Re: idle auto logoff
Olivier Nicole wrote: I recently took over the adminstration of a FreeBSD machine at work and cannot figure out what is auto logging me off when I am idled on the machine. Are you ruunning something called idled? I checked that - the answer is no. cheers, Noah Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Getting started with FreeBSD
* Garrett Cooper ([EMAIL PROTECTED]) wrote: Btw (Off-topic, but true): Nothing in Gentoo (or FreeBSD or any other variant of Unix for that matter) says you have to install KDE ;). You can install the same metapackage in any Unix OS, if you love the bloat--uh, I mean functionality--or use another DE/WM to navigate around your desktop. Oh, absolutely. I don't actually use KDE or anything. Can't stand it personally. However, I inevitably want to use something which requires something which requires on of these giant bloated monsters like KDE or Gnome. And then I am faced with the question of compiling it. I can still remember the seventeen hour build of kdelibs on Gentoo, and I don't want to do it again. Though, I admit you very quickly start to make better decisions about what software you really need in that situation. I find it interesting that a former Slackware user would be complaining about compiling stuff, but you probably used slapt-get to update your packages. Well, I am probably coming off whiny. However, I am pretty typical of the Slackware crowd in that much of what I am running I compiled from source. But the base system is still binaries and that does speed things up. Pat doesn't patch everything endlessly and so it works well and as intended, so there is really no trade off. I am all for compiling, but why do it when nothing is any different? Firefox works great from binaries, and so I have never bothered to try compiling it. Same for openoffice and java. Even in Gentoo I installed the binaries of those. What I guess is troubling me here though is just figuring stuff out. I have been having some trouble seeing the forest through the trees. The handbook is quite honestly awesome, but only in the details. For the big picture it is fairly indistinct. So, getting my trifling brain around what exactly is going on in the thing has been nagging at me. How do I set it up? Where do I go next? Those kinds of things. I installed from binaries, and there are packages on the servers, and the tools have options for installing packages. I naturally thought there would be package updates and I was messing things up, or misunderstanding what tools to use, in order to get to those packages. However, after reading you post, I am thinking that the packages are only available for the snapshots labelled RELEASE. Am I right? All updates and changes made in between one release and the next are via sources. Would that be accurate? If so, I can say that is also fairly simple, simply non-intuitive. In some ways like having a separate ports system from the base. Simple, even sensible, but in some ways non-intuitive. Certainly for those not used to that approach. It is too bad that the documentation doesn't have a clearer introduction which approaches these simple though not necessarily natural approaches and make them clearer to newbies like myself. It would save a lot of trouble trying to figure out how to open the front door with a can opener. ;-) Let me know how ridiculously off-base I am in my current understanding. That is really what I am trying to do, find out what I should do to maintain things as move along the learning curve. Thanks for the help. Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: idle auto logoff
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Noah Sent: Wednesday, 11 October 2006 4:14 PM To: Olivier Nicole Cc: freebsd-questions@freebsd.org Subject: Re: idle auto logoff Olivier Nicole wrote: I recently took over the adminstration of a FreeBSD machine at work and cannot figure out what is auto logging me off when I am idled on the machine. Are you ruunning something called idled? I checked that - the answer is no. cheers, Noah Olivier if you are running tcsh / csh try looking for an autologout shell variable in /root/.cshrc man csh open man page then /autologoutto search then n repeatedly to step through mjt Murray Taylor Special Projects Engineer Bytecraft Systems P: +61 3 8710 2555 F: +61 3 8710 2599 D: +61 3 9238 4275 E: [EMAIL PROTECTED] -- Any intelligent fool can make things bigger and more complex... It takes a touch of genius - and a lot of courage to move in the opposite direction. --Albert Einstein --- The information transmitted in this e-mail is for the exclusive use of the intended addressee and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of it, or the taking of any action in reliance upon this information by persons and/or entities other than the intended recipient is prohibited. If you received this in error, please inform the sender and/or addressee immediately and delete the material. E-mails may not be secure, may contain computer viruses and may be corrupted in transmission. Please carefully check this e-mail (and any attachment) accordingly. No warranties are given and no liability is accepted for any loss or damage caused by such matters. --- ### This e-mail message has been scanned for Viruses by Bytecraft ### ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: KDE Control Center
I guess would be that one or more configuration files got messed up. An easy way to test this is to create another user and see if it works for the new login. If so you can perhaps find the file or if you do not have too much invested in configuration logout and remove .kde from the console. On Tue, 10 Oct 2006, Rem P Roberti wrote: When I bring up the Control Center in KDE the left column is now blank, and I have no options for changing preferences. Anyone know what happened there? Everything else seems to be functioning fine. Rem ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
custom kernel, make buildkernel and then?
Hello, Hope you can advise me. I have a FreeBSD 6.1 stable system for which I want to build a custom kernel. However, I am scared to death (almost ;) and just want to make sure I have it done the right way. I have in the past used supfile with ports-all option and couldn't build a custom kernel. Yesterday it dawned on me that I need sources for that, not ports. So I ran cvsup with src-all option. Now, I followed these steps: # cd /usr/src/sys/i386/conf # mkdir /root/kernels # cp GENERIC /root/kernels/LISTS # ln -s /root/kernels/LISTS then I used procedure 2 for building the kernel the new way. # cd /usr/src # make buildkernel KERNCONF=LISTS It all went well without any complaint (I was really puzzled - when it comes to IT, I usually see half-empty glasses...) but now I wonder. My next step is supposed to be make installkernel KERNCONF=LISTS Is it OK to do it on an already configured system? I have some usual applications like php, mysql, apache, exim MTA configured and working. So in other words I am trying to build a custom kernel not on a fresh install but on an already working system (operating for 25 days). It is not a webserver but it is running and needs these apps. My fear is that I am likely to break something. Have I done the right steps? Do you think I can progress with make installkernel? I have also a question about the last command in the recipe: Now, shutdown the system and reboot to use your new kernel. Will shutdown -r now be enough? Or do I have to boot in single user mode? Sorry if all of these seems obvious. I am new to FreeBSD. Thank you very much in advance! Warm regards, -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
fsck problems under 6.0
Hi, I'm running a RAID 5, 6.0-RELEASE-p6 server, with multiple jails on it, more precisely 17 at the moment. It runs great, no problems at all until now, and even at that moment the server is fine. I have just done an fsck, and the results frighten me: ** Phase 2 - Check Pathnames I have 3 UNEXPECTED SOFT UPDATE INCONSISTENCY errors, like: --- UNALLOCATED I=23364960 OWNER=www MODE=100644 SIZE=1084 MTIME=Oct 10 22:35 2006 FILE=/jails/j27/usr/home/www/data/tools/smarty/cache/%%08^081^081AA588%%mail.tpl UNEXPECTED SOFT UPDATE INCONSISTENCY REMOVE? no --- ** Phase 4 - Check Reference Counts I have around 100 UNREF FILE errors, like: --- UNREF FILE I=21409205 OWNER=88 MODE=100600 SIZE=0 MTIME=Jun 5 08:55 2006 CLEAR? no UNREF FILE I=21409206 OWNER=88 MODE=100600 SIZE=0 MTIME=Jun 5 08:55 2006 CLEAR? no UNREF FILE I=21481298 OWNER=88 MODE=100600 SIZE=0 MTIME=Jun 7 12:16 2006 CLEAR? no --- ** Phase 5 - Check Cyl groups --- SUMMARY INFORMATION BAD SALVAGE? no BLK(S) MISSING IN BIT MAPS SALVAGE? no ALLOCATED FILE 23365029 MARKED FREE ALLOCATED FILE 23365042 MARKED FREE ALLOCATED FRAG 93343103 MARKED FREE ALLOCATED FRAGS 93360560-93360564 MARKED FREE --- As I said, I never had any problem with the server, no power interruption or whatever. I never played with tunefs. It uses the 6.0-RELEASE configuration. Now the questions: 1) Is that a serious problem? 2) What can be the cause of that? Faulty hardware, or software? I'm running an INTEL SRCU24L raid card, and I think I read posts mentioning problems with some iir driver version, under medium to high load. 3) How do I correct that? Booting single-mode, fsck -f? Is there a danger my whole filesystem gets broken? 4) Should I upgrade to 6.1 maybe? Thanks for reading! --- Philippe Lang Attik System smime.p7s Description: S/MIME cryptographic signature
Re: KDE Control Center
I guess would be that one or more configuration files got messed up. An easy way to test this is to create another user and see if it works for the new login. If so you can perhaps find the file or if you do not have too much invested in configuration logout and remove .kde from the console. On Tue, 10 Oct 2006, Rem P Roberti wrote: When I bring up the Control Center in KDE the left column is now blank, and I have no options for changing preferences. Anyone know what happened there? Everything else seems to be functioning fine. Rem Temporarily removed .kde and started from scratch. Guess what...when I finished configuring KDE with the startup wizard the Control Center had the same blank index column. This is quite weird. Rem ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: custom kernel, make buildkernel and then?
Zbigniew Szalbot wrote: Hello, Hope you can advise me. I have a FreeBSD 6.1 stable system for which I want to build a custom kernel. However, I am scared to death (almost ;) and just want to make sure I have it done the right way. I have in the past used supfile with ports-all option and couldn't build a custom kernel. Yesterday it dawned on me that I need sources for that, not ports. So I ran cvsup with src-all option. Now, I followed these steps: # cd /usr/src/sys/i386/conf # mkdir /root/kernels # cp GENERIC /root/kernels/LISTS # ln -s /root/kernels/LISTS then I used procedure 2 for building the kernel the new way. # cd /usr/src # make buildkernel KERNCONF=LISTS It all went well without any complaint (I was really puzzled - when it comes to IT, I usually see half-empty glasses...) but now I wonder. My next step is supposed to be make installkernel KERNCONF=LISTS Is it OK to do it on an already configured system? I have some usual applications like php, mysql, apache, exim MTA configured and working. So in other words I am trying to build a custom kernel not on a fresh install but on an already working system (operating for 25 days). It is not a webserver but it is running and needs these apps. My fear is that I am likely to break something. Yes, you can install the kernel. Applications don't live in kernelspace. If your kernel fails to boot you can boot the old kernel by in the loader menu go to a promt, unload the kernel and load kernel.old. I usually build a GENERIC kernel and copy it with modules to /boot/kernel.GENERIC - just as my custom kernel is copied to /boot/kernel.CUSTOM as the kernel.old is overwritten on every install. You might in some limited cases experience problems if you updated and build/install world, but that's a different story. Will shutdown -r now be enough? Or do I have to boot in single user mode? Just reboot as normally. Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Problems with ACLs
I'm trying to set default ACLs on a directory to restrict access to a directory and every file/directory created within this directory to two users. I have used this website to get a grip of how it works: http://www.onlamp.com/pub/a/bsd/2003/08/14/freebsd_acls.html Following that example: # setfacl -d -m u::rwx,g::rwx,o::---,u:apache:rwx,u:web26124:rwx test # setfacl -m u::rwx,g::rwx,o::---,u:apache:rwx,u:web26124:rwx test # cd test # touch file.txt # getfacl file.txt #file:file.txt #owner:0 #group:1003 user::rw- user:apache:rwx # effective: r-- user:web26124:rwx # effective: r-- group::rwx # effective: r-- mask::r-- other::--- Looks fine to me. So now I have a PHP script (runs as apache) that creates a directory (inside this directory I have just set default ACLs for) and a file within it: # getfacl dir/file #file:dir/file #owner:1004 #group:1003 user::rw- user:apache:rwx # effective: r-- user:web26124:rwx # effective: r-- group::rwx # effective: r-- mask::r-- other::--- And then I try to remove the file as web26124: $ whoami web26124 $ rm dir/file override rw-r- apache/apache for dir/file? yes rm: dir/file: Permission denied Files that are created in the directory where I have set default ACLs is removable by web26124 but not files that are created in the subdirectory. # ls -alF total 16 drwxrwx---+ 3 web26124 apache 512 Oct 11 10:14 ./ drwxr-xr-x 4 web26124 apache 512 Oct 11 10:01 ../ -rw-r--r--+ 1 root apache 64 Oct 11 10:14 create.php drwxr-x---+ 2 apacheapache 512 Oct 11 10:13 dir/ - Files inside this directory is NOT removable -rw-r-+ 1 apache apache0 Oct 11 10:13 file3 - Removable What's wrong? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: custom kernel, make buildkernel and then?
Hello, On Wed, 11 Oct 2006, Erik Norgaard wrote: Yes, you can install the kernel. Applications don't live in kernelspace. If your kernel fails to boot you can boot the old kernel by in the loader menu go to a promt, unload the kernel and load kernel.old. Now here comes the funny part. When I do, I get the following message: $ sudo make installkernel KERNCONF=LISTS ERROR: No kernel LISTS to install. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. Should I specify the path like KERNCONF=/root/kernel/LISTS ? Thank you very much for taking time to help me! -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: custom kernel, make buildkernel and then?
Zbigniew Szalbot wrote: Hello, On Wed, 11 Oct 2006, Erik Norgaard wrote: Yes, you can install the kernel. Applications don't live in kernelspace. If your kernel fails to boot you can boot the old kernel by in the loader menu go to a promt, unload the kernel and load kernel.old. Now here comes the funny part. When I do, I get the following message: $ sudo make installkernel KERNCONF=LISTS ERROR: No kernel LISTS to install. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. Should I specify the path like KERNCONF=/root/kernel/LISTS ? Thank you very much for taking time to help me! -- Zbigniew Szalbot Easier just to go ln -s /root/kernel/LISTS /usr/src/sys/[arch]/conf/ . -Garrett ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: custom kernel, make buildkernel and then?
