RE: email and messanging
> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Sean Murphy > Sent: Thursday, February 03, 2005 9:41 AM > To: freebsd-questions@freebsd.org > Subject: email and messanging > > > Is there a project that anyone is using that has the features of > groupwise, openexchange or exchange? Features such as calender/todo > list that other users can add to another users, public folders, etc... > > http://www.horde.org Be warned, while it's in the FreeBSD ports collection, the ports collection only gets you about 90% of the way to having it up and running. It is also every bit as complex to configure as MS Exchange is. If you have never worked with Horde or mysql, plan on spending a week on getting up and running on the administration of it and read -every bit- of documentation on it. But once you do get it online it is well worth it. The interface on the latest stuff is every bit as slick as the interface on Exchange. http://www.opengroupware.org/ This is another effort which, like Lotus Notes, has everything but the kitchen sink stuffed into it and is as equally incomprehensible. Phrases in the description like: " provide access to all functionality and data through open XML-based interfaces and APIs" I am not sure I even understand. What it appears to be is the idea that you build this thing and stuff it in in place of your Exchange server, then use all the free Outlook clients that come with MS Office to connect to the server and provide front ends. Thus you get the benefit of the slick MS interface and software at the user end, along with the benefit of not having to spend a pile of money on Microsoft CAL's and a mountain of money on an Exchange server. I'm not sure I completely agree with this approach - I'd rather see no dependencies on Microsoft's front ends - but I suppose denying Redmond their $10K for a piggy server is a good thing. Ted ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: license terms
> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of > Diener, Michael > Sent: Thursday, February 03, 2005 11:15 AM > To: freebsd-questions@freebsd.org > Subject: license terms > > > If someone is using FreeBSD and 4.4BSD, are the FreeBSD > Copyright and 4.4BSD Copyright the only agreements that apply? > > The legal page has links to GNU licenses, so it is not clear > if those licenses also have some applicability, or in what > cases they might apply. > > Thanks for any help you can give. > > The ONLY time that the GNU licenses have any effect at all on what your doing is if your building a software product that contains code that is under the GPL that you intend to redistribute. There's no license applicability of either license if all your doing is just running FreeBSD as a server or such. Ted ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: MySQL query tool and Administrator
> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Paul Schmehl > Sent: Thursday, February 03, 2005 2:19 PM > To: Damian Sobieralski; freebsd-questions@freebsd.org > Subject: Re: MySQL query tool and Administrator > > > Go to /usr/ports/emulators/linux_base/ and install the linux > emulator port. > Then you can install the query browser. I've played with it a > little. It > works OK but tends to core occasionally. > My God Paul, this is FreeBSD we are talking about, not Windows!!! Granted he will need the Gnome desktop installed since it calls for glib-2.0 and libxml-2.0 but the source is at the URL he gave, download it, unzip it, untar it, cd to ~mysql-query-browser and run configure then make and make install. No wonder you found it unstable. Since when does anyone run a Linux binary of a program that has source available?!?!? Ted ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: ssh default security risc
> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Giorgos > Keramidas > Sent: Thursday, February 03, 2005 10:01 PM > To: Gert Cuykens > Cc: freebsd-questions@freebsd.org; Chris Hodgins > Subject: Re: ssh default security risc > > > On 2005-02-04 01:04, Gert Cuykens <[EMAIL PROTECTED]> wrote: > > On Fri, 04 Feb 2005 00:05:34 +, Chris Hodgins > > <[EMAIL PROTECTED]> wrote: > > True but the point is without the ssh root enabled there is nothing > > you can do about it to stop them if they change your user password > > What user password? You are using SSH keys, as many have noted in > earlier posts of the thread, right? :P > > Seriously now. What gave you the crazy idea that having local > access as > an unprivileged user means that automatically you are also > root? Effort > is *still* needed. Effort that the average Joe Random Cracker is _NOT_ > going to spend. > > You may also want to consider than having SSH enabled for root means > there is only ONE step at becoming root from any remote location. > > Having to SSH as a user first, with the right combination of SSH keys > and passwords, and then use su(1) with yet another password is at least > one more step. > > Why is the first, 1-step procedure safer than the second? > I think I'm going to interject a few things here to this discussion, which has turned into a rediculous religious argument. In answer to your question about a 1-step procedure safer than the second, well as a matter of fact there are circumstances when it is. For example: 1) When the ssh install that permits root login is using ipfw or tcp wrappers to restrict incoming ssh to a defined IP address, compared to a ssh installation that doesen't permit root login that allows incoming ssh from any IP in the world. 2) When the ssh install that permits root login is using an authorized keys file that only permits the root user to ssh in from a host defined with a canonical name, compared to a ssh installation that disallows root login and doesen't restrict by hostname for ordinary users. 3) When the ssh install that permits root login has a /root/.ssh/rc that specifies a specific command that exits and closes the session after being run, and blocks all ordinary users from sshing in, compared to a ssh installation that doesen't permit root login that allows ordinary users to spawn a shell. Now, these are just 3 examples I can think of off the top of my head. And I'm sure your going to squawk dirty pool, and claim that you wern't meaning these 'spechel cases' that are exceptions, excuse, excuse, excuse. The point is that making blanket inferences like your doing, such as that disabling root ssh is always more safer than allowing it, is very risky. There are -very few- instances in computer security where a blanket statement always applies. Each scenario must be analysed independently, with an eye to -every possible vector- that an attacker can take. I repeatedly see lots and lots of times on this list people bragging about constructing these byzantine security blankets for remote access to their servers, and at the same time bragging about being too much a cheapskate to bother paying the few bucks a month to their ISP to get a static IP assignment for their clients, as if the entire paradigm of access list restrictions somehow doesen't exist. Not to mention that even without a static IP assigned to your home or other locations that you normally ssh in from, it's pretty simple to block off huge chunks of the Internet, particularly blocks assigned to Red China, where a huge amount of cracking and spamming originates from. Well let me tell you this, if your idea of securing your machine is to follow a few axioms that you picked up here and there, then good luck. The day that the thief makes off with your laptop/desktop/whatever that you left behind a door that you accidentally forgot to lock, or the joker down the hall gets the worn out backup tape out of your garbage that you didn't bother to erase, or the cracker installs a remote control program with a keyboard logger on that Windows box in the lab that you run Putty on every once in a while to get into your own systems, you are going to come to the sudden realization that you really didn't know anything about what you were thinking. Ted ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
IPFilter and traffic shaping
Hello users, Is there a way to do traffic shaping using IPFilter, akin to what ipfw+dummynet does? FreeBSD 5.x here. Thanks -Wash http://www.netmeister.org/news/learn2quote.html -- +==+ |\ _,,,---,,_ | Odhiambo Washington<[EMAIL PROTECTED]> Zzz /,`.-'`'-. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +==+ Keep America beautiful. Swallow your beer cans. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
SARG & squid logs.
Hello freebsd-questions, The Sarg log analiser can't find any records when I use -d flag. freebsd# sarg -n -d 22/01/2005-23/01/2005 -l access.log When I run sarg as: freebsd# sarg -n -l access.log it works fine. Here some printout, sorry for big size. freebsd# sarg -d 29/01/2005-29/01/2005 -l log.100 -o \ /home/dvg/stat/log/out -z -x -m SYSCONFDIR # sarg.conf SYSCONFDIR # SYSCONFDIR # TAG: language SYSCONFDIR #Available languages: SYSCONFDIR #Bulgarian_windows1251 SYSCONFDIR #Catalan SYSCONFDIR #Czech SYSCONFDIR #Dutch SYSCONFDIR #English SYSCONFDIR #French SYSCONFDIR #German SYSCONFDIR #Hungarian SYSCONFDIR #Indonesian SYSCONFDIR #Italian SYSCONFDIR #Japanese SYSCONFDIR #Latvian SYSCONFDIR #Polish SYSCONFDIR #Portuguese SYSCONFDIR #Romanian SYSCONFDIR #Russian_koi8 SYSCONFDIR #Russian_windows1251 SYSCONFDIR #Serbian SYSCONFDIR #Spanish SYSCONFDIR #Turkish SYSCONFDIR # SYSCONFDIR language English SYSCONFDIR # Russian_windows1251 SYSCONFDIR #language English SYSCONFDIR SYSCONFDIR # TAG: access_log file SYSCONFDIR # Where is the access.log file SYSCONFDIR # sarg -l file SYSCONFDIR # SYSCONFDIR access_log /var/squid/logs/access.log.0 SYSCONFDIR #access_log /home/dvg/stat/log/out.log.1 SYSCONFDIR SYSCONFDIR # TAG: graphs yes|no SYSCONFDIR #Use graphics where is possible. SYSCONFDIR # graph_days_bytes_bar_color blue|green|yellow|orange|brown|red SYSCONFDIR # SYSCONFDIR graphs yes SYSCONFDIR graph_days_bytes_bar_color orange SYSCONFDIR SYSCONFDIR # TAG: title SYSCONFDIR #Especify the title for html page. SYSCONFDIR # SYSCONFDIR title "TJ Collection Internet Access Reports" SYSCONFDIR SYSCONFDIR # TAG: font_face SYSCONFDIR #Especify the font for html page. SYSCONFDIR # SYSCONFDIR #font_face Tahoma,Verdana,Arial SYSCONFDIR SYSCONFDIR # TAG: header_color SYSCONFDIR #Especify the header color SYSCONFDIR # SYSCONFDIR #header_color darkblue SYSCONFDIR SYSCONFDIR # TAG: header_bgcolor SYSCONFDIR #Especify the header bgcolor SYSCONFDIR # SYSCONFDIR #header_bgcolor blanchedalmond SYSCONFDIR SYSCONFDIR # TAG: font_size SYSCONFDIR #Especify the text font size SYSCONFDIR # SYSCONFDIR #font_size 9px SYSCONFDIR SYSCONFDIR # TAG: header_font_size SYSCONFDIR #Especify the header font size SYSCONFDIR # SYSCONFDIR #header_font_size 9px SYSCONFDIR SYSCONFDIR # TAG: title_font_size SYSCONFDIR #Especify the title font size SYSCONFDIR # SYSCONFDIR #title_font_size 11px SYSCONFDIR SYSCONFDIR # TAG: background_color SYSCONFDIR # TAG: background_color SYSCONFDIR #Html page background color SYSCONFDIR # SYSCONFDIR # background_color white SYSCONFDIR SYSCONFDIR # TAG: text_color SYSCONFDIR #Html page text color SYSCONFDIR # SYSCONFDIR #text_color #00 SYSCONFDIR SYSCONFDIR # TAG: text_bgcolor SYSCONFDIR #Html page text background color SYSCONFDIR # SYSCONFDIR #text_bgcolor lavender SYSCONFDIR SYSCONFDIR # TAG: title_color SYSCONFDIR #Html page title color SYSCONFDIR # SYSCONFDIR #title_color green SYSCONFDIR SYSCONFDIR # TAG: logo_image SYSCONFDIR #Html page logo. SYSCONFDIR # SYSCONFDIR #logo_image none SYSCONFDIR SYSCONFDIR # TAG: logo_text SYSCONFDIR #Html page logo text. SYSCONFDIR # SYSCONFDIR #logo_text "" SYSCONFDIR SYSCONFDIR # TAG: logo_text_color SYSCONFDIR #Html page logo texti color. SYSCONFDIR # SYSCONFDIR #logo_text_color #00 SYSCONFDIR SYSCONFDIR # TAG: logo_image_size SYSCONFDIR #Html page logo image size. SYSCONFDIR # width height SYSCONFDIR # SYSCONFDIR #image_size 80 45 SYSCONFDIR SYSCONFDIR # TAG: background_image SYSCONFDIR #Html page background image SYSCONFDIR # SYSCONFDIR #background_image none SYSCONFDIR SYSCONFDIR # TAG: password SYSCONFDIR # User password file used by authentication SYSCONFDIR # If used here, reports will be generated only for that users. SYSCONFDIR # SYSCONFDIR #password none SYSCONFDIR SYSCONFDIR # TAG: temporary_dir SYSCONFDIR # Temporary directory name for work files SYSCONFDIR # sarg -w dir SYSCONFDIR # SYSCONFDIR temporary_dir /var/tmp SYSCONFDIR SYSCONFDIR # TAG: output_dir SYSCONFDIR # The reports will be saved in that directory SYSCONFDIR # sarg -o dir SYSCONFDIR # SYSCONFDIR output_dir /home/www/htdocs/sarg SYSCONFDIR SYSCONFDIR # TAG: output_email SYSCONFDIR # Email address to send the reports. If you use this tag, no html reports will be generated. SYSCONFDIR # sarg -e email SYSCONFDIR # SYSCONFDIR #output_email [EMAIL PROTECTED] SYSCONFDIR SYSCONFDIR # TAG: resolve_ip yes/no SYSCONFDIR # Convert ip address to dns name SYSCONFDIR # sarg -n SYS
Re: [drm] failed to load kernel module "i915"
On Thu, Feb 03, 2005 at 10:27:09PM -0500, GRF . wrote: > I have installed 5.3 and am trying to set up xorg on an Intel motherboard > with a build in 945 chipset graphic card. 4.10 was a breeze to set up for > X but so far I receive what I believe is the following error: > > -snip- from Xorg.0.log > > drmOpenDevice: node name is /dev/dri/card0 > drmOpenDevice: open result is -1, (No such file or directory) > drmOpenDevice: open result is -1, (No such file or directory) > drmOpenDevice: Open failed > drmOpenDevice: node name is /dev/dri/card0 > drmOpenDevice: open result is -1, (No such file or directory) > drmOpenDevice: open result is -1, (No such file or directory) > drmOpenDevice: Open failed > [drm] failed to load kernel module "i915" > (II) I810(0): [drm] drmOpen failed > (EE) I810(0): [dri] DRIScreenInit failed. Disabling DRI. > > -snip- > > The complete Xorg.0.log can be seen here: > http://www.dawgeestyle.com/Xorg.0.log > > The xorg.conf.new can be seen here: > http://www.dawgeestyle.com/xorg.conf.new > > Where do I go from here? > Try adding the following section to xorg.conf: Section "DRI" Mode0666 EndSection Roland -- R.F. Smith /"\ASCII Ribbon Campaign r s m i t h @ x s 4 a l l . n l \ /No HTML/RTF in e-mail http://www.xs4all.nl/~rsmith/ X No Word docs in e-mail public key: http://www.keyserver.net / \Respect for open standards pgpbOSzBHQ9nZ.pgp Description: PGP signature
Re: ssh default security risc
On 2005-02-04 02:59, Gert Cuykens <[EMAIL PROTECTED]> wrote: > [snip most of barbarous child beating suggestions] > Enabeling the ssh root is like having the remote car key that opens > every door at once [snip] Which is much easier to lose at a cafeteria on a trip somewhere up North and then discover in the morning that your car has been stolen, because there was just ONE key to get access to everything. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ssh default security risc
On 2005-02-04 01:04, Gert Cuykens <[EMAIL PROTECTED]> wrote: > On Fri, 04 Feb 2005 00:05:34 +, Chris Hodgins > <[EMAIL PROTECTED]> wrote: > True but the point is without the ssh root enabled there is nothing > you can do about it to stop them if they change your user password What user password? You are using SSH keys, as many have noted in earlier posts of the thread, right? :P Seriously now. What gave you the crazy idea that having local access as an unprivileged user means that automatically you are also root? Effort is *still* needed. Effort that the average Joe Random Cracker is _NOT_ going to spend. You may also want to consider than having SSH enabled for root means there is only ONE step at becoming root from any remote location. Having to SSH as a user first, with the right combination of SSH keys and passwords, and then use su(1) with yet another password is at least one more step. Why is the first, 1-step procedure safer than the second? - Giorgos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Getting FAM up and running from inetd
... and you may have to re-install courier-imap from the ports with fam support (set "WITH_FAM=yes" ). -- Juha ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Disk Copy Software
On Thu, 2005-02-03 at 21:45, Donald L Swoboda wrote: > Is there a Disk To Disk copy software available that can be used to > copy/backup a disk that has FreeBSD operating system installed. I would like > to copy my existing disk to another disk as a backup. > Thanks > Don Swoboda > [EMAIL PROTECTED] > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > The command "dd" will copy an entire disk byte for byte. No sophistication, no handling disks of different sizes, no glamour at all. Don't copy a filesystem that is open for write and expect clean results. You could try running it from a live CD system such as Freesbie. There is also g4u, which stands for 'Ghost for Unix", which does some of the same things as Norton Ghost. Then there are well-tested tools such as dump and restore, tar, cpio. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
[drm] failed to load kernel module "i915"
