Re: where did the peak mbuf stat go ?
Hi Juri, Juri Mianovich wrote: FreeBSD 4.x, netstat -m: 70/4336/26624 mbufs in use (current/peak/max) Never any doubt - if peak=max, I hit the limit. Super useful. Furthermore, by watching the peak I can see when I am getting close, rather than waiting for denied requests to pile up after the fact. FreeBSD 6.x, netstat -m: 524/826/1350 mbufs in use (current/cache/total) So ... how do I see peak mbufs in FreeBSD 6.x ? Probably peak is proportionally equal to cache. That's my wild guess! Thanks. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- With best regards and good wishes, Yours sincerely, Tek Bahadur Limbu System Administrator (TAG/TDG Group) Jwl Systems Department Worldlink Communications Pvt. Ltd. Jawalakhel, Nepal http://www.wlink.com.np http://teklimbu.wordpress.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
cups-base problem
Dear all, Today I saw a security notice: Affected package: cups-base-1.2.11_3 Type of problem: cups -- off-by-one buffer overflow. Reference: http://www.FreeBSD.org/ports/portaudit/8dd9722c-8e97-11dc-b8f6-001c2514716c. So I tried to upgrade it using portupgrade: $ sudo portupgrade ** Port marked as IGNORE: print/cups-base: is forbidden: remote execution of arbitrary code cat distinfo MD5 (cups-1.3.3-source.tar.bz2) = d4911e68b6979d16bc7a55f68d16cc53 SHA256 (cups-1.3.3-source.tar.bz2) = 5e9e5670777055293e309cb0cbb2758df9c1275bf648df70478b7389c2d804de SIZE (cups-1.3.3-source.tar.bz2) = 4077262 I am not sure I understand the message about remote execution of arbitrary code. Anyway, how should I upgrade this port? Thank you very much in advance! Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cups-base problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I am not sure I understand the message about remote execution of arbitrary code. That is just saying that if the security issue is a problem for you don't upgrade (i.e. go ahead if you don't care). - -- Aryeh M. Friedman Developer, not business, friendly http://www.flosoft-systems.com -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHNXZqJ9+1V27SttsRAiZDAJ9MzhwsOhvWh0xncRP8sBaaFmirqACfXeHb JL7R5zUJgzIjypZO5NCk1cI= =ijDx -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cups-base problem
Hello, Aryeh M. Friedman pisze: I am not sure I understand the message about remote execution of arbitrary code. That is just saying that if the security issue is a problem for you don't upgrade (i.e. go ahead if you don't care). Thanks but I think I now understand even less :) If a security issue is a problem, don't upgrade??? Not sure also how one could go ahead? There is no option to continue. The message appears and that's all. I am not given any option. Thanks! Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cups-base problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 zbigniew szalbot wrote: Hello, Aryeh M. Friedman pisze: I am not sure I understand the message about remote execution of arbitrary code. That is just saying that if the security issue is a problem for you don't upgrade (i.e. go ahead if you don't care). Thanks but I think I now understand even less :) If a security issue is a problem, don't upgrade??? My understanding of the issue is under some situations cups-base may allow an attacker to execute arbitary commands (not sure with what privs) Not sure also how one could go ahead? There is no option to continue. The message appears and that's all. I am not given any option. Remove the FORBIDDEN= line in the makefile - -- Aryeh M. Friedman Developer, not business, friendly http://www.flosoft-systems.com -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHNXfoJ9+1V27SttsRAteSAKCeeXqAfsk+OgoLP9l/wZvvvMFhAwCeK1l1 Vv+r9ICUlVxTpvN+A8jv4xw= =3fNE -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cups-base problem
Hello, Aryeh M. Friedman pisze: Aryeh M. Friedman pisze: I am not sure I understand the message about remote execution of arbitrary code. That is just saying that if the security issue is a problem for you don't upgrade (i.e. go ahead if you don't care). Thanks but I think I now understand even less :) If a security issue is a problem, don't upgrade??? My understanding of the issue is under some situations cups-base may allow an attacker to execute arbitary commands (not sure with what privs) All clear now. Thanks a lot! Not sure also how one could go ahead? There is no option to continue. The message appears and that's all. I am not given any option. Remove the FORBIDDEN= line in the makefile I appreciate it! Thank again! Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cups-base problem