Zbigniew Szalbot wrote: Hello, Hope you can advise me. I have a FreeBSD 6.1 stable system for which I want to build a custom kernel. However, I am scared to death (almost ;) and just want to make sure I have it done the right way. I have in the past used supfile with ports-all option and couldn't build a custom kernel. Yesterday it dawned on me that I need sources for that, not ports. So I ran cvsup with src-all option. Now, I followed these steps: # cd /usr/src/sys/i386/conf # mkdir /root/kernels # cp GENERIC /root/kernels/LISTS # ln -s /root/kernels/LISTS then I used procedure 2 for building the kernel the new way. # cd /usr/src # make buildkernel KERNCONF=LISTS It all went well without any complaint (I was really puzzled - when it comes to IT, I usually see half-empty glasses...) but now I wonder. My next step is supposed to be make installkernel KERNCONF=LISTS Is it OK to do it on an already configured system? I have some usual applications like php, mysql, apache, exim MTA configured and working. So in other words I am trying to build a custom kernel not on a fresh install but on an already working system (operating for 25 days). It is not a webserver but it is running and needs these apps. My fear is that I am likely to break something. Have I done the right steps? Do you think I can progress with make installkernel? I have also a question about the last command in the recipe: Now, shutdown the system and reboot to use your new kernel. Will shutdown -r now be enough? Or do I have to boot in single user mode? Sorry if all of these seems obvious. I am new to FreeBSD. Thank you very much in advance! Warm regards, -- Zbigniew Szalbot Building and installing a new custom kernel? Usually the steps consist of: 1. Edit kernel config file. 2. If you have the symlink set correctly, or the file located in the right place, just run make buildkernel installkernel KERNCONF=[configfile name] (or if you feel slick, specify the name in /etc/make.conf and run make buildkernel installkernel). 3. Reboot. -Garrett ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: custom kernel, make buildkernel and then?
Garrett Cooper wrote: Zbigniew Szalbot wrote: Hello, On Wed, 11 Oct 2006, Erik Norgaard wrote: Yes, you can install the kernel. Applications don't live in kernelspace. If your kernel fails to boot you can boot the old kernel by in the loader menu go to a promt, unload the kernel and load kernel.old. Now here comes the funny part. When I do, I get the following message: $ sudo make installkernel KERNCONF=LISTS ERROR: No kernel LISTS to install. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. Should I specify the path like KERNCONF=/root/kernel/LISTS ? Thank you very much for taking time to help me! -- Zbigniew Szalbot Easier just to go ln -s /root/kernel/LISTS /usr/src/sys/[arch]/conf/ . -Garrett Err... omit that last period in the ln command. I just realized that could be misleading. -Garrett ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: custom kernel, make buildkernel and then?
Hello again, On Wed, 11 Oct 2006, Garrett Cooper wrote: Easier just to go ln -s /root/kernel/LISTS /usr/src/sys/[arch]/conf/ . -Garrett Err... omit that last period in the ln command. I just realized that could be misleading. Thank you Garrett - I did ln -s /root/kernel/LISTS /usr/src/sys/i386/conf/ But the error is still there. However I realize now my mistake. I issued the above but it should have been kernels not kernel in the path. When I now try to make installkernel, it gives me this message: Installing kernel -- cd /usr/obj/usr/src/sys/LISTS; MAKEOBJDIRPREFIX=/usr/obj MACHINE_ARCH=i386 MACHINE=i386 CPUTYPE= GROFF_BIN_PATH=/usr/obj/usr/src/tmp/legacy/usr/bin GROFF_FONT_PATH=/usr/obj/usr/src/tmp/legacy/usr/share/groff_font GROFF_TMAC_PATH=/usr/obj/usr/src/tmp/legacy/usr/share/tmac PATH=/usr/obj/usr/src/tmp/legacy/usr/sbin:/usr/obj/usr/src/tmp/legacy/usr/bin:/usr/obj/usr/src/tmp/legacy/usr/games:/usr/obj/usr/src/tmp/usr/sbin:/usr/obj/usr/src/tmp/usr/bin:/usr/obj/usr/src/tmp/usr/games:/sbin:/bin:/usr/sbin:/usr/bin make KERNEL=kernel install cd: can't cd to /usr/obj/usr/src/sys/LISTS *** Error code 2 Stop in /usr/src. *** Error code 1 Stop in /usr/src. The only thing in /usr/obj/usr/src/sys/ is the boot directory. Any advice? Thanks for your patience with me and thank you very much for your help! -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: custom kernel, make buildkernel and then?
Sorry, forgot to include the list On 11/10/06, Spiros Papadopoulos [EMAIL PROTECTED] wrote: Hi, What i simply do is: 1. Enter the /usr/src/sys/*/conf directory 2. copy GENERIC to whatever name i wish (no new dirs, no links) 3. Alter the file to my needs 4. cd /usr/src 5. make buildkernel KERNCONF='name' 6. make installkernel KERNCONF='name' 7. shutdown -r now Maybe i am missing something here, but this is too simple and never gave me problems... why not trying to go for it and see the results. Regards, Spiros On 11/10/06, Zbigniew Szalbot [EMAIL PROTECTED] wrote: Hello again, On Wed, 11 Oct 2006, Garrett Cooper wrote: Easier just to go ln -s /root/kernel/LISTS /usr/src/sys/[arch]/conf/ . -Garrett Err... omit that last period in the ln command. I just realized that could be misleading. Thank you Garrett - I did ln -s /root/kernel/LISTS /usr/src/sys/i386/conf/ But the error is still there. However I realize now my mistake. I issued the above but it should have been kernels not kernel in the path. When I now try to make installkernel, it gives me this message: Installing kernel -- cd /usr/obj/usr/src/sys/LISTS; MAKEOBJDIRPREFIX=/usr/obj MACHINE_ARCH=i386 MACHINE=i386 CPUTYPE= GROFF_BIN_PATH=/usr/obj/usr/src/tmp/legacy/usr/bin GROFF_FONT_PATH=/usr/obj/usr/src/tmp/legacy/usr/share/groff_font GROFF_TMAC_PATH=/usr/obj/usr/src/tmp/legacy/usr/share/tmac PATH=/usr/obj/usr/src/tmp/legacy/usr/sbin:/usr/obj/usr/src/tmp/legacy/usr/bin:/usr/obj/usr/src/tmp/legacy/usr/games:/usr/obj/usr/src/tmp/usr/sbin:/usr/obj/usr/src/tmp/usr/bin:/usr/obj/usr/src/tmp/usr/games:/sbin:/bin:/usr/sbin:/usr/bin make KERNEL=kernel install cd: can't cd to /usr/obj/usr/src/sys/LISTS *** Error code 2 Stop in /usr/src. *** Error code 1 Stop in /usr/src. The only thing in /usr/obj/usr/src/sys/ is the boot directory. Any advice? Thanks for your patience with me and thank you very much for your help! -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Spiros Papadopoulos -- Spiros Papadopoulos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: custom kernel, make buildkernel and then?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Zbigniew Szalbot wrote: Hello again, On Wed, 11 Oct 2006, Garrett Cooper wrote: Easier just to go ln -s /root/kernel/LISTS /usr/src/sys/[arch]/conf/ . -Garrett Err... omit that last period in the ln command. I just realized that could be misleading. Thank you Garrett - I did ln -s /root/kernel/LISTS /usr/src/sys/i386/conf/ But the error is still there. However I realize now my mistake. I issued the above but it should have been kernels not kernel in the path. When I now try to make installkernel, it gives me this message: Installing kernel -- cd /usr/obj/usr/src/sys/LISTS; MAKEOBJDIRPREFIX=/usr/obj MACHINE_ARCH=i386 MACHINE=i386 CPUTYPE= GROFF_BIN_PATH=/usr/obj/usr/src/tmp/legacy/usr/bin GROFF_FONT_PATH=/usr/obj/usr/src/tmp/legacy/usr/share/groff_font GROFF_TMAC_PATH=/usr/obj/usr/src/tmp/legacy/usr/share/tmac PATH=/usr/obj/usr/src/tmp/legacy/usr/sbin:/usr/obj/usr/src/tmp/legacy/usr/bin:/usr/obj/usr/src/tmp/legacy/usr/games:/usr/obj/usr/src/tmp/usr/sbin:/usr/obj/usr/src/tmp/usr/bin:/usr/obj/usr/src/tmp/usr/games:/sbin:/bin:/usr/sbin:/usr/bin make KERNEL=kernel install cd: can't cd to /usr/obj/usr/src/sys/LISTS *** Error code 2 Stop in /usr/src. *** Error code 1 Stop in /usr/src. The only thing in /usr/obj/usr/src/sys/ is the boot directory. Any advice? Thanks for your patience with me and thank you very much for your help! -- Zbigniew Szalbot Running 'cd /usr/src/sys/i386/conf ls -l' yields...? - -Garrett -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFLLgB6CkrZkzMC68RArn/AJ4+7+s/y+7VGCRpijLnhgtSSb8ONQCeIdLT YkuWnjNvSHAgp8xB4NZd1qE= =nvLD -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: custom kernel, make buildkernel and then?
Hi there again, On Wed, 11 Oct 2006, Garrett Cooper wrote: Running 'cd /usr/src/sys/i386/conf ls -l' yields...? total 56 -rw-r--r-- 1 root wheel372 Oct 28 2005 DEFAULTS -rw-r--r-- 1 root wheel 10337 May 1 02:15 GENERIC -rw-r--r-- 1 root wheel 1741 Jan 14 2005 GENERIC.hints lrwxr-xr-x 1 root wheel 19 Oct 11 10:52 LISTS - /root/kernels/LISTS -rw-r--r-- 1 root wheel120 Feb 27 2003 Makefile -rw-r--r-- 1 root wheel 33809 May 1 02:15 NOTES -rw-r--r-- 1 root wheel 1769 Mar 12 2006 PAE -rw-r--r-- 1 root wheel322 Sep 18 2005 SMP Thanks! -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: custom kernel, make buildkernel and then?
Zbigniew Szalbot wrote: I have in the past used supfile with ports-all option and couldn't build a custom kernel. Yesterday it dawned on me that I need sources for that, not ports. So I ran cvsup with src-all option. Now, I followed these steps: # cd /usr/src/sys/i386/conf # mkdir /root/kernels # cp GENERIC /root/kernels/LISTS # ln -s /root/kernels/LISTS The target directory for the build is /usr/obj, so in /usr/obj/usr/src/sys you can see what kernels have been built. Now BEWARE! One thing is the filename of the kernel config, another thing is the string set in the ident parameter in the config file. To stay sane, always change it to the same as the config file name. The ident is what the kernel reports it self to be, and a custom kernel should not claim to be a GENERIC kernel. And this may also determine where the kernel is built. So, if you didn't change the ident, then you may find you have a non-generic GENERIC kernel and # make installkernel will install that. But don't! Change the ident, rebuild your kernel and install the custom kernel. This is important, because if you later report a bug you are asked to submit the output of 'uname -a' and developers will think you are using a GENERIC kernel when in fact you are not. Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Getting started with FreeBSD
cothrige wrote: [snip] However, after reading you post, I am thinking that the packages are only available for the snapshots labelled RELEASE. Am I right? All updates and changes made in between one release and the next are via sources. Would that be accurate? I wondered about the same thing some time ago. I was told by one of the gurus to try packages-6-stable, which would most likely work with 6.1-RELEASE. So I tried to fetch the latest Firefox in this way: pkg_add [no line break] ftp://ftp.mirror.freebsd.org/pub/FreeBSD/ports/i386/packages-6-stable/www/firefox-1.5.0.7,1.tbz Seems to work fine. However, I tried to do the same thing with Thunderbird (mail/thunderbird-1.5.0.7.tbz), and then I got many warnings about libraries not being up to date. Could I have done it differently to get dependencies updated as well? Just a few extra words in section 4.4.1 the handbook could probably have cleared this up. -- Tore ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: custom kernel, make buildkernel and then?