I have installed 5.3 and am trying to set up xorg on an Intel motherboard with a build in 945 chipset graphic card. 4.10 was a breeze to set up for X but so far I receive what I believe is the following error: -snip- from Xorg.0.log drmOpenDevice: node name is /dev/dri/card0 drmOpenDevice: open result is -1, (No such file or directory) drmOpenDevice: open result is -1, (No such file or directory) drmOpenDevice: Open failed drmOpenDevice: node name is /dev/dri/card0 drmOpenDevice: open result is -1, (No such file or directory) drmOpenDevice: open result is -1, (No such file or directory) drmOpenDevice: Open failed [drm] failed to load kernel module "i915" (II) I810(0): [drm] drmOpen failed (EE) I810(0): [dri] DRIScreenInit failed. Disabling DRI. -snip- The complete Xorg.0.log can be seen here: http://www.dawgeestyle.com/Xorg.0.log The xorg.conf.new can be seen here: http://www.dawgeestyle.com/xorg.conf.new Where do I go from here? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ssh default security risc
On Fri, 4 Feb 2005 03:33:41 +0100, FreeBSD questions mailing list <[EMAIL PROTECTED]> wrote: > > On 04 feb 2005, at 02:59, Gert Cuykens wrote: > > > On Thu, 3 Feb 2005 16:54:01 -0800, FreeBSD questions mailing list > > <[EMAIL PROTECTED]> wrote: > >> You really need to look at it from a different point of view... > >> If you want to prevent people from breaking into your car you lock the > >> doors. > >> Don't say "If they break the locks and get in, I can't use my key > >> anymore. So keep the doors unlocked", do you? > >> My point of view... > >> Arno > >> > > > > I like this point of view game :) > > > > How many locks are there in your car, lets say ever user has a lock > > the trunk the left and the right door. Now imagine your little kit > > waving to you behind the windows. You want to kick his butt because he > > broke your brand new television set. You cant go in your car because > > he pushes on the lock button so you can't turn the key. To make things > > wurse your kid is trying to play with the root engine but he can't get > > the engine to start. Enabeling the ssh root is like having the remote > > car key that opens every door at once so you can get in to kick his > > butt :) > > > No it is not! > It is like giving the key to the burglar who's after your car stereo. > If he'd only know you (have your account) then he would only be able to > trace your car, look at it, look what's inside but not change anything. > He would still need to go after the keys... > > Really it is the opposite of what you're thinking. > If root login is disabled and an intruder hacks a user account he can > only change things as much as you allow the account to make changes to > the system. > The intruder still needs to go for the root password after this, if > he's after total control of your comp. > When the intruder changes your password but doesn't get root access you > can't get in but your system is far less damaged. > > If root login is enabled then the intruder has half the work to get > full access to the system. > And you can't access the comp at all after that has happened. > > A > ok i admid that two passwords is more secure then one :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Disk Copy Software
Is there a Disk To Disk copy software available that can be used to copy/backup a disk that has FreeBSD operating system installed. I would like to copy my existing disk to another disk as a backup. Thanks Don Swoboda [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ssh default security risc
On 04 feb 2005, at 02:59, Gert Cuykens wrote: On Thu, 3 Feb 2005 16:54:01 -0800, FreeBSD questions mailing list <[EMAIL PROTECTED]> wrote: You really need to look at it from a different point of view... If you want to prevent people from breaking into your car you lock the doors. Don't say "If they break the locks and get in, I can't use my key anymore. So keep the doors unlocked", do you? My point of view... Arno I like this point of view game :) How many locks are there in your car, lets say ever user has a lock the trunk the left and the right door. Now imagine your little kit waving to you behind the windows. You want to kick his butt because he broke your brand new television set. You cant go in your car because he pushes on the lock button so you can't turn the key. To make things wurse your kid is trying to play with the root engine but he can't get the engine to start. Enabeling the ssh root is like having the remote car key that opens every door at once so you can get in to kick his butt :) No it is not! It is like giving the key to the burglar who's after your car stereo. If he'd only know you (have your account) then he would only be able to trace your car, look at it, look what's inside but not change anything. He would still need to go after the keys... Really it is the opposite of what you're thinking. If root login is disabled and an intruder hacks a user account he can only change things as much as you allow the account to make changes to the system. The intruder still needs to go for the root password after this, if he's after total control of your comp. When the intruder changes your password but doesn't get root access you can't get in but your system is far less damaged. If root login is enabled then the intruder has half the work to get full access to the system. And you can't access the comp at all after that has happened. A ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Help!
On Thu, Feb 03, 2005 at 06:44:11PM -0700, Charlie Sorsby wrote: > > What's this mean: > > (da1:ahc0:0:2:0): WRITE(10). CDB: 2a 0 0 2a 40 df 0 0 10 0 > (da1:ahc0:0:2:0): RECOVERED ERROR info:2a40df asc:3,0 > (da1:ahc0:0:2:0): Peripheral device write fault field replaceable unit: 10 > sks:80,11 It means that there was an error in writing the data that the unit was able to take care of. You may still want to shutdown, restart, go into the ADAPTEC bios, and do a surface scan/error map on your drive. Sometimes, though, these things just happen... -- John Lind [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ssh default security risc
On Friday 4 February 2005 02:59, Gert Cuykens wrote: > the engine to start. Enabeling the ssh root is like having the remote > car key that opens every door at once so you can get in to kick his > butt :) You're overseeing one crucial thing. The attacker isn't really interested in any user account (that would merely be a means) she's interested in the root account (that would be the price). Enabling ssh login through root even though it goes through another port than 22 or even a static ssh program with some weird predefined account (call it toor ;-) nonetheless it opens a direct entry to the root account. Which wouldn't have been there otherwise. I've seen quite a few wizz bang admins at ISPs do just that. They think they can outsmart the attacker. Usually they won't. Sure they can bruteforce a user account which does have ssh access also, but they're still one step ahead (and a good password policy is a big hurdle there). And is that user part of the wheel group (e.g. an admin)? If she ain't the attacker is now two steps behind. You also should note that rooted == rooted. All is over by then. Your box is completely unreliable. E.g. if an attacker can get physical access forget it, assume he's in and everywhere. Security is about layers and in the best case totally different context and access rights and what have you between those layers. Dan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ssh default security risc
On Thu, 3 Feb 2005 16:54:01 -0800, FreeBSD questions mailing list <[EMAIL PROTECTED]> wrote: > You really need to look at it from a different point of view... > If you want to prevent people from breaking into your car you lock the > doors. > Don't say "If they break the locks and get in, I can't use my key > anymore. So keep the doors unlocked", do you? > My point of view... > Arno > I like this point of view game :) How many locks are there in your car, lets say ever user has a lock the trunk the left and the right door. Now imagine your little kit waving to you behind the windows. You want to kick his butt because he broke your brand new television set. You cant go in your car because he pushes on the lock button so you can't turn the key. To make things wurse your kid is trying to play with the root engine but he can't get the engine to start. Enabeling the ssh root is like having the remote car key that opens every door at once so you can get in to kick his butt :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ssh default security risc
You're right, if they hack your account and change your password, you're stuck. You can't log in and get it back. You CAN call your provider up (who presumably has local access) and ask them to boot into single user mode, or login directly, and change your pass/delete the account. You can recover if a hacker breaks your regular user account. If a hacker gets root on your machine...well you're just screwed. So it makes a lot more sense to make it difficult for a hacker to get root. Having to break two accounts is a good way of doing that. On Fri, 4 Feb 2005 01:04:34 +0100, Gert Cuykens <[EMAIL PROTECTED]> wrote: > On Fri, 04 Feb 2005 00:05:34 +, Chris Hodgins > <[EMAIL PROTECTED]> wrote: > > Gert Cuykens wrote: > > > On Thu, 03 Feb 2005 23:34:42 +, Chris Hodgins > > > <[EMAIL PROTECTED]> wrote: > > > > > >>Gert Cuykens wrote: > > >> > > >>>By default the root ssh is disabled. If a dedicated server x somewhere > > >>>far far away doesn't have root ssh enabled the admin is pretty much > > >>>screwed if they hack his user account and change the user password > > >>>right ? > > >>> > > >>>So is it not better to enable it by default ? > > >>>___ > > >>>freebsd-questions@freebsd.org mailing list > > >>>http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > >>>To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > >>> > > >> > > >>Every unix box has a root account. Not every unix box has a jblogs > > >>account. Lets take the example of a brute-force attempt. The first > > >>thing I would do would be to attack roots password. I know the account > > >>exists. Might as well go for the big prize first. > > >> > > >>So having a root account enabled is definetly a bad thing. > > >> > > >>Chris > > >> > > > > > > > > > Do you agree a user acount is most of the time more vonerable then the > > > root account ? > > > > Assuming you know the username then maybe. It depends on the strength > > of the users password. If they are only using private keys with > > passphrases then you probably won't be getting access that way with any > > account. > > > > > > > > If they can hack the root they can defenatly hack a user account too. > > > So i dont see any meaning of disabeling it. > > > > If they can hack root they own the system and can do what they like. By > > disabling root you remove the option of this happening. Instead they > > have to try and compromise a user account. Once they compromise the > > user account, they then have to gain root access (assuming that is their > > goal). Why bother with the hassle. There are plenty of machines out > > there already with weak root passwords. If a hacker really wants into > > your system he will find a way. > > > > Chris > > True but the point is without the ssh root enabled there is nothing > you can do about it to stop them if they change your user password > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
pls ignore
___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Help!
What's this mean: (da1:ahc0:0:2:0): WRITE(10). CDB: 2a 0 0 2a 40 df 0 0 10 0 (da1:ahc0:0:2:0): RECOVERED ERROR info:2a40df asc:3,0 (da1:ahc0:0:2:0): Peripheral device write fault field replaceable unit: 10 sks:80,11 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: robert damnit turn off the autoreply :)
On Thu, 3 Feb 2005 19:25:08 -0500, Robert Ken Francis <[EMAIL PROTECTED]> wrote: > Thanks. You're the only one who told me this. If you still have this > problem let me know. If you find out it's me, let me know that too. > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Gert Cuykens > Sent: Thursday, February 03, 2005 7:14 PM > To: freebsd-questions@freebsd.org > Subject: Re: robert damnit turn off the autoreply :) > > On Thu, 3 Feb 2005 19:06:40 -0500, Robert Ken Francis > <[EMAIL PROTECTED]> wrote: > > If this is for me then Sorry Dude! I'll do it! > I will be out of the office until Friday, February 4th, 2004. Your > message will be reviewed as soon as I return. > > If you need technical support or immediate assistance, please contact > [EMAIL PROTECTED] or call the office at 813-286-6502. > > Thank you :) > > Robert Fitzpatrick > > No problem just wondering if i was the only one getting robert mails :) > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" Actualy i think its a other robert sorry :) Robert Fitzpatrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: log file creation - automatically
On Wed, Feb 02, 2005 at 11:28:02AM -0800, Jim Pazarena wrote: > I just placed my first 5.3 machine on line (previously 4.9) > I am seeing every day two files being created: > logloopstats > lograwstats Check out newsyslog, /etc/newsyslog.conf, man newsyslog, etc. > > and then a date stamp for EVERY day previous: > > logloopstats.20050128 > logloopstats.20050129 > lograwstats.20050128 > logrtawstats.20050129 > > etc > > can someone enlighten me? > > Thanks Jim > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: umass stability 5.3 versus 4.10
On Wed, Feb 02, 2005 at 03:09:15PM -0800, Gregor Mosheh wrote: > I've written to the list several times in regards to > my USB external hard drive. In summary: Under 4.10 it > worked fine for 5 months and then mysteriously it quit > working. > > The documentation I found for ehci+umass (albeit > 3-year-old docs) implied that ehci was "not completely > stable", and its omission until 4.10 (and my own > experience with it) makes me believe that. > > My question, though, is: Is ehci+umass considered > "production quality" under 5.3? Not that this gives a real answer, but I having been using a high-speed sandisk flash drive on both FreeBSD 5.3 and 5.2.1 running on two different systems without any problems. > > > > > __ > Do you Yahoo!? > Yahoo! Mail - Easier than ever with enhanced search. Learn more. > http://info.mail.yahoo.com/mail_250 > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: xhost +localhost
On Thu, 3 Feb 2005 16:48:40 -0800, Loren M. Lang <[EMAIL PROTECTED]> wrote: > On Thu, Feb 03, 2005 at 01:49:48PM -0500, epilogue wrote: > > On Thu, 3 Feb 2005 14:43:39 +0100 > > Gert Cuykens <[EMAIL PROTECTED]> wrote: > > > > > On Thu, 3 Feb 2005 00:32:23 -0800, Ted Mittelstaedt > > > <[EMAIL PROTECTED]> wrote: > > > > > > While all of this is very interesting academic, if user Gert is dumb > > > > enough to leave the console of his UNIX system accessible then user > > > > Ted can come along and power cycle it into single user mode and wipe > > > > his disks whether he has the root password or not. > > > > While i quite agree with Ted's encouraging Gert to run X as joe user, > > rather than root (for a variety of security related reasons) it is a > > trivial matter implement a password requirement for boot -s. This way, > > even if a user can boot -s, they *must* have the root passwd. > > Well, with the bit about removing the cmos battery, I think he was also > getting at changing the bios so that other boot media like floppies or > cds can be used, then what good is a root password? > > > > > my 2 cents CAD for the day. > > > > > > cheers, > > epi > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > -- > I sense much NT in you. > NT leads to Bluescreen. > Bluescreen leads to downtime. > Downtime leads to suffering. > NT is the path to the darkside. > Powerful Unix is. > > Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc > Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C > For the love of god please dont do that meaning passwords get lost and single user mode is just fine the way it is. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Prope or probing aound card?
On Thu, Feb 03, 2005 at 12:57:51AM +0100, Joachim Dagerot wrote: > > I have a dell latitude cp[somrthing] 550 or 500. (laptop) > > It has a sound device ofcourse, but I can't figure out how to find out which > module to load. Some OS has a probe function, but I can't find that in my 5.3 > install. FreeBSD has all the same probing functions any modern PC has, but some old hardware can't be autoprobed, and other hardware may just not have a driver that knows about them. For example, my clie using usb is plug in play, but freebsd If it's a PCI card then pciconf -vl will be able to reveal it. If it's a little (lot?) older and is ISA, then it might support ISA plug and play. In linux I used isapnptools and it could autodetect some sound cards. I'm not sure what the freebsd equivalent is. For non-plug in play ISA cards, there is no could way to autoprobe their hardware, but guess and check sometimes works. I'd try sound blaster, snd_sbc, for old ISA computers. When guess and check, make sure your only loading isa-style drivers, there's no point if it's a pci driver. > > So I started trying out kldload from the first in the locate snd_ result. > > That wasn't too smart, I have rebooted a few times now. > > Is the a better way to do this? > > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: if_sk : the weirdest thing!