On Sat, Nov 10, 2007 at 10:18:19AM +0100, zbigniew szalbot wrote: Hello, Aryeh M. Friedman pisze: I am not sure I understand the message about remote execution of arbitrary code. That is just saying that if the security issue is a problem for you don't upgrade (i.e. go ahead if you don't care). Thanks but I think I now understand even less :) If a security issue is a problem, don't upgrade??? Apparently there is a bug in this port that would allow an attacker from outside to make cupsd execute his malicious code. Therefore installation of this port is forbidden as a precaution until a fix is available. But if you have a firewall that rejects incomming connections or if you have cupsd set up to deny all connections but local ones this bug presumably cannot affect you. Not sure also how one could go ahead? There is no option to continue. The message appears and that's all. I am not given any option. Upgrade the port once it is fixed. In the meantime block incoming connections either in cupsd.conf or with your firewall. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgp0xktlq0rfD.pgp Description: PGP signature
Re: cups-base problem
Dear all, Today I saw a security notice: ..snip... cat distinfo MD5 (cups-1.3.3-source.tar.bz2) = d4911e68b6979d16bc7a55f68d16cc53 SHA256 (cups-1.3.3-source.tar.bz2) = 5e9e5670777055293e309cb0cbb2758df9c1275bf648df70478b7389c2d804de SIZE (cups-1.3.3-source.tar.bz2) = 4077262 Update your ports and INDEX file as it seems that you are installing a vulnerable version of cups-base. The VuXML report says: Affects: cups-base 1.3.4 so the cups-1.3.3 still has the vulnerability mentioned in the report. -Rek ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Install problems on Dell Vostro
On 10/11/2007, at 1:57 PM, McCy Ron wrote: I was able to get 6.2 to install on a Vostro with stock BIOS settings but couldn't get the system to recognize the network card. network. Just for reference - Knoppix, Ubuntu, FreesBie live CDs, and a straight install of Ubuntu 7.04 didn't work either. There is something strange about this computer.Windows XP, ofcourse, works. So solution is to stick another network card in it? Has anyone had this onboard card work? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
7.0b2 and Quantum DLT V4 Sata
Hi, I installed a Quantum DLT V4 Sata drive. dmesg (GENERIC) reports: ast0 FAILURE - MODE_SENSE ILLEGAL REQUEST asc=0x24 ascq=0x00 sks= 0x4d 0x00 0x02 debian seems to accept the drive. Any suggestions? Thanks Reinhard ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Cross Platform Port Builds
Hi all, I'm going to update my machines and run into a serious problem (for me ^^): Some ports fail to cross build and I fail to setup a sane environment. At first, I created a chroot: /usr/room/$target. Into this chroot, I installed a host world using make installworld DESTDIR=/usr/room/$target/. After that, I created /usr/room/$target/usr/src and /usr/room/$target/usr/ports and mounted /usr/src and /usr/ports to there, respectively. Sure I'd mounted a devfs to /usr/room/$target/dev/. Then I's chrooted to /usr/room/$target/ and change the make.conf as needed for target machine and did make buildworld/buildkernel in /usr/src in the chroot. That worked really fine. But on the target machine not only a FreeBSD base distribution runs, there is a samba, xinetd, ftpproxy and squid also doing some work. So I needed to cross-build those ports, too. I couldn't find a standardized way to do this, so I first created 2 start scripts: waldorf# cat ~/bin/portcross #!/bin/sh env ARCH=i386 TARGET_CPUTPE= CPUTYPE=pentiumpro PATH=/usr/obj/i386/usr/src/tmp/usr/bin/:$PATH $@ waldorf# cat ~/bin/porthost #!/bin/sh env CPUTYPE=nocona $@ portcross I use to make/portupgrade a crossbuild (e.g. squid), porthost to build tools like autoconf. Now I run into problems (as the more expertized may imagine): autoconf needs gettext, samba needs gettext. But the amd64-native auto-tools binaries can't load the ia32 gettext library - and I don't know how to hold them both without running into conflicts. Furthermore perl seems to be resistant against crossbuild by specifying ARCH=i386 make build and above listed portcross. Any idea how to crossbuild perl? Thanks in advance, Jens ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
