.00k 5596.69k openssl speed -evp aes-256-ecb -engine padlock engine padlock set. Doing aes-256-ecb for 3s on 16 size blocks: 9950030 aes-256-ecb's in 2.50s Doing aes-256-ecb for 3s on 64 size blocks: 8237622 aes-256-ecb's in 2.34s Doing aes-256-ecb for 3s on 256 size blocks: 5745112 aes-256-ecb's in 2.61s Doing aes-256-ecb for 3s on 1024 size blocks: 2159485 aes-256-ecb's in 2.53s Doing aes-256-ecb for 3s on 8192 size blocks: 337084 aes-256-ecb's in 2.68s OpenSSL 1.0.0a 1 Jun 2010 built on: Sun Oct 10 17:54:52 CEST 2010 options:bn(64,32) rc4(idx,int) des(ptr,risc1,16,long) aes(partial) blowfish(idx) compiler: cc The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes aes-256-ecb 63680.19k 225694.31k 563640.21k 873604.99k 1030490.36k --- openssl speed -evp aes-256-ofb Doing aes-256-ofb for 3s on 16 size blocks: 748438 aes-256-ofb's in 2.28s Doing aes-256-ofb for 3s on 64 size blocks: 215132 aes-256-ofb's in 2.57s Doing aes-256-ofb for 3s on 256 size blocks: 50022 aes-256-ofb's in 2.35s Doing aes-256-ofb for 3s on 1024 size blocks: 14054 aes-256-ofb's in 2.63s Doing aes-256-ofb for 3s on 8192 size blocks: 1746 aes-256-ofb's in 2.58s OpenSSL 1.0.0a 1 Jun 2010 built on: Sun Oct 10 17:54:52 CEST 2010 options:bn(64,32) rc4(idx,int) des(ptr,risc1,16,long) aes(partial) blowfish(idx) compiler: cc The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes aes-256-ofb 5249.32k 5356.72k 5445.58k 5466.13k 5547.92k openssl speed -evp aes-256-ofb -engine padlock engine padlock set. Doing aes-256-ofb for 3s on 16 size blocks: 7089446 aes-256-ofb's in 2.64s Doing aes-256-ofb for 3s on 64 size blocks: 5129120 aes-256-ofb's in 2.52s Doing aes-256-ofb for 3s on 256 size blocks: 2605388 aes-256-ofb's in 2.60s Doing aes-256-ofb for 3s on 1024 size blocks: 775776 aes-256-ofb's in 2.36s Doing aes-256-ofb for 3s on 8192 size blocks: 119139 aes-256-ofb's in 2.59s OpenSSL 1.0.0a 1 Jun 2010 built on: Sun Oct 10 17:54:52 CEST 2010 options:bn(64,32) rc4(idx,int) des(ptr,risc1,16,long) aes(partial) blowfish(idx) compiler: cc The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes aes-256-ofb 42956.17k 130085.92k 256376.44k 336697.06k 376284.02k Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: Is anyone going to benchmark 2.8?
On Tue, 26 Oct 2010 09:20:37 +0530, Siju George sgeorge...@gmail.com wrote: On Mon, Oct 25, 2010 at 9:11 AM, elekktrett...@exemail.com.au wrote: This release has had substantial work on SMP scaling. It would be great to see the actual performance increase with MySQL and PostgreSQL in DragonFly 2.8 versus FreeBSD 8/9 versus NetBSD 5. Is anyone planning to do this? I really don't know how to make a bench mark. If you can let me know I can do it :-) In fact I was wondering of using dfly as the mysql server for a new project instead of debian. If I find the time I will try to continue my benchmarking with postgresql. Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: 2.8 release schedule - tentitively Wednesday 27 October.
I installed the 2.8.1 iso on a VM and it seems that it boots into an SMP kernel, regardless of what option I choose. Also I found it somewhat unusual that if I choose to boot the Install-CD with SMP Kernel, SMP kernel is not default on the installed system afterwards, but UP is and I still have to choose SMP in the loader. My expectation is different. Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: 2.8 release schedule - tentitively Wednesday 27 October.
Openssl hardware crypto support is not working yet, wich is a show stopper imo. Jan Matthew Dillon dil...@apollo.backplane.com schrieb: We are still scheduled to officially release mid-next week. I will be doing the final the MFCs from master on Sunday (as a lot of fixes have gone in since the branch). All of the big-ticket bugs have been squashed. There are still a few medium-ticket bugs (e.g. Rumko's listen/connect issue) which I am looking at now. Justin is making progress on pkgsrc though I do not know what the state of the KDE stuff is. I think Wednesday is a good target to have it all on the servers ready to go. -Matt Matthew Dillon dil...@backplane.com -- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.
Re: OpenSSL Update
On Tue, 28 Sep 2010 11:38:33 -1000, Peter Avalos pe...@theshell.com wrote: Additionally, something is broken in ssh causing MAC errors when using SSH2 and MACs other than MD5. I'm working on fix for this, and I expect it to be completed soon. In the mean time, use hmac-md5 if you can. I noticed another breakage that might be related: When compiling bacula-clientonly from pkgsrc on 64bit (haven't tried on 32bit yet) Snapshot from Sept, 27th I get: Compiling tls.c tls.c: In function 'bool tls_postconnect_verify_host(JCR*, TLS_CONNECTION*, const char*)': tls.c:333: error: invalid conversion from 'const X509V3_EXT_METHOD*' to 'X509V3_EXT_METHOD*' *** Error code 1 this is the part from tls.c: 332 /* Get x509 extension method structure */ 333 if (!(method = X509V3_EXT_get(ext))) { 334break; 335 } Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: DragonflyBSD under VMware ESX - someone use it?