Hello, On Wed, 11 Oct 2006, Erik Norgaard wrote: The target directory for the build is /usr/obj, so in /usr/obj/usr/src/sys you can see what kernels have been built. And it seems none have? For I get this when I do ls I can see only boot directory and no kernels. Is it possible that the buildprocess failed though it did not explicitly tell me about it? From what I recall one of the last lines pritned by buildkernel was chmod 444 freebsd.submit.cf But I can be plain wrong. Cannot recall it and do not know how to check it. Now BEWARE! One thing is the filename of the kernel config, another thing is the string set in the ident parameter in the config file. I think I have it correctly: machine i386 #cpuI486_CPU #cpuI586_CPU cpu I686_CPU ident LISTS Thanks again for your patience. If you think it is best, I will try an approach suggested by Spyros. -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Script to fetch Wikipedia text
Hey! I'm involved in a few research projects, and like to keep my information well organized. I usually get most of it from Wikipedia, however, I hate printing HTML articles to PDF. I'd rather want them in pure, well laid out text. And I'm sure others would too. Being able to master ones knowledge provides a warm inner peace. Hence I've tried dumping the output from text browsers such as w3m, elinks, lynx etc. I am, however, only interested in the articles themselves, not their links, views, toolboxes, search bars, other available languages and so on. I tried running a whole bunch of regular expressions over the output, but that really felt like the hard way. So some guy gave me this: #!/usr/bin/env ruby require 'rexml/document' require 'cgi' require 'tempfile' require 'open-uri' url = 'http://en.wikipedia.org/wiki/Special:Export/' + CGI::escape(ARGV.join( ).strip.squeeze(' ').tr(' ', '_')).gsub(/%3[Aa]/,':').gsub(/%2[Ff]/,'/').gsub(/%23/,'#') open(url) { |f| puts REXML::XPath.first(REXML::Document::new(f.class == Tempfile ? f.open : f), '//text').text } Which seem to take advantage of Wikipedia's special export feature, which really seems cool. However there's a few issues. First, the script looks kinda complex. I'm sure there's a simpler way of writing it. Second, it does not yet output the kind of pure and well laid out text as it should. For instance, on http://en.wikipedia.org/wiki/GNU_Hurd, it outputs: ## BEGIN {{Infobox_Software | name = GNU Hurd | logo = [[Image:Hurd-logo.png]]br / | developer = [[Thomas Bushnell| Michael (now Thomas) Bushnell]] (original developer) and various contributors | latest_release_version = | latest_release_date = | operating_system = [[GNU]] | genre = [[Kernel (computer science)|Kernel]] | family = [[POSIX]]-conformant [[Unix]]-Clones | kernel_type = [[Microkernel]] | license = [[GNU General Public License|GPL]] | source_model = [[Free software]] | working_state = In production / development | website = [http://www.gnu.org/software/hurd/hurd.html www.gnu.org] }} {{redirect|Hurd}} '''The GNU Hurd''' is a computer operating system [[Kernel (computer science)|kernel]]. It consists of a set of [[Server (computing)|servers]] (or [[daemon (computer software)|daemons]], in [[Unix]]-speak) that work on top of either the [[GNU Mach]] [[microkernel]] or the [[L4 microkernel family|L4 microkernel]]; together, they form the [[kernel (computer science)|kernel]] of the [[GNU]] [[operating system]]. It has been under development since [[1990]] by the [[GNU]] Project and is distributed as [[free software]] under the [[GNU General Public License|GPL]]. The Hurd aims to surpass [[Unix]] kernels in functionality, security, and stability, while remaining largely compatible with them. This is done by having the Hurd track the [[POSIX]] specification, while avoiding arbitrary restrictions on the user. HURD is an indirectly [[recursive acronym]], standing for HIRD of [[Unix]]-Replacing [[Daemon (computer software)|Daemons]], where HIRD stands for HURD of Interfaces Representing Depth. It is also a play of words to give [[herd]] of [[wildebeest|gnus]] reflecting how it works. ==Development history== Development on the GNU operating system began in 1984 and progressed rapidly. By the early 1990s, the only major component missing was the kernel. Development on the Hurd began in [[1990]], after an abandoned kernel attempt started from the finished research [[Trix (kernel)|Trix]] operating system developed by Professor [[Steve Ward (Computer Scientist)| Steve Ward]] and his group at [[Massachusetts Institute of Technology| MIT]]'s [[Laboratory for Computer Science]] (LCS). According to [[Thomas Bushnell| Michael (now T homas) Bushnell]], the initial Hurd architect, their early plan was to adapt the [[BSD]] 4.4-Lite kernel and, in hindsight, It is now perfectly obvious to me that this would have succeeded splendidly and the world would be a very different place today.ref{{cite web | url = http://www.groklaw.net/article.php?story=20050727225542530 | title = The Hurd and BSDI|accessdate = 2006-08-08 | author = Peter H. Salus | work = The Daemon, the GNU and the Penguin}}/ref However, due to a lack of cooperation from the [[University of California, Berkeley|Berkeley]] programmers, [[Richard Stallman]] decided instead to use the [[Mach microkernel]], which subsequently proved unexpectedly difficult, and the Hurd's development proceeded slowly. ## END This should instead be something like: ## BEGIN http://en.wikipedia.org/wiki/GNU_Hurd Name = GNU Hurd Developer = Thomas Bushnell (original developer) and various contributors Operating_system = GNU Genre = Kernel (computer science) Family = POSIX-conformant Unix-Clones Kernel type = Microkernel License = GNU General Public License Source model = Free software Working state = In production / development Website =
Re: custom kernel, make buildkernel and then?
Zbigniew Szalbot wrote: Hello, On Wed, 11 Oct 2006, Erik Norgaard wrote: The target directory for the build is /usr/obj, so in /usr/obj/usr/src/sys you can see what kernels have been built. And it seems none have? For I get this when I do ls I can see only boot directory and no kernels. Is it possible that the buildprocess failed though it did not explicitly tell me about it? From what I recall one of the last lines pritned by buildkernel was chmod 444 freebsd.submit.cf If you have no /usr/obj/usr/src/sys/LISTS then the kernel have not been built and something went wrong. To get accustomed to building the kernel, start first building the GENERIC kernel, see that it gets there, see how long it takes. See the last message at build. It should not be chmod ... but rather Finished building kernel or something like that. Then, using the GENERIC config as a skeleton, create your LISTS kernel, but do it stepwise, start removing what you are absolutely certain you don't need or adding things you load as modules. And see that you can build that. If you've never built a kernel before doing too much stuff first time may result in errors you can't identify. Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: iDefense Security Advisory 10.10.06: FreeBSD ptrace PT_LWPINFO Denial of Service Vulnerability
In response to Colin Percival [EMAIL PROTECTED]: Bill Moran wrote: Colin Percival [EMAIL PROTECTED] wrote: This is a local denial of service bug, which was fixed 6 weeks ago in HEAD ^^^ That was what I expected. Section III seems to hint that it could be used by an unprivileged user to crash or lock a system. Yes. An unprivileged user who is able to execute code on an affected system can cause a kernel panic. There are a variety of reasons for not treating bugs like this as security issues; the strongest reason imho is that if one of your users is making a system crash, you can disable his account and call the police. Thanks for the clarification. From my standpoint, this qualifies as a privilege escalation and warrants action. I see that it's already fixed in RELENG_6_1. Am I correct that there is no intention to MFC this back to RELENG_6_0? And, yes, I can't spell unprivileged to save my life, and the spell checker was turned off on my other computer ... -- Bill Moran Collaborative Fusion Inc. IMPORTANT: This message contains confidential information and is intended only for the individual named. If the reader of this message is not an intended recipient (or the individual responsible for the delivery of this message to an intended recipient), please be advised that any re-use, dissemination, distribution or copying of this message is prohibited. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: custom kernel, make buildkernel and then?
Hello, On Wed, 11 Oct 2006, Spiros Papadopoulos wrote: Hi, What i simply do is: 1. Enter the /usr/src/sys/*/conf directory 2. copy GENERIC to whatever name i wish (no new dirs, no links) 3. Alter the file to my needs 4. cd /usr/src 5. make buildkernel KERNCONF='name' 6. make installkernel KERNCONF='name' 7. shutdown -r now Which is what I did eventually and it now works beautifully! I edited the conf file to my liking and it works! Thank you everyone on this list. You are very patient for newbies like myself and I can't stress enough how much I appreciate the time you are devoting to help me/us. Thanks! -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Getting started with FreeBSD
* Tore Lund ([EMAIL PROTECTED]) wrote: I wondered about the same thing some time ago. I was told by one of the gurus to try packages-6-stable, which would most likely work with 6.1-RELEASE. So I tried to fetch the latest Firefox in this way: pkg_add [no line break] ftp://ftp.mirror.freebsd.org/pub/FreeBSD/ports/i386/packages-6-stable/www/firefox-1.5.0.7,1.tbz Doesn't this seem a tad clunky and unfinished? I am still having a bit of trouble figuring out what I am overlooking. Why would a fully binary installed OS offer no binary support for updates at all? Why have a nice secure RELEASE edition when once installed it will naturally develop security holes that are very hard to find and fix? Things are just so foggy at this point and I must assume that I am just not seeing the answer to this. Seems to work fine. However, I tried to do the same thing with Thunderbird (mail/thunderbird-1.5.0.7.tbz), and then I got many warnings about libraries not being up to date. Could I have done it differently to get dependencies updated as well? Just a few extra words in section 4.4.1 the handbook could probably have cleared this up. One of the things I don't get is the stable vs. release concept. There is basically nothing said to address this. I can imagine that the packages in packages-6.1-release are fixed and static, though it surprises me that no security fixes are placed there, but what about packages-6-stable? These seem quite new, comparitively, and so I would assume that they are not static as release are. And if they are in fact tracked and improved, how can they be accessed via the tools? Your experience seems to show that using them in a release system is not ideal, and so must be unintended. It really is about as clear as mud to me. And as fine as the handbook is I cannot really use the info given there without a better understanding of the basic system concepts such as this first. Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Getting started with FreeBSD
cothrige wrote: * Tore Lund ([EMAIL PROTECTED]) wrote: I wondered about the same thing some time ago. I was told by one of the gurus to try packages-6-stable, which would most likely work with 6.1-RELEASE. So I tried to fetch the latest Firefox in this way: pkg_add [no line break] ftp://ftp.mirror.freebsd.org/pub/FreeBSD/ports/i386/packages-6-stable/www/firefox-1.5.0.7,1.tbz Doesn't this seem a tad clunky and unfinished? [snip] Agree completely, but as far as I can tell, them's the terms... Let's hope that someone else will step in here and elucidate the matter. -- Tore ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
dictionaries/spellchecking
Good day all. I am trying to install additional dictionaries for spellcking in OpenOffice. Trying to do so using File - Wizards - Install new dictionaries yielded no results. Which is the correct way to do it? Michael ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
libcrypto(3) and statically linked ports....
Hello, Given the recent openssl advisory, and the note within: NOTE: Any third-party applications, including those installed from the FreeBSD ports collection, which are statically linked to libcrypto(3) should be recompiled in order to use the corrected code. How does one go about determining which of the installed ports on his machine are statically linked to libcrypto? Thanks, Eric ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: dictionaries/spellchecking
Michael S wrote: Good day all. I am trying to install additional dictionaries for spellcking in OpenOffice. Trying to do so using File - Wizards - Install new dictionaries yielded no results. Which is the correct way to do it? Check ports/editors/ooodict-all Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: libcrypto(3) and statically linked ports....
Hi, On Oct 11, 2006, at 10:27 AM, Eric Schuele wrote: Hello, Given the recent openssl advisory, and the note within: NOTE: Any third-party applications, including those installed from the FreeBSD ports collection, which are statically linked to libcrypto(3) should be recompiled in order to use the corrected code. How does one go about determining which of the installed ports on his machine are statically linked to libcrypto? This seemed to work for me: http://lists.freebsd.org/pipermail/freebsd-ports/2006-September/ 035278.html --- Lee Capps Technology Specialist [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Getting started with FreeBSD
On Wed, Oct 11, 2006 at 11:53:04AM +0800, ke han wrote: Patrick, Since you are already knowledgeable of X-11 apps on slackware, this opinion may not concern you. My opinion of FreeBSD is do not try to configure X-11 desktops and apps with it. Its just too much effort. I have the same opinion of any *nix system that require the user to install/configure their own desktop experience. If you want a good desktop that does provide updates to some apps (firefox included), start with PC-BSD, http://www.pcbsd.org. This is built on FreeBSD 6.x and keeps the base enough as in the FreeBSD.org release so as to enable you a true freebsd system so you can still use ports or packages in addition to PC-BSD's PBI installerbut without the trouble of integrating and maintaining your own desktop experience. enjoy, ke han This is not very good advice to give to someone who is trying to learn FreeBSD. It is like telling a short person the solution to their problems is to get taller. Anyway, configuring X is not much related to the questions the person is asking. They are asking more about the relationship of versions and using CVSUP, etc. jerry On Oct 11, 2006, at 11:10 AM, cothrige wrote: I am a complete newb to BSD trying to get started learning a bit about how to make my way in it. I have been using Slackware over the last four years or so, and this has made me a bit used to one way of doing things and now the FreeBSD way is kind of rattling me. For some background, I installed from the FreeBSD 6.1-RELEASE discs, and this is also what I get from uname -r. What I don't understand is the relationship between ports, packages and security. For instance, I am currently using firefox 1.5.0.1, which I keep seeing online is not terribly secure. However, I am confused about what FreeBSD makes available to update this and other similar packages. I installed this, and most of the rest of the system, from the discs via packages, and hope to keep packages as my main method. I have had some experience in the past with twenty hour compiles of kdelibs on Gentoo and really don't want that again but I cannot find any info anywhere on how to approach updating for security via packages. I installed once previously as a test, and in that system followed the only online information I could find which seemed relevant, and that was regarding cvsup. I backed up the ports directory and setup a supfile according the handbook and a couple of examples, and went ahead and ran it. From there I started checking how things would go if I ran portupgrade on a couple of apps. I chose the infamous kdelibs as my sample. When I ran portupgrade -P, just to check things out and see what I would get, it failed to find a package and started grabbing the source. No, couldn't do that, so I killed it. I then tried again with portsnap and got the same result. When I looked at the complaint I found that it was looking for what appeared to be a nonexistent file. I am not sure now, but it was something like kdelibs-3.5.4 and the server it was searching on, something which ended in ...packages-6.1-release I think, had only kdelibs-3.5.1. As a matter of fact, I went through all the directories I could find online (including 6 and 7 stable, release and current) and was unable to find the package my system was looking for in any of them. This failure, and the confusion which ensued, are what cause me to wonder just how to keep things like the aforementioned firefox up to date. I am now in a situation where I am unsure of what to do as regards updates, and can really find nothing which clarifies things much online. Everything I find says to run cvsup and use a supfile entirely like that which I used before, and that did not work out. How do I use new, more secure ports and yet still be able to use binary packages? Is updating ports with cvsup the only way? And if so, what did I do wrong before? The inability to use binary packages for giant, though in my case needed, bloatware like kde made me leave Gentoo behind and I want to know whether that is the only future for FreeBSD too. I am assuming that since there are binary packages online for these files they must be usable, I just don't know how to get to them from tools like portupgrade. Or if that is how you even try to upgrade a system from packages. I just can't find any really relevant guides for this type of thing, so I am supposing that everyone just compiles everything. Any help in this is very much appreciated, and sorry if I am overlooking super obvious information somewhere about this. I probably am, but I just can't find it. Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions- [EMAIL PROTECTED]
Re: dictionaries/spellchecking
Looks like the port is marked as IGNORE. portupgrade -NP editors/ooodict-all [Updating the pkgdb format:bdb_btree in /var/db/pkg ... - 298 packages found (-0 +1) . done] ** Port marked as IGNORE: editors/ooodict-all: is marked as broken: Size mismatch --- Erik Norgaard [EMAIL PROTECTED] wrote: Michael S wrote: Good day all. I am trying to install additional dictionaries for spellcking in OpenOffice. Trying to do so using File - Wizards - Install new dictionaries yielded no results. Which is the correct way to do it? Check ports/editors/ooodict-all Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: custom kernel, make buildkernel and then?
