How to block NIS logins via ssh?
Hello all, I'm noticing that when following the directions given here: http://www.freebsd.org/doc/en/books/handbook/network-nis.html For how to disable logins, the recommended action is to set the shell to /sbin/nologin. However, this is sloppy as it allows the user to log in, get the motd, do everything short of getting a shell. I've tried starring out the password in the +: entry, (and putting in a bad password, like x), and those don't seem to work. I am still able to connect via sshd and prove that the account works. What's happening here? -Dan -- Wrin quick, somebody tell me the moon phase please? Dan_Wood Wrin: Plummeting. -Undernet #reboot, 9/11/01 (day of the WTC bombing) Dan Mahoney Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Hi
Hi all Did anyone knows how to deny the TCP connection Without using hosts.deny and ipfilter. using ipfw for example ;) Thanks With Regards Pugal ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Hi
On Wed, Dec 10, 2008 at 12:44 PM, pugal pugal [EMAIL PROTECTED]wrote: Hi all Did anyone knows how to deny the TCP connection Without using hosts.deny and ipfilter. Let the service listen on 127.0.0.1 or just don't start it:-) -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Okay guys. This is Kenya. You pay taxes because you feel philanthropic, unlike our MPs! -- Kenneth Marende, Speaker, 10th Parilament. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Hi
Hi all I will explain the scenario clearly. I have a server program say server.c listening on some XXX port-number.I accepts all the client. Now i want to DENY only the particular client say x.x.x.x/16 . I want to deny that Client by not using hosts.deny. For this scenario what can i do?? If anyone knows Let me explain clearly. Since i am very new to this.please explain clearly. On Wed, Dec 10, 2008 at 3:43 PM, Odhiambo Washington [EMAIL PROTECTED]wrote: On Wed, Dec 10, 2008 at 12:44 PM, pugal pugal [EMAIL PROTECTED]wrote: Hi all Did anyone knows how to deny the TCP connection Without using hosts.deny and ipfilter. Let the service listen on 127.0.0.1 or just don't start it:-) -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Okay guys. This is Kenya. You pay taxes because you feel philanthropic, unlike our MPs! -- Kenneth Marende, Speaker, 10th Parilament. -- Thanks With Regards Pugal ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Hi
Hello, If you don't want to do this using server features you should do it in your program (like in config file). Best regards, Shamrock 2008/12/10 pugal pugal [EMAIL PROTECTED] Hi all I will explain the scenario clearly. I have a server program say server.c listening on some XXX port-number.I accepts all the client. Now i want to DENY only the particular client say x.x.x.x/16 . I want to deny that Client by not using hosts.deny. For this scenario what can i do?? If anyone knows Let me explain clearly. Since i am very new to this.please explain clearly. On Wed, Dec 10, 2008 at 3:43 PM, Odhiambo Washington [EMAIL PROTECTED] wrote: On Wed, Dec 10, 2008 at 12:44 PM, pugal pugal [EMAIL PROTECTED] wrote: Hi all Did anyone knows how to deny the TCP connection Without using hosts.deny and ipfilter. Let the service listen on 127.0.0.1 or just don't start it:-) -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Okay guys. This is Kenya. You pay taxes because you feel philanthropic, unlike our MPs! -- Kenneth Marende, Speaker, 10th Parilament. -- Thanks With Regards Pugal ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD, OMSA Live CD and DSET tools for Dell 2950 Server?
Jeremy Chadwick wrote: On Wed, Nov 19, 2008 at 09:01:42AM +0100, VeeJay wrote: Any Help??? On Tue, Nov 18, 2008 at 10:15 PM, VeeJay [EMAIL PROTECTED] wrote: Any help??? On Tue, Nov 18, 2008 at 4:41 PM, VeeJay [EMAIL PROTECTED] wrote: Hello there, To diagnose and solve a Disk Encluser issue, I am advised to run two tools 1. Run OMSA live CD on the Server? Since, OMSA Live CD is linux based, I am just wondering if it will work or not? 2. Run Dell's DSET Tool, which is also for Linux systems And seeking your comments in this regards: *Server Configuration with FreeBSD 7.0* ** *2 x PE2950 III Quad Core Xeon E5450 3.0GHz,2x6MB,1333FSB *Riser with PCI Express Support (2x PCIe x8 slots; 1x PCIe x4 slot) PE2950 English rack power cord PE2950 Bezel Assembly *16GB (8x2GB Dual Rank DIMMs) 667MHz FBD 6 x 450GB SAS 15k 3.5 HD Hot Plug* PE2950 III - Chassis 3.5HDD x6 Backplane *PERC 6/i, Integrated Controller Card x6 backplane *CD/DVD Drive Cable 8X DVD-ROM Drive IDE PE2950 III Redundant Power Supply No Power Cord Rack Power Distribution Unit Power Cord TCP/IP Offload Engine 2P Broadcom TCP/IP Offload Engine functionality (TOE) Not Enabled Drac 5 Card *PE2950 III C5 MSS R10 Add-in PERC 5/i / 6/i Replying ANY HELP? every 24 hours will not get you any help. Please stop doing this. If the OMSA CD is bootable, boot it and do what Dell tells you. If it's a CD full of Linux utilities, then you're going to need to install or run Linux somehow before accomplishing that. Trying to do this on FreeBSD is probably not worth your time. Regarding DSET: same advice as above. When you're finished dealing with all of this, I would highly recommend taking the time to write a professional and concise letter to a supervisor or manager at Dell, and express your displeasure with their Linux-only tools. They should at least be providing ISO images you can burn and boot directly to perform enclosure/controller testing. But I also hope you've learned something from the experience. Before you buy hardware, ensure that it's fully manageable under FreeBSD, or that the vendor offers bootable CDs that can help you. Otherwise, if they do not, you're essentially living dangerously. and vote here : http://www.ideastorm.com/ideaSearchResults?s=freebsdx=0y=0 the more the better ! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Hi
On Wednesday 10 December 2008 08:07:39 Sebastian Tymków wrote: Hello, If you don't want to do this using server features you should do it in your program (like in config file). Best regards, Shamrock 2008/12/10 pugal pugal [EMAIL PROTECTED] Hi all I will explain the scenario clearly. I have a server program say server.c listening on some XXX port-number.I accepts all the client. Now i want to DENY only the particular client say x.x.x.x/16 . I want to deny that Client by not using hosts.deny. For this scenario what can i do?? If anyone knows Let me explain clearly. Since i am very new to this.please explain clearly. On Wed, Dec 10, 2008 at 3:43 PM, Odhiambo Washington [EMAIL PROTECTED] wrote: On Wed, Dec 10, 2008 at 12:44 PM, pugal pugal [EMAIL PROTECTED] wrote: Hi all Did anyone knows how to deny the TCP connection Without using hosts.deny and ipfilter. Let the service listen on 127.0.0.1 or just don't start it:-) -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Okay guys. This is Kenya. You pay taxes because you feel philanthropic, unlike our MPs! -- Kenneth Marende, Speaker, 10th Parilament. -- Thanks With Regards Pugal ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] It seems you wrote the code, so you have the power. Just check the client's IP after accept()ing the connection. Then fork(), close(), etc... -- Mario Lobo http://www.mallavoodoo.com.br FreeBSD since version 2.2.8 [not Pro-Audio YET!!] (99,7% winedows FREE) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: USB Keyboard is not working with a custom kernel
OK... This could work eventually, but think about another fact: With GENERIC kernel, everything works correctly. I plug and unplug the keyboard, and it interacts wonderfully. Noor -Original Message- From: Polytropon [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 10, 2008 3:03 PM To: נור דאוד Cc: freebsd-questions@freebsd.org Subject: Re: USB Keyboard is not working with a custom kernel On Wed, 10 Dec 2008 07:33:44 +0200, ??? [EMAIL PROTECTED] wrote: With this kernel, whenever I connect a USB keyboard, I see on the console an alert (USB keyboard device this and that, connected to ) and even the make/model of the keyboard is shown, but the keyboard doesn't work. The Num/Caps locks work (I mean, the light on the keyboard alternates between ON/OFF whenever press on the keys). Anyone knows what's the problem? And how to fix it? This *may* be due to kbdmux. On older FreeBSD systems (such as FreeBSD 5), you had to manually change the active keyboard using the kbdcontrol command. Let's say, you have an AT keyboard present (which has the focus) and you plugged in the USB keyboard, the keyboard would get recognized and powered (so you can toggle the Blinkenlights), but no input would come from it. Then you would have to use the focused keyboard /dev/kbd0 (=/dev/atkbd0) to change focus to the USB one /dev/kbd1 (=/dev/ukbd0). Since kbdmux has been introduced, focus is on all keybpards that are plugged into the system, so it doesn't matter where you type something. Maybe you could check the presence of kbdmux or use an AT keyboard to check via kbdcontrol. -- Polytropon From Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: QEMU: increase image size with FreeBSD partitions ...