Michael Neumann schrieb: Not on VMware, but I run DragonFly under KVM and it works like a charm! I also run several DF VMs under KVM/qemu (Debian), very good, just leave APIC_IO disabled for SMP VMs. Jan
Re: Why did you choose DragonFly?
Samuel J. Greear schrieb: This mail is intended for the infrequent responders and lurkers on the list just as much as the regular posters. What has drawn you to use the DragonFly BSD operating system and/or participate in its development by following this list? Technical features, methodologies, something about the community? I suspect the HAMMER filesystem to be the popular choice, but what other features affect or do you see affecting your day to day life as an administrator, developer, or [insert use case here], now or in the future? Initially I stumbled over DragonFly because I was interested in investigating PostgreSQL Performance on different Filesystems. So at some point I read about HAMMER and DragonFly was brought back to my memory. I have been using FreeBSD since 4.x and iirc I was also around when DragonFly forked but I didn't follow it around that time. When trying to setup DragonFly for PostgreSQL benchmarking I ran in to one or the other obstacle which made me go to #dragonflybsd... and that is where I got stuck :-) People on #dragonflybsd where just nice and helpfull and very open to someone as new as me so I sticked around for a while and things lead to another. I started working on something I encoutered a problem with (I think it was some mount_hammer error mesage) and provided a patch which was quickly excepted. After some more work I was granted a commit bit after only 3 months or so. I always wanted to contribute to OpenSource (in one or the other way) but in a lot of project the hurdles are just too high for someone like me who is not a professional programmer. Not so in this project, that is why I am here basically :). All very soft skill reasons :-)... But I like all the features of DragonFly,too, especially the updated PF in upcoming 2.8, awesome ;-). But I have to say that for me those came as a second step, as I learned about them more and more when I was already a member of the community (still have to really figure out vkernels btw). Jan
Re: SMP (Was: Why did you choose DragonFly?)
On Tue, 21 Sep 2010 00:49:11 +0200, Przemysław Pawełczyk pp...@o2.pl wrote: [...] BTW. I looked over packages. It seems to me the applications are not fresh. Wait a minute - I think that OpenBSD is more up-to-date concerning the packages. [...] We use pkgsrc for packages, so we depend on what is in their tree. And again her comes into accpount the lack of people actually looking into pkgsrc build errors on the DF platform. Any help welcome :-) Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: HEADS UP: BIND Removal. Short instructions for migration to pkgsrc-BIND
Jan Lentfer schrieb: After another discussion I have decided to do the following: I will only remove BIND from base, no ldns and drill import. So anyone wanting to have either of the both will have to install them from pkgsrc (before updateing their world, I would recommend). We will see until next release how we will proceed with this. I prefer to just leave it this way and add pkgsrc-BIND to the Live-CD. Due to public demand I have now also committed ldns and drill. Jan
Re: HEADS UP: BIND Removal. Short instructions for migration to pkgsrc-BIND
Francois Tigeot schrieb: [...] Of course, the server part of the package is completely useless to me. A minimal bind9-client pkgsrc package would be ideal, IMHO. FreeBSD does have this in ports now. But acutally they are just building a fully static version of the entire bind distribution and then just install dig, host, nslookup etc and throw the rest away again. As far as I can tell, you can't build any tools from the BIND distribution without building the whole thing. Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: HEADS UP: BIND Removal. Short instructions for migration to pkgsrc-BIND
This is the final Call. I will push my BIND removal patch-set sometime really soon, probably today. You can use bind form pkgsrc as a replacement (either build locally or using prebuild binaries). The stability problem has been worked around in pkgsrc nad packages are available now. Justin already setup a wiki page for 2.8 to document the needes steps. I have updated these to what I finally used to make it work. Of course there are different possibilites to achieve the same (use the User option when building BIND or moving the config files to /usr/pkg and so on). Please choose for yourself. http://www.dragonflybsd.org/release28/ Also, you can change to BIND from pkgsrc *before* updating world to latest master. That will give you the opportunity to test with BIND from pkgsrc and still keep the BIND in base as a fallback. Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: HEADS UP: BIND Removal. Short instructions for migration to pkgsrc-BIND