unable to update nvidia-driver
been trying to portupgrade my nvidia-driver for a few days now, on 7.0b2. i got this error a few days ago, then this morning, i portupgraded xorg-server thinking it might be expecting a piece from there, but stil no joy. same error each time: === Checking if x11/nvidia-driver already installed mv: rename /usr/local/lib/xorg/modules/libwfb.so to /usr/local/lib/xorg/modules/XXX-libwfb.so.%%.xorg-server-1.4_2,1: No such file or directory *** Error code 1 anyone know how to correct this? im scared to uninstall the nvidia-driver that is currently working, for fear the new one might not work at all! cheers, -- Jonathan Horne http://dfwlpiki.dfwlp.org [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Install problems on Dell Vostro
Hi, I tried with FreeBSD and FreeSBIE when I received my vostro 1700 (on septembre), and the network wasn't working well. Network, Some Xorg problems and so on ... So I installed Ubuntu 7.04 witch was the less worth (network/video worked with some adaptations). Now I've got an Ubuntu 7.10 witch is working well. If you make FreeBSD work on Vostro I'm interested. Olivier. On 10/11/2007, at 1:57 PM, McCy Ron wrote: I was able to get 6.2 to install on a Vostro with stock BIOS settings but couldn't get the system to recognize the network card. network. Just for reference - Knoppix, Ubuntu, FreesBie live CDs, and a straight install of Ubuntu 7.04 didn't work either. There is something strange about this computer.Windows XP, ofcourse, works. So solution is to stick another network card in it? Has anyone had this onboard card work? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
freebsd using sendmail with tls
i know, slightly off topic, but is *on* a freebsd server... right? my smtp is the only remaining part of my email system, that has no encryption options, and i think i would like to add tls (even tho i rarely send smtp mail from outside my lan). my setup is right now, fairly basic (only includes spamassassin, sasl2, and procmail). even tho i dont much about it, i say tls instead of ssl, as i have a few outlook clients, that would surely annoy me 'do you really want to use this certificate', and it would surely be each time i sent a mail. im also assuming that hopefully tls might not do this. before i spend hours and hours googling out my instructions on how to so do, does the tls session operate over the standard port 25, or is this what is referred to as the smtps port? and if so, can the server accept either version over the same port? thanks, -- Jonathan Horne http://dfwlpiki.dfwlp.org [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: unable to update nvidia-driver
On Sat, Nov 10, 2007 at 09:07:41AM -0600, Jonathan Horne wrote: been trying to portupgrade my nvidia-driver for a few days now, on 7.0b2. i got this error a few days ago, then this morning, i portupgraded xorg-server thinking it might be expecting a piece from there, but stil no joy. same error each time: === Checking if x11/nvidia-driver already installed mv: rename /usr/local/lib/xorg/modules/libwfb.so to /usr/local/lib/xorg/modules/XXX-libwfb.so.%%.xorg-server-1.4_2,1: No such file or directory *** Error code 1 anyone know how to correct this? im scared to uninstall the nvidia-driver that is currently working, for fear the new one might not work at all! cheers, -- Jonathan Horne http://dfwlpiki.dfwlp.org [EMAIL PROTECTED] Please read /usr/ports/UPDATING. Yuri ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: nanobsd, picobsd, tinybsd
On 2007-11-09 17:01, John Smith [EMAIL PROTECTED] wrote: Can anybody please explain to my what the differences are between nanobsd, picobsd and tinybsd. They all seem to be doing the same (creating a minimal FreeBSD image that can be used in embedded systems), or is this not right? What don't you experiment with them, and see? :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
www.freebsd.org
Hi. We are developers. If you want , we can help to you for Turkish language support.You can rely on us. We worked some projects. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: USB Console?