On Thu, Feb 03, 2005 at 12:59:34AM +0100, craig wrote: > my machine has a hdd swap-rack which allows me to boot different os's > off different physical drives. (ie. pull-out xp, and plug in fbsd). > i recently purchased another hdd+tray to install gentoo on, just to see > what the fuss is about. > > i booted off the 2004.3 minimal install cd but it did not, > unfortuanately, automatically find my realtek gigabit nic. > i suspected it might not, because i had a hell of time getting it to > work on fbsd aswell - requiring a patched if_sk driver to get it going. > > after a bit of digging, i found that i could > > # modprobe sk98lin > > to get the kernel happy with the nic. once up, it worked like a charm. > it got late and i needed to finish up some work on fbsd, so i pulled the > gentoo drive out, plugged fbsd back in and booted up. > > when it came up, i found that i was without a network! > # dmesg | grep sk >said something about (IIRC) > (blah) > skc0: no PHY found > > # ifconfig >confirmed that there was no net > > when i tried to manually > # kldload if_sk > freebsd panic'ed and died right there! > > i rebooted a few times (a trick i learnt from ms) but still it would not > come back. even powering the machine completely down did not help!!! > so i plugged in the winxp drive and booted. it came up fine, network in > good working order. > i booted fbsd again and the network came up this time without a complaint! I'm assuming that your referring to a warm reboot AKA you never turned the machine off. Not all hardware is fully reset on a warm reboot. It's possible the linux driver is leaving the hardware in a different state when you reboot that the freebsd driver doesn't check for. The windows driver probably does since the manufacture wrote that driver, not some random person trying to reverse engineer it. Not to say they didn't do a good job, but just that little details are harder to catch sometime. I bet if you fully shut the system down that freebsd will work fine without rebooting. Is there any way of doing a dump of all the PCI registers so one of the developers might be able to find what's different? pciconf might be able to. > > AND I CAN REPLICATE THIS MADNESS! > > boot fbsd > - check network = all okay > boot gentoo livecd > - load sk98lin > - check network = all okay > boot fbsd > - check network = notwork! > > (remedy) > boot wxp > - check network = all okay > boot fbsd > - check network = all okay > > > wtf??? > > i understand that my GF would be upset if i played around with other > girls, but does my OS have to be *so damn jealous* > > any ideas whats on here? > > -- > [EMAIL PROTECTED] > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ssh default security risc
If they can hack the root they can defenatly hack a user account too. So i dont see any meaning of disabeling it. If they can hack root they own the system and can do what they like. By disabling root you remove the option of this happening. Instead they have to try and compromise a user account. Once they compromise the user account, they then have to gain root access (assuming that is their goal). Why bother with the hassle. There are plenty of machines out there already with weak root passwords. If a hacker really wants into your system he will find a way. Chris True but the point is without the ssh root enabled there is nothing you can do about it to stop them if they change your user password You really need to look at it from a different point of view... If you want to prevent people from breaking into your car you lock the doors. Don't say "If they break the locks and get in, I can't use my key anymore. So keep the doors unlocked", do you? My point of view... Arno ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ee editor rules :)
On Wed, Feb 02, 2005 at 08:23:12PM +, Xian wrote: > On Wednesday 02 February 2005 17:49, Gert Cuykens wrote: > > I like it allot but i cant seem to find out how to type a "/" character ? > > I think this would have more to do with setting up your keyboard (I might be > wrong). In the meantime, / is ASCII code 47, you can enter this with ^a or ^o > depending on weather Emacs keys bindings is on or off. > > I really like it too. Its a lots easier to get my head round it than vi. I do > need to work out how to survive it though, because sometime it will be the > only thing I have available. > Does anyone have an "Idiots guide to VI"? I found the help in vim, Vi IMproved, to be very helpful for learning vim. Just type :help or hit F1. > -- > /Xian > > "The most beautiful thing we can experience is the mysterious. It is the > source of all true art and all science. He to whom this emotion is a > stranger, who can no longer pause to wonder and stand rapt in awe, is as good > as dead: his eyes are closed." > Albert Einstein > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: xhost +localhost
On Thu, Feb 03, 2005 at 01:49:48PM -0500, epilogue wrote: > On Thu, 3 Feb 2005 14:43:39 +0100 > Gert Cuykens <[EMAIL PROTECTED]> wrote: > > > On Thu, 3 Feb 2005 00:32:23 -0800, Ted Mittelstaedt > > <[EMAIL PROTECTED]> wrote: > > > > While all of this is very interesting academic, if user Gert is dumb > > > enough to leave the console of his UNIX system accessible then user > > > Ted can come along and power cycle it into single user mode and wipe > > > his disks whether he has the root password or not. > > While i quite agree with Ted's encouraging Gert to run X as joe user, > rather than root (for a variety of security related reasons) it is a > trivial matter implement a password requirement for boot -s. This way, > even if a user can boot -s, they *must* have the root passwd. Well, with the bit about removing the cmos battery, I think he was also getting at changing the bios so that other boot media like floppies or cds can be used, then what good is a root password? > my 2 cents CAD for the day. > > > cheers, > epi > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Anyone made pkgtools.conf's "ALT_PKGDEP" work?
I get the same problem, and no i have not been able to get ALT_PKGDEP to
work properly. However, there is a make.conf variable that might help
the apache side:
APACHE_PORT=www/apache-modssl
Kirk Strauser wrote:
I have this in my pkgtools.conf:
ALT_PKGDEP = {
'apache-1.3.*' => 'apache+mod_ssl-1.3.*',
'openldap-client-*' => 'openldap-sasl-client-*',
'openldap-server-*' => 'openldap-sasl-server-*'
}
However, I still get errors like this all the time after upgrading ports:
# portversion -vL=
Stale dependency: gtk-qt-engine-0.6 --> openldap-client-2.2.19 -- manually
run 'pkgdb -F' to fix, or specify -O to force.
It seems that the ALT_PKGDEP values should be rewriting that dependency on
openldap-client-2.2.19 to openldap-sasl-client-2.2.19 automatically but it
never does. Has anyone made this work, or should I file a PR?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ssh default security risc
Gert Cuykens wrote: On Fri, 04 Feb 2005 00:05:34 +, Chris Hodgins <[EMAIL PROTECTED]> wrote: Gert Cuykens wrote: On Thu, 03 Feb 2005 23:34:42 +, Chris Hodgins <[EMAIL PROTECTED]> wrote: Gert Cuykens wrote: By default the root ssh is disabled. If a dedicated server x somewhere far far away doesn't have root ssh enabled the admin is pretty much screwed if they hack his user account and change the user password right ? So is it not better to enable it by default ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" Every unix box has a root account. Not every unix box has a jblogs account. Lets take the example of a brute-force attempt. The first thing I would do would be to attack roots password. I know the account exists. Might as well go for the big prize first. So having a root account enabled is definetly a bad thing. Chris Do you agree a user acount is most of the time more vonerable then the root account ? Assuming you know the username then maybe. It depends on the strength of the users password. If they are only using private keys with passphrases then you probably won't be getting access that way with any account. If they can hack the root they can defenatly hack a user account too. So i dont see any meaning of disabeling it. If they can hack root they own the system and can do what they like. By disabling root you remove the option of this happening. Instead they have to try and compromise a user account. Once they compromise the user account, they then have to gain root access (assuming that is their goal). Why bother with the hassle. There are plenty of machines out there already with weak root passwords. If a hacker really wants into your system he will find a way. Chris True but the point is without the ssh root enabled there is nothing you can do about it to stop them if they change your user password This is just a silly observation. If a hacker compromises your system, then generally it is time for a full re-install of the OS (unless of course you can prove they never gained root access or can track what they did as root - not easy). If you have an account you use for su'ing to root then you make sure it is locked down. Private key + strong passphrase. A hacker is really not going to succeed if you do this. My firewall also only allows ssh connections from trusted sources. If you REALLY want to continue this discussion, then take it off-line as we are generating a lot of non-informative noise now. Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: apache13_modssl + mod_php4 + php4-extenstions +mysql323-*+myphpadmin = ...
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Ken Hawkins
> Sent: Thursday, February 03, 2005 12:02 PM
> To: freebsd-questions@freebsd.org
> Subject: Re: apache13_modssl + mod_php4 + php4-extenstions
> +mysql323-*+myphpadmin = ...
>
>
> thanks T,
>
> I followed your steps to the tee and still no go.
>
Here's some more info on my system:
cat /usr/local/etc/php.conf
PHP_VER=4
PHP_VERSION=4.3.10
PHP_EXT_DIR=20020429
PHP_PORT=${PORTSDIR}/lang/php4
PHP_SAPI=full
pkg_info
ImageMagick-6.1.9.2 Image processing tools
XFree86-4.4.0_1,1 X11/XFree86 core distribution (complete, using
mini/meta-po
XFree86-FontServer-4.4.0_1 XFree86-4 font server
XFree86-NestServer-4.4.0_1 XFree86-4 nested X server
XFree86-PrintServer-4.4.0_1 XFree86-4 print server
XFree86-Server-4.4.0_6 XFree86-4 X server and related programs
XFree86-VirtualFramebufferServer-4.4.0_1 XFree86-4 virtual framebuffer
server
XFree86-clients-4.4.0_3 XFree86-4 client programs and related files
XFree86-documents-4.4.0 XFree86-4 documentation
XFree86-font100dpi-4.4.0 XFree86-4 bitmap 100 dpi fonts
XFree86-font75dpi-4.4.0 XFree86-4 bitmap 75 dpi fonts
XFree86-fontCyrillic-4.4.0 XFree86-4 Cyrillic fonts
XFree86-fontDefaultBitmaps-4.4.0 XFree86-4 default bitmap fonts
XFree86-fontEncodings-4.4.0 XFree86-4 font encoding files
XFree86-fontScalable-4.4.0_1 XFree86-4 scalable fonts
XFree86-libraries-4.4.0_3 XFree86-4 libraries and headers
XFree86-manuals-4.4.0_1 XFree86-4 man pages
apache+mod_ssl-1.3.33+2.8.22 The Apache 1.3 webserver with SSL/TLS
functionality
autoconf-2.13.000227_5 Automatically configure source code on many Un*x
platforms
autoconf-2.53_3 Automatically configure source code on many Un*x
platforms
automake-1.4.6_1GNU Standards-compliant Makefile generator (legacy
version
automake-1.5_2,1GNU Standards-compliant Makefile generator (version
1.5)
bison-1.75_2A parser generator from FSF, (mostly) compatible with
Yacc
bitstream-vera-1.10 Bitstream Vera TrueType font collection
cclient-2004c1_1,1 Mark Crispin's C-client mail access routines
cvsup-without-gui-16.1h General network file distribution system
optimized for CVS
expat-1.95.8XML 1.0 parser written in C
file-4.10 File - determine file type
fontconfig-2.2.3,1 An XML-based font configuration API for X Windows
freetype2-2.1.7_4 A free and portable TrueType font rendering engine
gettext-0.14.1 GNU gettext package
ghostscript-gnu-7.07_12 GNU Postscript interpreter
gmake-3.80_2GNU version of 'make' utility
gnupg-1.4.0 The GNU Privacy Guard
gsfonts-8.11_2 Fonts used by GNU Ghostscript (or X)
help2man-1.34.2 Automatically generating simple manual pages from
program o
horde-3.0.2 A common code-base used by Horde applications,
written in P
imp-4.0.1 A webmail system which accesses mail over IMAP
ingo-1.0.1 Horde's email-filter management application
ispell-3.2.06_12An interactive spelling checker for multiple
languages
jasper-1.701.0 An implementation of the codec specified in the
JPEG-2000 s
jbigkit-1.6 Lossless compression for bi-level images such as
scanned pa
jpeg-6b_3 IJG's jpeg compression utilities
lcms-1.14,1 Light Color Management System -- a color management
library
libXft-2.1.6A client-sided font API for X applications
libfpx-1.2.0.9_1Library routines for working with Flashpix images
libgnugetopt-1.2GNU getopt library
libiconv-1.9.2_1A character set conversion library
libltdl-1.5.10 System independent dlopen wrapper
libmcal-0.7_1 Modular Calendar Access Library
libmcrypt-2.5.7_1 Multi-cipher cryptographic library (used in PHP)
libtool-1.3.5_2 Generic shared library support script (version 1.3)
libtool-1.5.10 Generic shared library support script (version 1.5)
libwmf-0.2.8.3 Tools and library for converting Microsoft WMF
(windows met
libxml2-2.6.17 XML parser library for GNOME
libxslt-1.1.12_1The XSLT C library for GNOME
lynx-ssl-2.8.5 A non-graphical, text-based World-Wide Web client
with SSL
m4-1.4.1GNU m4
mm-1.3.1Shared memory allocation library for pre-forked
process mod
mpeg2codec-1.2_1An MPEG-2 Encoder and Decoder
mysql-client-4.0.23a Multithreaded SQL database (client)
mysql-server-4.0.23a Multithreaded SQL database (server)
nag-2.0 Nag is a simple, multiuser task list manager
p5-gettext-1.03 Message handling functions
pear-Archive_Tar-1.2 PEAR tar file management class
pear-Auth-1.2.3 PEAR authentication methods
pear-Auth_SASL-1.0.1_1 PEAR abstraction of various SASL mechanism
responses
pear-Console_Getopt-1.2 PEAR command-line option parser
pear-DB-1.6.5,1 PEAR Database Abstraction Layer
pear-Date-1.4.3 PEAR Date and Time Zone Classes
pear-File-1.1.0.r3,1 PEAR common file and directory routines
pear-HTTP_Request-1.2.4 PEAR classes providing an easy way to perform
HTTP requests
pear-Log-1.8.7
Re: robert damnit turn off the autoreply :)
On Thu, 3 Feb 2005 19:06:40 -0500, Robert Ken Francis <[EMAIL PROTECTED]> wrote: > If this is for me then Sorry Dude! I'll do it! I will be out of the office until Friday, February 4th, 2004. Your message will be reviewed as soon as I return. If you need technical support or immediate assistance, please contact [EMAIL PROTECTED] or call the office at 813-286-6502. Thank you :) Robert Fitzpatrick No problem just wondering if i was the only one getting robert mails :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ee editor rules :)
> > On Wed, Feb 02, 2005 at 08:23:12PM +, Xian typed: > > > Does anyone have an "Idiots guide to VI"? > > There isn't. vi was never meant to be used by idiots ;-) Here is a simple guide. It definitely does not cover everything, but is enough to get by for most general editing in vi. http://scnc.k12.mi.us/howto/edit/vi.html jerry > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ssh default security risc
On Fri, 04 Feb 2005 00:05:34 +, Chris Hodgins <[EMAIL PROTECTED]> wrote: > Gert Cuykens wrote: > > On Thu, 03 Feb 2005 23:34:42 +, Chris Hodgins > > <[EMAIL PROTECTED]> wrote: > > > >>Gert Cuykens wrote: > >> > >>>By default the root ssh is disabled. If a dedicated server x somewhere > >>>far far away doesn't have root ssh enabled the admin is pretty much > >>>screwed if they hack his user account and change the user password > >>>right ? > >>> > >>>So is it not better to enable it by default ? > >>>___ > >>>freebsd-questions@freebsd.org mailing list > >>>http://lists.freebsd.org/mailman/listinfo/freebsd-questions > >>>To unsubscribe, send any mail to "[EMAIL PROTECTED]" > >>> > >> > >>Every unix box has a root account. Not every unix box has a jblogs > >>account. Lets take the example of a brute-force attempt. The first > >>thing I would do would be to attack roots password. I know the account > >>exists. Might as well go for the big prize first. > >> > >>So having a root account enabled is definetly a bad thing. > >> > >>Chris > >> > > > > > > Do you agree a user acount is most of the time more vonerable then the > > root account ? > > Assuming you know the username then maybe. It depends on the strength > of the users password. If they are only using private keys with > passphrases then you probably won't be getting access that way with any > account. > > > > > If they can hack the root they can defenatly hack a user account too. > > So i dont see any meaning of disabeling it. > > If they can hack root they own the system and can do what they like. By > disabling root you remove the option of this happening. Instead they > have to try and compromise a user account. Once they compromise the > user account, they then have to gain root access (assuming that is their > goal). Why bother with the hassle. There are plenty of machines out > there already with weak root passwords. If a hacker really wants into > your system he will find a way. > > Chris True but the point is without the ssh root enabled there is nothing you can do about it to stop them if they change your user password ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ssh default security risc
Gert Cuykens wrote: On Thu, 03 Feb 2005 23:34:42 +, Chris Hodgins <[EMAIL PROTECTED]> wrote: Gert Cuykens wrote: By default the root ssh is disabled. If a dedicated server x somewhere far far away doesn't have root ssh enabled the admin is pretty much screwed if they hack his user account and change the user password right ? So is it not better to enable it by default ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" Every unix box has a root account. Not every unix box has a jblogs account. Lets take the example of a brute-force attempt. The first thing I would do would be to attack roots password. I know the account exists. Might as well go for the big prize first. So having a root account enabled is definetly a bad thing. Chris Do you agree a user acount is most of the time more vonerable then the root account ? Assuming you know the username then maybe. It depends on the strength of the users password. If they are only using private keys with passphrases then you probably won't be getting access that way with any account. If they can hack the root they can defenatly hack a user account too. So i dont see any meaning of disabeling it. If they can hack root they own the system and can do what they like. By disabling root you remove the option of this happening. Instead they have to try and compromise a user account. Once they compromise the user account, they then have to gain root access (assuming that is their goal). Why bother with the hassle. There are plenty of machines out there already with weak root passwords. If a hacker really wants into your system he will find a way. Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: apache13_modssl + mod_php4 + php4-extenstions+mysql323-*+myphpadmin = ...
> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Thomas Foster > Sent: Thursday, February 03, 2005 1:54 PM > To: Ken Hawkins; freebsd-questions@freebsd.org > Subject: Re: apache13_modssl + mod_php4 + > php4-extenstions+mysql323-*+myphpadmin = ... > > > I would think that you need to have a PHP.ini... > I can assure you that you don't. > you would not be able to enable/disable certain features without it.. That is probably true - but that doesen't mean you need it. > I installed PHP 4.3.10 from ports today on another machine to > check what > youre saying.. and the PHP.ini was placed in /usr/local/etc/.. It shouldn't have been - the php installation always places php.ini-dist there, it's up to you to modify it and rename it php.ini Your other machine probably wan't a clean install. I can tell you that the system I have Horde/IMP running on right now has no /usr/local/etc/php.ini file in it yet php is picking up the horde include_path from somewhere. > so I am not > sure what youre running into > Neither am I. I was always used to having to modify php.ini in the past on previous horde/IMP installs. Ted ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
robert damnit turn off the autoreply :)
Getting lots of robert mails :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Getting FAM up and running from inetd
On Wed, 02 Feb 2005 11:36:13 +0100, Nils Vogels <[EMAIL PROTECTED]> wrote: > Hi there! > > I'm looking for a way to get fam [devel/fam] up and running from inetd. > > I seem to have followed all the hints in the pkg-message, however it > doesnt work: > > imhotep# ps auxwww|grep inetd > root97100 0.0 0.1 1128 836 ?? Is 11:10AM 0:00.02 > /usr/sbin/inetd -wW > imhotep# ps auxwww|grep portmap > daemon 97494 0.0 0.1 952 612 ?? Is 11:23AM 0:00.00 > /usr/sbin/portmap > imhotep# grep fam /etc/inetd.conf > sgi_fam/1-2 stream rpc/tcp waitroot > /usr/local/bin/fam fam > imhotep# grep fam /etc/rpc > sgi_fam 391002 # file alteration monitor > imhotep# rpcinfo -p >program vers proto port > 102 tcp111 portmapper > 102 udp111 portmapper > > When I use courier-imap, fam doesnt start up automatically. I can > start fam from commandline perfectly, but it only has a limited > lifespan then. > > Any hints would be greatly appreciated :) Did you remember to do: killall -HUP inetd as root? -- Juha ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: xhost +localhost
On Thu, 03 Feb 2005 23:40:01 +, Chris Hodgins <[EMAIL PROTECTED]> wrote: > Gert Cuykens wrote: > > On Thu, 3 Feb 2005 14:58:35 -0800, Loren M. Lang <[EMAIL PROTECTED]> wrote: > > > >>This enable all programs to have access that are using unix domain > >>sockets to not need the MIT-MAGIC-COOKIE stored in the .Xauthority file > >>in the users home directory so any user can open a program on that > >>display. xhost +localhost adds all programs from localhost using tcp > >>connections instead. DISPLAY=:0 causes a program to use fast unix > >>domain sockets where DISPLAY=localhost:0 causes a program to use slow > >>tcp sockets instead. tcp sockets are really only needed for remote > >>connections and xhost +localhost won't allow any local programs to > >>access X unless they use tcp, not unix. See my first response for more > >>information. > > > > > > ok time out :) > > 1)does xhost set the DISPLAY variable ? > > No. You have export the variable yourself. xhost allows you to grant > or deny access to others. A user who has access and wishes to connect > may set his DISPLAY variable to the corresponding DISPLAY. > > > 2)does xhost local: also uses the tcp thingie or use it the x socket > > thingie ? > > I think xhost local: allows access to BSD sockets, so not tcp. > thx 3)what must i put in the .Xauthority file to make the screensaver work without having to use xhost local:? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ssh default security risc
On Thu, 03 Feb 2005 23:34:42 +, Chris Hodgins <[EMAIL PROTECTED]> wrote: > Gert Cuykens wrote: > > By default the root ssh is disabled. If a dedicated server x somewhere > > far far away doesn't have root ssh enabled the admin is pretty much > > screwed if they hack his user account and change the user password > > right ? > > > > So is it not better to enable it by default ? > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > > > Every unix box has a root account. Not every unix box has a jblogs > account. Lets take the example of a brute-force attempt. The first > thing I would do would be to attack roots password. I know the account > exists. Might as well go for the big prize first. > > So having a root account enabled is definetly a bad thing. > > Chris > Do you agree a user acount is most of the time more vonerable then the root account ? If they can hack the root they can defenatly hack a user account too. So i dont see any meaning of disabeling it. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: xhost +localhost
Gert Cuykens wrote: On Thu, 3 Feb 2005 14:58:35 -0800, Loren M. Lang <[EMAIL PROTECTED]> wrote: This enable all programs to have access that are using unix domain sockets to not need the MIT-MAGIC-COOKIE stored in the .Xauthority file in the users home directory so any user can open a program on that display. xhost +localhost adds all programs from localhost using tcp connections instead. DISPLAY=:0 causes a program to use fast unix domain sockets where DISPLAY=localhost:0 causes a program to use slow tcp sockets instead. tcp sockets are really only needed for remote connections and xhost +localhost won't allow any local programs to access X unless they use tcp, not unix. See my first response for more information. ok time out :) 1)does xhost set the DISPLAY variable ? No. You have export the variable yourself. xhost allows you to grant or deny access to others. A user who has access and wishes to connect may set his DISPLAY variable to the corresponding DISPLAY. 2)does xhost local: also uses the tcp thingie or use it the x socket thingie ? I think xhost local: allows access to BSD sockets, so not tcp. 3)what must i put in the .Xauthority file to make the screensaver work with having to use xhost ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ssh default security risc
Gert Cuykens wrote: By default the root ssh is disabled. If a dedicated server x somewhere far far away doesn't have root ssh enabled the admin is pretty much screwed if they hack his user account and change the user password right ? So is it not better to enable it by default ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" Every unix box has a root account. Not every unix box has a jblogs account. Lets take the example of a brute-force attempt. The first thing I would do would be to attack roots password. I know the account exists. Might as well go for the big prize first. So having a root account enabled is definetly a bad thing. Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: mx2.freebsd.org in dnsbl.sorbs.net
Erik Norgaard wrote: How on earth did it end up there? are someone mad at us? mx1 is not listed, but it appears that most list mail comes from mx2... JFYI, from Matthew Sullivan, SORBS operator: > Listed in Error - removed. > Regards, > Mat mkb. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: xhost +localhost
On Thu, 3 Feb 2005 14:58:35 -0800, Loren M. Lang <[EMAIL PROTECTED]> wrote: > This enable all programs to have access that are using unix domain > sockets to not need the MIT-MAGIC-COOKIE stored in the .Xauthority file > in the users home directory so any user can open a program on that > display. xhost +localhost adds all programs from localhost using tcp > connections instead. DISPLAY=:0 causes a program to use fast unix > domain sockets where DISPLAY=localhost:0 causes a program to use slow > tcp sockets instead. tcp sockets are really only needed for remote > connections and xhost +localhost won't allow any local programs to > access X unless they use tcp, not unix. See my first response for more > information. ok time out :) 1)does xhost set the DISPLAY variable ? 2)does xhost local: also uses the tcp thingie or use it the x socket thingie ? 3)what must i put in the .Xauthority file to make the screensaver work with having to use xhost ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: xhost +localhost
epilogue wrote: On Thu, 3 Feb 2005 14:43:39 +0100 Gert Cuykens <[EMAIL PROTECTED]> wrote: On Thu, 3 Feb 2005 00:32:23 -0800, Ted Mittelstaedt <[EMAIL PROTECTED]> wrote: While all of this is very interesting academic, if user Gert is dumb enough to leave the console of his UNIX system accessible then user Ted can come along and power cycle it into single user mode and wipe his disks whether he has the root password or not. While i quite agree with Ted's encouraging Gert to run X as joe user, rather than root (for a variety of security related reasons) it is a trivial matter implement a password requirement for boot -s. This way, even if a user can boot -s, they *must* have the root passwd. This implementation does mean, however, that you should not forget the root passwd, for if you do forget, you will not be able to reset it via boot -s and passwd. /etc/ttys # If console is marked "insecure", then init will ask for the root # password when going to single-user mode. console none unknownoff insecure my 2 cents CAD for the day. cheers, epi ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" If you have local access to a machine, you can easily get access...password or not. Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
STABLE kernel update
Hi all, I updated my FreeBSD up-to STABLE and build kernel, but "uname -a" shows FreeBSD-STABLE #0 It was suspicious that there is no kernel patch releases so I checked. Really there were! My question is - should I apply this patches or there are included in my last update (and applied with kernel build) ? I have to apply patches by hand, right? Is there binary update for STABLE systems? Is there order when begin to apply patches (sorted by date or something)? Thanks in advance!!! Best, Zlatozar ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: xhost +localhost
On Wed, Feb 02, 2005 at 05:02:50PM -0500, Chuck Swiger wrote: > Louis LeBlanc wrote: > >On 02/02/05 06:58 PM, Gert Cuykens sat at the `puter and typed: > >>i want a screensaver but the ... xscreensaver daemon wont start > >>complaining about acces controle. I did xhost +localhost but it still > >>wont start :( > > > >If you're trying this on 5.3, the syntax has changed. Try something > >like this: > > > >xhost local: > > > >Exactly as typed above. > > Please tell me you are joking. This enable all programs to have access that are using unix domain sockets to not need the MIT-MAGIC-COOKIE stored in the .Xauthority file in the users home directory so any user can open a program on that display. xhost +localhost adds all programs from localhost using tcp connections instead. DISPLAY=:0 causes a program to use fast unix domain sockets where DISPLAY=localhost:0 causes a program to use slow tcp sockets instead. tcp sockets are really only needed for remote connections and xhost +localhost won't allow any local programs to access X unless they use tcp, not unix. See my first response for more information. > > I remember learning to use "xhost +" in 1989 or '90 on X11--, before the > command improved to take hostnames as arguments to control which > connections were allowed and which should be refused on a per-host basis. > At the time, there were so few machines running X that malicious X > connections were not a significant concern. > > Having "xhost +localhost" work the same way as "xhost +foo.cmu.edu"-- to > avoid treating the local host as a special case-- was a good idea fifteen > years ago. > > I do not have a perfect record of suggesting things in a way that does not > break backwards compatibility, but one should attempt to make the > distinction between "changing something which was broken in order to get to > something reasonable" and "changing something reasonable into something > broken". > > -- > -Chuck > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Intel EMT64 Xeon vs AMD Opteron
On Thu, 3 Feb 2005 15:41:43 -0700, Nick Pavlica <[EMAIL PROTECTED]> wrote: > I think this would depend on your application, but I have hear allot > of good things about AMD 64. > > --Nick > > > On Thu, 3 Feb 2005 17:04:21 -0500, Nathan Vidican <[EMAIL PROTECTED]> wrote: > > Hey all, > > > > Just looking for general opinions and/or advice regarding use of one over > > the other. > > > > Cost wise, AMD Opteron 246 is roughly the same cost as a 3.0Ghz Xeon ... But > > how do they compare performance wise; specifically related to FreeBSD? > > > > (Not subscribed to both lists I sent this to, please reply directly via > > email and cc the list if you could - thanks) > > hard to say w/o knowing what you will using it for. from my experience AMD64 seems like it may be better investment for the future, seing as you are not going to be stuck with a 32 bit proc. in a year or two's time. honestly tho it really depends on what you are going to be processing. -p -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: mx2.freebsd.org in dnsbl.sorbs.net
On Thu, 3 Feb 2005, Bill Campbell wrote: It doesn't surprise me that the IP made spam DNSBLs because a fair amount of spam does get through to the list. I would characterize that as "a very small amount", but yes, a few spam messages do get through. Compared to most lists, and especially considering that many of the FreeBSD lists can be posted to without subscribing, I'd say they are extremely clean. It's not obvious that messages come from the list (one of advantages of subject tagging with list prefixes) so it's easy for people to report that spam to places like spamcop without realizing that it's list traffic. Don't think SORBS takes nominations, but who knows. The reason I had both the FreeBSD mailer IPs in my access list was because at some point in the past I had manually blocked the ranges those addresses were in for relaying Korean spam. Not the two FreeBSD addresses, just the ranges. I think the list manager for this list is Mailman. It's easy to implement spamassassin checking in Mailman which would probably catch a large percentage of the spam that now gets through to the list. The web page says the list owner is freebsd-questions-owner -at- freebsd.org. Or postmaster would probably be appropriate also. -Warren Block * Rapid City, South Dakota USA ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: xhost +localhost
On Wed, Feb 02, 2005 at 06:58:33PM +0100, Gert Cuykens wrote: > i want a screensaver but the ... xscreensaver daemon wont start > complaining about acces controle. I did xhost +localhost but it still > wont start :( Adding localhost will allow all programs running on localhost to connect to the server though TCP to the X server, but local programs usually use something called unix domain sockets to access services locally as it's faster than going through TCP sockets. Unix domain sockets are special files on the harddrive. For display :0, the file is /tmp/.X11-unix/X0. If you set DISPLAY to localhost:0 instead of :0, then whatever programs try to access X will connect to localhost on port 6000 + 0, instead of the X0 file in /tmp/.X11-unix. If you can change the DISPLAY environment variable for xscreensaver then xhost +localhost will work. The better solution would be to make use the .Xauthority file is setup correctly instead of using xhost +localhost. This usually happens automatically, unless your trying to do something very non-standard. Try setting the variable XAUTHORITY to /home/username/.Xauthority. > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Multiple jails with same basedir
Hi list, I need to give some customers SSH access to one of my webservers, running inside a jail (virtual server setup like described in the man page). Now those customers might want to extract archive files or do other CPU intensive work which might disturb the webserver operation itself. I was thinking about running the login server in an additional jail with the same basedir set. I would be able to apply different ipfw rules as well as solving the priority problem by running the whole jail with nice priority. Q: Could this disturb operation of the webserver jail? The only possible problems I was able to think of was PID files in /var/run/ getting overwritten by the second jail and logging being somehow disturbed. What happens if I shut down jail #1, but the files in /var/run/ contain the PIDs of jail #2's processes? Will it be a problem having two syslogds logging to the same files? Any comments would be greatly appreciated. -- br j. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Intel EMT64 Xeon vs AMD Opteron
I think this would depend on your application, but I have hear allot of good things about AMD 64. --Nick On Thu, 3 Feb 2005 17:04:21 -0500, Nathan Vidican <[EMAIL PROTECTED]> wrote: > Hey all, > > Just looking for general opinions and/or advice regarding use of one over > the other. > > Cost wise, AMD Opteron 246 is roughly the same cost as a 3.0Ghz Xeon ... But > how do they compare performance wise; specifically related to FreeBSD? > > (Not subscribed to both lists I sent this to, please reply directly via > email and cc the list if you could - thanks) > > -- > Nathan Vidican > [EMAIL PROTECTED] > Windsor Match Plate & Tool Ltd. > http://www.wmptl.com/ > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ssh default security risc
In this scenario the box has already been compromised and needs serious attention now. Even if you have to go to the land of Far Far away :) On Thu, 3 Feb 2005 23:32:18 +0100, Gert Cuykens <[EMAIL PROTECTED]> wrote: > By default the root ssh is disabled. If a dedicated server x somewhere > far far away doesn't have root ssh enabled the admin is pretty much > screwed if they hack his user account and change the user password > right ? > > So is it not better to enable it by default ? > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
ssh default security risc
By default the root ssh is disabled. If a dedicated server x somewhere far far away doesn't have root ssh enabled the admin is pretty much screwed if they hack his user account and change the user password right ? So is it not better to enable it by default ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: [lorenl@alzatex.com: Re: Mounting a samba share on boot?]