On Thu, 6 May 2010 19:10:07 +0900, YONETANI Tomokazu qhwt+d...@les.ath.cx wrote: On Thu, May 06, 2010 at 11:50:25AM +0200, Jan Lentfer wrote: This is the final Call. I will push my BIND removal patch-set sometime really soon, probably today. You can use bind form pkgsrc as a replacement (either build locally or using prebuild binaries). The stability problem has been worked around in pkgsrc nad packages are available now. I'm wondering if you really need to import libldns and drill into the base, if you're not planning to replace the resolver in the libc. Just removing BIND from the base and adding net/drill to PKGSRC_PACKAGES in nrelease/Makefile appears to me to be enough. The only problem with the current patchset, though, is that pkgsrc doesn't know that we have libldns in the base, so it'll want to install libldns from pkgsrc first then build other things (net/nsd, for instance) linked to it. Maybe not really a big issue. Ok, I am a little bit puzzled and also frustrated now. I only brought libldns and drill in because a lot of people on IRC claimed dig or something like dig needs to be in base. ldns is only used for that, so if we don't want drill in base I can also kick ldns again, no problem except of some hours lost on worthless work. Finally we could also just add BIND from pkgsrc, that would have the minimum effect on end users, because everything they are used to being is would still be there, just in /usr/pkg. Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: HEADS UP: BIND Removal. Short instructions for migration to pkgsrc-BIND
On Thu, 6 May 2010 06:04:19 -0500 (CDT), Jeremy C. Reed r...@reedmedia.net wrote: Were the kqueue issues in DragonFly itself looked at/fixed? Afaik it is a bug in BIND and Samuel send a report to ISC. Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: HEADS UP: BIND Removal. Short instructions for migration to pkgsrc-BIND
Jan Lentfer schrieb: Ok, I am a little bit puzzled and also frustrated now. I only brought libldns and drill in because a lot of people on IRC claimed dig or something like dig needs to be in base. ldns is only used for that, so if we don't want drill in base I can also kick ldns again, no problem except of some hours lost on worthless work. Finally we could also just add BIND from pkgsrc, that would have the minimum effect on end users, because everything they are used to being is would still be there, just in /usr/pkg. After another discussion I have decided to do the following: I will only remove BIND from base, no ldns and drill import. So anyone wanting to have either of the both will have to install them from pkgsrc (before updateing their world, I would recommend). We will see until next release how we will proceed with this. I prefer to just leave it this way and add pkgsrc-BIND to the Live-CD. Jan
Re: HEADS UP: BIND Removal. Short instructions for migration to pkgsrc-BIND
Jan Lentfer schrieb: I will now upgrade my home server to this kqueue-disabled version of BIND and report later. This works stable for my now since I applied the patched and rebuild BIND. Jan
CRC error prevents hammer reblock. What to do?
I am experiencing problems when running hammer reblock on /var. I get: # hammer reblock /var reblock start 8000: free level 0 Reblock /var failed: Input/output error Reblocked: 0/0 btree nodes 0/0 data elements 0/0 data bytes I tried all the reblock- typed like inodes and so, the all pass, it is reblock-data wich is failing: # hammer reblock-data /var reblock start 8000:0002 free level 0 Reblock /var failed: Input/output error Reblocked: 0/0 btree nodes 0/0 data elements 0/0 data bytes in dmesg I get CRC DATA @ a00578bf8000/65536 FAILED same in messages. What to do from here on? /var contains mail and starts eating up my disk space because I can't regain any space from it with this error, right? Any chance to correct the CRC error (or delete the file that causes it) and fix this? TIA Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: CRC error prevents hammer reblock. What to do?
Antonio made the proposal on irc to hammer mirror-copy the /var PFS. This worked without any error. Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: CRC error prevents hammer reblock. What to do?