Marc G. Fournier wrote: --On Tuesday, December 09, 2008 10:15:45 +0100 Ivan Voras [EMAIL PROTECTED] wrote: Marc G. Fournier wrote: I have FreeBSD 7 running in a QEMU VM ... works like a charm, but I'm wondering if there is some way of *increasing* the size of the image beyond what I configured it for? I'm only finding stuff pertaining to NTFS/FAT32, but nothing about Unix in general, or FreeBSD specifically ... Is there any way of doing this, or do I have to build a new, larger img, and copy the data from diskA - diskB, and reboot on diskB? Doable, but time consuming ... I don't think there's anything automatic but you can grow the virtual disk, then modify the last partition size by hand, then use growfs. 'k, that is what I figured, but how do I grow the virtual disk? I've checked the qemu-img man page, and there doesn't appear to be a method of doing this ... I think I've incorrectly assumed you're using plain raw disk images - from the context I'd say that you're actually using one of qemu's own formats, right? The only thing I've found is this: http://kev.coolcavemen.com/2007/04/how-to-grow-any-qemu-system-image/ signature.asc Description: OpenPGP digital signature
Re: Best way to back up mysql database
Hello list, I apologize if I somehow highjack the thread. I just want to tell the list for further references one way (my way) of doing mysql backup and to ask you if it's safe or not. I have 2 server: one of which is the master (named for the sake of brevity with M) in mysql terms and the second being the slave (named with S). I use mysqldump on S and deliver the tarballs to a remote location. I first stop the slave, do mysqldump and start the slave. Is this approach safe? Some might argue that it's not necessary or even expensive somehow to have 2 boxes *but* in my case I have 2 servers in production and one backups the other. thanks for your input and have a great day, v ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Monitoring Threshold Interface
Hi, I would like monitoring an interface and allarm if it exceeds the threshold of 900 Mbit. Do you know any struments ? I can also create a bash script with some tool or command. Thanks...bye Gian Paolo ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
omshell how to use
To use omshell for changing dhcpd.conf, one needs to use a TSIG key.
Did the following:
# dnssec-keygen -a HMAC-MD5 -b 512 -n HOST omapi_key
responded with:
Komapi_key.+157+18443
and created the files:
-rw--- 1 root admin118 Dec 10 15:42 Komapi_key.+157+18443.key
-rw--- 1 root admin156 Dec 10 15:42 Komapi_key.+157+18443.private
# cat Komapi_key.+157+18443.private
Private-key-format: v1.2
Algorithm: 157 (HMAC_MD5)
Key:
Tq4+Idv4lCBt/zOyXIzZAxYhP3xcsUECEQVXWpTxIfTISCh4B0jwlYWxQs1FfiUYWVNSdTbu1bM0ZzxdIhj0sQ==
Bits: AAA=
# vi /usr/local/etc/dhcpd.conf
and added the statements
key omapi_key {
algorithm HMAC-MD5;
secret
Tq4+Idv4lCBt/zOyXIzZAxYhP3xcsUECEQVXWpTxIfTISCh4B0jwlYWxQs1FfiUYWVNSdTbu1bM0ZzxdIhj0sQ==;
};
omapi-key omapi_key;
Then I started dhcpd, but it immediatly complains :
Starting dhcpd
...
/usr/local/etc/dhcpd.conf: line 10: invalid base 64 character 10
secret Tq4+Idv4lCBt/zOyXIzZAxYhP3xcsUECEQVXWpTxIfTISCh4B0jwlYWxQs1FfiUYWVNSdTbu
1bM0ZzxdIhj0sQ==;
^
/usr/local/etc/dhcpd.conf: line 12: Expecting a parameter or declaration
What exactly does one have to specify on the 'secret' line ??
The manual for omshell or dnssec-keygen don't have examples...
Please a real life example with all the relevant information ...
The command-line tool you're looking for is omshell. If you want
something different, then you're looking at implementing a wrapper
script or program of your own design.
Never had the need to use omshell, but the following random Google
search result looks appropriate for what you're trying to do:
http://blog.nominet.org.uk/tech/2005/12/21/using-omapi-object-management-application-programming-interface/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: omshell how to use
I am not an expert nor have I even used this software in question.
However...
Pieter Donche wrote:
To use omshell for changing dhcpd.conf, one needs to use a TSIG key.
Did the following:
# dnssec-keygen -a HMAC-MD5 -b 512 -n HOST omapi_key
This appears to be an MD5 encrypted key.
responded with:
Komapi_key.+157+18443
and created the files:
-rw--- 1 root admin118 Dec 10 15:42 Komapi_key.+157+18443.key
-rw--- 1 root admin156 Dec 10 15:42
Komapi_key.+157+18443.private
# cat Komapi_key.+157+18443.private
Private-key-format: v1.2
Algorithm: 157 (HMAC_MD5)
Key:
Tq4+Idv4lCBt/zOyXIzZAxYhP3xcsUECEQVXWpTxIfTISCh4B0jwlYWxQs1FfiUYWVNSdTbu1bM0ZzxdIhj0sQ==
Bits: AAA=
# vi /usr/local/etc/dhcpd.conf
and added the statements
key omapi_key {
algorithm HMAC-MD5;
secret
Tq4+Idv4lCBt/zOyXIzZAxYhP3xcsUECEQVXWpTxIfTISCh4B0jwlYWxQs1FfiUYWVNSdTbu1bM0ZzxdIhj0sQ==;
};
omapi-key omapi_key;
Then I started dhcpd, but it immediatly complains :
Starting dhcpd
...