Jerahmy Pocott [EMAIL PROTECTED] writes: I was wondering if there is any way to put the console on a USB port? Since serial and parallel ports are becoming things of the past and many systems don't come with them any more.. Serial console on USB? I think it should work okay with a USB serial port adapter. And there's dcons(4). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: www.freebsd.org
[EMAIL PROTECTED] wrote: Hi. We are developers. If you want , we can help to you for Turkish language support.You can rely on us. We worked some projects. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] I suggest you get in touch with the people at enderunix.org, they are turkish developers working on various projects. Kris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: www.freebsd.org
On Sat, 2007-11-10 at 16:59 +0200, [EMAIL PROTECTED] wrote: Hi. We are developers. If you want , we can help to you for Turkish language support.You can rely on us. We worked some projects. That's not true, you cannot help us. Please show us `uname -a'; -- If my word isn't enough for you, ask your Don. -- Michael Corleone, Chapter 28, page 399 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: www.freebsd.org
Byung-Hee HWANG wrote: On Sat, 2007-11-10 at 16:59 +0200, [EMAIL PROTECTED] wrote: Hi. We are developers. If you want , we can help to you for Turkish language support.You can rely on us. We worked some projects. That's not true, you cannot help us. That is quite a rude thing to say, and you have no authority to say it. Kris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: www.freebsd.org
On Sat, 2007-11-10 at 17:04 +0100, Kris Kennaway wrote: Byung-Hee HWANG wrote: On Sat, 2007-11-10 at 16:59 +0200, [EMAIL PROTECTED] wrote: Hi. We are developers. If you want , we can help to you for Turkish language support.You can rely on us. We worked some projects. That's not true, you cannot help us. That is quite a rude thing to say, and you have no authority to say it. Sometimes, several spams arrive at my mail box with unusual subject via [EMAIL PROTECTED]. So i knew the einstein89's email as a spam. That was my mistake. From now on, i can take care of myself. A thousand apologies for the my rude word, indeed ;; -- You cannot say 'no' to the people you love, not often. That's the secret. And then when you do, it has to sound like a 'yes'. Or you have to make them say 'no'. You have to take time and trouble. But I'm old-fashioned, you're the new modern generation, don't listen to me. -- Vito Corleone, Chapter 28, page 401 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: freebsd using sendmail with tls
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jonathan Horne wrote: i know, slightly off topic, but is *on* a freebsd server... right? my smtp is the only remaining part of my email system, that has no encryption options, and i think i would like to add tls (even tho i rarely send smtp mail from outside my lan). my setup is right now, fairly basic (only includes spamassassin, sasl2, and procmail). even tho i dont much about it, i say tls instead of ssl, as i have a few outlook clients, that would surely annoy me 'do you really want to use this certificate', and it would surely be each time i sent a mail. im also assuming that hopefully tls might not do this. Adding TLS / SSL capability to the stock FreeBSD sendmail is easy. You need something like the following in your /etc/mail/$(hostname).cf: define(`CERT_DIR', `MAIL_SETTINGS_DIR`'certs')dnl define(`confCACERT_PATH', `CERT_DIR')dnl define(`confCACERT', `CERT_DIR/cacert.pem')dnl define(`confSERVER_CERT', `CERT_DIR/cert.pem')dnl define(`confSERVER_KEY', `CERT_DIR/key.pem')dnl define(`confCLIENT_CERT', `CERT_DIR/cert.pem')dnl define(`confCLIENT_KEY', `CERT_DIR/key.pem')dnl This defines two keys and certs for sendmail to use -- one set for where sendmail is the server and the other for where it is the client. As shown, you can use the same key and cert for either role, and it will work pretty well all the time. Occasionally however you may run into systems that get snotty about the distinction between client and server certs -- in that