I also got a kernel dump this night. I couldn't restore the dump until now because of some issues with dumpdev not being swap. But this might be related Unread portion of the kernel message buffer: panic: assertion: bcmp(elm-leaf, leaf, sizeof(leaf)) == 0 in hammer_reblock_helper Trace beginning at frame 0xd914f724 panic(d914f748,d914f7f4,c3047bc0,d914f7b4,d914f8ac) at panic+0x8c panic(c0597763,c0603ed8,c0582e58,c3047b80,0) at panic+0x8c hammer_ioc_reblock(d914fa58,d33e16d0,c2b19540,d914f964,d914f8d8) at hammer_ioc_reblock+0x41f hammer_ioctl(d33e16d0,c0e06803,c2b19540,1,cd7f3478) at hammer_ioctl+0x6b4 hammer_vop_ioctl(d914fac8,d914fabc,c2c732b4,c2c732b4,d0a0d8f0) at hammer_vop_ioctl+0x2f vop_ioctl(d0a1b8d0,c2b95ee8,c0e06803,c2b19540,1) at vop_ioctl+0x58 vn_ioctl(cd82d710,c0e06803,c2b19540,cd7f3478,d914fcf0) at vn_ioctl+0xe0 mapped_ioctl(3,c0e06803,bfbff798,0,d914fcf0) at mapped_ioctl+0x3e4 sys_ioctl(d914fcf0,6,0,0,d06032d0) at sys_ioctl+0x17 syscall2(d914fd40) at syscall2+0x20e Xint0x80_syscall() at Xint0x80_syscall+0x36 Uptime: 2d4h6m49s Physical memory: 999 MB Dumping 338 MB: 323 307 291 275 259 243 227 211 195 179 163 147 131 115 99 83 67 51 35 19 3 Reading symbols from /boot/modules/if_gif.ko...done. Loaded symbols for /boot/modules/if_gif.ko Reading symbols from /boot/modules/if_tap.ko...done. Loaded symbols for /boot/modules/if_tap.ko Reading symbols from /boot/modules/if_tun.ko...done. Loaded symbols for /boot/modules/if_tun.ko Reading symbols from /boot/modules/uchcom.ko...done. Loaded symbols for /boot/modules/uchcom.ko Reading symbols from /boot/modules/ucom.ko...done. Loaded symbols for /boot/modules/ucom.ko Reading symbols from /boot/modules/acpi.ko...done. Loaded symbols for /boot/modules/acpi.ko _get_mycpu (di=0xc06b0d60) at ./machine/thread.h:83 83 ./machine/thread.h: No such file or directory. in ./machine/thread.h (kgdb) backtrace #0 _get_mycpu (di=0xc06b0d60) at ./machine/thread.h:83 #1 md_dumpsys (di=0xc06b0d60) at /home/lentferj/repo/src/sys/platform/pc32/i386/dump_machdep.c:264 #2 0xc0324746 in dumpsys () at /home/lentferj/repo/src/sys/kern/kern_shutdown.c:838 #3 0xc0324cc1 in boot (howto=260) at /home/lentferj/repo/src/sys/kern/kern_shutdown.c:387 #4 0xc0324de2 in panic (fmt=0xc0597763 assertion: %s in %s) at /home/lentferj/repo/src/sys/kern/kern_shutdown.c:744 #5 0xc04a9baf in hammer_reblock_helper (trans=0xd914fa58, ip=0xd33e16d0, reblock=0xc2b19540) at /home/lentferj/repo/src/sys/vfs/hammer/hammer_reblock.c:309 #6 hammer_ioc_reblock (trans=0xd914fa58, ip=0xd33e16d0, reblock=0xc2b19540) at /home/lentferj/repo/src/sys/vfs/hammer/hammer_reblock.c:170 #7 0xc049feac in hammer_ioctl (ip=0xd33e16d0, com=3235932163, data=0xc2b19540 , fflag=1, cred=0xcd7f3478) at /home/lentferj/repo/src/sys/vfs/hammer/hammer_ioctl.c:86 #8 0xc04b3a70 in hammer_vop_ioctl (ap=0xd914fac8) at /home/lentferj/repo/src/sys/vfs/hammer/hammer_vnops.c:2431 #9 0xc0380ec9 in vop_ioctl (ops=0xd0a1b8d0, vp=0xc2b95ee8, command=3235932163, data=0xc2b19540 , fflag=1, cred=0xcd7f3478, msg=0xd914fcf0) at /home/lentferj/repo/src/sys/kern/vfs_vopops.c:453 #10 0xc037f30a in vn_ioctl (fp=0xcd82d710, com=3235932163, data=0xc2b19540 , ucred=0xcd7f3478, msg=0xd914fcf0) at /home/lentferj/repo/src/sys/kern/vfs_vnops.c:936 #11 0xc0344d13 in fo_ioctl (fd=3, com=3235932163, uspc_data=0xbfbff798 Address 0xbfbff798 out of bounds, map=0x0, msg=0xd914fcf0) at /home/lentferj/repo/src/sys/sys/file2.h:88 #12 mapped_ioctl (fd=3, com=3235932163, uspc_data=0xbfbff798 Address 0xbfbff798 out of bounds, map=0x0, msg=0xd914fcf0) at /home/lentferj/repo/src/sys/kern/sys_generic.c:705 #13 0xc0344d9c in sys_ioctl (uap=0xd914fcf0) at /home/lentferj/repo/src/sys/kern/sys_generic.c:527 #14 0xc054a300 in syscall2 (frame=0xd914fd40) at /home/lentferj/repo/src/sys/platform/pc32/i386/trap.c:1319 ---Type return to continue, or q return to quit--- ---Type return to continue, or q return to quit---#15 0xc0539036 in Xint0x80_syscall () at /home/lentferj/repo/src/sys/platform/pc32/i386/exception.s:876 #16 0x001f in ?? () Backtrace stopped: previous frame inner to this frame (corrupt stack?) (kgdb) -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: CRC error prevents hammer reblock. What to do?
Matthew Dillon schrieb: I'm trying to find a common thread between your reported issue and Francois's reported issue. Were you switching between 32 bit and 64 bit kernels with this HAMMER filesystem too? No. Pure 32bit. Jan
Re: upgrading postgres
Hi Pierre, On Wed, 14 Apr 2010 05:03:25 -0400, Pierre Abbat p...@phma.optus.nu wrote: Do I have to manually remove postgres82 and then install postgres84? When Upgrading from 8.2 to 8.4 you ALWAYS have to pgdump_all your database and restore it after you installed the new version. You can't upgrade just like that when it is not a minor upgrade (e.g. 8.x.a to 8.x.b). Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: upgrading postgres
On Wed, 14 Apr 2010 08:41:06 -0400, Pierre Abbat p...@phma.optus.nu wrote: So what's the step-by-step procedure to upgrade Postgres? http://www.postgresql.org/docs/8.4/interactive/install-upgrading.html -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: HEADS UP: BIND Removal. Short instructions for migration to pkgsrc-BIND