/usr/local/etc/dhcpd.conf: line 10: invalid base 64 character 10
This seems to want a base64 encrypted key.
secret
Tq4+Idv4lCBt/zOyXIzZAxYhP3xcsUECEQVXWpTxIfTISCh4B0jwlYWxQs1FfiUYWVNSdTbu
1bM0ZzxdIhj0sQ==;
^
/usr/local/etc/dhcpd.conf: line 12: Expecting a parameter or declaration
What exactly does one have to specify on the 'secret' line ??
The manual for omshell or dnssec-keygen don't have examples...
Please a real life example with all the relevant information ...
Sorry, I don't have any examples. However I suggest re-reading the docs
and looking for specifics on key encryption. That might be the key to
your success. :)
Cheers,
Drew
--
Be a Great Magician!
Visit The Alchemist's Warehouse
http://www.alchemistswarehouse.com
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: update packages or reinstall
Hi all; Ok I've got a system running 6.0-release, it is an internal server and has nothing important on it. I'm running into problems where a lot of the packages are old and out of date, and everyday it seems I'm having to update 5-6 of em for something or another. I'm considering just wiping the system clean and starting from scratch to say either 6.4-release or 7.0 release. It is a sun netra x1 with a ultrasparc IIe 400mhz and 512mb ram. The machine is here at my location, so accessibility is no problem at all I know it is primarily my choice but feedback on whether a total wipe and reinstall with something a bit more current would be a better choice than fixing what I have. If you are in a position where a complete reinstall is possible/reasonable then I would do that. Make good backups and check their readability before burning any bridges. jerry Any suggestions for 7.0 or 6.4? Thanks Gary All feedback welcome. Thanks Gary ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
I need Install DB2 in Freebsd with a tool administration like webmin but for database DB2
Hi, everyone. I wanna install DB2 in my unix freebsd, but I never doing that, in fact I need a tool like GUI or like webmin, for the adminsitration of the DB2. who can help me with that. I'll appreciate any help, because I have been very hurry with that I'll developer a tools in DB2 butnever worked in this database management, I always work in mysql server. please any help? have a great day for everyone here. sincerely Tomas - Original Message From: Richard KHOO Guan Chen [EMAIL PROTECTED] To: freebsd-questions@freebsd.org freebsd-questions@freebsd.org Sent: Tuesday, December 9, 2008 9:58:13 PM Subject: Re: portaudit -solved Thank you Sahil Tandon I have solved the problem. My ISP uses proxy for http (I think) as I have closed off port 80 and opened port 8080, and that has got me to the web with no problem. I have also been able to use ports installation with my ipf firewall setup, so I could not understand why portaudit command failed. I have now opened up port 80 and get the thing working. Your message got me thinking in this direction as you confiremed that the file is from http://www.FreeBSD.org/ports. Once again thanks and apologies for the late reply. On Mon, 8 Dec 2008, Sahil Tandon wrote: Richard KHOO Guan Chen wrote: I have recently installed 6.4 release and tried to do a portausidt -F. No go reply was that auditfile.tbz unavailable. By default, portaudit fetches the database from www.FreeBSD.org/ports. What is the output of the following commands on your machine? % wget http://www.FreeBSD.org/ports/auditfile.tbz % fetch -1amp http://www.FreeBSD.org/ports/auditfile.tbz Have you created or modified /usr/local/etc/portaudit.conf? -- Sahil Tandon [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] __ Instant Messaging, free SMS, sharing photos and more... Try the new Yahoo! Canada Messenger at http://ca.beta.messenger.yahoo.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Developer's Handbook doubt
Hi comunity. I'm a developer new in the FreeBSD world and I'm reading the handbook. I have a doubt regarding the following code example (page 103): open: push dword mode push dword flags push dword path mov eax, 5 push eax ; Or any other dword int 80h add esp, byte 16 Why is required the push eax; sentence? (I guess a basic assembler concept unknown to me) Thank you very much Regards Pablo Caballero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: update packages or reinstall
On Wed, Dec 10, 2008 at 11:25:57AM -0500, Gary Hartl wrote: Hi all; Ok I've got a system running 6.0-release, it is an internal server and has nothing important on it. I'm running into problems where a lot of the packages are old and out of date, and everyday it seems I'm having to update 5-6 of em for something or another. I'm considering just wiping the system clean and starting from scratch to say either 6.4-release or 7.0 release. It is a sun netra x1 with a ultrasparc IIe 400mhz and 512mb ram. The machine is here at my location, so accessibility is no problem at all I know it is primarily my choice but feedback on whether a total wipe and reinstall with something a bit more current would be a better choice than fixing what I have. If you are in a position where a complete reinstall is possible/reasonable then I would do that. Make good backups and check their readability before burning any bridges. jerry Any suggestions for 7.0 or 6.4? Go with 7.1 jerry Thanks Gary All feedback welcome. Thanks Gary ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
PostgreSQL on FreeBSD 7.0 amd64 with more than 2GB shared memory
Hi,
I'm trying to run PostgreSQL 8.3 on a FreeBSD 7.0 amd64 server with more
than 2GB shared memory. The machine has 32GB RAM installed.
After setting kern.ipc.shmmax and kern.ipc.shmall to the appropriate
values, I still had no chance to start postgres with more than 2GB of
shared memory.
I wrote a small test which does the same as postgres: shmget and shmat:
#include sys/ipc.h
#include sys/shm.h
#include stdio.h
#include errno.h
int main()
{
int shmid, memKey = 1;
void *memAddress;
unsigned long size = 2147483648UL;
shmid = shmget(memKey, size, IPC_CREAT | IPC_EXCL);
if (shmid 0) {
printf(shmget failed: %d\n, errno);
return 1;
}
memAddress = shmat(shmid, NULL, 0);
if (memAddress == (void *) -1) {
printf(shmat failed: %d\n, errno);
}
return 0;
}
I found out that shmget failed with ENOMEM in shmget_allocate_segment
(sysv_shm.c) because of an overflow of size (requested shared memory in
bytes):
int i, segnum, shmid, size;
...
size = round_page(uap-size);
if (shm_committed + btoc(size) shminfo.shmall) {
return (ENOMEM);
}
When changing size to an unsigned long shmget works - but now shmat then
fails again with ENOMEM.
Is there any easy way to use a shared memory segment which is larger
than 2GB?