Date: Wed, 11 Oct 2006 11:50:57 +0200 (CEST) From: Zbigniew Szalbot [EMAIL PROTECTED] Subject: Re: custom kernel, make buildkernel and then? To: Erik Norgaard [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Message-ID: [EMAIL PROTECTED] Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Hello, On Wed, 11 Oct 2006, Erik Norgaard wrote: The target directory for the build is /usr/obj, so in /usr/obj/usr/src/sys you can see what kernels have been built. And it seems none have? For I get this when I do ls I can see only boot directory and no kernels. Is it possible that the buildprocess failed though it did not explicitly tell me about it? From what I recall one of the last lines pritned by buildkernel was chmod 444 freebsd.submit.cf This is the message I usually see at the end of building world (ie. following the command make buildworld). Are you sure you typed make buildkernel? Otherwise, that would explain why you don't see the kernel you built. [snip] -- Zbigniew Szalbot Apologies if this email is poorly formatted, I'm on MS Outlook in work (rather than Mutt at home). Peter Harrison ** This document is strictly confidential and is intended only for use by the addressee. If you are not the intended recipient, any disclosure, copying, distribution or other action taken in reliance of the information contained in this e-mail is strictly prohibited. Any views expressed by the sender of this message are not necessarily those of the Department for Work and Pensions. If you have received this transmission in error, please use the reply function to tell us and then permanently delete what you have received. Please note: Incoming and outgoing e-mail messages are routinely monitored for compliance with our policy on the use of electronic communications. ** The original of this email was scanned for viruses by Government Secure Intranet (GSi) virus scanning service supplied exclusively by Cable Wireless in partnership with MessageLabs. On leaving the GSI this email was certified virus free. The MessageLabs Anti Virus Service is the first managed service to achieve the CSIA Claims Tested Mark (CCTM Certificate Number 2006/04/0007), the UK Government quality mark initiative for information security products and services. For more information about this please visit www.cctmark.gov.uk ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: dictionaries/spellchecking
Michael S wrote: Looks like the port is marked as IGNORE. portupgrade -NP editors/ooodict-all [Updating the pkgdb format:bdb_btree in /var/db/pkg ... - 298 packages found (-0 +1) . done] ** Port marked as IGNORE: editors/ooodict-all: is marked as broken: Size mismatch If it's just a size mismach - can't you just create a new distinfo file? if it is incorrectly broken, I think it should be enough to remove these lines from the Makefile: BROKEN= Size mismatch DEPRECATED= ${BROKEN} EXPIRATION_DATE=2006-12-01 Then # mv distinfo distinfo- and then generate the new distinfo: # make checksum Then you should be able to install normally - submit a patch if it works. Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Getting started with FreeBSD
On Wed, Oct 11, 2006 at 08:45:56AM -0500, cothrige wrote: * Tore Lund ([EMAIL PROTECTED]) wrote: I wondered about the same thing some time ago. I was told by one of the gurus to try packages-6-stable, which would most likely work with 6.1-RELEASE. So I tried to fetch the latest Firefox in this way: pkg_add [no line break] ftp://ftp.mirror.freebsd.org/pub/FreeBSD/ports/i386/packages-6-stable/www/firefox-1.5.0.7,1.tbz Doesn't this seem a tad clunky and unfinished? I am still having a bit of trouble figuring out what I am overlooking. Why would a fully binary installed OS offer no binary support for updates at all? Why have a nice secure RELEASE edition when once installed it will naturally develop security holes that are very hard to find and fix? Things are just so foggy at this point and I must assume that I am just not seeing the answer to this. Seems to work fine. However, I tried to do the same thing with Thunderbird (mail/thunderbird-1.5.0.7.tbz), and then I got many warnings about libraries not being up to date. Could I have done it differently to get dependencies updated as well? You might do a complete upgrade each time. backup any stuff you don't want to lose, including maybe the current ports tree For cvsup; (all the general stuff) *default tag=RELENG_6_1 (RELENG_whatever-version-you are-using) src-all ports-all tag=. doc-all tag=. Then do the cd /usr/src make buildworld make buildkernel KERNCONF=GENERIC (or whatever kernel config you use) make installkernel KERNCONF=GENERIC ( '' ) reboot to single user and clean up and mount filesystems cd /usr/src make installworld mergemaster -cv Then go and install your ports upgrades They should all be pretty much at the same place at this point. Just a few extra words in section 4.4.1 the handbook could probably have cleared this up. One of the things I don't get is the stable vs. release concept. There is basically nothing said to address this. I can imagine that the packages in packages-6.1-release are fixed and static, though it surprises me that no security fixes are placed there, but what about packages-6-stable? These seem quite new, comparitively, and so I would assume that they are not static as release are. And if they are in fact tracked and improved, how can they be accessed via the tools? Your experience seems to show that using them in a release system is not ideal, and so must be unintended. It really is about as clear as mud to me. And as fine as the handbook is I cannot really use the info given there without a better understanding of the basic system concepts such as this first. basically a 'release' is a fixed version, essentially created by making a snapshot of the system at a particular point, freezing it and then running it through all the verification procedures and trying to get all ports maintainers to bring their stuff up to build and work at that level.Once that has happened and everything seems peachy-keen, then it becomes a release. But, stable is more of a snapshot on the fly - being the most complete combination of everything that can be made and that seems reliable. But, it is not fixed (frozen) and may be modified as things are seen as ready. Ports may not be at that level. Packages are prebuilt units of system and ports made of a particular version. They are for convenience, and not necessarily the latest word in version. The general assumption is that if you want/need the latest, you build from source and do not rely on packages. Ports do not get frozen at a release level. Their development is by third parties not necessarily part of or answerable to the FreeBSD core group. They continue their work independently and hopefully build against the most recent versions of the OS. But, I tihnk most are tested at the point of freezing the OS and if they work are left in and if not, are marked broken. I am a little foggy on the exact process here. So, this is probably oversimplified, but maybe it can help complete the picture. jerry Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: libcrypto(3) and statically linked ports....
On 10/11/2006 09:46, Lee Capps wrote: Hi, On Oct 11, 2006, at 10:27 AM, Eric Schuele wrote: Hello, Given the recent openssl advisory, and the note within: NOTE: Any third-party applications, including those installed from the FreeBSD ports collection, which are statically linked to libcrypto(3) should be recompiled in order to use the corrected code. How does one go about determining which of the installed ports on his machine are statically linked to libcrypto? This seemed to work for me: http://lists.freebsd.org/pipermail/freebsd-ports/2006-September/035278.html Great. Thanks. I'll give it a try. --- Lee Capps Technology Specialist [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: custom kernel, make buildkernel and then?
Hello, On Wed, 11 Oct 2006, Harrison Peter CSA BIRKENHEAD wrote: This is the message I usually see at the end of building world (ie. following the command make buildworld). Are you sure you typed make buildkernel? Otherwise, that would explain why you don't see the kernel you built. I am not sure at all. I simply do not know. I would think I did not. I was after building the kernel but ... I just don't know. :( -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ntpd with flags in rc.conf
Hello, I read this in the handbook: To ensure the NTP server is started at boot time, add the line ntpd_enable=YES to /etc/rc.conf. If you wish to pass additional flags to ntpd(8), edit the ntpd_flags parameter in /etc/rc.conf. Now, I understand that the additional flag may be for example pid (-p /var/run/ntpd.pid). So how do I put that flag in /etc/rc.conf where I have ntpd_enable=Yes? Many thanks for your advice! -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ntpd with flags in rc.conf
On Wed, Oct 11, 2006 at 07:28:15PM +0200, Zbigniew Szalbot wrote: Hello, I read this in the handbook: To ensure the NTP server is started at boot time, add the line ntpd_enable=YES to /etc/rc.conf. If you wish to pass additional flags to ntpd(8), edit the ntpd_flags parameter in /etc/rc.conf. Now, I understand that the additional flag may be for example pid (-p /var/run/ntpd.pid). So how do I put that flag in /etc/rc.conf where I have ntpd_enable=Yes? Many thanks for your advice! -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] From man rc.conf: ntpd_flags (str) If ntpd_enable is set to ``YES'', these are the flags to pass to the ntpd(8) daemon. Mine is: ntpd_flags= -c /etc/ntp.conf -p /var/run/ntpd.pid -- = Sang-Kil (Sam) Suh ( ext. 262 ) [EMAIL PROTECTED] Agnicorp Inc. 487 Adelaide Street West, Suite 200M5V 1T4 Telephone: 416.203.7838 Facsimile: 416.203.8837 = ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ntpd with flags in rc.conf
Hello Zbigniew, Wednesday, October 11, 2006, 5:28:15 PM, you wrote: Hello, I read this in the handbook: To ensure the NTP server is started at boot time, add the line ntpd_enable=YES to /etc/rc.conf. If you wish to pass additional flags to ntpd(8), edit the ntpd_flags parameter in /etc/rc.conf. Now, I understand that the additional flag may be for example pid (-p /var/run/ntpd.pid). So how do I put that flag in /etc/rc.conf where I have ntpd_enable=Yes? ntpd_flags=-p /var/run/ntpd.pid Many thanks for your advice! -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Best regards, Duanemailto:[EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Getting started with FreeBSD
On 2006-10-11 01:20, cothrige [EMAIL PROTECTED] wrote: * Garrett Cooper ([EMAIL PROTECTED]) wrote: I find it interesting that a former Slackware user would be complaining about compiling stuff, but you probably used slapt-get to update your packages. Well, I am probably coming off whiny. However, I am pretty typical of the Slackware crowd in that much of what I am running I compiled from source. The same thing can be accomplished with FreeBSD. You still have the option to compile things your way, install them in /opt instead of /usr/local, trim things down to the bare minimum that fits your preferences, etc. Slackware, with its free for all, build it however you want it to look like attitude, is the one Linux distribution that approaches the BSD spirit more than any other distribution, if you ask me. But the base system is still binaries and that does speed things up. That's ok. The `base system' of FreeBSD is also a bunch of binaries. You can get it going by installing the `bin' collection of packages from the official release CD-ROMs. Pat doesn't patch everything endlessly and so it works well and as intended, so there is really no trade off. I am all for compiling, but why do it when nothing is any different? Firefox works great from binaries, and so I have never bothered to try compiling it. Same for openoffice and java. Even in Gentoo I installed the binaries of those. You can always install portsnap and portupgrade. The first of these tools will fetch you an up to date /usr/ports tree in blazingly fast speed. The second tool can upgrade your installed `ports and packages', either by fetching pre-built packages from the network or by compiling locally. Once a port is compiled and installed from source, it is NOT DIFFERENT from a binary package, which you fetched from the network a week ago. At least, it is not different as far as the package management tools of FreeBSD (the pkg_xxx tools) are concerned. A common trick I use is to build ports on a fast machine, or fetch them from the network, and then run a small local script to save them all as binary packages in `/usr/pkg/i386/freebsd-7.0'. Then, I periodically burn this directory to a CD-ROM or DVD disk, and I can quickly reinstall it all with: # mount /cdrom # cd /cdrom # cd pkg/i386/freebsd-7.0 # pkg_add * What I guess is troubling me here though is just figuring stuff out. Don't worry. It takes a bit of time. Keep testing stuff and learning how it all fits together, and you may have lots of fun :) However, after reading you post, I am thinking that the packages are only available for the snapshots labelled RELEASE. Am I right? Bingo... More up-to-date versions of the Ports are compiled in the FreeBSD.org systems by our package people, but they are not always in sync with /usr/ports and it takes a lot of time to build them all. All updates and changes made in between one release and the next are via sources. Would that be accurate? This is, indeed, *one* of the options. If so, I can say that is also fairly simple, simply non-intuitive. In some ways like having a separate ports system from the base. It is not `in some ways'. It is *EXACTLY* this way. Note how the ports/ tree is separate from the src/ source tree at: http://cvsweb.FreeBSD.org/ There is a fundamental difference between something in the `base system' (i.e. something which lives under the `src/' tree) and something that installs thirdparty software, as part of the Ports collection. Simple, even sensible, but in some ways non-intuitive. It certainly takes some time getting used to. That's fine. Let me know how ridiculously off-base I am in my current understanding. That is really what I am trying to do, find out what I should do to maintain things as move along the learning curve. Thanks for the help. Try things out. Test more things. Break a few. I know I've trashed many installations of FreeBSD before I managed to build this one. But it was *SO* much fun doing that ... I'd do it again. Welcome to FreeBSD, BTW :) -- Giorgos pgpwj8kFcABKq.pgp Description: PGP signature
Re: ntpd with flags in rc.conf
Zbigniew Szalbot wrote: I read this in the handbook: To ensure the NTP server is started at boot time, add the line ntpd_enable=YES to /etc/rc.conf. If you wish to pass additional flags to ntpd(8), edit the ntpd_flags parameter in /etc/rc.conf. Now, I understand that the additional flag may be for example pid (-p /var/run/ntpd.pid). So how do I put that flag in /etc/rc.conf where I have ntpd_enable=Yes? Firstly, you should check what default flags there are already. For 90% of apps the defaults will be right for you. Look in /etc/defaults/rc.conf for ntpd_flags and you find: ntpd_flags=-p /var/run/ntpd.pid -f /var/db/ntpd.drift In many instances, the right thing is to *add* to rather than replace the default flags. Let's say you wanted to add a -g to the default flags for ntpd_flags: ntpd_flags=${ntpd_flags} -g That way, if the default flags need to change for some reason, you still keep up with the defaults and just add your own local customisation. If you cut-and-paste the default value out of /etc/defaults/rc.conf then you may not notice when that value changes. --Alex PS rc.conf is just a shell script, so all variable assignments follow the rules you can find in man sh. Don't put anything too clever in there, though, as this file is read many, many times when the system starts up (once per /etc/rc.d/* file at least) so anything like an echo, for example, will be executed many times. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Getting started with FreeBSD