case, the STARTTLS negociation would fail and you'ld probably end up sending the message in plain text. That's not a huge disadvantage given that the majority of mail systems on the net don't offer the possibility of TLS in any case. Unlike eg. HTTPS, there's no big thing about buying a server cert signed by one of the well known CAs -- TLS is more about anti-snooping than assurance of the other parties identity. While you can get e-mail certs from, eg. Thawte for free, they are generally aimed at use in e-mail client applications. E-mail servers almost exclusively use self-signed certificates. To generate a self-signed cert, you can follow the instructions here: http://www.sendmail.org/~ca/email/other/cagreg.html That's a very basic set of instructions. There are some more expansive general instructions on setting up TLS at: http://aput.net/~jheiss/sendmail/tlsandrelay.shtml You don't need to worry about the section of the instructions about compiling sendmail with SSL support -- that's all already enabled in the system sendmail. before i spend hours and hours googling out my instructions on how to so do, does the tls session operate over the standard port 25, or is this what is referred to as the smtps port? and if so, can the server accept either version over the same port? E-mails generally use the 'STARTTLS' approach -- that is, you make an initial unencrypted connection on the usual port 25 and then turn that into an encrypted connection over the same port numbers. There is an alternative approach using port 465, where encryption is assumed from the very beginning (much more like how HTTPS works) This is not used by the majority of MTAs out there on the 'net -- I believe it exists to support certain client software that can't do STARTTLS when submitting new messages. If you're using eg. Thunderbird, then it supports STARTTLS perfectly well and you only need port 25 -- possibly port 587 if you want to be compliant with RFC 2476. Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHNdqx8Mjk52CukIwRCLyZAJ9pDb0/8y7txGPniAdRdvQrRS7rogCdHXth ri700SbDqcCw0lOL9KDggd8= =sozL -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Botched X.org upgrade, need help
On Nov 9, 2007 7:00 AM, Adam J Richardson [EMAIL PROTECTED] wrote: Andrew Falanga wrote: Hi Andy, I botched my 6.9-7.2 upgrade too. It's easy to do even if you follow the instructions. Can't remember what the problem was now, certainly it was something no one else had, typical. :^) Ah well, all fixed now anyway. It's easy to botch even a simple install of X. Took me a while to learn that you have to install 1) Xorg, 2) mesa-demos, 3) nVidia driver, in that order (assuming you want mesa-demos, of course). Regards, Adam J Richardson Thanks. Unfortunately, I'm using amd64 and the nVidia driver isn't yet ported (there was a thread on the reason why quite some time ago, it's something to do with FreeBSD internally). Andy ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
problems using gdb on threaded programs
Hello, when i try to debug a program with threads (with gdb) gdb complains about not being able to find thread start point and kind of hangs (see below). It is quite likely i misconfigured something, but i have no idea what that something would be (maybe forgot to put stuff in kernel?). I tried installing a newer version of gdb (6.6) but that fails in a different way, it can't get the thread info (breakpoints seem to work better though :) I also tried to recompile libpthread in /usr/src/lib with debug flag, but no potato. What else can i try now? i'm kind of stumped. - jurjen PS. Below is an output of the errors of gdb and a small program that fails. Script started on Sat Nov 10 16:51:32 2007 /home/jurjen/C $cat threadthingy.c #include stdio.h #include pthread.h void * start(void* blah) { printf(hello from a thread!\n); return NULL; } int main(void) { pthread_t tid; pthread_create(tid, NULL, start, NULL); pthread_join(tid, NULL); printf(done!