On Tue, 13 Apr 2010 08:35:18 +0200, Jan Lentfer jan.lent...@web.de wrote: On Tue, 13 Apr 2010 06:22:03 +, Chris Turner c.tur...@199technologies.org wrote: Chris Turner wrote: http://gitweb.dragonflybsd.org/~lentferj/dragonfly.git was pointed out that I was using http url.. DOH please stick to bind95 from pkgsrc for now. I experienced many problems with bind96 (9.6.1-P3) from pkgsrc like random but frequent crashes. I reverted to 9.5.2 and this version seems to be ok so far. After playing around with this back and forth for a while I think I found the problem. Well, not actually the problem but a bypass to the BIND crashes. When building any version of BIND from base autoconfigure will enable kqueue support which seems to lead to this behaviour. I patched the Makefiles in pkgsrc to disable kqueue and both bind95 and bind96 have now my passed my queryperf tests that would originally let them crash within minutes or even seconds. I will now upgrade my home server to this kqueue-disabled version of BIND and report later. This are the patches: diff --git a/net/bind95/Makefile b/net/bind95/Makefile index bb97183..ff2a37b 100644 --- a/net/bind95/Makefile +++ b/net/bind95/Makefile @@ -88,3 +88,7 @@ CONFIGURE_ARGS+= --disable-threads .else CONFIGURE_ARGS+= --enable-threads .endif + +.if ${OPSYS} == DragonFly +CONFIGURE_ARGS+= --disable-kqueue +.endif -- diff --git a/net/bind96/Makefile b/net/bind96/Makefile index 5fb4233..835fd81 100644 --- a/net/bind96/Makefile +++ b/net/bind96/Makefile @@ -40,6 +40,9 @@ CONFIGURE_ARGS+=--disable-atomic .if ${MACHINE_PLATFORM:MNetBSD-*-powerpc} != CONFIGURE_ARGS+= --disable-threads .endif +.if ${OPSYS} == DragonFly +CONFIGURE_ARGS+= --disable-kqueue +.endif PKG_GROUPS_VARS+= BIND_GROUP PKG_USERS_VARS+= BIND_USER --- Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: HEADS UP: BIND Removal. Short instructions for migration to pkgsrc-BIND
On Tue, 13 Apr 2010 06:22:03 +, Chris Turner c.tur...@199technologies.org wrote: Chris Turner wrote: http://gitweb.dragonflybsd.org/~lentferj/dragonfly.git was pointed out that I was using http url.. DOH Hi Christ, please stick to bind95 from pkgsrc for now. I experienced many problems with bind96 (9.6.1-P3) from pkgsrc like random but frequent crashes. I reverted to 9.5.2 and this version seems to be ok so far. Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: HEADS UP: BIND Removal. Short instructions for migration to pkgsrc-BIND
Jan Lentfer schrieb: Have to correct my own guide :-(. This is working np it seems only when doing it manually but in my experience it didn't work correctly after reboot anymore. Go to /usr/pksrc/net/bind96 (or bind95) and install the BIND package # bmake all install clean Copy or link the rc script to /etc/rc.d/ # ln -s /usr/pkg/share/examples/rc.d/named9 /etc/rc.d/ Don't link, copy. It seems a link is not working during boot. # cp /usr/pkg/share/examples/rc.d/named9 /etc/rc.d/ Stop your base-BIND # /etc/rc.d/named stop Somehow on reboot the rc-script didn't pick up the right binary. So I also added: edit /etc/rc.conf remove named_enable=YES, then add named9_enable=YES named_chrootdir=/etc/namedb named_flags=-c named.conf named_program=/usr/pkg/sbin/named The BIND packaged from pkgsrc is running with user named instead of bind, so.. # chown -R named /etc/namedb Start you pkgsrc-BIND # /etc/rc.d/named9 start Jan
Re: HEADS UP: BIND Removal. Short instructions for migration to pkgsrc-BIND
Jeremy C. Reed schrieb: On Mon, 12 Apr 2010, Jan Lentfer wrote: Copy or link the rc script to /etc/rc.d/ # ln -s /usr/pkg/share/examples/rc.d/named9 /etc/rc.d/ Don't link, copy. It seems a link is not working during boot. Probably /usr/pkg not mounted yet? Possibly. But /usr/pkg is just a pfs null mount. Shouldn' t that get mounted before /etc/rc.d/named9 gets run? # cp /usr/pkg/share/examples/rc.d/named9 /etc/rc.d/ pkgsrc packages provide mechanism to do this automatically. PKG_RCD_SCRIPTS=yes in the environment when doing a pkg_add of bind9. (Also PKG_CONFIG=yes but that is the default.) Same if installing from pkgsrc. Wasn't aware of that. Thanks for the pointer. Stop your base-BIND # /etc/rc.d/named stop Somehow on reboot the rc-script didn't pick up the right binary. So I also added: edit /etc/rc.conf remove named_enable=YES, then add named9_enable=YES named_chrootdir=/etc/namedb So the plan is to remove that from etc/defaults/rc.conf? Good point again :-). Havn't thought about it so far but it makes sense to remove it from defaults/rc.conf if it is not part of base anymore. named_flags=-c named.conf Why? If I don't set it named refuses to start with: Apr 12 21:58:49 epia named[49440]: none:0: open: /etc/named.conf: file not found named_program=/usr/pkg/sbin/named The script already sets command. Maybe you have a conflict with named_program in