On 2006-10-11 08:45, cothrige [EMAIL PROTECTED] wrote: * Tore Lund ([EMAIL PROTECTED]) wrote: I wondered about the same thing some time ago. I was told by one of the gurus to try packages-6-stable, which would most likely work with 6.1-RELEASE. So I tried to fetch the latest Firefox in this way: pkg_add [no line break] ftp://ftp.mirror.freebsd.org/pub/FreeBSD/ports/i386/packages-6-stable/www/firefox-1.5.0.7,1.tbz Doesn't this seem a tad clunky and unfinished? I am still having a bit of trouble figuring out what I am overlooking. Why would a fully binary installed OS offer no binary support for updates at all? Oh but we do. Just have a look at freebsd-update, portsnap and portupgrade: http://www.daemonology.net/freebsd-update/ http://www.daemonology.net/portsnap/ http://www.freebsd.org/cgi/cvsweb.cgi/ports/sysutils/portupgrade/ Why have a nice secure RELEASE edition when once installed it will naturally develop security holes that are very hard to find and fix? Because in FreeBSD we don't install a system that fires up the kitchen sink, the hairdresser and a few local classical orchestras, when it starts. You know the feeling... I mean, after all, you are a _Slackware_ user, right? :) Security updates can be fetched pretty fast with `freebsd-update' and they don't always affect you. So, if there's no need to upgrade to the latest and greatest release of all the other things, why do it for your base system? One of the things I don't get is the stable vs. release concept. There is basically nothing said to address this. Heh! You areally _are_ a new FreeBSD user, after all. This is, typically, the first question one asks after the first Oh! Ah! Wow! You mean it does... Awesome! parts: ``What is STABLE, CURRENT and what do I do with them?'' The answer is in the Handbook ( here: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/current-stable.html ) I can imagine that the packages in packages-6.1-release are fixed and static, though it surprises me that no security fixes are placed there, but what about packages-6-stable? These seem quite new, comparitively, and so I would assume that they are not static as release are. And if they are in fact tracked and improved, how can they be accessed via the tools? Try reading the manpages of the pkg_xxx tools: % man pkg_add % pkg_check % pkg_create % pkg_delete % pkg_info % pkg_sign % pkg_version In FreeBSD, the manpages are _really_ informative and we try to keep them up to date. Learn to search through them, with apropos(1), to read them carefully and you'll find a huge wealth of information. No Linux distrubition has *EVER* convinced me that they value their manpage documentation as much as the FreeBSD people do. - Giorgos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: optimal kernel options for VMWARE guest system
Jeff Dickens wrote: John Nielsen wrote: On Tuesday 03 October 2006 12:58, Jeff Dickens wrote: I have some Freebsd systems that are running as VMware guests. I'd like to configure their kernels so as to minimize the overhead on the VMware host system. After reading and partially digesting the white paper on timekeeping in VMware virtual machines (http://www.vmware.com/pdf/vmware_timekeeping.pdf) it appears that I might want to make some changes. Has anyone addressed this issue? I haven't read the white paper (yet; thanks for the link), but I've had good results with recent -STABLE VM's running under ESX server 3. Some thoughts: As I do on most of my installs, I trimmed down GENERIC to include just the drivers I use. In this case that was mpt for the disk and le for the network (although I suspect forcing the VM to present e1000 hardware and then using the em driver would work as well if not better). The VMware tools package that comes with ESX server does a poor job of getting itself to run, but it can be made to work without too much difficulty. Don't use the port, run the included install script to install the files, ignore the custom network driver and compile the memory management module from source (included). If using X.org, use the built-in vmware display driver, and copy the vmmouse driver .o file from the VMware tools dist to the appropriate dir under /usr/X11. Even though the included file is for X.org 6.8, it works fine with 6.9/7.0 (X.org 7.1 should include the vmmouse driver.) Run the VMware tools config script from a non-X terminal (and you can ignore the warning about running it remotely if you're using SSH), so it won't mess with your X display (it doesn't do anything not accomplished above). Then run the rc.d script to start the VMware tools. I haven't noticed any timekeeping issues so far. JN ___ What is the advantage of using the e1000 hardware, and is this documented somewhere? I got the vxn network driver working without issues; I just had to edit the .vxn file manually: I'm using the free VMware server V1 rather than the ESX server. ethernet0.virtualDev=vmxnet I've got timekeeping running stably on these. I turn on time sync via vmware tools in the .vmx file: tools.syncTime = TRUE and in the guest file's rc.conf start ntpd with flags -Aqgx so it just syncs once at boot and exits. I'm not using X on these. They're supposed to be clean lean systems to run such things as djbdns and qmail. And they do work well. My main goal is to reduce the background load on the VMware host system so that it isn't spending more time than it has to simulating interrupt controllers for the guests. I'm wondering about the disable ACPI boot option. I suppose I first should figure out how to even roughly measure the effect of any changes I might make. Well, I've done some pseudo-scientific measurement on this. I currently have five freebsd virtual systems running, and one Centos 4 (linux 2.6), This command give some info on the background cpu usage: (The host is a Centos 3 system, linux 2.4) [EMAIL PROTECTED] root]# ps auxww | head -1 USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND [EMAIL PROTECTED] root]# ps auxww | grep vmx root 18031 12.7 1.5 175440 39916 ? S Oct09 345:50 /usr/lib/vmware/bin/vmware-vmx -C /var/lib/vmware/Virtual Machines/Goose/freebsd-6.1-i386.vmx -@ root 18058 12.9 1.4 174772 36916 ? S Oct09 351:01 /usr/lib/vmware/bin/vmware-vmx -C /var/lib/vmware/Virtual Machines/Duck/freebsd-6.1-i386.vmx -@ root 18072 16.2 5.5 246372 141776 ? S Oct09 440:16 /usr/lib/vmware/bin/vmware-vmx -C /var/lib/vmware/Virtual Machines/BlueJay/freebsd-6.1-i386.vmx -@ root 18086 12.9 1.4 174688 38464 ? S Oct09 351:47 /usr/lib/vmware/bin/vmware-vmx -C /var/lib/vmware/Virtual Machines/Heron/freebsd-6.1-i386.vmx -@ root 18100 9.4 4.1 385712 107348 ? S Oct09 256:25 /usr/lib/vmware/bin/vmware-vmx -C /var/lib/vmware/Virtual Machines/Newt/freebsd-6.1-i386.vmx -@ root 18139 12.2 2.5 299388 65132 ? S Oct09 330:35 /usr/lib/vmware/bin/vmware-vmx -C /var/lib/vmware/Virtual Machines/Centos4/Centos4.vmx -@ root 28930 0.0 0.0 3680 672 pts/3S14:08 0:00 grep vmx [EMAIL PROTECTED] root]# As one can see the one called Newt is consistently lower in the %CPU column. Curiously enough, this *is* the one I built a custom kernel for. The config file I used is posted below: Besides commenting out devices I wasn't using NFS, etc, I commented out the apic and pctimer devices. Do you think I'm on the right track for reducing interrupt frequency? Also, if I were to want to move this kernel to other FreeBSD systems, how much has to move, the whole /boot/kernel directory? Finally I did have to re-run the vmware-config-tools.pl script after rebuilding the kernel. newt# cat
Re: kernel: calcru: negative runtime of -604787 usec for pid 16 (yarrow) messages..
Rob G. asked about calcru: negative runtime on Sun, 24 Sep 2006 13:14:27 and was not answered. Well, I too have PDSMi+ motherboards and am getting the same error. What is this error? Is anyone else using the SuperMicro PDSMi+ motherboards with success? I am running '6.1-RELEASE FreeBSD' and installed the i386 SMP kernel. From: sys/kern/kern_resource.c if ((int64_t)tu 0) { printf(calcru: negative runtime of %jd usec for pid %d (%s)\n, (intmax_t)tu, p-p_pid, p-p_comm); tu = ptu; } Thanks for any info, Rudy ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: idle auto logoff
Noah wrote: cannot figure out what is auto logging me off when I am idled on the machine. How are you talking to the machine? Is it on the same LAN segment as the host you're connecting from? (guessing you're using telnet or ssh) If you're going through some kind of router, esp a NAT one, your connections me be dropped when idle, unless you're sending some kind of keep-alive packets. -WC ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: kernel: calcru: negative runtime of -604787 usec for pid 16 (yarrow) messages..
In response to Rudy [EMAIL PROTECTED]: Rob G. asked about calcru: negative runtime on Sun, 24 Sep 2006 13:14:27 and was not answered. Well, I too have PDSMi+ motherboards and am getting the same error. What is this error? This is usually related to the following FAQ entry: http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/troubleshoot.html#LAPTOP-CLOCK-SKEW In spite of the fact that it mentions laptops, I've found this solution to work in almost all cases. -- Bill Moran Collaborative Fusion Inc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
keyboard detected but it's unplugged.
Hi all... Well.. what is happening? We have a server, IBM XSeries 346, with 6.1 Release wit a new kenerl compiled. Modified the BIOS to keyboardless [ENABLED] created boot.config with -P. Reboot the server and besides the keyboard is unplugged, we always get the message: boot.config: -P Keyboard: yes And it's impossible to get output to the serial port, but if we use -h in boot.config still get the Keyboard: yes but the output goes to the serial port. We have checked all the options in the BIOS and nothing works. Any hints? Thank you in advance. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Is OpenNTPD better than the included NTPD?
I don't plan on allowing anyone to connect to my machine or use it as a NTPD server. I see that OpenNTPD (OpenBSD's version) by default doesn't listen on any IP/port and seems a little more secure. Is this a good one to use over the included one in FreeBSD, or is there something better? Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Is OpenNTPD better than the included NTPD?
On Wed, Oct 11, 2006 at 03:31:47PM -0400, Rob wrote: I don't plan on allowing anyone to connect to my machine or use it as a NTPD server. I see that OpenNTPD (OpenBSD's version) by default doesn't listen on any IP/port and seems a little more secure. Is this a good one to use over the included one in FreeBSD, or is there something better? How are you going to run an NTP server that doesn't listen on any IP/port? Kris pgp3Ud7Fdecxn.pgp Description: PGP signature
Using external USB2.0 HDD for backup
Hello! Does anyone have good experience using external USB 2.0 HDD for backup with FreeBSD 6? My current server is FreeBSD 4.11 and I've been using Amanda with external HDDs that connect over FireWire for past ~3 years. This setup has been rock solid. Back when I was building it, I chose FireWire, because FreeBSD 4 only supports USB 1.1 hence the performance was not suitable for backing up large amounts of data (dozens of GB every night). Now that I'm planning to build a new server with FreeBSD 6 I was hoping that maybe I can use USB2.0 instead of FireWire. However, the first quick test on my home box was not very encouraging. My PC basically hung while tarring up /usr partition to the external USB HDD and I had to kill the power. Afterwards, the UFS2 partition on external HDD needed manual fsck. 'man ehci' says that the driver is not finished and is quite buggy. Maybe this is true and I should stick with FireWire. Or maybe it's just because I'm using el-cheapo USB hardware for testing? -- Toomas ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
NIS ypserv problem with client ypbind
Hi, We are running a NIS server on FreeBSD 4.7. Clients running Gentoo can not bind to the server. The ypbind on Gentoo client is ypbind-1.19.1-r1. Tests with NIS servrs running on Gentoo and Redhat machines do not show any problem with the same Gentoo clients. I tried to find version of ypserv installed on the machine. However, I could not. Neither pkg_info nor /usr/sbin/ypserv provides any version information. Any other way to find out which version of ypserv is installed? Simon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Is OpenNTPD better than the included NTPD?
On Oct 11, 2006, at 12:31 PM, Rob wrote: I don't plan on allowing anyone to connect to my machine or use it as a NTPD server. I see that OpenNTPD (OpenBSD's version) by default doesn't listen on any IP/port and seems a little more secure. OpenNTPD doesn't work-- ie, synchronize your clock-- unless you let it talk to higher-stratum timeservers, or unless you provide a local stratum-1 reference clock via GPS or the like, and provide the timedelta sensor that it needs to actually figure out what to do, versus the much more complete refclock support in the official NTPd distribution. Is this a good one to use over the included one in FreeBSD, or is there something better? No-- the stock ntpd which ships with FreeBSD works just fine. The experience of people using or offering NTP services for the NTP pool is that OpenNTPD experiences much wider variations from real time (offsets in the hundreds of milliseconds rather than a few to perhaps tens of milliseconds with ntpd). From http:// www.pool.ntp.org/join/configuration.html: Use the standard ntpd We are all for software diversity, but a significant percentage of the it's not working questions that come in are for software other than ntpd. You can use the pool with any program speaking NTP, but if you are going to join the pool we recommend you use ntpd. -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Using external USB2.0 HDD for backup
Toomas Aas wrote: Does anyone have good experience using external USB 2.0 HDD for backup with FreeBSD 6? Yes. I have a 250GB Seagate drive inside a Vantec NexStar3 USB enclosure and it works quite well -- the performance is slightly worse than the raw drive specs, but at 25 MB/s transfer rate it's certainly good enough for backups. More details: http://www.daemonology.net/blog/2006-01-28-vantex-nexstar3.html Colin Percival ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Is OpenNTPD better than the included NTPD?
Kris Kennaway wrote: On Wed, Oct 11, 2006 at 03:31:47PM -0400, Rob wrote: I don't plan on allowing anyone to connect to my machine or use it as a NTPD server. I see that OpenNTPD (OpenBSD's version) by default doesn't listen on any IP/port and seems a little more secure. Is this a good one to use over the included one in FreeBSD, or is there something better? How are you going to run an NTP server that doesn't listen on any IP/port? Kris He might want to use it only for syncing, but ntpd also has such sort of function irrc. Anyway, OpenNTPD can do privilege separation, that ntpd can't, I don't know about another difference in the functionality. Personally, I use OpenNTPD from ports and I'm satisfied with it. -- Cheers, Gabor ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Is OpenNTPD better than the included NTPD?