Kind regards,
Robert
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Which ISO do i need
Gary Hartl wrote: Hi all; Ok so I 'm going with the reinstall option me thinks and I'm gonna try 7.0. I want to do a install over ftp since my just too lazy to burn all those disks. Would I just need the bootonly.iso? I'm doing a sparc64 install. Thanks Gary If sparc64 has a bootonlyiso, that's all you need to do a network install... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: USB Keyboard is not working with a custom kernel
Please don't top-post. נור דאוד [EMAIL PROTECTED] writes: OK... This could work eventually, but think about another fact: With GENERIC kernel, everything works correctly. I plug and unplug the keyboard, and it interacts wonderfully. Right. The generic kernel has kbdmux these days. Noor -Original Message- From: Polytropon [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 10, 2008 3:03 PM To: נור דאוד Cc: freebsd-questions@freebsd.org Subject: Re: USB Keyboard is not working with a custom kernel On Wed, 10 Dec 2008 07:33:44 +0200, ??? [EMAIL PROTECTED] wrote: With this kernel, whenever I connect a USB keyboard, I see on the console an alert (USB keyboard device this and that, connected to ) and even the make/model of the keyboard is shown, but the keyboard doesn't work. The Num/Caps locks work (I mean, the light on the keyboard alternates between ON/OFF whenever press on the keys). Anyone knows what's the problem? And how to fix it? This *may* be due to kbdmux. On older FreeBSD systems (such as FreeBSD 5), you had to manually change the active keyboard using the kbdcontrol command. Let's say, you have an AT keyboard present (which has the focus) and you plugged in the USB keyboard, the keyboard would get recognized and powered (so you can toggle the Blinkenlights), but no input would come from it. Then you would have to use the focused keyboard /dev/kbd0 (=/dev/atkbd0) to change focus to the USB one /dev/kbd1 (=/dev/ukbd0). Since kbdmux has been introduced, focus is on all keybpards that are plugged into the system, so it doesn't matter where you type something. Maybe you could check the presence of kbdmux or use an AT keyboard to check via kbdcontrol. -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org/~lowell/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Which ISO do i need
Ok so I 'm going with the reinstall option me thinks and I'm gonna try 7.0. get 7-branch through CVS or 7.1-BETA2 ISO. I want to do a install over ftp since my just too lazy to burn all those disks. Would I just need the bootonly.iso? yes. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: PostgreSQL on FreeBSD 7.0 amd64 with more than 2GB shared memory
fails again with ENOMEM. Is there any easy way to use a shared memory segment which is larger than 2GB? getting two smaller ? :) no idea - maybe it's bug of SHM. as you already checked it please do sent-pr ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: PostgreSQL on FreeBSD 7.0 amd64 with more than 2GB shared memory
I just found a bug report for that issue: http://www.freebsd.org/cgi/query-pr.cgi?pr=121423cat= Thanks, Robert -Original Message- From: Wojciech Puchar [mailto:[EMAIL PROTECTED] Sent: Mittwoch, 10. Dezember 2008 18:30 To: Hell, Robert Cc: freebsd-questions@freebsd.org Subject: Re: PostgreSQL on FreeBSD 7.0 amd64 with more than 2GB shared memory fails again with ENOMEM. Is there any easy way to use a shared memory segment which is larger than 2GB? getting two smaller ? :) no idea - maybe it's bug of SHM. as you already checked it please do sent-pr ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Which ISO do i need
Gary Hartl said: Hi all; Ok so I 'm going with the reinstall option me thinks and I'm gonna try 7.0. I want to do a install over ftp since my just too lazy to burn all those disks. Since 7.1 is in -RC1 status, why not go with that? Would I just need the bootonly.iso? I'm doing a sparc64 install. Not sure about sparc, but yes, the bootonly will be sufficient under normal circumstances. Thanks Gary ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Glen Barber ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: USB Keyboard is not working with a custom kernel
OK... This could work eventually, but think about another fact: With GENERIC kernel, everything works correctly. I plug and unplug the keyboard, and it interacts wonderfully. Right. The generic kernel has kbdmux these days. I see... this is one piece of info that I needed, thanks a lot! I will check it and I hope it works. Noor ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: I need Install DB2 in Freebsd with a tool administration like webmin but for database DB2
you want to install ibm db2 server? or you want to install db2 client? Tomás Rodriguez wrote: Hi, everyone. I wanna install DB2 in my unix freebsd, but I never doing that, in fact I need a tool like GUI or like webmin, for the adminsitration of the DB2. who can help me with that. I'll appreciate any help, because I have been very hurry with that I'll developer a tools in DB2 butnever worked in this database management, I always work in mysql server. please any help? have a great day for everyone here. sincerely Tomas - Original Message From: Richard KHOO Guan Chen [EMAIL PROTECTED] To: freebsd-questions@freebsd.org freebsd-questions@freebsd.org Sent: Tuesday, December 9, 2008 9:58:13 PM Subject: Re: portaudit -solved Thank you Sahil Tandon I have solved the problem. My ISP uses proxy for http (I think) as I have closed off port 80 and opened port 8080, and that has got me to the web with no problem. I have also been able to use ports installation with my ipf firewall setup, so I could not understand why portaudit command failed. I have now opened up port 80 and get the thing working. Your message got me thinking in this direction as you confiremed that the file is from http://www.FreeBSD.org/ports. Once again thanks and apologies for the late reply. On Mon, 8 Dec 2008, Sahil Tandon wrote: Richard KHOO Guan Chen wrote: I have recently installed 6.4 release and tried to do a portausidt -F. No go reply was that auditfile.tbz unavailable. By default, portaudit fetches the database from www.FreeBSD.org/ports. What is the output of the following commands on your machine? % wget http://www.FreeBSD.org/ports/auditfile.tbz % fetch -1amp http://www.FreeBSD.org/ports/auditfile.tbz Have you created or modified /usr/local/etc/portaudit.conf? -- Sahil Tandon [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] __ Instant Messaging, free SMS, sharing photos and more... Try the new Yahoo! Canada Messenger at http://ca.beta.messenger.yahoo.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to block NIS logins via ssh?