etc/defaults/rc.conf? I was wondering about that one, too. Command is set in named9, right. But if you don't set it like this, you will get /etc/rc.d/named9: INFO: run_rc_command: cannot run (/usr/sbin/named). It picks up named_program from default/rc.conf still. This will not be necessary as soon as named_program is removed from defaults/rc.conf, I just tested this. The BIND packaged from pkgsrc is running with user named instead of bind, so.. # chown -R named /etc/namedb But that doesn't help if you need to temporarily revert to other named. Set alternative using named_flags=-u bind or set BIND_USER and BIND_GROUP as appropriate in the mk.conf files when building packages. Many roads will get you to the finish :-). If you pkg_radd will BIND_USER and BIND_GROUP in mk.conf still be taken into account? If you have to switch back you have to issue a chown -R bind /etc/namedb with my approach. I'd think the effort is about the same. Thanks for the input! Jan
HEADS UP: BIND Removal. Short instructions for migration to pkgsrc-BIND
As already announced I will push in my BIND removal patch-set to master in the next few days. So anyone running a base-BIND on their system and upgrading their world after I pushed that in will end up with no named binary around anymore. So I compiled a step by step guide on how to migrate your existing BIND installation for use with pkgsrc binaries. You should actually do this BEFORE upgrading world as this will give you the least downtime for the name service. This is how I did it on my system which is a rather small environment. Some dozen name entries and aliases for my local network, other than that I have DNSSEC look-aside configured using dlv.isc.org and that is about it. So be aware that this is how it WORKED FOR ME, but ymmv. Also: The version of BIND in base is 9.5.2, I directly upgraded to 9.6.1 from pkgsrc and it worked without touching my conf files at all. But again, depending on your setup, ymmv. If you are not running a BIND installation on your system but you are using tools like host, nslookup and so on it will be sufficient to just install some version of BIND from pkgsrc and make sure your scripts's PATH are correct. You could also switch your scripts to use drill which will be part of base after I pushed my patch-set in. I am quite sure I (once again) forgot something important, so take these instructions with a grain of salt. They are not meant to be used with brains shut off. Jan --- Go to /usr/pksrc/net/bind96 (or bind95) and install the BIND package # bmake all install clean Copy or link the rc script to /etc/rc.d/ # ln -s /usr/pkg/share/examples/rc.d/named9 /etc/rc.d/ Stop your base-BIND # /etc/rc.d/named stop edit /etc/rc.conf remove named_enable=YES, then add named9_enable=YES named_chrootdir=/etc/namedb named_flags=-c named.conf The BIND packaged from pkgsrc is running with user named instead of bind, so.. # chown -R named /etc/namedb Start you pkgsrc-BIND # /etc/rc.d/named9 start Test your setup with host, dig and so on. Check for a running named process with ps. Error messages should go to /var/log/messages usually.
Re: 2.6 upgrade: no root partition
Gergo Szakal schrieb: I have just upgraded to 2.6. Compiled everything as per the default settings, installed and after the reboot, I get the well-known ffs_mountroot: can't find rootvp message. Which fs is your ROOT fs? Jan
Re: 2.6 upgrade: no root partition
Gergo Szakal schrieb: Some additional information: I burned a 2.6 is and booting from that, I can access the partitions. So I smell a configuration issue on my end but have no idea where the problem can be. ok, then paste the /boot/loader.conf from the system here and also the dmesg from when you boot from CD. Does the disk still probe with the same device name? are you mounting using serno? From which version of DF did you upgrade to 2.6? Jan
Re: upgrade packs
Justin C. Sherrill schrieb: You could probably try this with two separate virtual machines - 1 2.4 and 1 2.6. Hint hint. Don't even need 2 VMs, 2 repositories one with 2.4 and one with 2.6 would be sufficient because they will end up in 2 different objdirs. Actually that is how I am keeping my lame VIA C7 box up to date. I just mount the repo and the objdir via NFS on the C7. Jan
UPDATE: HAMMER and PostgreSQL Performance
Attached is the latest (again not yet finished) version of the benchmarking I am doing on DF/HAMMER with PostgreSQL. I am compiling new numbers atm based on the SILI based adapter I just got donated from Matt. But as there was auite some interest on IRC I decided to put this intermediate version out. Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/ HAMMER and PostgreSQL Performance.pdf Description: Adobe PDF document
Re: How to use hammer volume-add and volume-del