On Tue, Feb 01, 2005 at 05:09:54PM +, Mark Ovens wrote: > Ruben de Groot wrote: > >On Mon, Jan 31, 2005 at 05:47:53AM -0800, Loren M. Lang typed: > >>On Mon, Jan 31, 2005 at 12:38:53PM +, Mark Ovens wrote: > >>> Loren M. Lang wrote: > >>> >replacing MYWORKGROUP, SERVER, USER, secret as neccessary. Make sure > >>> >nsmb.conf is only readable by root. Add the following line to fstab: > >>> > > >>> >//[EMAIL PROTECTED]/share /mnt/share smbfs rw 0 > >>> > > >>0 > >>> > > >>> > >>> PMJI, but do you know if it's possible to handle a share name > >>containing > a space when mounting smb filesystems using fstab? > >>> > >>> I tried > >>> > >>> "//[EMAIL PROTECTED]/Drive C" > >>> '//[EMAIL PROTECTED]/Drive C' > >>> //[EMAIL PROTECTED]/Drive\ C > >>> > >>> None of these worked. I know that using spaces in filenames is a Bad > >>> Idea, but this is Windows we're talking about here ;-) > >> > >>A random guess might be to try: //[EMAIL PROTECTED]/Driver%20C > >>%20 refers to the ascii character with hex value 20 which is space. > >>It's what webservers use for getting around spaces, samba might too.` > >>I'd be really curious to see if this works. > > > >The following seems to work for me: > > > >[EMAIL PROTECTED]:/root> mount_smbfs //odo/"Temp Dir" /mnt > >Password: > >[EMAIL PROTECTED]:/root> mount | grep smbfs > >//[EMAIL PROTECTED]/TEMP DIR on /mnt (smbfs) > >[EMAIL PROTECTED]:/root> > > > > Yes, that WFM too. The problem is if you try to add that as an entry in > /etc/fstab as it cannot handle the space. I had a quick look in fstab.c > and there appears to be no handling of escaped characters, which is > understandable I suppose since the first field would normally be > something /dev/da0s1a Well, the routines that read fstab may not handle escaped characters, but there may be some replacement for space that mount_smbfs accepts. Maybe you should check that program for some support for inserting spaces. > > Mark > > > > --- > avast! Antivirus: Outbound message clean. > Virus Database (VPS): 0505-0, 31/01/2005 > Tested on: 02/02/2005 01:30:28 > avast! - copyright (c) 2000-2004 ALWIL Software. > http://www.avast.com > > -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: BIND9 doesn't seem to do anything
On Sat, Jan 29, 2005 at 05:57:50PM -0700, Pat Maddox wrote: > The named process is always in the kserel state. I've got no idea > what that is, and all I can find on Google is that programs hang in > that state. So I don't know what to do. There's no output, I can't > find any logs, there's just no way for me to tell what's wrong. > > I can't remember for sure, but I think that it's a threaded application that's waiting for something to do, though I didn't think BIND uses threads. grep -r kserel /usr/src/sys/ may reveal more info. > > > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: MySQL query tool and Administrator
--On Thursday, February 03, 2005 01:17:49 PM -0800 Damian Sobieralski <[EMAIL PROTECTED]> wrote: I'm running FreeBSD 5.3-RELEASE and I am looking for one of my favorite MySQL tools- mysql-query-tool. I use this tool extensively on MS Windows and now that I am migrating over to my BSD workstation I'd like to continue using it (along with MySQL Administrator) as the other MySQL GUI tools seem rather lacking (IMO). I notice that http://dev.mysql.com/downloads/query-browser/1.1.html ..has only Windows and Linux downloads. So I was thinking- much like I did with Netbeans 4.0...could I run this in Linux compatability mode? However, I am stuck where to go from here. If I try to dowload the plain Linux binaries it says it cannot find libpopt (yet my FreeBSD install has it so I wonder if "Linux mode" needs this "installed" also but I have no clue how to do this). Go to /usr/ports/emulators/linux_base/ and install the linux emulator port. Then you can install the query browser. I've played with it a little. It works OK but tends to core occasionally. Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DNS
On Tue, Jan 25, 2005 at 01:48:36AM +0300, Zaid Dashti wrote: > hello > i created a dns server, but it works only on my local network. > how can i make it for global ? Do you have a registered domain name? If so, then tell whoever you registered it with to point it to your name server. > > NOTE: i use freebsd 5.2.1 > > thanks > ___ > Zaid Dashti > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Intel EMT64 Xeon vs AMD Opteron
Hey all, Just looking for general opinions and/or advice regarding use of one over the other. Cost wise, AMD Opteron 246 is roughly the same cost as a 3.0Ghz Xeon ... But how do they compare performance wise; specifically related to FreeBSD? (Not subscribed to both lists I sent this to, please reply directly via email and cc the list if you could - thanks) -- Nathan Vidican [EMAIL PROTECTED] Windsor Match Plate & Tool Ltd. http://www.wmptl.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: apache13_modssl + mod_php4 + php4-extenstions +mysql323-*+myphpadmin = ...
I would think that you need to have a PHP.ini...
you would not be able to enable/disable certain features without it..
I installed PHP 4.3.10 from ports today on another machine to check what
youre saying.. and the PHP.ini was placed in /usr/local/etc/.. so I am not
sure what youre running into
T
- Original Message -
From: "Ken Hawkins" <[EMAIL PROTECTED]>
To:
Sent: Thursday, February 03, 2005 12:02 PM
Subject: Re: apache13_modssl + mod_php4 + php4-extenstions
+mysql323-*+myphpadmin = ...
thanks T,
I followed your steps to the tee and still no go. I do have a php.ini in
/usr/local/etc however and it appears to be picking up my include_path.
I just got done installing Horde/IMP and I hate to tell you but
php.ini doesen't even exist. From the looks of it the ports people
got together and worked out an alternative way of specifying variables
for php instead of using php.ini. Probably to avoid the problems
that you mentioned of ports overwriting php files.
so what is this alternative way? i have to include some other paths...
ken;
On Tuesday, February 01, 2005, at 03:35PM, Thomas Foster
<[EMAIL PROTECTED]> wrote:
<>
Well, the only items you really need in ht=pd.conf are:
#
LoadModule php4_module libexec/apache2/libphp4.so
DirectoryIndex index.php index.html index.htm
#
If you are using apache2 that is.. for apa=he1.3 i believe it is
libexec/apache13 or libexec/apache
It would help to make sure you have define= mime types as well..
#
application/x-httpd-php &=bsp; php
application/x-httpd-php-source phps
#
Be sure and restart apache and clear your =rowser cache before
trying to load the page/site again.. let me know your results
T
- Original Message -
Fro=: [1]Ke= Hawkins
To: [2]Thomas Foster
Sent: Tuesday, February 01, 2005 3=09 PM
Subject: Re: apache13_modssl + mod=php4 + php4-extenstions +
mysql323-*+myphpadmin = ...
T,
thank you for all the info! it has been a learni=g experience.
my php.conf file shows:
PHP_VER=4
PHP_VERSION=4.3.10
PHP_EXT_DIR=200204=9
PHP_PORT=${PORTSDIR}/lang/php4
PHP_SAPI=full
which jives with the pkg_info;
[web1:lib/php/20020429] root# pkg_info | =rep php
php4-4.3.10_2 PHP Scripting Language (Apache Module and CLI)
php4-bz2-4.3.10_2 The bz2 shared extension for php
php4-ctype-4.3.10_2 The ctype shared extension for php
php4-dba-4.3.10_2 The dba shared extension for php
php4-domxml-4.3.10_2 The domxml shared extension for php
php4-gd-4.3.10_2 The gd shared extension for php
php4-mysql-4.3=10_2 The mysql shared extension for php
php4-openssl-4.3.10_2 The openssl s=ared extension for php
php4-overload-4.3.10_2 The overload shared extension=or php
php4-pcre-4.3.10_2 The pcre shared extension for php
php4-pear-4.3.10_2 PEAR framework for PHP
php4-posix-4.3.10=2 The posix shared extension for php
php4-session-4.3.10_2 The session s=ared extension for php
php4-tokenizer-4.3.10_2 The tokenizer shared extensi=n for php
php4-xml-4.3.10_2 The xml shared extension for php
php4-zlib-4.3.10_2 The zlib shared extension for php
phpMyAdmin-2.6.1 A set of PHP-scripts to manage MySQL over the
web
and it is in the directory;
[web1:lib/php/20020429] root#=20 ls
bz2.so dba.so gd.so mysql.so overload.so pdf.so session.so
xml.so
ctype.so domxml.so imagick.so openssl.so pcre.so posix.s=
tokenizer.so zlib.so
so it would appear that the file is there and=he config is
correct as far php is concerned. anything i need to do other th an
the LoadModule **php** stuff in the httpd.conf file?
thanks again =or all your help!
ken;
On Feb 1, 2005, at 5:23 PM, Thomas Fos=er wrote:
Is your pcre extension still: php4-pcre-4.3.9 ?
If so, try=20 forcing a pkg_delete of all your PHP4 extensions,
and rebuild ..
make distclean
make config
make install
double check your php.c=nf for PHP_EXT_DIR=
make sure that lib directory exists under /usr/local/lib/php
pcre.so should be in that directory.. if for =ny reason you
need to manually remove the older version..
Hope this=20 helps
T
- Original Message - From: "Ken Hawki=s"
<[EMAIL PROTECTED]>
To: "Thomas Foster" <[EMAIL PROTECTED]>
Sent: Tuesday, February 01, 2005 2:12 PM
Subject: Re: apache13_modssl + mod_php4 + php4-extenstions +
mysql323-*+myphpadmin = ...
thanks, I did that and PCRE is selected and is installed.
the battle continues
ken;
On Feb =, 2005, at 4:59 PM, Thomas Foster wrote:
try "make config" from /usr/ports/lang/php4
Re: nsswitch ldap lookup problems
I am using the nss_ldap port on 5.3 (nss_ldap-1.204_5). My config file is located at "/usr/local/etc/nss_ldap.conf". Also this is in my "/etc/nsswitch.conf" file. passwd: files ldap group: files ldap hosts: files dns shadow: files It is working for me. It looks like you might need to rename or link your ldap.conf and update your nsswitch.conf. Note: I'm using this for Samba not Kerberos, YMMV. Klavs Klavsen wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi guys, I've gotten my kerberos and openldap up and running on FreeBSD 5.3 - and can login with my user (because he has been created in kerberos and pam looks in that), but nsswitch can't find the user in ldap for some reason. All help will be greatly appreciated When I login with ssh I get this in debug.log: Feb 2 11:06:06 auth01 sshd[771]: NSSWITCH(nss_method_lookup): ldap, passwd, endpwent, not found Feb 2 11:06:06 auth01 sshd[770]: NSSWITCH(nss_method_lookup): ldap, group, setgrent, not found Feb 2 11:06:06 auth01 sshd[770]: NSSWITCH(nss_method_lookup): ldap, group, getgrent_r, not found Feb 2 11:06:06 auth01 sshd[770]: NSSWITCH(nss_method_lookup): ldap, group, endgrent, not found Feb 2 11:06:09 auth01 slapd[604]: conn=2 fd=12 ACCEPT from IP=172.21.1.109:56828 (IP=0.0.0.0:636) Feb 2 11:06:09 auth01 slapd[604]: conn=2 op=0 BIND dn="" method=128 Feb 2 11:06:09 auth01 slapd[604]: conn=2 op=0 RESULT tag=97 err=0 text= Feb 2 11:06:09 auth01 slapd[604]: conn=2 op=1 SRCH base="ou=People,dc=vsen,dc=dk" scope=1 deref=0 filter="(&(objectClass=posixAccount)(uid=ktk))" Feb 2 11:06:09 auth01 slapd[604]: conn=2 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Feb 2 11:06:09 auth01 slapd[604]: conn=2 fd=12 closed Feb 2 11:06:09 auth01 sshd[773]: NSSWITCH(nss_method_lookup): ldap, group, setgrent, not found Feb 2 11:06:09 auth01 sshd[773]: NSSWITCH(nss_method_lookup): ldap, group, getgrent_r, not found Feb 2 11:06:09 auth01 sshd[773]: NSSWITCH(nss_method_lookup): ldap, group, endgrent, not found Feb 2 11:06:09 auth01 sshd[774]: NSSWITCH(nss_method_lookup): ldap, passwd, endpwent, not found if I try to do an ldapsearch for the same: # ldapsearch "(&(objectClass=posixAccount)(uid=ktk))" -b "ou=People,dc=vsen,dc=dk" -Y gssapi It seems to work fine: [SNIP - cut SASL talk] # extended LDIF # # LDAPv3 # base <> with scope sub # filter: (&(objectClass=posixAccount)(uid=ktk)) # requesting: -b ou=People,dc=vsen,dc=dk -Y gssapi # # ktk, People, telmore.dk dn: uid=ktk,ou=People,dc=vsen,dc=dk # search result search: 5 result: 0 Success # numResponses: 2 # numEntries: 1 my /usr/local/etc/ldap.conf (on freebsd 5.3) looks like this: BASEdc=vsen, dc=dk URI ldaps://auth.vsen.dk:636/ TLS_REQCERT allow #SIZELIMIT 12 #TIMELIMIT 15 #DEREF never scope sub port 389 pam_password md5 ldap_version 3 pam_filter objectclass=posixAccount pam_login_attribute uid pam_member_attribute memberUid nss_base_passwd ou=People,dc=vsen,dc=dk?one nss_base_group ou=Groups,dc=vsen,dc=dk?one nss_base_shadow ou=People,dc=vsen,dc=dk?one #debug testing logdir /var/log debug 9 - -- Regards, Klavs Klavsen, GSEC - [EMAIL PROTECTED] - http://www.vsen.dk PGP: 7E063C62/2873 188C 968E 600D D8F8 B8DA 3D3A 0B79 7E06 3C62 "Those who do not understand Unix are condemned to reinvent it, poorly." ~ --Henry Spencer -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFCAKjtPToLeX4GPGIRAutdAJ4prd0S1dlM+kNcSAooZgNg6AV+hgCfW3pL YA9GXibYIkpgKkrxvPxL50c= =JwZO -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
MySQL query tool and Administrator
I'm running FreeBSD 5.3-RELEASE and I am looking for one of my favorite MySQL tools- mysql-query-tool. I use this tool extensively on MS Windows and now that I am migrating over to my BSD workstation I'd like to continue using it (along with MySQL Administrator) as the other MySQL GUI tools seem rather lacking (IMO). I notice that http://dev.mysql.com/downloads/query-browser/1.1.html ..has only Windows and Linux downloads. So I was thinking- much like I did with Netbeans 4.0...could I run this in Linux compatability mode? However, I am stuck where to go from here. If I try to dowload the plain Linux binaries it says it cannot find libpopt (yet my FreeBSD install has it so I wonder if "Linux mode" needs this "installed" also but I have no clue how to do this). Anyone have any hints on where to start? I love these tools as they are right on par with SQL Server's Enterprise manager and I'd like to continue to use them. - FreeBSD newbie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: MySql Load balancing Solutions?