\n); return 0; } /home/jurjen/C $gdb -v GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type show copying to see the conditions. There is absolutely no warranty for GDB. Type show warranty for details. This GDB was configured as i386-marcel-freebsd. /home/jurjen/C $gdb threadthingy (gdb) break main Breakpoint 1 at 0x804860c: file threadthingy.c, line 11. (gdb) r Starting program: /stuff/backup/C/threadthingy warning: Unable to get location for thread creation breakpoint: generic error [New LWP 100143] ^C^C^Chelp, gdb hang and now i have to kill it!!^C^C^C^CKilled /home/jurjen/C $gdb66 threadthingy GNU gdb 6.6 [GDB v6.6 for FreeBSD] Copyright (C) 2006 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type show copying to see the conditions. There is absolutely no warranty for GDB. Type show warranty for details. This GDB was configured as i386-portbld-freebsd6.2... Hello, when i try to debug a program with threads (with gdb) gdb complains about not being able to find thread start point and kind of hangs (see below). It is quite likely i misconfigured something, but i have no idea what that something would be (maybe forgot to put stuff in kernel?). I tried installing a newer version of gdb (6.6) but that fails in a different way, it can't get the thread info (breakpoints seem to work better though :) I also tried to recompile libpthread in /usr/src/lib with debug flag, but no potato. What else can i try now? i'm kind of stumped. (gdb) b main Breakpoint 1 at 0x804860c: file threadthingy.c, line 11. (gdb) b start Breakpoint 2 at 0x80485d6: file threadthingy.c, line 5. (gdb) r Starting program: /stuff/backup/C/threadthingy Breakpoint 1, main () at threadthingy.c:11 11 pthread_create(tid, NULL, start, NULL); (gdb) c Continuing. Breakpoint 2, start (blah=0x0) at threadthingy.c:5 5 printf(hello from a thread!\n); (gdb) info threads (gdb) info thread (gdb) help info threads IDs of currently known threads. (gdb) thread 1 Thread ID 1 not known. (gdb) thread 0 Thread ID 0 not known. (gdb) thread [Current thread is 0 (process 53031)] (gdb) thread next No symbol next in current context. (gdb) thread 0 Thread ID 0 not known. (gdb) info thread (gdb) c Continuing. Breakpoint 2, start (blah=0x0) at threadthingy.c:5 5 printf(hello from a thread!\n); (gdb) c Continuing. Breakpoint 2, start (blah=0x0) at threadthingy.c:5 5 printf(hello from a thread!\n); (gdb) c Continuing. Breakpoint 2, start (blah=0x0) at threadthingy.c:5 5 printf(hello from a thread!\n); (gdb) n 0x2809373e in ?? () from /lib/libpthread.so.2 (gdb) d b Delete all breakpoints? (y or n) y (gdb) c Continuing. hello from a thread! done! Program exited normally. (gdb) quit Script done on Sat Nov 10 16:53:31 2007 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: www.freebsd.org
On Sun, Nov 11, 2007 at 01:02:22AM +0900, Byung-Hee HWANG wrote: On Sat, 2007-11-10 at 16:59 +0200, [EMAIL PROTECTED] wrote: Hi. We are developers. If you want , we can help to you for Turkish language support.You can rely on us. We worked some projects. That's not true, you cannot help us. Please show us `uname -a'; What does that mean? Maybe they can contribute. Do you know some secret? jerry -- If my word isn't enough for you, ask your Don. -- Michael Corleone, Chapter 28, page 399 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: www.freebsd.org
On Sat, 2007-11-10 at 12:27 -0500, Jerry McAllister wrote: On Sun, Nov 11, 2007 at 01:02:22AM +0900, Byung-Hee HWANG wrote: On Sat, 2007-11-10 at 16:59 +0200, [EMAIL PROTECTED] wrote: Hi. We are developers. If you want , we can help to you for Turkish language support.You can rely on us. We worked some projects. That's not true, you cannot help us. Please show us `uname -a'; What does that mean? Maybe they can contribute. Do you know some secret? As before i replied to Kris, that was my mistake. At that time, i knew einstein89 as a spammer. Again i speak, I am very sorry for the my rude remark, indeed.. -- Never get angry. Never make a threat. Reason with people. -- Vito Corleone, Chapter 1, page 57 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
port build order