On Wed, 10 Dec 2008, Dan Nelson wrote: In the last episode (Dec 10), Dan Mahoney, System Admin said: I'm noticing that when following the directions given here: http://www.freebsd.org/doc/en/books/handbook/network-nis.html For how to disable logins, the recommended action is to set the shell to /sbin/nologin. However, this is sloppy as it allows the user to log in, get the motd, do everything short of getting a shell. I've tried starring out the password in the +: entry, (and putting in a bad password, like x), and those don't seem to work. I am still able to connect via sshd and prove that the account works. By default, the passwd field is ignored in an NIS + or - line. It looks like if you rebuild libc with PW_OVERRIDE_PASSWD=1, you will get the behaviour you're looking for (see the compat_set_template function in src/lib/libc/gen/getpwent.c). Okay, let's look at it from an alternate tack then -- what else renders an account invalid? Is there a pam knob to check /etc/shells? Or an sshd option? I found these: http://osdir.com/ml/linux.admin.managers/2003-08/msg00016.html for a user who had a similar problem, but freebsd doesn't appear to have the requisite module. This could also be implemented as an option to pam_unix (which could check either /etc/shells or the NIS equivalent, since it already has the NIS hooks.) I'll make a separate post to -hackers requesting this. it's probably pretty trivial to port, but I'm leery to do so not-being a c-coder. -Dan -- Of course she's gonna be upset! You're dealing with a woman here Dan, what the hell's wrong with you? -S. Kennedy, 11/11/01 Dan Mahoney Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: I need Install DB2 in Freebsd with a tool administration like webmin but for database DB2
thanks Michael well I wanna install ibm db2 server for developer one application in PHP or Java, but I need a graphic tools for his administration. thanks again sincerely TOMAS - Original Message From: michael [EMAIL PROTECTED] To: Tomás Rodriguez [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Sent: Wednesday, December 10, 2008 1:50:42 PM Subject: Re: I need Install DB2 in Freebsd with a tool administration like webmin but for database DB2 you want to install ibm db2 server? or you want to install db2 client? Tomás Rodriguez wrote: Hi, everyone. I wanna install DB2 in my unix freebsd, but I never doing that, in fact I need a tool like GUI or like webmin, for the adminsitration of the DB2. who can help me with that. I'll appreciate any help, because I have been very hurry with that I'll developer a tools in DB2 butnever worked in this database management, I always work in mysql server. please any help? have a great day for everyone here. sincerely Tomas - Original Message From: Richard KHOO Guan Chen To: freebsd-questions@freebsd.org Sent: Tuesday, December 9, 2008 9:58:13 PM Subject: Re: portaudit -solved Thank you Sahil Tandon I have solved the problem. My ISP uses proxy for http (I think) as I have closed off port 80 and opened port 8080, and that has got me to the web with no problem. I have also been able to use ports installation with my ipf firewall setup, so I could not understand why portaudit command failed. I have now opened up port 80 and get the thing working. Your message got me thinking in this direction as you confiremed that the file is from http://www.FreeBSD.org/ports. Once again thanks and apologies for the late reply. On Mon, 8 Dec 2008, Sahil Tandon wrote: Richard KHOO Guan Chen wrote: I have recently installed 6.4 release and tried to do a portausidt -F. No go reply was that auditfile.tbz unavailable. By default, portaudit fetches the database from www.FreeBSD.org/ports. What is the output of the following commands on your machine? % wget http://www.FreeBSD.org/ports/auditfile.tbz % fetch -1amp http://www.FreeBSD.org/ports/auditfile.tbz Have you created or modified /usr/local/etc/portaudit.conf? -- Sahil Tandon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] __ Instant Messaging, free SMS, sharing photos and more... Try the new Yahoo! Canada Messenger at http://ca.beta.messenger.yahoo.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] __ Be smarter than spam. See how smart SpamGuard is at giving junk email the boot with the All-new Yahoo! Mail. Click on Options in Mail and switch to New Mail today or register for free at http://mail.yahoo.ca ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to block NIS logins via ssh?
In the last episode (Dec 10), Dan Mahoney, System Admin said: On Wed, 10 Dec 2008, Dan Nelson wrote: In the last episode (Dec 10), Dan Mahoney, System Admin said: I'm noticing that when following the directions given here: http://www.freebsd.org/doc/en/books/handbook/network-nis.html For how to disable logins, the recommended action is to set the shell to /sbin/nologin. However, this is sloppy as it allows the user to log in, get the motd, do everything short of getting a shell. I've tried starring out the password in the +: entry, (and putting in a bad password, like x), and those don't seem to work. I am still able to connect via sshd and prove that the account works. By default, the passwd field is ignored in an NIS + or - line. It looks like if you rebuild libc with PW_OVERRIDE_PASSWD=1, you will get the behaviour you're looking for (see the compat_set_template function in src/lib/libc/gen/getpwent.c). Okay, let's look at it from an alternate tack then -- what else renders an account invalid? Is there a pam knob to check /etc/shells? Or an sshd option? There's a pam_exec module which launches a program of your choice. You could look up the user's shell from there using whatever script you're comfortable with. Or, if all your NIS users are members of a certain group, you could use the pam_group module to deny them. I found these: http://osdir.com/ml/linux.admin.managers/2003-08/msg00016.html for a user who had a similar problem, but freebsd doesn't appear to have the requisite module. This could also be implemented as an option to pam_unix (which could check either /etc/shells or the NIS equivalent, since it already has the NIS hooks.) It looks like our pam_unix module has a local_pass option, whch claims to disallow NIS logins. Have you tried that? I'll make a separate post to -hackers requesting this. it's probably pretty trivial to port, but I'm leery to do so not-being a c-coder. -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Firewall with bridged interfaces and captive portal
Olivier Nicole wrote:
I need to implement a firewall with bridged interfaces that offers
captive portal (authentication before opening the traffic).
We are using a combination of squid+ipfw. Although we are NATing the
users, that really just introduces needless complexity that could be
avoided with a bridging solution.
Our web-app/captive portal/authentication program is written in-house;
it's very tightly integrated with several existing pieces of
infrastructure. I don't know if there are any solutions that will work
out-of-the-box.
I can get you more technical details if this is a direction you'd be
interested in moving.
Long time ago I have been toying with ipf (for the genral firewall)
and NoCat+ipfw for the captive portal.
But that did not work too well, so any technical information will be
appreciated :)
My long term vision is a quite integrated thing, where users that read
their email and authenticate to POP3/IMAP would be granted the access
without the need to authenticate to the web portal.
Hi,
Sorry it's taken a while to get back to you on this.
You're going to want to get squid up and running as a transparent proxy.
You will probably want to write a redirect script [1]. Mine checks
against a small set of always-authorized URLs that squid is allowed to
proxy for; any other HTTP request will receive a redirect:
printf 302:%s%s\n ${default_url} $suffix
The URL points to the webserver running on the aux-router (as we call
it). The www user has passwordless sudo rules that allow the web code to
call scripts for adding and removing a client to and from ipfw tables [2].
You're also going to need to get ipfw to play with bridging. For this,
you'll need to `sysctl -w net.link.bridge.ipfw=1` [3].
The portion of your ruleset is going to look something like this:
TABLE_AUTH='table(10)'
$cmd allow all from $TABLE_AUTH to any bridged
$cmd allow all from any to $TABLE_AUTH bridged
$cmd fwd 127.0.0.1,3128 tcp from $MY_SUBNET to any http bridged
$cmd deny all from any to any bridged
NB: you may need IPFIREWALL_FORWARD enabled to get full use of the fwd
action.
You'll also probably need to poke holes for or deal with DNS, any remote
webserver your authentication process may require access to, etc.
Also note, I haven't actually done this with bridging, so your mileage
my vary. I found 2 tools to be invaluable when working on this project:
1) tcpdump (use -i for interface, and watch the traffic in order to
profile exactly what you need to allow, fwd, etc.).
2) ipfw logging. I found that on any deny rule, especially when
troubleshooting, I'd do something like:
$cmd deny log logamount 0 all from any to any bridged
Or, just as useful, but you can stick anywhere in the middle without
affecting packet flow:
$cmd count log logamount 0 all from any to any bridged
NB: AFAIK, requires kernel option IPFIREWALL_VERBOSE
I might be able to give you some more pointers if you get stumped, but I
hope this helps you get well on your way.