> Uh --- MySQL Cluster is a standard part of 4.1.9. You just have to > install the mysql41-server port WITH_NDB=yes, which gets you a bunch > of extra executables, mostly in /usr/local/libexec, including ndb_mgmd > and ndbd. See: http://dev.mysql.com/doc/mysql/en/ndbcluster.html Yes it's part of 4.19, but if your software is not licenced under the GPL you must buy a licence for the MySql servers ($595/server), and another licence for MySql Cluster($5,000/CPU). So if you you have three servers with dual cpus you would owe MySql $31,785. The licencing applies to any situation where you are running the database on more that one server, even if it is a web application. I spent quite a bit of time working with a MySql representative trying to clear this out a while back, and called them back to confirm today. Here is the name of the Mysql rep. that I spoke to: Rena Dosono Inside Sales Executive MySQL, Inc. www.mysql.com Tel: 206-824-4356 Email: [EMAIL PROTECTED] I'm sure all your code is GPL and is available in source for download :) --Nick On Thu, 3 Feb 2005 09:31:53 +, Matthew Seaman <[EMAIL PROTECTED]> wrote: > On Wed, Feb 02, 2005 at 01:46:22PM -0700, Nick Pavlica wrote: > > > MySql 4.1 has been the production release since 4.1.7 and are > > currently at the 4.1.9 release. You could look into the seperate > > MySql Cluster product, but it is around $5k per cpu last time I > > checked. > > Uh --- MySQL Cluster is a standard part of 4.1.9. You just have to > install the mysql41-server port WITH_NDB=yes, which gets you a bunch > of extra executables, mostly in /usr/local/libexec, including ndb_mgmd > and ndbd. See: http://dev.mysql.com/doc/mysql/en/ndbcluster.html > > I set up a system using these just yesterday, and it's working like a > charm (so far...) > > Cheers, > > Matthew > > -- > Dr Matthew J Seaman MA, D.Phil. 8 Dane Court Manor > School Rd > PGP: http://www.infracaninophile.co.uk/pgpkey Tilmanstone > Tel: +44 1304 617253 Kent, CT14 0JL UK > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Strange problem with ftpd and IE
In the last episode (Feb 03), Totem said: > I have a strange problem with the ftpd on FreeBSD 5.3-RELEASE-p5. I > am launching the server as a daemon with this command: > > /usr/libexec/ftpd -AllrD4 > > Everything works fine except for when using Internet Explorer as an > FTP client. I've tested with Mozilla and Filezilla with no problems, > but IE isn't working. With IE the names of directories and files get > concatenated with their properties. This makes the ftp server > unusable because browsing the directory fails. > > This is what my file structure looks like using the ftp client in FreeBSD: > > ftp> ls > 229 Entering Extended Passive Mode (|||61273|) > 150 Opening ASCII mode data connection for '/bin/ls'. > total 14 > drwxrwxr-x4 Administrator IT Department 512 Feb 2 19:09 Cisco > drwxrwxr-x6 Administrator IT Department 512 Feb 2 00:30 FreeBSD > drwxrwxr-x3 Administrator IT Department 512 Feb 1 23:56 Linux You probably shouldn't be using user or group names with spaces in them. This makes it very difficult for an ftp client to parse the output of the ls command. -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Strange problem with ftpd and IE
Hello, I have a strange problem with the ftpd on FreeBSD 5.3-RELEASE-p5. I am launching the server as a daemon with this command: /usr/libexec/ftpd -AllrD4 Everything works fine except for when using Internet Explorer as an FTP client. I've tested with Mozilla and Filezilla with no problems, but IE isn't working. With IE the names of directories and files get concatenated with their properties. This makes the ftp server unusable because browsing the directory fails. This is what my file structure looks like using the ftp client in FreeBSD: # ftp ftp.mydomain.com Connected to server.mydomain.com. 220 server.mydomain.com FTP server (Version 6.00LS) ready. Name (ftp.mydomain.com:totem): ftp 331 Guest login ok, send your email address as password. Password: 230 Guest login ok, access restrictions apply. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 229 Entering Extended Passive Mode (|||61273|) 150 Opening ASCII mode data connection for '/bin/ls'. total 14 drwxrwxr-x4 Administrator IT Department 512 Feb 2 19:09 Cisco drwxrwxr-x6 Administrator IT Department 512 Feb 2 00:30 FreeBSD drwxrwxr-x3 Administrator IT Department 512 Feb 1 23:56 Linux lrwxr-xr-x1 Administrator 014 Feb 2 19:11 Mcafee -> Windows/Mcafee drwxrwxr-x8 Administrator IT Department 512 Feb 2 19:01 OpenBSD drwxrwxr-x 11 Administrator IT Department 512 Feb 2 19:06 UNIX drwxrwxr-x 101 Administrator IT Department 2560 Feb 2 20:27 Windows lrwxr-xr-x1 Administrator IT Department 1 Feb 2 20:06 pub -> . 226 Transfer complete. This is what the directory list looks like in IE (roughly translated into text by me): "512 Feb 1 23:56 Linux" "512 Feb 2 00:30 FreeBSD" "512 Feb 2 19:01 OpenBSD" "512 Feb 2 19:06 UNIX" "512 Feb 2 19:09 Cisco" "Mcafee" "1 Feb 2 20:06 pub" Everything inside the quotes shows up as the directory names. I hate IE, but I have to support it. Am I doing something wrong? Is there a bug? Should I recompile? Should I just use a different ftp server? Note: I compiled ftpd myself when I updated RELENG_5.3 on 2005-01-31. I wasn't using ftpd before then. Thanks, Totem ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
access oracle from php (mod_php4)
Hi. I need to access a oracle 9i database installed on a remote machine from a php script (www/mod_php4) I already can access mysql databases.. but not oracle.. web.dti.supsi.ch# uname -a FreeBSD web.dti.supsi.ch 5.3-RELEASE-p5 FreeBSD 5.3-RELEASE-p5 #0: Wed Feb 2 16:33:24 CET 2005 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/WEB i386 Could any kind soul help me? Thank you! -- Roberto Nunnari -software engineer- mailto:[EMAIL PROTECTED] Scuola Universitaria Professionale della Svizzera Italiana Dipartimento Tecnologie Innovative http://www.dti.supsi.ch SUPSI-DTI Via Cantonaletel: +41-91-6108561 6928 Manno """ fax: +41-91-6108570 Switzerland (o o) ===oOO==(_)==OOo ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: media players
On Fri, 4 Feb 2005 05:12:52 +0900, Kevin Downey <[EMAIL PROTECTED]> wrote: > On Thu, 3 Feb 2005 18:15:18 +0100, Gert Cuykens <[EMAIL PROTECTED]> wrote: > > I am looking for a media player that supports the oss sound driver, > > easy to install codex, and uses the gtk2 libs ? > > > > Any sugestions please ? > You might look at /usr/ports/multimedia/beep-media-player > > -- > What the large print giveth, the small print taketh away. > Does it also play dvd's and stuff ? Wich player can play surround dvd's true oss ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
/dev/ttyd0 as an Input Device Works on some Systems but not others.
I posted a question a few hours ago about the strange problems I had been having with some FreeBSD systems and the use of /dev/ttyd0 as an input device for logging data. After searching the FreeBSD handbook, I found the discussion of the "callout ports" cuaaN which do not use hardware RTS/CTS type hand shakes. I remember reading this one other time and thinking it was for modems exclusively but it appears to be what I should have been using all along. What seems to happen is that older systems with one serial port respond to both ttydN and cuaaN work properly. The newer platforms with at least two serial ports need cuaaN if there is to be no hardware flow-control. ttydN calls just hang forever and may or may not unblock if they see DSR from the other system. Martin McCormick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: license terms
Diener, Michael wrote: If someone is using FreeBSD and 4.4BSD, are the FreeBSD Copyright > and 4.4BSD Copyright the only agreements that apply? The legal page has links to GNU licenses, so it is not clear if > those licenses also have some applicability, or in what cases they > might apply. 1st, don't sue me if I'm wrong :-) There are some gnu tools distributed with the base system - or at lease with the base source - that are under GPL. Nothing vital (system will run) as far as I can see, but anoying without: grep, cvs, patch, diff, gzip, cc... I think they can be omitted if you choose to, maybe see make.conf for options. I could imagine that cvs be replaced by opencvs, the openbsd team started developing that. Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9 Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: running interactive program from shell script
On Thu, Feb 03, 2005 at 05:07:02PM -0300, Alejandro Pulver wrote:
> On Thu, 3 Feb 2005 05:02:28 -0600
> Jay Moore <[EMAIL PROTECTED]> wrote:
> > On Tuesday 01 February 2005 06:22 am, Loren M. Lang wrote:
> >
> > > > I need a shell script that initiates a telnet session to another host. I
> > > > have come up with the following, but unfortunately it terminates when
> > > > the
> > > > script is finished. What I wanted was for the telnet session to remain
> > > > "alive" and interactive until manually terminated.
> > > >
> > > > Is there a way to accomplish this in a shell script?
> > > >
> > > > I've been told that I'll have to use "expect" or similar to accomplish
> > > > this, but it seems to me that I should be able to do this using just
> > > > Bourne shell commands.
> > > >
> > > > #! /bin/sh
> > > >
> > > > (sleep 3;
> > > > echo "password";
> > > > sleep 3;
> > > > echo "ls -la";
> > > > sleep 3;
> > > > ) | telnet -l user 192.168.0.2
> > >
> [ explanation of pipes snipped ]
> >
> > I believe you are correct - thanks. Understanding why this is happening has
> > lifted a huge, uncomfortable burden :)
> >
> > But it still seems that there should be a way to do this using a shell
> > script... I will have to think about this some more.
> >
> > Best Rgds,
> > Jay
>
> Hello:
>
> I have tried the following and it worked for me (I am not sure about the
> correctness of redirecting input/output to/from a terminal device).
>
> This is the script (with comments included):
>
> - BEGIN -
>
> #!/bin/sh
>
> # Date: Thu, 3 Feb 2005
>
> # Shell script to start a connection to another host using telnet and
> # keep the connection "alive". While the telnet session is running,
> # this shell script will also be running.
> # It uses redirection operators (pointing to the current TTY to avoid
> # blocking 'stdin'), and a FIFO (pipe) to communicate the reader
> # program (cat) with the telnet program.
> # To exit you have to end the telnet process ('quit' command) and
> # then input an ENTER or ^D (EOF) character to 'cat' (so it ends).
>
> # Example values are prefixed with "example-" (change them to real ones).
>
> FIFO="tmp-fifo"
> HOST="example-host"
> USER="example-user"
> PASS="example-pass"
> PORT=""# leave empty for default (23)
> TTY=`tty`
>
> # To communicate telnet and TTY.
> mkfifo $FIFO
>
> # Start telnet, reading from the FIFO and outputting everything to
> # the current TTY. Wait 3 seconds, log in, wait 3 seconds and run
> # cat, that reads from the TTY and outputs to the FIFO (that is
> # read by telnet).
>
> telnet -l $USER $HOST $PORT < $FIFO 2>&1 > $TTY &
> sleep 3; echo $PASS > $FIFO; sleep 3;
> cat > $FIFO < $TTY
>
> # Clean up (delete FIFO).
> rm $FIFO
>
> # Exit.
> exit 0
It can be done with dead-reckoning and so forth, but I find "expect"
to be really really great for this sort of thing, and recommend
it highly if you have to do automated interactions with telnet or
ftp sessions.
--
John Lind
[EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: running interactive program from shell script
On Thu, 3 Feb 2005 05:02:28 -0600
Jay Moore <[EMAIL PROTECTED]> wrote:
> On Tuesday 01 February 2005 06:22 am, Loren M. Lang wrote:
>
> > > I need a shell script that initiates a telnet session to another host. I
> > > have come up with the following, but unfortunately it terminates when the
> > > script is finished. What I wanted was for the telnet session to remain
> > > "alive" and interactive until manually terminated.
> > >
> > > Is there a way to accomplish this in a shell script?
> > >
> > > I've been told that I'll have to use "expect" or similar to accomplish
> > > this, but it seems to me that I should be able to do this using just
> > > Bourne shell commands.
> > >
> > > #! /bin/sh
> > >
> > > (sleep 3;
> > > echo "password";
> > > sleep 3;
> > > echo "ls -la";
> > > sleep 3;
> > > ) | telnet -l user 192.168.0.2
> >
[ explanation of pipes snipped ]
>
> I believe you are correct - thanks. Understanding why this is happening has
> lifted a huge, uncomfortable burden :)
>
> But it still seems that there should be a way to do this using a shell
> script... I will have to think about this some more.
>
> Best Rgds,
> Jay
Hello:
I have tried the following and it worked for me (I am not sure about the
correctness of redirecting input/output to/from a terminal device).
This is the script (with comments included):
- BEGIN -
#!/bin/sh
# Date: Thu, 3 Feb 2005
# Shell script to start a connection to another host using telnet and
# keep the connection "alive". While the telnet session is running,
# this shell script will also be running.
# It uses redirection operators (pointing to the current TTY to avoid
# blocking 'stdin'), and a FIFO (pipe) to communicate the reader
# program (cat) with the telnet program.
# To exit you have to end the telnet process ('quit' command) and
# then input an ENTER or ^D (EOF) character to 'cat' (so it ends).
# Example values are prefixed with "example-" (change them to real ones).
FIFO="tmp-fifo"
HOST="example-host"
USER="example-user"
PASS="example-pass"
PORT=""# leave empty for default (23)
TTY=`tty`
# To communicate telnet and TTY.
mkfifo $FIFO
# Start telnet, reading from the FIFO and outputting everything to
# the current TTY. Wait 3 seconds, log in, wait 3 seconds and run
# cat, that reads from the TTY and outputs to the FIFO (that is
# read by telnet).
telnet -l $USER $HOST $PORT < $FIFO 2>&1 > $TTY &
sleep 3; echo $PASS > $FIFO; sleep 3;
cat > $FIFO < $TTY
# Clean up (delete FIFO).
rm $FIFO
# Exit.
exit 0
- END --
Best Regards,
Ale
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Multiple loopback interfaces
On 2005-02-03 20:53, Erik Norgaard <[EMAIL PROTECTED]> wrote: > I need to setup a testing environment to properly test a new firewall > ruleset, usually I'll install it on the machine and test it in a > closed environment, but this time I don't have the machine. > > Is it posible or advisable to create multiple loopback intefaces or > are there other suggestions on how to do this? Yes, it is possible. You can even use non-127.0.0.x addresses (lines wrapped to fit in 80 columns): % gothmog:/root# ifconfig lo1 plumb % gothmog:/root# ifconfig lo1 10.6.0.1/24 up % gothmog:/root# tcpdump -s 100 -i lo1 -qvlnn & % [1] 23432 % tcpdump: listening on lo1, link-type NULL (BSD loopback), % capture size 100 bytes % gothmog:/root# ping -c 2 10.6.0.1 >/dev/null 2>&1 ; sleep 01 % 22:02:01.823069 IP (tos 0x0, ttl 64, id 5813, offset 0, flags [none], % length: 84) 10.6.0.1 > 10.6.0.1: icmp 64: echo request seq 0 % 22:02:01.827119 IP (tos 0x0, ttl 64, id 5814, offset 0, flags [none], % length: 84) 10.6.0.1 > 10.6.0.1: icmp 64: echo reply seq 0 % 22:02:02.833529 IP (tos 0x0, ttl 64, id 5827, offset 0, flags [none], % length: 84) 10.6.0.1 > 10.6.0.1: icmp 64: echo request seq 1 % 22:02:02.833568 IP (tos 0x0, ttl 64, id 5828, offset 0, flags [none], % length: 84) 10.6.0.1 > 10.6.0.1: icmp 64: echo reply seq 1 % gothmog:/root# ifconfig lo1 unplumb % gothmog:/root# ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: apache13_modssl + mod_php4 + php4-extenstions + mysql323-*+myphpadmin = ...
thanks T,
I followed your steps to the tee and still no go. I do have a php.ini in
/usr/local/etc however and it appears to be picking up my include_path.
I just got done installing Horde/IMP and I hate to tell you but
php.ini doesen't even exist. From the looks of it the ports people
got together and worked out an alternative way of specifying variables
for php instead of using php.ini. Probably to avoid the problems
that you mentioned of ports overwriting php files.
so what is this alternative way? i have to include some other paths...
ken;
On Tuesday, February 01, 2005, at 03:35PM, Thomas Foster <[EMAIL PROTECTED]>
wrote:
>
><>
Well, the only items you really need in ht= tpd.conf are:
#
LoadModule php4_module libexec/apache2/libphp4.so
DirectoryIndex index.php index.html index.htm
#
If you are using apache2 that is.. for apa= che1.3 i believe it is
libexec/apache13 or libexec/apache
It would help to make sure you have define= d mime types as well..