lhmwzy schrieb: This is my fstab cat /etc/fstab # DeviceMountpoint FStype Options DumpPass# /dev/da0s1a /boot ufs rw 1 1 /dev/da0s1b noneswapsw 0 0 /dev/da0s1d / hammer rw 1 1 /pfs/var/varnullrw 0 0 /pfs/tmp/tmpnullrw 0 0 /pfs/usr/usrnullrw 0 0 /pfs/home /home nullrw 0 0 /pfs/usr.obj/usr/objnullrw 0 0 /pfs/var.crash /var/crash nullrw 0 0 /pfs/var.tmp/var/tmpnullrw 0 0 proc/proc procfs rw 0 0 2010/4/5 lhmwzy lhm...@gmail.com: I use hammer volume-add /dev/da1s0 /to expand /,but the system panic. What version of DF are you running? Please provide uname -a output. Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Re: How to use hammer volume-add and volume-del
lhmwzy schrieb: Maybe I do something wrong? 1.add the disk to computer. 2.hammer volume-add /dev/da1s0 / 3.shutdown -r now 4.panic 2010/4/5 Jan Lentfer jan.lent...@web.de: -Ursprüngliche Nachricht- Von: lhmwzy lhm...@gmail.com Gesendet: 05.04.2010 14:48:56 An: Jan Lentfer jan.lent...@web.de Betreff: Re: How to use hammer volume-add and volume-del sorry. I386,DragonFly v2.6.1-RELEASE Hmm.. shouldn't happen anymore with 2.5, http://gitweb.dragonflybsd.org/dragonfly.git/commit/c5464c54bedbab6bd4c9b3756078889af6a11170 Do you get a kernel dump that you can put somewhere so we could download it? Jan ___ NEU: WEB.DE DSL für 19,99 EUR/mtl. und ohne Mindest-Laufzeit! http://produkte.web.de/go/02/ you could try using a real partition, e.g. /dev/da1s0a Jan
Re: How to use hammer volume-add and volume-del
lhmwzy schrieb: Maybe I do something wrong? 1.add the disk to computer. 2.hammer volume-add /dev/da1s0 / 3.shutdown -r now 4.panic s0? What did you use to create the disklabel? Should use DF's disklabel program Jan
Re: Security process
Jonas Trollvik schrieb: How would you write a program to process error messages and decide which user accounts to disable? As to blocking repeated login failures, there are such things. I agree with you that blocking the ip is better than blocking a login, that could be easily abused to lock out accounts. Password logins shouldnt even be enabled if you want a secure setup. Doesn't pf have ip blacklisting based on certain rules built in? For such things I use denyhosts which works great for blocking script kiddies' ssh attacks. It only works with software using tcpwrappers though. Jan -- professional: http://www.oscar-consult.de private: http://neslonek.homeunix.org/drupal/
Testers needed: wpa_supplicant and hostapd tested to 0.6.10
Hi all, I have updated both wpa_supplicant and hostapd to latest release (0.6.10). One tester (thanks jh33) already confirmed that wpa_supplicant and wpa_cli are working for him, but I'd like to get more positive feedback also on hostapd before I will actually push this in. So, please TEST :-) The relevant bits can be found here: http://gitweb.dragonflybsd.org/~lentferj/dragonfly.git/shortlog/refs/heads/wpasup_update http://gitweb.dragonflybsd.org/~lentferj/dragonfly.git/shortlog/refs/heads/vendor/HOSTAPD http://gitweb.dragonflybsd.org/~lentferj/dragonfly.git/shortlog/refs/heads/vendor/WPA_SUPPLICANT Jan
Re: Anyone tried an Atom 330 with Dragonfly
Steve O'Hara-Smith schrieb: Hi, One of my workstations died and I'm looking to replace it, since the computing needs are not great I thought it might be nice to use something low powered and the dual core Atom 330 looks like a good option. I'm a little torn between two Asrock boards the A330GC with an Intel chipset and the rather newer A330ION with it's faster memory and all out more of everything and apparently lower power consumption than the lesser Intel chipset. Question is has anyone run DFLY on either of these (or anything with the same chipsets) or am would I be breaking new ground One of my Dev boxes is a Atom 330, Foxconn mainboard with intel chipset. No problem running DF. Jan
OpenSSL cryptodev / help and crypto hardware needed
sorry for cross-posting, but I thought I'd get more attention when putting this on users@ also. Jan ---BeginMessage--- Jan Lentfer schrieb: Attached is a patch to enable cryptodev engine support in OpenSSL on Dragonfly. I have tested this to some extend on a System with VIA C7 and padlock with these results: [..] I found some irregularities when using padlock.ko and cyrptodev with openssl. I am desperatly looking for someone who has crypto hardware other than padlock available and is whiling to do some testing with me. Jan ---End Message---
Call for testers: libncurses updated to v5.7
I have updated contrib/ncurses and thus libncurses to version 5.7. On my local system this seems to work fine but since a lot of apps depend on it I'd like to see it tested more widely. The relevant branches can be found here: http://gitweb.dragonflybsd.org/~lentferj/dragonfly.git ncurses_update vendor/NCURSES. Thanks for helping out! Jan This message was sent using IMP, the Internet Messaging Program.