[1] http://wiki.squid-cache.org/SquidFaq/SquidRedirectors
[2] ipfw(8) /LOOKUP TABLES
[3] ipfw(8) /PACKET FLOW
--
Chris Cowart
Network Technical Lead
Network Infrastructure Services, RSSP-IT
UC Berkeley
pgpPfbyITHbVi.pgp
Description: PGP signature
Re: slim(Simple LogIn Manager) problem
On Wed, 10 Dec 2008, Kevin Monceaux wrote: If I disable slim in /etc/ttys and start it via /usr/local/etc/rc.d/slim I can sign on and everything works except the mouse, and in terminal sessions I start my path is wrong. Okay, I think I figured out where the path I'm getting when using slim is coming from. I never noticed that slim.conf has a default path setting. In my slim.conf I have: default_path./:/bin:/usr/bin:/usr/local/bin:/usr/local/bin It would be nice to have it honor the path in /etc/login.conf but it's simple enough to set the path in slim.conf to the same. Now, if I can just figure out why my mouse won't work when I sign on via slim, but works if I start X via startx ... Kevin http://www.RawFedDogs.net http://www.WacoAgilityGroup.org Bruceville, TX Si hoc legere scis nimium eruditionis habes. Longum iter est per praecepta, breve et efficax per exempla!!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: behavioral change of read builtin for sh on 8-CURRENT
Hi Michael,
This looks like a bug in 8.0-CURRENT.
Can you please file a bug report and include the text you sent below?
On Wed, 10 Dec 2008 00:49:58 -0500, Michael Proto [EMAIL PROTECTED] wrote:
I've noticed a behavioral difference of the read builtin statement within
/bin/sh on CURRENT and I'm hoping someone can point me in the right
direction on how to restore the old behavior.
I have a /bin/sh script that accepts input for IP address information:
#!/bin/sh
set -x
DEFINT=vr0
DEFIP=192.168.0.1
DEFMASK=255.255.255.0
read -p Enter network interface [$DEFINT]: -t 5 INT
read -p Enter IP address [$DEFIP]: -t 5 IP
read -p Enter netmask [$DEFMASK]: -t 5 MASK
echo ${INT:=$DEFINT} : ${IP:=$DEFIP}/${MASK:=$DEFMASK}
This script waits for terminal input for each of the above variables (INT,
IP, MASK) and defaults to a script-provided value if no input is entered in
5 seconds for each variable. On 6.x and 7.x if I simply hit Enter at the
prompt (and don't provide any input) no value is assigned to the variable so
my INT, IP, and MASK variables are set to null and the parameter
substitution of the DEF* variables works as expected.
On 8-CURRENT if I hit Enter with no input at the prompt the system seems to
recognize the newline as input and continues to sit there until I hit Enter
again. When I do this there appears to be a strange unprintable value
assigned to the INT, IP, and MASK variables yet the variable subsitution
doesn't work correctly.
The man page on sh lists the following behavior for read:
read [-p prompt] [-t timeout] [-er] variable ...
The prompt is printed if the -p option is specified and the
stan-
dard input is a terminal. Then a line is read from the
standard
input. The trailing newline is deleted from the line and the
line is split as described in the section on White Space
Splitting (Field Splitting) above, and the pieces are assigned
to
the variables in order. If there are more pieces than
variables,
the remaining pieces (along with the characters in IFS that
sepa-
rated them) are assigned to the last variable. If there are
more
variables than pieces, the remaining variables are assigned the
null string.
As I interpret this, read should delete the trailing newline and assign a
null value since there is is no input before the newline. Then the
variable substitution should take over and assign the DEF* variables
appropriately. 6 and 7 follow this but 8 does not.
Here's the output of the script (with set -x) to help show what I'm seeing.
This is on 6 and 7:
+ DEFINT=vr0
+ DEFIP=192.168.0.1
+ DEFMASK=255.255.255.0
+ read -p Enter network interface [vr0]: -t 5 INT
Enter network interface [vr0]:
+ read -p Enter IP address [192.168.0.1]: -t 5 IP
Enter IP address [192.168.0.1]:
+ read -p Enter netmask [255.255.255.0]: -t 5 MASK
Enter netmask [255.255.255.0]:
+ echo vr0 : 192.168.0.1/255.255.255.0
vr0 : 192.168.0.1/255.255.255.0
And this is what I see with 8:
+ DEFINT=vr0
+ DEFIP=192.168.0.1
+ DEFMASK=255.255.255.0
+ read -p Enter network interface [vr0]: -t 5 INT
Enter network interface [vr0]:
+ read -p Enter IP address [192.168.0.1]: -t 5 IP
Enter IP address [192.168.0.1]:
+ read -p Enter netmask [255.255.255.0]: -t 5 MASK
Enter netmask [255.255.255.0]:
/: cho
/:
Strange that the echo statement is missing the first e character in the
debug output.
Even stranger on 8-CURRENT, if I *do* enter input before the newline (say I
change the IP address or the network interface), the first character is not
echoed back to the screen but is still saved to the variable. Here's an
example when I run the script and provide input at each prompt:
+ DEFINT=vr0
+ DEFIP=192.168.0.1
+ DEFMASK=255.255.255.0
+ read -p Enter network interface [vr0]: -t 5 INT
Enter network interface [vr0]: r0
+ read -p Enter IP address [192.168.0.1]: -t 5 IP
Enter IP address [192.168.0.1]: 92.168.0.1
+ read -p Enter netmask [255.255.255.0]: -t 5 MASK
Enter netmask [255.255.255.0]: 55.255.255.0
+ echo br0 : 192.168.0.1/255.255.255.0
br0 : 192.168.0.1/255.255.255.0
+ echo ifconfig br0 inet 192.168.0.1 netmask 255.255.255.0
Notice that when I'm prompted, the first character doesn't echo but is still
saved in the variable.
Does anyone else see this same behavior? Any ideas on how to reset it back
to how it works in STABLE? I'm not doing anything special with IFS so I'm
stumped on how to troubleshoot this.