#
application/x-httpd-php &= nbsp; php
application/x-httpd-php-source phps
#
Be sure and restart apache and clear your = browser cache before
trying to load the page/site again.. let me know your results
T
- Original Message -
Fro= m: [1]Ke= n Hawkins
To: [2]Thomas Foster
Sent: Tuesday, February 01, 2005 3= :09 PM
Subject: Re: apache13_modssl + mod= _php4 + php4-extenstions +
mysql323-*+myphpadmin = ...
T,
thank you for all the info! it has been a learni= ng experience.
my php.conf file shows:
PHP_VER=4
PHP_VERSION=4.3.10
PHP_EXT_DIR=200204= 29
PHP_PORT=${PORTSDIR}/lang/php4
PHP_SAPI=full
which jives with the pkg_info;
[web1:lib/php/20020429] root# pkg_info | = grep php
php4-4.3.10_2 PHP Scripting Language (Apache Module and CLI)
php4-bz2-4.3.10_2 The bz2 shared extension for php
php4-ctype-4.3.10_2 The ctype shared extension for php
php4-dba-4.3.10_2 The dba shared extension for php
php4-domxml-4.3.10_2 The domxml shared extension for php
php4-gd-4.3.10_2 The gd shared extension for php
php4-mysql-4.3= .10_2 The mysql shared extension for php
php4-openssl-4.3.10_2 The openssl s= hared extension for php
php4-overload-4.3.10_2 The overload shared extension= for php
php4-pcre-4.3.10_2 The pcre shared extension for php
php4-pear-4.3.10_2 PEAR framework for PHP
php4-posix-4.3.10= _2 The posix shared extension for php
php4-session-4.3.10_2 The session s= hared extension for php
php4-tokenizer-4.3.10_2 The tokenizer shared extensi= on for php
php4-xml-4.3.10_2 The xml shared extension for php
php4-zlib-4.3.10_2 The zlib shared extension for php
phpMyAdmin-2.6.1 A set of PHP-scripts to manage MySQL over the
web
and it is in the directory;
[web1:lib/php/20020429] root#= ls
bz2.so dba.so gd.so mysql.so overload.so pdf.so session.so
xml.so
ctype.so domxml.so imagick.so openssl.so pcre.so posix.s= o
tokenizer.so zlib.so
so it would appear that the file is there and= the config is
correct as far php is concerned. anything i need to do other th an
the LoadModule **php** stuff in the httpd.conf file?
thanks again = for all your help!
ken;
On Feb 1, 2005, at 5:23 PM, Thomas Fos= ter wrote:
Is your pcre extension still: php4-pcre-4.3.9 ?
If so, try= forcing a pkg_delete of all your PHP4 extensions,
and rebuild ..
make distclean
make config
make install
double check your php.c= onf for PHP_EXT_DIR=
make sure that lib directory exists under /usr/local/lib/php
pcre.so should be in that directory.. if for = any reason you
need to manually remove the older version..
Hope this= helps
T
- Original Message - From: "Ken Hawki= ns"
<[EMAIL PROTECTED]>
To: "Thomas Foster" <[EMAIL PROTECTED]>
Sent: Tuesday, February 01, 2005 2:12 PM
Subject: Re: apache13_modssl + mod_php4 + php4-extenstions +
mysql323-*+myphpadmin = ...
thanks, I did that and PCRE is selected and is installed.
the battle continues
ken;
On Feb = 1, 2005, at 4:59 PM, Thomas Foster wrote:
try "make config" from /usr/ports/lang/php4-extensions
Is PCRE already defined?
try selecting the libs you need from here... and in= stall them
Hope this helps
T
- Original Message = - From: "Ken Hawkins"
<[EMAIL PROTECTED]>
To: "Ken Hawki= ns" <[EMAIL PROTECTED]>
Cc:
Sent: Tuesday, February 01= , 2005 1:00 PM
Subject: Re: apache13_modssl + mod_php4 + php4-extenstions +
mysql323-*
problem with mutex locking....
I have beeing using this program in kde called kooldock. just recently I have been unable to start the program I get the following error: Mutex lock failure: Invalid argument Mutex unlock failure: Resource deadlock avoided Mutex lock failure: Invalid argument Mutex unlock failure: Resource deadlock avoided Mutex lock failure: Invalid argument Mutex unlock failure: Resource deadlock avoided Mutex lock failure: Invalid argument Mutex unlock failure: Resource deadlock avoided Mutex lock failure: Invalid argument Mutex unlock failure: Resource deadlock avoided Mutex lock failure: Invalid argument Mutex unlock failure: Resource deadlock avoided ERROR: Communication problem with kooldock, it probably crashed. And when i use gdb with backtrace i get this: (gdb) bt #0 0x2930ee77 in sigsuspend () from /lib/libc.so.5 #1 0x2918ff19 in __pth_mctx_set () from /usr/local/lib/libpthread.so.10 #2 0x29192fee in pth_spawn () from /usr/local/lib/libpthread.so.10 #3 0x291928bf in pth_init () from /usr/local/lib/libpthread.so.10 #4 0x2918cd17 in pthread_initialize_minimal () from /usr/local/lib/libpthread.so.10 #5 0x2918df98 in pthread_mutex_init () from /usr/local/lib/libpthread.so.10 #6 0x2918e204 in pthread_mutex_lock () from /usr/local/lib/libpthread.so.10 #7 0x292823b2 in __register_frame_info_bases () from /usr/lib/libstdc++.so.4 #8 0x2928240e in __register_frame_info () from /usr/lib/libstdc++.so.4 #9 0x2921d832 in ?? () from /usr/lib/libstdc++.so.4 #10 0x2928bd30 in typeinfo for std::bad_exception () from /usr/lib/libstdc++.so.4 #11 0x292a3a64 in ?? () from /usr/lib/libstdc++.so.4 #12 0xbfbfe880 in ?? () #13 0x2921d80c in ?? () from /usr/lib/libstdc++.so.4 #14 0x280993d8 in ?? () from /libexec/ld-elf.so.1 #15 0x280993d8 in ?? () from /libexec/ld-elf.so.1 #16 0xbfbfe850 in ?? #17 0x29219eb9 in _init () from /usr/lib/libstdc++.so.4 #18 0x280806c5 in find_symdef () from /libexec/ld-elf.so.1 I have uninstalled and reinstalled my linuxthreads package and my ngpt package I have also upgraded my gcc to 3.4 which is the current stable release (which includes the libstdc++ libraries) I have since recompiled the software and installed fresh and am still getting this error when I run it, including after reboot. Does anyone know any way to fix this? Ps, here is a list of installed packages: BitchX-1.1 "An alternative ircII color client with optional GTK/GNOME ORBit-0.5.17_2 High-performance CORBA ORB with support for the C language ORBit2-2.10.4 High-performance CORBA ORB with support for the C language OpenEXR-1.2.1_1 A high dynamic-range (HDR) image file format WordNet-2.0 Dictionaries and thesauri with devel. libraries (C, TCL) an aalib-1.4.r5_1 An ascii art library arts-1.3.2,1Audio system for the KDE integrated X11 desktop artswrapper-1.2.1_1 Setuid wrapper for arts aspell-0.60.2 Spelling checker with better suggestion logic than ispell atk-1.8.0 A GNOME accessibility toolkit (ATK) autoconf-2.53_3 Automatically configure source code on many Un*x platforms autoconf-2.59_2 Automatically configure source code on many Un*x platforms automake-1.5_2,1GNU Standards-compliant Makefile generator (version 1.5) automake-1.9.1 GNU Standards-compliant Makefile generator (version 1.9) automake-1.9.4 GNU Standards-compliant Makefile generator (version 1.9) bash-2.05b.007_2The GNU Bourne Again Shell bison-1.75_2A parser generator from FSF, (mostly) compatible with Yacc bitstream-vera-1.10 Bitstream Vera TrueType font collection bsdpan-Gaim-0.01Gaim - Perl extension the Gaim instant messenger. cclient-2004a,1 Mark Crispin's C-client mail access routines cdparanoia-3.9.8_7 A CDDA extraction tool (also known as ripper) cups-base-1.1.23.0_3 The Common UNIX Printing System: headers, libs, & daemons cups-pstoraster-7.07_1 GNU Postscript interpreter for CUPS printing to non-PS prin curl-7.12.1 Non-interactive tool to get files from FTP, GOPHER, HTTP(S) cvsup-16.1h General network file distribution system optimized for CVS db4-4.0.14_1,1 The Berkeley DB package, revision 4 db41-4.1.25_2 The Berkeley DB package, revision 4.1 djbfft-0.76_1 An extremely fast library for floating-point convolution docbook-sk-4.1.2_3 XML version of the DocBook DTD version controlled for Scrol docbook-xml-4.2_1 XML version of the DocBook DTD docbook-xsl-1.65.1 XSL DocBook stylesheets dri-5.0.2,2 OpenGL hardware acceleration drivers for the DRI dvipsk-tetex-5.92b_1 Convert a TeX DVI file to PostScript esound-0.2.35_1 A sound library for enlightenment package expat-1.95.8XML 1.0 parser written in C ezm3-1.2Easier, more portable Modula-3 distribution for building CV fam-2.6.9_6 A file alteration monitor flac-1.1.0_4Free lossless audio codec fontconfig-2.2.3,1 An XML-based font configuration API for X Windows freetds-0.62.3 Sybase/Microsoft TDS prot
Re: mx2.freebsd.org in dnsbl.sorbs.net
Bill Campbell wrote: It doesn't surprise me that the IP made spam DNSBLs because a fair amount of spam does get through to the list. It's not obvious that messages come from the list (one of advantages of subject tagging with list prefixes) so it's easy for people to report that spam to places like spamcop without realizing that it's list traffic. ? I very rarely see spam on this list, unless I count posts that just doesn't interest I, but it is not fair to clasify SEPs as SPAM, as long as the SEPs relate to the list. Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9 Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Multiple loopback interfaces
Hi, I need to setup a testing environment to properly test a new firewall ruleset, usually I'll install it on the machine and test it in a closed environment, but this time I don't have the machine. Is it posible or advisable to create multiple loopback intefaces or are there other suggestions on how to do this? Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9 Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: problems running k3b in fluxbox with sudo
> - Original Message - > From: "Brian John" <[EMAIL PROTECTED]> > To: > Sent: Tuesday, February 01, 2005 3:30 PM > Subject: problems running k3b in fluxbox with sudo > > > When I try to run k3b in fluxbox with sudo, I get this error message: > > 'Unable to find growisofs executable'. Any clue what would cause this? > > I can't burn DVDs until I get it resolved... > > From the Notes-section in "man growisofs" : NOTES If executed under sudo(8) growisofs refuses to start. This is done for the following reason. Naturally growisofs has to access the data set to be recorded to DVD media, either indirectly by letting mkisofs generate ISO9660 layout on-the-fly or directly if a pre-mastered image is to be recorded. Being executed under sudo(8), growisofs effectively grants sudoers read access to any file in the file system. The situation is intensified by the fact that growisofs parses MKISOFS environment vari- able in order to determine alternative path to mkisofs executable image. This means that being executed under sudo(8), growisofs effec- tively grants sudoers right to execute program of their choice with elevated privileges. If you for any reason still find the above accept- able and are willing to take the consequences, then consider running following wrapper script under sudo(8) in place for real growisofs binary. #!/bin/ksh unset SUDO_COMMAND export MKISOFS=/path/to/trusted/mkisofs exec growisofs "$@" But note that the recommended alternative to the above "workaround" is actually to install growisofs set-root-uid, in which case it will drop privileges prior accessing data or executing mkisofs in order to pre- clude unauthorized access to the data. I have to start k3b with "kdesu k3b", not just "sudo". Then it finds growisofs and it all works. Beni. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Does FreeBSD 5.3 Support the..
Tim Erlin wrote: Glen Stewart wrote: AMD Sempron 3000+ Processer I downloaded the 5.3 ISO and burned the individual files on a MAC. I would guess no, but guessing isn't good enough. Checking the supported hardware is a better bet: http://www.freebsd.org/releases/5.3R/hardware.html --Tim "Guessing isn't good enough" is quite right. I doubt very sincerely that AMD's Sempron has any drastic architecture changes that would cause compatibility problems with any OS coded and tested on other x86 CPUs. And, AMD confirms it on their website and in their technical documentation. For reference, here's one: http://www.amd.com/us-en/assets/content_type/white_papers_and_tech_docs/31805.pdf Glen's problem still seems to be very related to the proper burning of the ISO image as far as we can tell by what he's given so far. It could also be BIOS settings on this mobo, or other hardware conflicts. So far, his descriptions of his trouble have been limited to 2 very brief emails. If he wants help, he should probably give us a complete description of his hardware and symptoms. IIRC, there have been some reports of trouble with SATA hard drives, but IANAE, and IMNBRC, IYKWIM. I'm not trying to flame anyone, but it would be almost criminal to allow this thread to go into the archives without "I doubt that FreeBSD supports the Sempron" being answered in a more authoritative way. FreeBSD supports the Sempron. Until PR's are filed that prove otherwise, it does it so quite well, too. Kevin Kinsey ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: email and messanging
Aaron Sloan wrote: Sean Murphy wrote: Is there a project that anyone is using that has the features of groupwise, openexchange or exchange? Features such as calender/todo list that other users can add to another users, public folders, etc... thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" /usr/ports/mail/evolution http://www.novell.com/products/desktop/features/evolution.html Aaron That looks like client cool. How about what you would replace on the server end to replace exchange or groupwise, or openexchange. Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: mx2.freebsd.org in dnsbl.sorbs.net
On Thu, Feb 03, 2005, Marc G. Fournier wrote: >On Thu, 3 Feb 2005, Warren Block wrote: > >>On Wed, 2 Feb 2005, Erik Norgaard wrote: >> >>>Just to clarify myself, mx2.freebsd.org is listed in dnsbl.sorbs.net and >>>spam.dnsbl.sorbs.net but NOT in smtp.dnsbl.sorbs.net >>> >>>I just checked sorbs spamdb faq, they require a fine of $50 per spam mail >>>donated to charity!? - is FreeBSD ok as charity? - to delist a server, >>>with the exception if it happens due to blocking a whole netblock. >> >>If you're using sendmail: >>cd /etc/mail >>edit access and add: >> >># FreeBSD mailers >>216.136.204.119 OK >>216.136.204.125 OK >> >>Save and 'make maps'. >> >>>Time to block sorbs I guess... >> >>Unless SORBS is trying to send you email, what would that accomplish? >> >>If you use SORBS and don't like their policies, just stop using them. Or >>explicitly allow mail from the IP addresses you want, as above. > >What I'm more curiuos about is *how* the FreeBSD mail servers go onto the >list in the first place ... did someone submit them because they couldn't >figure out how to unsubscribe, and got tired of receiving freebsd-* mail? It doesn't surprise me that the IP made spam DNSBLs because a fair amount of spam does get through to the list. It's not obvious that messages come from the list (one of advantages of subject tagging with list prefixes) so it's easy for people to report that spam to places like spamcop without realizing that it's list traffic. I think the list manager for this list is Mailman. It's easy to implement spamassassin checking in Mailman which would probably catch a large percentage of the spam that now gets through to the list. We run lists here with postfix and amavisd-new which traps worms that attack the Microsoft virus, Windows, and flags messages that spamassassin identifies as spam with headers that are easy to pick up with Mailman to forward to the list owner for approval. Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ Many companies that have made themselves dependent on [the equipment of a certain major manufacturer] (and in doing so have sold their soul to the devil) will collapse under the sheer weight of the unmastered complexity of their data processing systems. -- Edsger W. Dijkstra, SIGPLAN Notices, Volume 17, Number 5 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: email and messanging
Sean Murphy wrote: Is there a project that anyone is using that has the features of groupwise, openexchange or exchange? Features such as calender/todo list that other users can add to another users, public folders, etc... thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" /usr/ports/mail/evolution http://www.novell.com/products/desktop/features/evolution.html Aaron ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Please advise on triple-head _HIGH_ resolution solution forFreeBSD ...