Re: Call for testers: libncurses updated to v5.7
Hi Pierre, If I build /usr/pkgsrc/mail/mutt-devel it builds and compiles without any problem. /usr/pkgsrc/mail/mutt doesn't build because prohibited? From your paste I think you are building ncurses from pkgsrc. I updated ncurses in base system (contrib/ncurses, src/lib/libncurses). Jan Zitat von Pierre Abbat p...@phma.optus.nu: On Monday 14 December 2009 10:00:03 jan.lent...@web.de wrote: I have updated contrib/ncurses and thus libncurses to version 5.7. On my local system this seems to work fine but since a lot of apps depend on it I'd like to see it tested more widely. The relevant branches can be found here: http://gitweb.dragonflybsd.org/~lentferj/dragonfly.git ncurses_update vendor/NCURSES. Thanks for helping out! I tried building mutt, having just updated /usr/pkgsrc, and got this: c++ -shared -nostdlib /usr/lib/gcc41/crti.o /usr/lib/gcc41/crtbeginS.o ../obj_lo/.libs/cursesf.o ../obj_lo/.libs/cursesm.o ../obj_lo/.libs/cursesw.o ../obj_lo/.libs/cursespad.o ../obj_lo/.libs/cursesp.o ../obj_lo/.libs/cursslk.o ../obj_lo/.libs/cursesapp.o ../obj_lo/.libs/cursesmain.o -Wl,--rpath -Wl,/usr/pkgsrc/devel/ncurses/work/ncurses-5.7/lib/.libs -Wl,--rpath -Wl,/usr/pkg/lib -L/usr/pkgsrc/devel/ncurses/work/ncurses-5.7/lib ../lib/.libs/libncurses.so -L/usr/pkgsrc/devel/ncurses/work/.buildlink/lib -lstdc++ -lm -L/usr/lib/gcc41 -lc -lgcc_pic /usr/lib/gcc41/crtendS.o /usr/lib/gcc41/crtn.o -Wl,-soname -Wl,libncurses++.so.5.0.7 -o .libs/libncurses++.so.5.0.7 g++: /usr/lib/gcc41/crti.o: No such file or directory g++: /usr/lib/gcc41/crtn.o: No such file or directory *** Error code 1 Stop. bmake: stopped in /usr/pkgsrc/devel/ncurses/work/ncurses-5.7/c++ *** Error code 1 Stop. bmake: stopped in /usr/pkgsrc/devel/ncurses/work/ncurses-5.7 *** Error code 1 Stop. bmake: stopped in /usr/pkgsrc/devel/ncurses *** Error code 1 Stop. bmake: stopped in /usr/pkgsrc/devel/ncurses *** Error code 1 Stop. bmake: stopped in /usr/pkgsrc/devel/ncursesw *** Error code 1 Stop. bmake: stopped in /usr/pkgsrc/mail/mutt dogla# curses, ncurses, ncursesw, and slang are options when building mutt. Pierre -- .i toljundi do .ibabo mi'afra tu'a do .ibabo damba do .ibabo do jinga .icu'u la ma'atman. This message was sent using IMP, the Internet Messaging Program.
Re: [Fwd: pkgbox64 pkgsrc DragonFly 2.5.1/x86_64 2009-11-24 21:49]
Matthew Dillon schrieb: :jus...@shiningsilence.com wrote: : DragonFly 2.5 on x86_64 packages, for pkgsrc-2009Q3, are updated. : However! They are still uploading, as pkgbox64 doesn't have a lot of : outgoing bandwidth. The packages should all be on avalon.dragonflybsd.org : in the next day or two; it's on the 'g' files right now. : :The numbers are great! The x86_64 switch does not seem to have made :significant problems. : :cheers : simon It occurs to me that with some minor scripting we could automate the upload to occur in parallel with the build. Upload as the packages are built and only have to worry about not catching the binary package as it is being created. Then the uplink bandwidth wouldn't matter so much. -Matt Matthew Dillon dil...@backplane.com In discussion with Justin I already offered that I have a box here I bought for use for DF only. By next week I will have 1Mbit upload for this machine. In addition to your suggestion could we also find a way to split the build up on 2-x machines? That would make us even more independent of one machine and one line and speed up build upload times. cheers Jan
Re: [Fwd: pkgbox64 pkgsrc DragonFly 2.5.1/x86_64 2009-11-24 21:49]
Zitat von Simon 'corecode' Schubert corec...@fs.ei.tum.de: jus...@shiningsilence.com wrote: DragonFly 2.5 on x86_64 packages, for pkgsrc-2009Q3, are updated. However! They are still uploading, as pkgbox64 doesn't have a lot of outgoing bandwidth. The packages should all be on avalon.dragonflybsd.org in the next day or two; it's on the 'g' files right now. The numbers are great! The x86_64 switch does not seem to have made significant problems. cheers simon I could offer CPU Time on my x86_64 for package building also if that is of any help. Regards, Jan This message was sent using IMP, the Internet Messaging Program.
Testing needed: Updated vendor/LESS to 436
Please check the branches less_update and vendor/LESS here: http://gitweb.dragonflybsd.org/~lentferj/dragonfly.git
Re: Testing needed: Update BIND to 9.5.2
It seems the mailing list doesn't accept the attachment , so you can download it from here: http://neslonek.homeunix.org/bind_update.patch.gz Jan Lentfer schrieb: Hi, applied patch or http://gitweb.dragonflybsd.org/~lentferj/dragonfly.git/tree/08fede65c5945157ec82978d7e715f4bc03b8459 updates bind from 9.3 to 9.5.2 in base. I have tested on i386 but x86_64 aka amd64 testing and more general testing is needed. Please check if you can do this Kind Regards, Jan Lentfer
Re: Comparison of PgSQL Performance on HAMMER and UFS
Zitat von Matthew Dillon dil...@apollo.backplane.com: I'd like to see how those results compare with the various MPSAFE sysctls turned on, and also with fsync disabled (so we can get an idea how badly fsync effects write transactions, since we know fsync is very expensive on HAMMER): vfs.getattr_mpsafe=1 vfs.read_mpsafe=1 And vfs.hammer.fsync_mode=2 And also with the recent buffer cache work on master. The meta-data for a 5GB dataset should be cachable but prior to the work buffer cache data was being thrown out of the backing VM page caches too quickly. Another thing we know about HAMMER is that the initial B-Tree layout is pretty horrible. It takes a reblocking pass to fix it up. It shouldn't effect a dataset that small with the cache priorities fixed in master, though. -Matt I redid the tests as suggested and with a slighlty different test setup. Results attached. Next step: Redo the tests on -DEVELOPMENT. Regards, Jan This message was sent using IMP, the Internet Messaging Program. HAMMER_pgsql.pdf Description: Adobe PDF document