On Wed, Oct 11, 2006 at 10:14:56PM +0200, G?bor K?vesd?n wrote: Kris Kennaway wrote: On Wed, Oct 11, 2006 at 03:31:47PM -0400, Rob wrote: I don't plan on allowing anyone to connect to my machine or use it as a NTPD server. I see that OpenNTPD (OpenBSD's version) by default doesn't listen on any IP/port and seems a little more secure. Is this a good one to use over the included one in FreeBSD, or is there something better? How are you going to run an NTP server that doesn't listen on any IP/port? Kris He might want to use it only for syncing, but ntpd also has such sort of function irrc. Anyway, OpenNTPD can do privilege separation, that ntpd can't, I don't know about another difference in the functionality. Personally, I use OpenNTPD from ports and I'm satisfied with it. I misread and thought he was asking for a server. Kris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Is 6.2(beta) running ok? 6.2 realease date ok?
Hello Family, Just wanting to check on how the latest beta of 6.2 is running and if anyone knows of any major delays in the release of 6.2. -- Bill Schoolcraft * Unix System Engineer ~ When a fly lands on the ceiling, does it do a half roll or a half loop? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Is 6.2(beta) running ok? 6.2 realease date ok?
In response to Bill-Schoolcraft [EMAIL PROTECTED]: Hello Family, Just wanting to check on how the latest beta of 6.2 is running and if anyone knows of any major delays in the release of 6.2. There are some pretty serious problems with the Broadcom network drivers that are being diligently addressed. I don't know whether or not these have been identified as show-stoppers. -- Bill Moran Collaborative Fusion Inc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Is 6.2(beta) running ok? 6.2 realease date ok?
On 11 Oct 2006, at 21:28, Bill-Schoolcraft wrote: Hello Family, Just wanting to check on how the latest beta of 6.2 is running and if anyone knows of any major delays in the release of 6.2. -- Bill Schoolcraft * Unix System Engineer not sure about delays and such but the release schedule is here: http://www.freebsd.org/releases/6.2R/schedule.html Eoghan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Logitech optical mouse w/ scroll wheel
Hello, I thought I'd document my experiences with my Logitech optical USB mouse under FreeBSD 6.1 release 1 so that maybe it will help the next person hunting with Google. :-) First off, the moused configuration in sysinstall gave me a headache. Whenever I tried to test a configuration, the cursor would flicker onscreen then disappear before I could move the mouse. In frustration, I selected the option that I thought should work, selected Yes, the mouse moves, then shut the computer off. When I booted FreeBSD the next day, the mouse worked, and I was off on my way to configuring Xorg. Next issue: Once I had X up, the mousewheel didn't work. KDE recognized all three buttons (the mousewheel being the middle button), but didn't recognize wheel scroll events. I dredged deep through Google's search results, and found this: http://www.daemonnews.org/mailinglists/FreeBSD/freebsd-x11/msg00017.html I followed the directions, rebooted (I always screw up when I try to manually kill daemons--feisty little buggers) and joy came to me that I would not have to go back to Ubuntu for my mouse to work right. (Incidentally, the mouse wheel has worked fine under every Linux distro I've tried except Slackware. Even Gentoo magically detected it. Go figure.) William ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Logitech optical mouse w/ scroll wheel
I thought I'd document my experiences with my Logitech optical USB mouse under FreeBSD 6.1 release 1 so that maybe it will help the next person hunting with Google. :-) Actually, I guess that's FreeBSD 6.1 release 0. :-P ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Problems with ipfw and ssh
Hi, I am trying to configure a firewall using ipfw for a machine running FreeBSD 5.4. Without NAT. I am nearly a newbie on this (since i never had time until now..) but still i believe i understand exactly the concepts and what needs to be done. Except the manual page and chapter 26.1 in the handbook I am using good references such as: http://www.freebsd-howto.com/HOWTO/Ipfw-HOWTO I need to connect remotely to the machine using ssh and this is where i get the problem: Initially i can connect properly using a normal user account. When later i am trying to su to root it does nothing and the connection closes. I have ipfw enabled in the kernel to deny everything by default. I have used both (one at a time) the following rules concerning ssh, in /etc/ipfw.rules and also other combinations, such as taking off setup and keep-state etc etc which would then make my firewall stateless as far as i understood, which is something i don't want anyway. ${addcmd} 300 allow log logamount 5 tcp from any to me 22 setup keep-state - ${addcmd} 300 allow log logamount 5 tcp from any to any ssh keep-state In a first investigation (not thorough) i found this post: http://www.freebsdforums.org/forums/showthread.php?t=21876 where from, i cannot realize what is wrong or how to fix this. I run the sshd in debug mode and below is the portion, for when i am trying to su to root /* sshd -d */ Write failed: Permission denied debug1: do_cleanup debug1: PAM: cleanup debug1: do_cleanup debug1: PAM: cleanup debug1: session_pty_cleanup: session 0 release /dev/ttyp7 And here are related logs: /* line from /var/log/messages */ Oct 11 20:25:54 username sshd[26251]: fatal: Write failed: Permission denied /* /var/log/auth.log */ Sep 26 11:17:34 username sshd[50073]: Connection from xxx.xxx.xxx.xx port 1545 Sep 26 11:17:46 username sshd[50073]: Accepted keyboard-interactive/pam for user from xxx.xxx.xxx.xx port 1545 ssh2 Sep 26 10:17:49 username su: user to root on /dev/ttyp4 Sep 26 11:17:51 username sshd[50068]: Read error from remote host xxx.xxx.xxx.xx: Connection reset by peer Sep 26 13:29:40 username sshd[50076]: Read error from remote host xxx.xxx.xxx.xx: Operation timed out Is it trying to write to a socket? I cannot see what is trying to do and the permission is denied (of course maybe it is in front of me..but..) Could anyone please advice? Thanks in advance Spiros ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problems with ipfw and ssh
I removed freebsd-ipfw from the recipient list. Please keep `general' questions in freebsd-questions. The freebsd-ipfw list is, as far as I know, used for *development* of IPFW; not questions. On 2006-10-11 22:53, Spiros Papadopoulos [EMAIL PROTECTED] wrote: Hi, I am trying to configure a firewall using ipfw for a machine running FreeBSD 5.4. Without NAT. I am nearly a newbie on this (since i never had time until now..) but still i believe i understand exactly the concepts and what needs to be done. Except the manual page and chapter 26.1 in the handbook I am using good references such as: http://www.freebsd-howto.com/HOWTO/Ipfw-HOWTO I need to connect remotely to the machine using ssh and this is where i get the problem: Initially i can connect properly using a normal user account. When later i am trying to su to root it does nothing and the connection closes. Can you show us the full IPFW ruleset you are using? I have ipfw enabled in the kernel to deny everything by default. I have used both (one at a time) the following rules concerning ssh, in /etc/ipfw.rules and also other combinations, such as taking off setup and keep-state etc etc which would then make my firewall stateless as far as i understood, which is something i don't want anyway. ${addcmd} 300 allow log logamount 5 tcp from any to me 22 setup keep-state - ${addcmd} 300 allow log logamount 5 tcp from any to any ssh keep-state The second seems wrong, unless you also have 'setup' rules elsewhere. In a first investigation (not thorough) i found this post: http://www.freebsdforums.org/forums/showthread.php?t=21876 where from, i cannot realize what is wrong or how to fix this. The initial ruleset of this forum thread has a few bugs, which I'm not interested in pointing out one by one right now. Just ignore most of it. I run the sshd in debug mode and below is the portion, for when i am trying to su to root /* sshd -d */ Write failed: Permission denied debug1: do_cleanup debug1: PAM: cleanup debug1: do_cleanup debug1: PAM: cleanup debug1: session_pty_cleanup: session 0 release /dev/ttyp7 Now we're getting somewhere. Please post your *FULL* ipfw ruleset so we can try to find out why/when/where packets can be blocked. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Value too large to be stored in data type
FreeBSD rincewind 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #0: Tue Oct 10 13:57:46 PDT 2006 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/ODIN32 i386 I used tar to create several tar files. Then I used growfs from the dvd+rw-tools port to burn them to a dvd. The exact command I used was growisofs -Z /dev/cd0 -r -J -speed=4 backups/. The disc mounts fine, but: rincewind# cd /cdrom ls ls: 2006-10-11.all.tar: Value too large to be stored in data type 2006-10-05-apache-config.tar 2006-10-05-ssl.tar 2006-10-11.rincewind.all.sql rincewind# du -hs 2006-10-11.all.tar du: 2006-10-11.all.tar: Value too large to be stored in data type etc... A google search shows someone asking about this error message on -questions before. The only follow ups I saw suggested it was some kind of gnu tar - bsd tar snafu. These tarballs were created on this very same freebsd and the errors show up with any command, not just tar. My best guess is that it has to do with using Juliet extensions when I burned it. Does anyone have some a definative answer? It is a remote machine so I cannot just pop another dvd in and try with a different set of options. Please CC me. I am not subscribed to -questions. -- luctor et emergo ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problems with ipfw and ssh
Giorgo thanks for the immediate reply, I started yesterday playing with it / testing it, but since i want to do most of the work remotely, i stuck on this rule and feel like keep looking until i find the solution. I paste the whole script here just in case something else is wrong... Here is my ipfw.rules file: /** Sorry for the delay. In the meanwhile, just before sent the mail something else happened. Taking in account what you told me about the state keyword, i added it to the rule 300. Then i could not connect at all. I tried to take it off again, but surprisingly it still doesn't allow any connections at all (not even the user this time), hmmm... I am sending it as it was initially, which from yesterday until my first e-mail it was working as described previously...Now also when i run the script with the allowall option gives me problems, when it was working before. I can ping the machine and get replies but i cannot ssh to it. It seems that i am doing something wrong but cannot identify where */ #!/bin/sh # rules commmand prefix addcmd=/sbin/ipfw -q add # and the interface if=xl0 # details of this computer ip=192.168.1.199 net=192.168.1.0 mask=255.255.255.0 bcast=192.168.1.255 nic=sk0 ks=keep-state # Flush out the list /sbin/ipfw -q -f flush if [ $1 = allowall ] then ${addcmd} 100 allow all from any to any via ${nic} exit 0 else # Only in rare cases do you want to change these rules ${addcmd} 50 allow all from any to any via lo0 ${addcmd} 100 deny all from any to 127.0.0.0/8 ${addcmd} 150 deny ip from 127.0.0.0/8 to any # At the moment don't allow it #${addcmd} 400 allow all from ${ip} to ${net}:${mask} #${addcmd} 500 allow all from ${net}:${mask} to ${ip} # Allow only specific stuff and maintain the firewall for as long # as needed to become tough enough # check state and keep it ${addcmd} 200 check-state ${addcmd} 210 allow tcp from me to any setup ${ks} ${addcmd} 211 allow udp from me to any ${ks} ${addcmd} 212 allow icmp from any to me icmptype 0, 3, 4, 11 ${addcmd} 212 allow icmp from me to any # Allow Traffic to my ISP DNS server ${addcmd} 250 allow udp from ${ip} to xx.xxx.x.xx 53 out via ${nic} ${addcmd} 251 allow udp from xx.xxx.x.xx to ${ip} 53 in via ${nic} # Allow ssh from anywhere #${addcmd} 300 allow log logamount 5 tcp from any to me 22 setup ${ks} #${addcmd} 301 allow tcp from any to me ssh in recv ${nic} ${ks} setup ${addcmd} 300 allow log logamount 5 tcp from any to any ssh {ks} # Everything else is denied ${addcmd} 65535 deny all from any to ${ip} exit 0 fi Thanks Spiros On 12/10/06, Giorgos Keramidas [EMAIL PROTECTED] wrote: I removed freebsd-ipfw from the recipient list. Please keep `general' questions in freebsd-questions. The freebsd-ipfw list is, as far as I know, used for *development* of IPFW; not questions. On 2006-10-11 22:53, Spiros Papadopoulos [EMAIL PROTECTED] wrote: Hi, I am trying to configure a firewall using ipfw for a machine running FreeBSD 5.4. Without NAT. I am nearly a newbie on this (since i never had time until now..) but still i believe i understand exactly the concepts and what needs to be done. Except the manual page and chapter 26.1 in the handbook I am using good references such as: http://www.freebsd-howto.com/HOWTO/Ipfw-HOWTO I need to connect remotely to the machine using ssh and this is where i get the problem: Initially i can connect properly using a normal user account. When later i am trying to su to root it does nothing and the connection closes. Can you show us the full IPFW ruleset you are using? I have ipfw enabled in the kernel to deny everything by default. I have used both (one at a time) the following rules concerning ssh, in /etc/ipfw.rules and also other combinations, such as taking off setup and keep-state etc etc which would then make my firewall stateless as far as i understood, which is something i don't want anyway. ${addcmd} 300 allow log logamount 5 tcp from any to me 22 setup keep-state - ${addcmd} 300 allow log logamount 5 tcp from any to any ssh keep-state The second seems wrong, unless you also have 'setup' rules elsewhere. In a first investigation (not thorough) i found this post: http://www.freebsdforums.org/forums/showthread.php?t=21876 where from, i cannot realize what is wrong or how to fix this. The initial ruleset of this forum thread has a few bugs, which I'm not interested in pointing out one by one right now. Just ignore most of it. I run the sshd in debug mode and below is the portion, for when i am trying to su to root /* sshd -d */ Write failed: Permission denied debug1: do_cleanup debug1: PAM: cleanup debug1: do_cleanup debug1: PAM: cleanup debug1: session_pty_cleanup: session 0 release /dev/ttyp7 Now we're getting somewhere. Please post your *FULL*
StartX casues system reboot
Yesterday I was happily using x-windows on my computer. The system started acting up and frroze up. The screen had a bunch of random colors displayed. T reset system and after reboot I attempted to start xwindows again and the computer rebooted itself. This has happened every time since last night. This is a dual boot system so I booted into windows do see if the video card might be damaged, but windows starts up ok. I even defined a new freebsd userid and started x without any window manager andit still crashes machine. Any ideas? Mark Jacobs ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
StartX casues system reboot
Yesterday I was happily using x-windows on my computer. The system started acting up and frroze up. The screen had a bunch of random colors displayed. T reset system and after reboot I attempted to start xwindows again and the computer rebooted itself. This has happened every time since last night. This is a dual boot system so I booted into windows do see if the video card might be damaged, but windows starts up ok. I even defined a new freebsd userid and started x without any window manager andit still crashes machine. Any ideas? Mark Jacobs ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problems with ipfw and ssh