Joe Schmoe wrote: Hello, To let me say initially, I have the goal of buying three of the new apple 30" cinemadisplays and running them as one large extended desktop in x11 under FreeBSD. The displays are 2560x1600, and I want to utilize them at full resolution. The question: what hardware can perform this _and_ work under FreeBSD ? My guess is I have three choices: - find _one_ PCI-X or AGP card that can drive all three monitors at once ... the matrox p750 can do this, but only at 1280x1024 for three screens. The new matrox APVe can also do this, but only at 1920x1080 or below (not quite clear) ... so these are not valid choices ... are there any single cards that can do 3x (2560x1600) ? - find three normal PCI cards that can each drive 2560x1600 ... not sure if such advanced cards were ever made for plain old PCI, or how well that would work ... at 3x that res, would I be getting close to saturating the PCI bus ? - find a system that has 3 PCI-X slots in it (does that exist ?) and then find 3 PCI-X gfx cards that can each do 2560x1600 ... any thoughts on this line ? And if so, what would be a good FreeBSD supported gfx card to stick three of in a system ? -- Obviously I need help ... so any comments at all are appreciated. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" According only hardware specs, Matrox Parhelia claimed to support Apple Cinema at full resolution. Indeed, i don't know is it supported in Freebsd. Best regards, Alexander. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
license terms
If someone is using FreeBSD and 4.4BSD, are the FreeBSD Copyright and 4.4BSD Copyright the only agreements that apply? The legal page has links to GNU licenses, so it is not clear if those licenses also have some applicability, or in what cases they might apply. Thanks for any help you can give. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: buildworld error in Makefile.inc1
On Thu, Feb 03, 2005 at 10:53:24AM -0500, Glenn Sieb wrote: > Kris Kennaway said the following on 2/3/2005 12:29 AM: > > >On Wed, Feb 02, 2005 at 10:25:38PM -0500, Glenn Sieb wrote: > > > > > >>Stop in /usr/src. > >># > >> > >>So, should this upgrade be this painful? 5.1-RELEASE-p17 isn't _that_ > >>old.. I kind of wonder now what's going to happen when I upgrade one of > >>my boxes from 4.11-RELEASE to 5.3-RELEASE? :-/ > >> > >> > >Typically we only support source upgrades from systems after a certain > >point. Talk to [EMAIL PROTECTED] about the status of upgrading from > >5.1-RELEASE. > > > > > Thanks, Kris.. it appears that doing make -DALWAYS_CHECK_MAKE did the > trick for me (which would have happened had I just done a buildworld, > from what Ruslan said). > > Great appreciation from me to everyone who helped out on this issue. > This makes my life MUCH easier tonight. :) > Don't ask me why ALWAYS_CHECK_MAKE was invented, I pathologically hate it. :-) Cheers, -- Ruslan Ermilov [EMAIL PROTECTED] FreeBSD committer pgp20z2buH81k.pgp Description: PGP signature
Re: xhost +localhost
On Thu, 3 Feb 2005 14:43:39 +0100 Gert Cuykens <[EMAIL PROTECTED]> wrote: > On Thu, 3 Feb 2005 00:32:23 -0800, Ted Mittelstaedt > <[EMAIL PROTECTED]> wrote: > > While all of this is very interesting academic, if user Gert is dumb > > enough to leave the console of his UNIX system accessible then user > > Ted can come along and power cycle it into single user mode and wipe > > his disks whether he has the root password or not. While i quite agree with Ted's encouraging Gert to run X as joe user, rather than root (for a variety of security related reasons) it is a trivial matter implement a password requirement for boot -s. This way, even if a user can boot -s, they *must* have the root passwd. This implementation does mean, however, that you should not forget the root passwd, for if you do forget, you will not be able to reset it via boot -s and passwd. /etc/ttys # If console is marked "insecure", then init will ask for the root # password when going to single-user mode. console none unknownoff insecure my 2 cents CAD for the day. cheers, epi ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD 3.2
No ofense taken, how I came to do this is, my kids go to school in the district. I offered to do a website for my daughters school. The web machine happen to be a unsupported BSD machine which they are getting rid of this year and going to winblows. so i was very limited on what i can do because of the versions of ports and so i started talking to the network engineer and he could not help so i went to the director and asked if i could suppor the bsd machine and he is fine with that, only thing is that I have to do it from with in the school and not remote. the other piece is there is still a couple of services that are running on the machine that can not go down as of yet for any reason, not sure what services. After they move the services to winblows the box is mine to do with as I please or i can go to a winblows box, with i don't want to. I am also doing maintance on another linux machine that is running red hat 7.2. All my time is donated, which i don't mind for now and for the experience and to learn more in a large enviorment, they said that they will give me a good refernece or possible a job in the future if there is ever a need.(school district is growing very fast). As for root, the network engineer logs me in, since i don't work there i will have to earn trust to gain root usage. > [EMAIL PROTECTED] wrote: > > >Yea, that is in the works, here is alittle more info, the school > >that I am working with is moving mostly to winblows, and they do > >not have anyone to support the BSD machine or linux machine that > >they have. So the nice guy that I am, I am donating my time to the > >school to work on the servers and some of the sites. I got them to > >let me keep some of the websites on the BSD server so that I can > >have better control over the sites and software. But updating is > >out of the question at the momment because of policy and budget so > >I have to work with what I have at the momment. Only thing that I > >can do is add software at this time. That is why I need the info for > >FreeBSD 3.2 > > > >Greg > > > > > > > > OK, now, I'm not given to trolling, but this seems a tad strange. > Also, please realize this isn't a personal attack, either. It does > sound a bit like I'm ranting, though, so let's direct it at the > "establishment" > > "Budget" can't be an excuse for this problem, because you are > "donating" your time "to the school"; furthermore, FreeBSD is > free as in "Free Beer" (they didn't have that at my school, but > I understand the concept.) So what costs will you incur by > upgrading the server, other than the PITA that it may be to > you (3.2-3.5.1-4.1-4.11-5.3 is a long process...)? > > So it must be policy. Are you still a student there? What control > do they have over you? If you can install the software, are you not > root? What's to keep you from installing 5.X and hacking > "newvers.sh" to read something different? Better yet, grab the > sources at home/other location and roll your own release, naming > it something like, um, "FreeBSD 3.2"? Or how 'bout > "FreeBSD 3.2 upgraded to something modern you $RANDOMEXPLETIVE > dinosaurs!-RELEASE". > > Really, if you're root and no one else knows anything about BSD or Tux, > what's really holding you back? > > Anyway, enough trolling. What about compiling new versions of PHP/ > MySQL from source, and seeing if they'll still run on 3.2? > > And I wish you luck whatever you decide (or are allowed?) to do. > > Kevin Kinsey ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Freebsd firewall
John wrote: On Thu, Feb 03, 2005 at 09:41:07AM -0500, Kevin A. Pieckiel wrote: On Thu, Feb 03, 2005 at 09:22:09AM -0500, Aperez wrote: Yes, I am sorry I made a mistake. I meant 64 MB Any idea what is the problem? It's possible that it's faulty hardware. A system that old could very well have its share of problems. You may try replacing the RAM, removing cards--things like that to try to track down if it's a single piece of equipment that's causing it to fault. For whatever it's worth, I had the same problem on a Pentium I system, but I ended up retiring it before I tracked it down. We may have an issue with FreeBSD 5.3 on older systems. Might I suggest FreeBSD 4-STABLE for this system? Hello. I have installed FreeBSD 5.3 successfully on an old pentium 75MHz with 32 MB RAM. 16MB RAM did not work. So I would check your memory for faulty chips. Try with 32MB and see what happens. Good luck. Ramiro. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Strange rwhod problem, one one machine
In the last episode (Feb 03), stan said: > I have a bunch of FreeBSD 4.x machines at workk. Today I noticed that > one of the was getting lines like this in it's messages file: > > Feb 3 09:02:02 recdcsal rwhod[84]: whod.pnoc: Permission denied > Feb 3 09:02:04 recdcsal rwhod[84]: whod.pdns1: Permission denied > Feb 3 09:02:06 recdcsal rwhod[84]: whod.phfw1: Permission denied > > I am running rwhod on thia (and the other ) machines. Rebooting did not > cure the proble, and doing an rwho or ruptime on this machine results in > "no entries in /var/rwho" Check the permissions on /var/rwho. On my system, it's drwxrwxr-x 2 rootdaemon 1536 Jan 31 03:01 ./ -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Strange rwhod problem, one one machine
On Thu, Feb 03, 2005 at 12:23:19PM -0500, stan wrote: > I have a bunch of FreeBSD 4.x machines at workk. Today I noticed that one > of the was getting lines like this in it's messages file: > > Feb 3 09:02:02 recdcsal rwhod[84]: whod.pnoc: Permission denied > Feb 3 09:02:04 recdcsal rwhod[84]: whod.pdns1: Permission denied > Feb 3 09:02:06 recdcsal rwhod[84]: whod.phfw1: Permission denied > > I am running rwhod on thia (and the other ) machines. Rebooting did not > cure the proble, and doing an rwho or ruptime on this machine results in > "no entries in /var/rwho" > > > Any sugestions as to where to start looking ofr the problem with this > machine? > Just to get the solutin in the archive. Turns out that the /var/rwho direcotry lacked the group write bit. chmoding this fixed the problem. -- "They that would give up essential liberty for temporary safety deserve neither liberty nor safety." -- Benjamin Franklin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Question about filesystem and limits
On Thu, Feb 03, 2005 at 07:07:27PM +0100, Robert Goossens wrote: > Dear FreeBSD, > > I am using FreeBSD (5) on my LAN as a gatweay/router and for website > developement. > I have some questions I cannot find answers for. > > Please can you tell me what are the limits of... > 1. the number of files that a directory can store. As many as can fit on the disk, i.e. no specific limit. > 2. the number of directories that a directory can have. 32765 (Each inode can have at most 32767 hardlinks to it (signed 16-bit integer), and each subdirectory contains a hardlink to its parent (teh ".." entry). Subtract the two hardlinks that each directory has (the "." entry, and the entry in the parent directory) and you end up with 32765.) > 3. the length of a path to a file name The open(2) and chdir(2) manpages says that one error that can occur is: [ENAMETOOLONG] A component of a pathname exceeded 255 characters, or an entire path name exceeded 1023 characters. To work around this one can of course use chdir(2) to descend down the directory tree one level at a time; there is no limit to how deep down the directory tree a file may reside, just on how long pathnames one can pass to syscalls/library functions. -- Erik Trulsson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: running interactive program from shell script
On Thursday 03 February 2005 06:02 am, Jay Moore wrote: > > > #! /bin/sh > > > > > > (sleep 3; > > > echo "password"; > > > sleep 3; > > > echo "ls -la"; > > > sleep 3; > > > ) | telnet -l user 192.168.0.2 did you try: #! /bin/sh while [ 1 ] do (sleep 3; echo "password"; sleep 3; echo "ls -la"; sleep 3; ) | telnet -l user 192.168.0.2 done This is what I alluded to in a previous post... -- i386 FreeBSD 4.11-STABLE ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Question about filesystem and limits
Dear FreeBSD, I am using FreeBSD (5) on my LAN as a gatweay/router and for website developement. I have some questions I cannot find answers for. Please can you tell me what are the limits of... 1. the number of files that a directory can store. 2. the number of directories that a directory can have. 3. the length of a path to a file name Thanks a lot, Robert FreeBSD is the Best! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
email and messanging
Is there a project that anyone is using that has the features of groupwise, openexchange or exchange? Features such as calender/todo list that other users can add to another users, public folders, etc... thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Fwd: Re: dvd-burning/alternative to k3b?
oops. I forgot to send this back to the list. -- Forwarded Message -- Subject: Re: dvd-burning/alternative to k3b? Date: Thursday 03 February 2005 09:56 am From: "Andrew L. Gould" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] On Thursday 03 February 2005 09:02 am, Brian John wrote: > Hello, > I was using k3b for burning but now that I am using fluxbox it looks > like I can't use it anymore. Is there a close alternative? What is > everyone using for cd and dvd burning? > > Thanks > > /Brian I use cdrecord (for CD's) and growisofs for DVD's. They are both command line applications; but if you always use the same media and options you could write a simple script that prompts for the variable information. For example, when burning DVD's, I always use DVD-R's and the command: growisofs -dvd-compat -Z /dev/cd0c -r -l [path_to_data_to_burn] A simple script would prompt for the directory I want to burn and would build and execute the proper command. If you wanted to get fancy, the script could have a configuration file for static info and would prompt for: 1. burning cd's vs dvd's (cdrecord vs growisofs) 2. single burn session vs RW (and initial burn vs subsequent burn) 3. burn existing iso image vs directory vs mkisofs, then burn iso image Best of luck, Andrew Gould --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: questions about extra logging
On Thu, Feb 03, 2005 at 10:33:45AM -0500, Steve Lake wrote: > I'm curious of something. I think I've got a fellow co-worker who may > be trying to break into my workstation and I need some help. > I know kde logs whenever a failed login attempt occurs if the screen > is locked and sends that in the daily logs, but it doesn't log > successes. IE successfully loging into KDE via the password box when > the screensaver/blank screen is running. I'd like to log ALL > attempts, success, failure or otherwise, and have that included in my > daily log reports so that I know if they did in fact get in at any one > point when I wasn't there. The logfile /var/log/auth.log does contain _all_ logins, AFAIK. Roland -- R.F. Smith /"\ASCII Ribbon Campaign r s m i t h @ x s 4 a l l . n l \ /No HTML/RTF in e-mail http://www.xs4all.nl/~rsmith/ X No Word docs in e-mail public key: http://www.keyserver.net / \Respect for open standards pgpedITEBN0s7.pgp Description: PGP signature
Re: dvd-burning/alternative to k3b?
On Thu, Feb 03, 2005 at 09:02:30AM -0600, Brian John wrote: > Hello, > I was using k3b for burning but now that I am using fluxbox it looks like > I can't use it anymore. Is there a close alternative? What is everyone > using for cd and dvd burning? For CD's: cdrecord (using the SCSI cd driver and atapicam driver) For DVD's: growisofs (part of the dvd+rw-tools port) These are command-line programs. Looking through the manual pages you can easily write e.g. a shell-script for backups. I've made a script to back up my home directory to a DVD. I can send it to you, if you like. Roland -- R.F. Smith /"\ASCII Ribbon Campaign r s m i t h @ x s 4 a l l . n l \ /No HTML/RTF in e-mail http://www.xs4all.nl/~rsmith/ X No Word docs in e-mail public key: http://www.keyserver.net / \Respect for open standards pgpKWaCw8n3Nh.pgp Description: PGP signature
Strange rwhod problem, one one machine
I have a bunch of FreeBSD 4.x machines at workk. Today I noticed that one of the was getting lines like this in it's messages file: Feb 3 09:02:02 recdcsal rwhod[84]: whod.pnoc: Permission denied Feb 3 09:02:04 recdcsal rwhod[84]: whod.pdns1: Permission denied Feb 3 09:02:06 recdcsal rwhod[84]: whod.phfw1: Permission denied I am running rwhod on thia (and the other ) machines. Rebooting did not cure the proble, and doing an rwho or ruptime on this machine results in "no entries in /var/rwho" Any sugestions as to where to start looking ofr the problem with this machine? -- "They that would give up essential liberty for temporary safety deserve neither liberty nor safety." -- Benjamin Franklin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: port entry error
On Thursday 03 February 2005 04:46 am, Matthew Seaman wrote: > > Yeah -- that's a mistake in the aureal-kmod port. The fix is to wait > for the maintainer / ports committers to commit a fix to the ports > tree and then cvsup again. In the mean time, you can just ignore the > error message and the rest of the ports tree will work as well as > usual. > > In detail the problem is this -- quoting from the port Makefile: > > PORTNAME= aureal-kmod > PORTVERSION=1.5 > PORTREVISION= 4.1< This item should be an integer value > > At least, that's according to the latest Porter's Handbook and bsd.port.mk Thanks. Now, does anybody know about the duplicate entries? Is that in some file I'm downloading or do I need to fix something on my system? I rebuild portsdb and pkgdb frequently, so it must be in some file they read... -- i386 FreeBSD 4.11-STABLE ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