Thanks,
Proto
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
--
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To
Re: I need Install DB2 in Freebsd with a tool administration likewebmin but for database DB2
Tomas, DB2 comes with a Java-based GUI administration tool called the DB2 Control Center. Unfortunately, it can only be installed on a supported DB2 client platform, such as Linux, Windows or various commercial UNIX platforms. DB2 does not currently have any other type of GUI administration tool. Regards, Matt Emmerton - Original Message - From: Tomás Rodriguez [EMAIL PROTECTED] To: freebsd-questions@freebsd.org Cc: [EMAIL PROTECTED] Sent: Wednesday, December 10, 2008 2:14 PM Subject: Re: I need Install DB2 in Freebsd with a tool administration likewebmin but for database DB2 thanks Michael well I wanna install ibm db2 server for developer one application in PHP or Java, but I need a graphic tools for his administration. thanks again sincerely TOMAS - Original Message From: michael [EMAIL PROTECTED] To: Tomás Rodriguez [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Sent: Wednesday, December 10, 2008 1:50:42 PM Subject: Re: I need Install DB2 in Freebsd with a tool administration like webmin but for database DB2 you want to install ibm db2 server? or you want to install db2 client? Tomás Rodriguez wrote: Hi, everyone. I wanna install DB2 in my unix freebsd, but I never doing that, in fact I need a tool like GUI or like webmin, for the adminsitration of the DB2. who can help me with that. I'll appreciate any help, because I have been very hurry with that I'll developer a tools in DB2 butnever worked in this database management, I always work in mysql server. please any help? have a great day for everyone here. sincerely Tomas - Original Message From: Richard KHOO Guan Chen To: freebsd-questions@freebsd.org Sent: Tuesday, December 9, 2008 9:58:13 PM Subject: Re: portaudit -solved Thank you Sahil Tandon I have solved the problem. My ISP uses proxy for http (I think) as I have closed off port 80 and opened port 8080, and that has got me to the web with no problem. I have also been able to use ports installation with my ipf firewall setup, so I could not understand why portaudit command failed. I have now opened up port 80 and get the thing working. Your message got me thinking in this direction as you confiremed that the file is from http://www.FreeBSD.org/ports. Once again thanks and apologies for the late reply. On Mon, 8 Dec 2008, Sahil Tandon wrote: Richard KHOO Guan Chen wrote: I have recently installed 6.4 release and tried to do a portausidt -F. No go reply was that auditfile.tbz unavailable. By default, portaudit fetches the database from www.FreeBSD.org/ports. What is the output of the following commands on your machine? % wget http://www.FreeBSD.org/ports/auditfile.tbz % fetch -1amp http://www.FreeBSD.org/ports/auditfile.tbz Have you created or modified /usr/local/etc/portaudit.conf? -- Sahil Tandon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] __ Instant Messaging, free SMS, sharing photos and more... Try the new Yahoo! Canada Messenger at http://ca.beta.messenger.yahoo.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] __ Be smarter than spam. See how smart SpamGuard is at giving junk email the boot with the All-new Yahoo! Mail. Click on Options in Mail and switch to New Mail today or register for free at http://mail.yahoo.ca ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.176 / Virus Database: 270.9.16/1841 - Release Date: 12/10/2008 9:30 AM ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
mounting /usr/local on separate drive
Hi all; Ok i'm working on this netra here. There are a couple of annoying things about these things and one of em is that you can only have a single drive on either IDE controller (masters only no slaves allowed). So my goal was to have two 20g drives on this machine one of them being dedicated to /usr/local Since I can only have one single HDD, hooked up during install everything gets installed on a single drive. I'm wondering if it is possible to move /usr/local to the second drive in some post installation method, Once i have the disk prepared with a ufs file system, is it just as simple as editing /etc/fstab and moving it over. Or is it slightly more complicated since /usr/local has important stuff in it. I'm doing this from a fresh install, so no extra packages are being added yet. Thanks Gary ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: mounting /usr/local on separate drive
On Wed, Dec 10, 2008 at 05:04:03PM -0500, Gary Hartl wrote: Hi all; Ok i'm working on this netra here. There are a couple of annoying things about these things and one of em is that you can only have a single drive on either IDE controller (masters only no slaves allowed). So my goal was to have two 20g drives on this machine one of them being dedicated to /usr/local Since I can only have one single HDD, hooked up during install everything gets installed on a single drive. I'm wondering if it is possible to move /usr/local to the second drive in some post installation method, Once i have the disk prepared with a ufs file system, is it just as simple as editing /etc/fstab and moving it over. Or is it slightly more complicated since /usr/local has important stuff in it. Yup. That is it. Remember that the mount point and the partition are two very different things and have no relationship with each other except when that partition is mounted on that mount point. You can remount almost anything anywhere as long as it isn't being used at the moment (so root is a little difficult). By the way, /usr/local does not have 'important' stuff on it by default. It is only what you put there.A standard installation, before ports and other extras are added, puts nothing in /usr/local. You do not need to create a separate file system for /usr/local if you don't want to. If you want to add a lot of stuff to a filesystem you call /usr/local after a fresh install, I would suggest you just do the install without any /usr/local and then create it first thing after the initial install and put it in /etc/fstab.At that point you shouldn't have anything to move over there. Just fdisk, bsdlabel and newfs it and then mount it and start using it. If you manage to write some stuff in /usr/local before creating the new partition, then mounting it on the /usr/local mount point will cover that stuff up. To copy it, you will need to mount the new partition on something else - say /junk - and copy stuff to it and then clean it out (just to reduce confusion, the system won't care) and then remount the new partition as /usr/local from /junk. jerry I'm doing this from a fresh install, so no extra packages are being added yet. Thanks Gary ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Get Your Blackberry Storm9500/$350 or Apple iphone 16GB/$250 or Blackberry Bold/$300
eND OF YR bONUS: Blackberry Storm,Apple iPhone,Samsung Omnia GSM PHONES Apple iPhone 16GB$250 USD Blackberry Bold..$300 USD Blackberry Storm.$350 USD Samsung Omnia i900 (16GB)$470 USD HTC Touch Pro$400 USD HTC Diamond .$400 USD Nokia N96$350 USD Nokia N85$350 USD Nokia E71$300 USD Nokia E66$300 USD Motorola V3i DG..$250 USD Nokia N95. ...$320 USD Nokia N93. ...$260 USD Nokia N93i ...$280 USD Nokia N70 $160 USD Nokia N72 $175 USD Nokia N73 $250 USD Nokia N80 $200 USD Nokia N90 $200 USD Nokia N91 $200 USD SONY PS3 (60GB) = $300 USD BUY ANY 10 UNITS AND GET 2 FREE All GSM Phones,Brand New,Tri- Band and Video Games are also Brand new with Complete Accessories plus Int'l Warranty . e-mail us for more enquiry [EMAIL PROTECTED] Robert Johnson GADGETS LIMITED (UK) LTD Registered No. 05881519 THE OLD STABLES, ARUNDEL ROAD, POLING, ARUNDEL, WEST SUSSEX, BN18 9QA, UK ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: behavioral change of read builtin for sh on 8-CURRENT
Thanks! PR 129566 filed on this issue.
-Proto
On Wed, Dec 10, 2008 at 4:27 PM, Giorgos Keramidas [EMAIL PROTECTED]wrote:
Hi Michael,
This looks like a bug in 8.0-CURRENT.
Can you please file a bug report and include the text you sent below?
On Wed, 10 Dec 2008 00:49:58 -0500, Michael Proto [EMAIL PROTECTED]
wrote:
I've noticed a behavioral difference of the read builtin statement
within
/bin/sh on CURRENT and I'm hoping someone can point me in the right
direction on how to restore the old behavior.
I have a /bin/sh script that accepts input for IP address information:
#!/bin/sh
set -x
DEFINT=vr0
DEFIP=192.168.0.1
DEFMASK=255.255.255.0
read -p Enter network interface [$DEFINT]: -t 5 INT
read -p Enter IP address [$DEFIP]: -t 5 IP
read -p Enter netmask [$DEFMASK]: -t 5 MASK
echo ${INT:=$DEFINT} : ${IP:=$DEFIP}/${MASK:=$DEFMASK}
This script waits for terminal input for each of the above variables
(INT,
IP, MASK) and defaults to a script-provided value if no input is entered
in
5 seconds for each variable. On 6.x and 7.x if I simply hit Enter at the
prompt (and don't provide any input) no value is assigned to the variable
so
my INT, IP, and MASK variables are set to null and the parameter
substitution of the DEF* variables works as expected.
On 8-CURRENT if I hit Enter with no input at the prompt the system seems
to
recognize the newline as input and continues to sit there until I hit
Enter
again. When I do this there appears to be a strange unprintable value
assigned to the INT, IP, and MASK variables yet the variable subsitution
doesn't work correctly.
The man page on sh lists the following behavior for read:
read [-p prompt] [-t timeout] [-er] variable ...