On 2006-10-12 00:53, Spiros Papadopoulos [EMAIL PROTECTED] wrote: I started yesterday playing with it / testing it, but since i want to do most of the work remotely, i stuck on this rule and feel like keep looking until i find the solution. I paste the whole script here just in case something else is wrong... Here is my ipfw.rules file: /** Sorry for the delay. In the meanwhile, just before sent the mail something else happened. Taking in account what you told me about the state keyword, i added it to the rule 300. Then i could not connect at all. I tried to take it off again, but surprisingly it still doesn't allow any connections at all (not even the user this time), hmmm... I am sending it as it was initially, which from yesterday until my first e-mail it was working as described previously...Now also when i run the script with the allowall option gives me problems, when it was working before. I can ping the machine and get replies but i cannot ssh to it. It seems that i am doing something wrong but cannot identify where */ #!/bin/sh # rules commmand prefix addcmd=/sbin/ipfw -q add # and the interface if=xl0 # details of this computer ip=192.168.1.199 net=192.168.1.0 mask=255.255.255.0 bcast=192.168.1.255 nic=sk0 ks=keep-state # Flush out the list /sbin/ipfw -q -f flush if [ $1 = allowall ] then ${addcmd} 100 allow all from any to any via ${nic} exit 0 else # Only in rare cases do you want to change these rules ${addcmd} 50 allow all from any to any via lo0 ${addcmd} 100 deny all from any to 127.0.0.0/8 ${addcmd} 150 deny ip from 127.0.0.0/8 to any These look ok. # At the moment don't allow it #${addcmd} 400 allow all from ${ip} to ${net}:${mask} #${addcmd} 500 allow all from ${net}:${mask} to ${ip} Not sure why these are needed (but they are commented out). # Allow only specific stuff and maintain the firewall for as long # as needed to become tough enough # check state and keep it ${addcmd} 200 check-state ${addcmd} 210 allow tcp from me to any setup ${ks} ${addcmd} 211 allow udp from me to any ${ks} ${addcmd} 212 allow icmp from any to me icmptype 0, 3, 4, 11 ${addcmd} 212 allow icmp from me to any # Allow Traffic to my ISP DNS server ${addcmd} 250 allow udp from ${ip} to xx.xxx.x.xx 53 out via ${nic} ${addcmd} 251 allow udp from xx.xxx.x.xx to ${ip} 53 in via ${nic} # Allow ssh from anywhere #${addcmd} 300 allow log logamount 5 tcp from any to me 22 setup ${ks} #${addcmd} 301 allow tcp from any to me ssh in recv ${nic} ${ks} setup ${addcmd} 300 allow log logamount 5 tcp from any to any ssh {ks} # Everything else is denied ${addcmd} 65535 deny all from any to ${ip} exit 0 fi You seem to be missing a 'setup' keyword in the ssh rule :-/ I just loaded your own ruleset (with ${ip} and ${nic} set to local values) on a FreeBSD 7.0-CURRENT system here. They work fine, as far as I can tell: , | [EMAIL PROTECTED]:/home/giorgos$ su - | Password: | [EMAIL PROTECTED]:/root# ipfw -d show | 00050 168 30828 allow ip from any to any via lo0 | 00100 0 0 deny ip from any to 127.0.0.0/8 | 00150 0 0 deny ip from 127.0.0.0/8 to any | 00200 0 0 check-state | 00210 881 129402 allow tcp from me to any setup keep-state | 00211 8965 allow udp from me to any keep-state | 00212 0 0 allow icmp from any to me icmptypes 0,3,4,11 | 00212 0 0 allow icmp from me to any | 00250 0 0 allow udp from 10.6.0.131 to any dst-port 53 out via re0 | 00251 0 0 allow udp from any to 10.6.0.131 dst-port 53 in via re0 | 00300 649 92691 allow log logamount 5 tcp from any to any dst-port 22 keep-state | 65535 154 35966 deny ip from any to any | ## Dynamic rules (12): | [EMAIL PROTECTED]:/root# ` The only changes I made are: * Use 'any' instead of xx.xxx.x.xx as the UDP address. * Change ${ip} to my own address * Change ${nic} to my own interface name I can connect to other hosts and ssh back into my workstation with this ruleset :-/ Sorry, but I'm not sure why in your case this fails to work. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Samba 3 port broken on 6.1-RELEASE or...?
$ sudo make install clean === samba-3.0.23c,1 broken kernel API until now (7-CURRENT). *** Error code 1 Stop in /usr/ports/net/samba3. [EMAIL PROTECTED] /usr/ports/net/samba3]$ uname -a FreeBSD vim3.saarinen.org 6.1-RELEASE-p10 FreeBSD 6.1-RELEASE-p10 #3: Tue Oct 10 19:43:55 NCT 2006 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/vimto101006 i386 It seems related to AIO support: http://lists.freebsd.org/pipermail/freebsd-ports-bugs/2006-September/100407.html .if defined(WITH_AIO_SUPPORT) IGNORE= broken kernel API until now (7-CURRENT) CONFIGURE_ARGS+=--with-aio-support +.else +CONFIGURE_ARGS+= --without-aio-support .endif but... # Samba server itself OPTIONS=LDAPWith LDAP support on \ ADS With Active Directory support off \ CUPSWith CUPS printing support off \ WINBIND With WinBIND support on \ ACL_SUPPORT With ACL support on \ AIO_SUPPORT With experimental AIO support off \ FAM_SUPPORT With File Alteration Monitor off \ SYSLOG With Syslog support on \ QUOTAS With Disk quota support off \ UTMPWith UTMP accounting support on \ MSDFS With MSDFS support off \ SMBSH With SMBSH wrapper for UNIX commands off \ PAM_SMBPASS With PAM authentication vs passdb backends off \ EXP_MODULES With experimental modules off \ POPTWith system-wide POPT library on To test, I turned off each OPTION in the Makefile one by one, but Samba still refuses to build. Hints and pointers hot fix, anyone? -- Juha ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Samba 3 port broken on 6.1-RELEASE or...?
On Thu, Oct 12, 2006 at 01:01:19PM +1300, Juha Saarinen wrote: $ sudo make install clean === samba-3.0.23c,1 broken kernel API until now (7-CURRENT). *** Error code 1 Stop in /usr/ports/net/samba3. [EMAIL PROTECTED] /usr/ports/net/samba3]$ uname -a FreeBSD vim3.saarinen.org 6.1-RELEASE-p10 FreeBSD 6.1-RELEASE-p10 #3: Tue Oct 10 19:43:55 NCT 2006 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/vimto101006 i386 It seems related to AIO support: http://lists.freebsd.org/pipermail/freebsd-ports-bugs/2006-September/100407.html .if defined(WITH_AIO_SUPPORT) IGNORE= broken kernel API until now (7-CURRENT) CONFIGURE_ARGS+= --with-aio-support +.else +CONFIGURE_ARGS+= --without-aio-support .endif but... # Samba server itself OPTIONS=LDAPWith LDAP support on \ ADS With Active Directory support off \ CUPSWith CUPS printing support off \ WINBIND With WinBIND support on \ ACL_SUPPORT With ACL support on \ AIO_SUPPORT With experimental AIO support off \ FAM_SUPPORT With File Alteration Monitor off \ SYSLOG With Syslog support on \ QUOTAS With Disk quota support off \ UTMPWith UTMP accounting support on \ MSDFS With MSDFS support off \ SMBSH With SMBSH wrapper for UNIX commands off \ PAM_SMBPASS With PAM authentication vs passdb backends off \ EXP_MODULES With experimental modules off \ POPTWith system-wide POPT library on To test, I turned off each OPTION in the Makefile one by one, but Samba still refuses to build. Hints and pointers hot fix, anyone? I guess you didn't really disable AIO_SUPPORT. Kris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Fwd: Samba 3 port broken on 6.1-RELEASE or...?
Whoops, didn't do Reply To All. -- Forwarded message -- From: Juha Saarinen [EMAIL PROTECTED] Date: Oct 12, 2006 1:16 PM Subject: Re: Samba 3 port broken on 6.1-RELEASE or...? To: Kris Kennaway [EMAIL PROTECTED] On 10/12/06, Kris Kennaway [EMAIL PROTECTED] wrote: I guess you didn't really disable AIO_SUPPORT. Yes, that would seem logical but... but where is it enabled then? What's the magic to turn off AIO_SUPPORT? [EMAIL PROTECTED] /usr/ports/net/samba3]$ sudo make without-aio-support=YES === samba-3.0.23c,1 broken kernel API until now (7-CURRENT). *** Error code 1 Stop in /usr/ports/net/samba3. [EMAIL PROTECTED] /usr/ports/net/samba3]$ sudo make without-aio-support=YES === samba-3.0.23c,1 broken kernel API until now (7-CURRENT). *** Error code 1 Stop in /usr/ports/net/samba3. -- Juha -- Juha ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Logitech optical mouse w/ scroll wheel
On Wed, Oct 11, 2006 at 02:41:43PM -0700, William Tracy wrote: I thought I'd document my experiences with my Logitech optical USB mouse under FreeBSD 6.1 release 1 so that maybe it will help the next person hunting with Google. :-) Actually, I guess that's FreeBSD 6.1 release 0. :-P In my xorg.conf file I have the following Section InputDevice Identifier Mouse0 Driver mouse Option Protocol auto Option Device /dev/sysmouse Option Buttons 5 Option ZAxisMapping 4 5 EndSection My Logitech optical mouse works fine... Hope this helps. -- Alex FreeBSD 6.0-RELEASE i386 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: RE : Re: RE : Re: RE : Re: RE : Re: RE : Re: cheapskate webmail interface
On 10/10/06, Desmond Coughlan [EMAIL PROTECTED] wrote: X-No-Archive: true uninstall cyrus and install dovecot from the ports tree. its small, lightweight, and fast. are you trying to install stuff without using the ports tree? Yeah. I used to do Solaris admin (Jesus, you'd never know it...), and usually prefer installing software the ./configure -- make make install route. Especially since a ports install doesn't tell you anything about where the software is put D. use the whereis command to know where it is installed. FYI, a port install will tell you where the apps was installed after finishing. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problems with ipfw and ssh
On 12/10/06, Giorgos Keramidas [EMAIL PROTECTED] wrote: On 2006-10-12 00:53, Spiros Papadopoulos [EMAIL PROTECTED] wrote: I started yesterday playing with it / testing it, but since i want to do most of the work remotely, i stuck on this rule and feel like keep looking until i find the solution. I paste the whole script here just in case something else is wrong... Here is my ipfw.rules file: /** Sorry for the delay. In the meanwhile, just before sent the mail something else happened. Taking in account what you told me about the state keyword, i added it to the rule 300. Then i could not connect at all. I tried to take it off again, but surprisingly it still doesn't allow any connections at all (not even the user this time), hmmm... I am sending it as it was initially, which from yesterday until my first e-mail it was working as described previously...Now also when i run the script with the allowall option gives me problems, when it was working before. I can ping the machine and get replies but i cannot ssh to it. It seems that i am doing something wrong but cannot identify where */ #!/bin/sh # rules commmand prefix addcmd=/sbin/ipfw -q add # and the interface if=xl0 # details of this computer ip=192.168.1.199 net=192.168.1.0 mask=255.255.255.0 bcast=192.168.1.255 nic=sk0 ks=keep-state # Flush out the list /sbin/ipfw -q -f flush if [ $1 = allowall ] then ${addcmd} 100 allow all from any to any via ${nic} exit 0 else # Only in rare cases do you want to change these rules ${addcmd} 50 allow all from any to any via lo0 ${addcmd} 100 deny all from any to 127.0.0.0/8 ${addcmd} 150 deny ip from 127.0.0.0/8 to any These look ok. # At the moment don't allow it #${addcmd} 400 allow all from ${ip} to ${net}:${mask} #${addcmd} 500 allow all from ${net}:${mask} to ${ip} Not sure why these are needed (but they are commented out). They are meant to allow all traffic from net 192.168.1.0 and were commented out temporarily. I just sent the script as it was. # Allow only specific stuff and maintain the firewall for as long # as needed to become tough enough # check state and keep it ${addcmd} 200 check-state ${addcmd} 210 allow tcp from me to any setup ${ks} ${addcmd} 211 allow udp from me to any ${ks} ${addcmd} 212 allow icmp from any to me icmptype 0, 3, 4, 11 ${addcmd} 212 allow icmp from me to any # Allow Traffic to my ISP DNS server ${addcmd} 250 allow udp from ${ip} to xx.xxx.x.xx 53 out via ${nic} ${addcmd} 251 allow udp from xx.xxx.x.xx to ${ip} 53 in via ${nic} # Allow ssh from anywhere #${addcmd} 300 allow log logamount 5 tcp from any to me 22 setup ${ks} #${addcmd} 301 allow tcp from any to me ssh in recv ${nic} ${ks} setup ${addcmd} 300 allow log logamount 5 tcp from any to any ssh {ks} # Everything else is denied ${addcmd} 65535 deny all from any to ${ip} exit 0 fi You seem to be missing a 'setup' keyword in the ssh rule :-/ I just loaded your own ruleset (with ${ip} and ${nic} set to local values) on a FreeBSD 7.0-CURRENT system here. They work fine, as far as I can tell: , | [EMAIL PROTECTED]:/home/giorgos$ su - | Password: | [EMAIL PROTECTED]:/root# ipfw -d show | 00050 168 30828 allow ip from any to any via lo0 | 00100 0 0 deny ip from any to 127.0.0.0/8 | 00150 0 0 deny ip from 127.0.0.0/8 to any | 00200 0 0 check-state | 00210 881 129402 allow tcp from me to any setup keep-state | 00211 8965 allow udp from me to any keep-state | 00212 0 0 allow icmp from any to me icmptypes 0,3,4,11 | 00212 0 0 allow icmp from me to any | 00250 0 0 allow udp from 10.6.0.131 to any dst-port 53 out via re0 | 00251 0 0 allow udp from any to 10.6.0.131 dst-port 53 in via re0 | 00300 649 92691 allow log logamount 5 tcp from any to any dst-port 22 keep-state | 65535 154 35966 deny ip from any to any | ## Dynamic rules (12): | [EMAIL PROTECTED]:/root# ` The only changes I made are: * Use 'any' instead of xx.xxx.x.xx as the UDP address. * Change ${ip} to my own address * Change ${nic} to my own interface name I can connect to other hosts and ssh back into my workstation with this ruleset :-/ Sorry, but I'm not sure why in your case this fails to work. Now this is strange. I will try again tomorrow evening more carefully and i will post any results. Initially i sent the mail because of the failure to su as root (as described also in that post i referenced) after i was logging in as normal user canonically. So it was working as you said. But can you su to root after connecting? Sorry i will not be able to reply again tonight Thanks
Re: Problems with ipfw and ssh
On 2006-10-12 01:31, Spiros Papadopoulos [EMAIL PROTECTED] wrote: On 12/10/06, Giorgos Keramidas [EMAIL PROTECTED] wrote: , | [EMAIL PROTECTED]:/home/giorgos$ su - | Password: | [EMAIL PROTECTED]:/root# ipfw -d show | 00050 168 30828 allow ip from any to any via lo0 | 00100 0 0 deny ip from any to 127.0.0.0/8 | 00150 0 0 deny ip from 127.0.0.0/8 to any | 00200 0 0 check-state | 00210 881 129402 allow tcp from me to any setup keep-state | 00211 8965 allow udp from me to any keep-state | 00212 0 0 allow icmp from any to me icmptypes 0,3,4,11 | 00212 0 0 allow icmp from me to any | 00250 0 0 allow udp from 10.6.0.131 to any dst-port 53 out via re0 | 00251 0 0 allow udp from any to 10.6.0.131 dst-port 53 in via re0 | 00300 649 92691 allow log logamount 5 tcp from any to any dst-port 22 keep-state | 65535 154 35966 deny ip from any to any | ## Dynamic rules (12): | [EMAIL PROTECTED]:/root# ` The only changes I made are: * Use 'any' instead of xx.xxx.x.xx as the UDP address. * Change ${ip} to my own address * Change ${nic} to my own interface name I can connect to other hosts and ssh back into my workstation with this ruleset :-/ Sorry, but I'm not sure why in your case this fails to work. Now this is strange. I will try again tomorrow evening more carefully and i will post any results. Initially i sent the mail because of the failure to su as root (as described also in that post i referenced) after i was logging in as normal user canonically. So it was working as you said. But can you su to root after connecting? Yes. See above. The `ipfw -d show' command shown there was after I looped using SSH from my workstation to another system and back again. Sorry i will not be able to reply again tonight No problem. Take your time. There is definitely a logical explanation why this is happening, even if that explanation is `there is a bug in ipfw and 5.4' :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: StartX casues system reboot
On 10/11/06, Mark Jacobs [EMAIL PROTECTED] blurted: Yesterday I was happily using x-windows . . . reboot I attempted to start xwindows again and the computer rebooted itself. This has happened every time since last night. This is a dual boot system so I booted into windows do see if the video card might be damaged, but windows starts up ok. I even defined a new freebsd userid and started x without any window manager andit still crashes machine. Any ideas? error messages from /var/log/Xorg.0.log (probably via) grep EE /var/log/Xorg.0.log Hints? Clues? -- -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Samba 3 port broken on 6.1-RELEASE or...?