The prompt is printed if the -p option is specified and the
stan-
dard input is a terminal. Then a line is read from the
standard
input. The trailing newline is deleted from the line and
the
line is split as described in the section on White Space
Splitting (Field Splitting) above, and the pieces are
assigned
to
the variables in order. If there are more pieces than
variables,
the remaining pieces (along with the characters in IFS that
sepa-
rated them) are assigned to the last variable. If there are
more
variables than pieces, the remaining variables are assigned
the
null string.
As I interpret this, read should delete the trailing newline and assign a
null value since there is is no input before the newline. Then the
variable substitution should take over and assign the DEF* variables
appropriately. 6 and 7 follow this but 8 does not.
Here's the output of the script (with set -x) to help show what I'm
seeing.
This is on 6 and 7:
+ DEFINT=vr0
+ DEFIP=192.168.0.1
+ DEFMASK=255.255.255.0
+ read -p Enter network interface [vr0]: -t 5 INT
Enter network interface [vr0]:
+ read -p Enter IP address [192.168.0.1]: -t 5 IP
Enter IP address [192.168.0.1]:
+ read -p Enter netmask [255.255.255.0]: -t 5 MASK
Enter netmask [255.255.255.0]:
+ echo vr0 : 192.168.0.1/255.255.255.0
vr0 : 192.168.0.1/255.255.255.0
And this is what I see with 8:
+ DEFINT=vr0
+ DEFIP=192.168.0.1
+ DEFMASK=255.255.255.0
+ read -p Enter network interface [vr0]: -t 5 INT
Enter network interface [vr0]:
+ read -p Enter IP address [192.168.0.1]: -t 5 IP
Enter IP address [192.168.0.1]:
+ read -p Enter netmask [255.255.255.0]: -t 5 MASK
Enter netmask [255.255.255.0]:
/: cho
/:
Strange that the echo statement is missing the first e character in
the
debug output.
Even stranger on 8-CURRENT, if I *do* enter input before the newline (say
I
change the IP address or the network interface), the first character is
not
echoed back to the screen but is still saved to the variable. Here's an
example when I run the script and provide input at each prompt:
+ DEFINT=vr0
+ DEFIP=192.168.0.1
+ DEFMASK=255.255.255.0
+ read -p Enter network interface [vr0]: -t 5 INT
Enter network interface [vr0]: r0
+ read -p Enter IP address [192.168.0.1]: -t 5 IP
Enter IP address [192.168.0.1]: 92.168.0.1
+ read -p Enter netmask [255.255.255.0]: -t 5 MASK
Enter netmask [255.255.255.0]: 55.255.255.0
+ echo br0 : 192.168.0.1/255.255.255.0
br0 : 192.168.0.1/255.255.255.0
+ echo ifconfig br0 inet 192.168.0.1 netmask 255.255.255.0
Notice that when I'm prompted, the first character doesn't echo but is
still
saved in the variable.
Does anyone else see this same behavior? Any ideas on how to reset it
back
to how it works in STABLE? I'm not doing anything special with IFS so I'm
stumped on how to troubleshoot this.
Thanks,
Proto
___
freebsd-questions@freebsd.org mailing list
Re: Why FreeBSD not popular on hardware vendors
On Sun, 2008-12-07 at 08:29 -0500, Jerry wrote: snip IMHO, before FreeBSD can make a significant market share improvement, it has to improve its hardware support. NVidia, for one, has expressed a desire to support FreeBSD; however, it needs the FreeBSD organization to improve its basic product, especially in the 64-bit systems, which are the future of computing. Ok. So what needs improvement and where to start? Not being critical, I'm interested in this. Personally though, I think the business model here is a failure and seriously flawed. And yes, I did study business at Monash (and butted heads constantly; IF you don't look out for the health and well being of a community, environment, employees, whatever- the extreme social responsibility- then the clients and potential clients die, ergo no customers therefore no money to be made. Thats looking after your bottomline: Duh!) and saw this continually. Marketing the same; appealing to all markets is extremely lucrative, and with the technology literally at our fingertips can be very easy to do. So why not just pull the finger out and do it instead of saying its too hard, too much trouble, etc. Old people at the wheel stuck on old ways and refusing to budge (no offense intended to those on the list- I have a lot of respect for those in technology; strangely the inverse is true- they actually know what they're doing and do it properly the first time) in management. Sorry for the rant, but that's just my 2c. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to block NIS logins via ssh?
On Wed, 10 Dec 2008, Dan Nelson wrote: In the last episode (Dec 10), Dan Mahoney, System Admin said: On Wed, 10 Dec 2008, Dan Nelson wrote: In the last episode (Dec 10), Dan Mahoney, System Admin said: I'm noticing that when following the directions given here: http://www.freebsd.org/doc/en/books/handbook/network-nis.html For how to disable logins, the recommended action is to set the shell to /sbin/nologin. However, this is sloppy as it allows the user to log in, get the motd, do everything short of getting a shell. I've tried starring out the password in the +: entry, (and putting in a bad password, like x), and those don't seem to work. I am still able to connect via sshd and prove that the account works. By default, the passwd field is ignored in an NIS + or - line. It looks like if you rebuild libc with PW_OVERRIDE_PASSWD=1, you will get the behaviour you're looking for (see the compat_set_template function in src/lib/libc/gen/getpwent.c). Okay, let's look at it from an alternate tack then -- what else renders an account invalid? Is there a pam knob to check /etc/shells? Or an sshd option? There's a pam_exec module which launches a program of your choice. You could look up the user's shell from there using whatever script you're comfortable with. Or, if all your NIS users are members of a certain group, you could use the pam_group module to deny them. I found these: http://osdir.com/ml/linux.admin.managers/2003-08/msg00016.html for a user who had a similar problem, but freebsd doesn't appear to have the requisite module. This could also be implemented as an option to pam_unix (which could check either /etc/shells or the NIS equivalent, since it already has the NIS hooks.) It looks like our pam_unix module has a local_pass option, whch claims to disallow NIS logins. Have you tried that? No, I'm using netgroups -- i.e. allow one user (or, rather, allow the @STAFF group, import the whole map, disallow the rest from logging in.) Actually, I just found the answer to this...instead of putting nologin in, put in something bogus (I'm using /nonexistent)...and the password will just loop. This is something sshd does internally. Given, there's several solutions to this: 1) The Kluge as above. 2) A pam module to check /etc/group (this is standard login behavior, and historically supported, and available on other platforms, adding a module, even to ports, is trivial. 3) A patch to openssh to do /etc/shells checking (I'll note that openSSH has the UseLogin option, which may also do this. 4) An option to pam_unix to check this. Differs from #2 in that it's a change to an existing module instead of one in ports. -Dan -- The first annual 5th of July party...have you been invited? It's a Jack Party. Okay, so Long Island's been invited. --Cali and Gushi, 6/23/02 Dan Mahoney Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
gnome process taking too much cpu in freebsd 7.1-BETA2
Hi I just installed freebsd 7.1-BETA2. After starting GNOME, my CPU usage remains very high and top shows that the process polkit-gnome-manage is using up a lot of CPU (around 51%) when the laptop is idle. Any idea what might cause this? After logging into GNOME from gdm, the splash screen does not go off on it's own. Not sure if these are connected. -- Gautham Ganapathy http://lisphacker.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