On 10/12/06, Kris Kennaway [EMAIL PROTECTED] wrote: I guess you didn't really disable AIO_SUPPORT. Yes, that would seem logical but... but where is it enabled then? What's the magic to turn off AIO_SUPPORT? .if defined(WITH_AIO_SUPPORT) Make sure you don't have WITH_AIO_SUPPORT defined in your /etc/make.conf or on the command line, or in a cached samba config. (make config) -- -- Perfection is just a word I use occasionally with mustard. --Atom Powers-- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Samba 3 port broken on 6.1-RELEASE or...?
On 10/12/06, Atom Powers [EMAIL PROTECTED] wrote: Make sure you don't have WITH_AIO_SUPPORT defined in your /etc/make.conf or on the command line, or in a cached samba config. (make config) Thanks, my brain was in neutral but following Kris' suggestion in a separate message to do 'make config' and disabling AIO support there sorted things. -- Juha ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: OOo-204rc3, package
On 10/10/06 16:09, Gary Kline wrote: Is there a means of downloading the 2.0.4rc3 package for openoffice? The latest on the OO website is 2.0.3. portupgrade shrugs. Try here: ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6-stable/All/ Then search for openoffice. There appears to be: openoffice.org-1.0.3_7.tbz 61241 KB09/26/06 openoffice.org-2.0.20060928.tbz114724 KB 10/09/06 openoffice.org-2.0.4.rc3.tbz 114277 KB 10/08/06 HTH, Eric I think this is the last thing to replace/upgrade. thanks, people, gary ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NFS Client..attr caching..
On 10/10/06 01:38, Jeff Mohler wrote: here at work we want to compile deep trees of code on Fbsd boxes, but we are finding that the compiles on local disk are faster than via NFS (very very fast/new Netapp boxes) on the FreeBSD boxes (single spindle SATA drives). However, cross-compiling the same code on a linux box over NFS to the very same Netapp boxes is way faster than Fbsd on local disk. Im trying of course to get the mount options/etc that the linux boxes use, but any clues on how to mount a 150k file deep source tree to most effectively cache getattr/readdir metadata which seems to be an enourmous percentage of the total NFS calls in the compile process. I'm no NFS guru... but I did some googling on your behalf and ran across the following sysctl which, if tweaked, might help. vfs.nfs.access_cache_timeout Don't know if it will help. Just a shot. Thanks in advance..as I get more data. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Question re ncurses and the various ttys
Hi all I've been digging around in the various man pages and havent yet found the incantations I require. Goal: to create a curses driven status screen that can run without user intervention. I want to know if it is possible to _programatically_ switch to an unused virtual tty, and then use this as the display page. ( By unused I mean marked 'off' in /etc/ttys ) So if I set ttyv7 to off, can I launch a program (possibly from a cold boot) that selects tty7 ( ie the now getty-less terminal ), possibly sets the rows and cols like th ecommand line vidcontrol can, and then continues executing a curses app ? I can write the curses bit. Can I execute vidcontrol(1) via a system(3) call and make it stick after the call returns or does it only affect the environment within the call. Can I programtically do the same as Alt-F8 to preselect my screen? Will the curses output go onto this selected screen or would it go to the initial console screen? (Hmm maybe that is part of the answer, in the form of Does curses output only go to the current console? ( ... am I even on the right track ?? ) Murray Taylor Special Projects Engineer Bytecraft Systems -- Any intelligent fool can make things bigger and more complex... It takes a touch of genius - and a lot of courage to move in the opposite direction. --Albert Einstein --- The information transmitted in this e-mail is for the exclusive use of the intended addressee and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of it, or the taking of any action in reliance upon this information by persons and/or entities other than the intended recipient is prohibited. If you received this in error, please inform the sender and/or addressee immediately and delete the material. E-mails may not be secure, may contain computer viruses and may be corrupted in transmission. Please carefully check this e-mail (and any attachment) accordingly. No warranties are given and no liability is accepted for any loss or damage caused by such matters. --- ### This e-mail message has been scanned for Viruses by Bytecraft ### ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Problems with ipfw and ssh
Hi, Just a suggestion/query: Do you have you localhost/127.0.0.1 rules defined to allow all traffic? Cheers -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Spiros Papadopoulos Sent: Thursday, 12 October 2006 7:53 AM To: freebsd-questions@freebsd.org; freebsd-ipfw@freebsd.org Subject: Problems with ipfw and ssh Hi, I am trying to configure a firewall using ipfw for a machine running FreeBSD 5.4. Without NAT. I am nearly a newbie on this (since i never had time until now..) but still i believe i understand exactly the concepts and what needs to be done. Except the manual page and chapter 26.1 in the handbook I am using good references such as: http://www.freebsd-howto.com/HOWTO/Ipfw-HOWTO I need to connect remotely to the machine using ssh and this is where i get the problem: Initially i can connect properly using a normal user account. When later i am trying to su to root it does nothing and the connection closes. I have ipfw enabled in the kernel to deny everything by default. I have used both (one at a time) the following rules concerning ssh, in /etc/ipfw.rules and also other combinations, such as taking off setup and keep-state etc etc which would then make my firewall stateless as far as i understood, which is something i don't want anyway. ${addcmd} 300 allow log logamount 5 tcp from any to me 22 setup keep-state - ${addcmd} 300 allow log logamount 5 tcp from any to any ssh keep-state In a first investigation (not thorough) i found this post: http://www.freebsdforums.org/forums/showthread.php?t=21876 where from, i cannot realize what is wrong or how to fix this. I run the sshd in debug mode and below is the portion, for when i am trying to su to root /* sshd -d */ Write failed: Permission denied debug1: do_cleanup debug1: PAM: cleanup debug1: do_cleanup debug1: PAM: cleanup debug1: session_pty_cleanup: session 0 release /dev/ttyp7 And here are related logs: /* line from /var/log/messages */ Oct 11 20:25:54 username sshd[26251]: fatal: Write failed: Permission denied /* /var/log/auth.log */ Sep 26 11:17:34 username sshd[50073]: Connection from xxx.xxx.xxx.xx port 1545 Sep 26 11:17:46 username sshd[50073]: Accepted keyboard-interactive/pam for user from xxx.xxx.xxx.xx port 1545 ssh2 Sep 26 10:17:49 username su: user to root on /dev/ttyp4 Sep 26 11:17:51 username sshd[50068]: Read error from remote host xxx.xxx.xxx.xx: Connection reset by peer Sep 26 13:29:40 username sshd[50076]: Read error from remote host xxx.xxx.xxx.xx: Operation timed out Is it trying to write to a socket? I cannot see what is trying to do and the permission is denied (of course maybe it is in front of me..but..) Could anyone please advice? Thanks in advance Spiros ___ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Question re ncurses and the various ttys
I want to know if it is possible to _programatically_ switch to an unused virtual tty, and then use this as the display page. ( By unused I mean marked 'off' in /etc/ttys ) So if I set ttyv7 to off, can I launch a program (possibly from a cold boot) that selects tty7 ( ie the now getty-less terminal ), possibly sets the rows and cols like th ecommand line vidcontrol can, and then continues executing a curses app ? ... Can I programtically do the same as Alt-F8 to preselect my screen? It must be possible, because it's what xdm (the X-windows login screen) does. Check out the ttyv8 line in /etc/ttys. (xdm puts the vt into a graphic mode rather than leaving it in text mode, but the allocation and control issues are presumably similar.) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: OOo-204rc3, package
On Wed, Oct 11, 2006 at 09:05:16PM -0500, Eric Schuele wrote: On 10/10/06 16:09, Gary Kline wrote: Is there a means of downloading the 2.0.4rc3 package for openoffice? The latest on the OO website is 2.0.3. portupgrade shrugs. Try here: ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-6-stable/All/ Then search for openoffice. There appears to be: openoffice.org-1.0.3_7.tbz 61241 KB09/26/06 openoffice.org-2.0.20060928.tbz 114724 KB 10/09/06 openoffice.org-2.0.4.rc3.tbz 114277 KB 10/08/06 Oustanding, thanjs much indeed! Now, dumb questions dept: do I just type # fetch ftp://ftp.freebsd.org// for the last one, -2.0.4.rc3.tbz? Or what? I've never retrived the OOo package before. ...Not that that's much of an excuse... . HTH, Eric I think this is the last thing to replace/upgrade. thanks, people, gary -- Gary Kline [EMAIL PROTECTED] www.thought.org Public service Unix ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
pf.conf + altq problem
Dear list. My pf.conf not working. I have pf in bridge machine with xl2 to internet firewall and xl1 to internal switch. Bridging is ok. This my simple pf.conf me=172.16.0.228 altq on xl1 bandwidth 100% cbq queue {me,dflt} queue mebandwidth 8Kb queue dflt bandwidth 16Kb cbq (default) block log on {xl1,xl2} all pass out log on xl1 from $me to any keep state pass log on xl2 from $me to any keep state queue (me) This rule is match when i try to connect to iperf server # tcpdump -nett -i pflog0 | grep 172.16.0.228 tcpdump: WARNING: pflog0: no IPv4 address assigned tcpdump: listening on pflog0, link-type PFLOG 1160655756.150048 rule 3/(match) pass in on xl2: 172.16.0.228.44405 128.6.231.102.5001: [|tcp] (DF) 1160655756.150059 rule 2/(match) pass out on xl1: 172.16.0.228.44405 128.6.231.102.5001: [|tcp] (DF) But iperf tell me that this connection is 24.4 Kbits/Sec. (more than 8Kbps) [EMAIL PROTECTED] beastie]# iperf -c lss.rutgers.edu Client connecting to lss.rutgers.edu, TCP port 5001 TCP window size: 16.0 KByte (default) [ 3] local 172.16.0.228 port 44408 connected with 128.6.231.102 port 5001 [ 3] 0.0-16.1 sec 48.0 KBytes 24.4 Kbits/sec I'm expecting that iperf report it equal with the bandwidth that i assign to (me) queue pipe. Is there any thing wrong or i missed something here ??? Please help me regards Reza ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
File dates on msdosfs devices
I live in Australia and hence my timezone is set to GMT+10 and currently run FreeBSD 6.1-RELEASE. When the CMOS clock is set to GMT: When I mount a msdosfs device (camera etc) and examine using ls -la The date time reported is the actual stored on the device plus 10 hours. When the CMOS clock is set to local time (and /etc/wall_cmos_clock exists) this problem does not occur. With the CMOS clock set to GMT, is there some way I can mount these devices so that this conversion is not done? Ray Newman 12 Oct 2006 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]