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 How do I get a list of ports that need to be made before a port is made given the following: Note: Sorry for the *CAPS* stuff but I am using my standard specs formating 1. The list *MUST* be in build order with the first port either being the first or last line (make missing or pkg_info search=XXX display=bdeps,rdeps) 2. If the package is already installed it *MUST NOT* appear on the list The goal here is for any given port I want to be able to build each dependency one at a time (to do some testing) and I have found hand tracing through the dependency list on the web site to be extremely tedious - -- Aryeh M. Friedman Developer, not business, friendly http://www.flosoft-systems.com -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHNfFUJ9+1V27SttsRAsvrAKCOeW/8amUokHwuNWzu3Q2uKjESMgCeL99Y GWjwSQWLjyJ1a8h/CZG7Wx0= =8OaW -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
' Openssl.cnf ' and ' .rand ' file
openssl 0.9.7e-p1 25 Oct 2004 I have not been able to find an answer to this question on Google, so I figured I had better ask it here. In the '/etc/ssl/openssl.cnf' file, there is an entry for: RANDFILE= $dir/private/.rand# private random number file Well, that file does not exist. I cannot find it anywhere on my system and I have not been able to figure out how to create it. Also, where could I locate some information on the 'openssl.cnf' file. There does not appear to be a 'man' page for it. I would like some more information on what all of the settings mean and possibly how to set them for my particular needs. Thanks! -- White Hat [EMAIL PROTECTED] __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: www.freebsd.org
Hi all I am from TR also, I have never heard any Turkish FreeBSD contributer or developer except enderunix team. Einstein you can began building a web site than put inside your document about FreeBSD and also your project+code tips etc, so we can benefit all these. And also I am agree with Kris you can share your accumulation with enderunix team. On Nov 10, 2007 7:50 PM, Byung-Hee HWANG [EMAIL PROTECTED] wrote: On Sat, 2007-11-10 at 12:27 -0500, Jerry McAllister wrote: On Sun, Nov 11, 2007 at 01:02:22AM +0900, Byung-Hee HWANG wrote: On Sat, 2007-11-10 at 16:59 +0200, [EMAIL PROTECTED] wrote: Hi. We are developers. If you want , we can help to you for Turkish language support.You can rely on us. We worked some projects. That's not true, you cannot help us. Please show us `uname -a'; What does that mean? Maybe they can contribute. Do you know some secret? As before i replied to Kris, that was my mistake. At that time, i knew einstein89 as a spammer. Again i speak, I am very sorry for the my rude remark, indeed.. -- Never get angry. Never make a threat. Reason with people. -- Vito Corleone, Chapter 1, page 57 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
7.0-B2 IPFW/IP6FW interaction
I've been trying to learn about IPv6, using the 7.0 series as my platform so it gets some exercise before release, and I've run into a few odd interactions between IPFW handling of IPv4 and IPv6. The only one I can reliably reproduce is pretty straightforward: if I set up /etc/rc.conf to enable IPFW for both IPv4 and IPv6, both with the CLIENT rule set, and edit /etc/rc.firewall and /etc/rc.firewall6 accordingly, only one ruleset gets loaded. On my test system, the IPv6 ruleset is loaded first, and then when the IPv4 ruleset is loaded, the flush command in rc.firewall removes all of the IPv6 rules, so I end up with default deny for IPv6, plus all of my normal IPv4 rules. It's possible that this interaction explains the other oddities I thought I've seen but haven't reliably reproduced. I fixed it by removing the flush commands from both rc.firewall and rc.firewall6, but I expect this broke the proper operation of /etc/rc.d/ipfw restart (although I haven't actually tested that. I just manually flush the rules if I need to restart the firewall). Am I running into this problem because 7.0 expects me to do something differently, or is this actually a bug? It appears the problem is in the old config scripts (rc.firewall and rc.firewall6) that worked properly when IPFW and IP6FW were independent, but now interact with each other. It would probably make sense to integrate the two scripts into a single rc.firewall script, but I haven't had time to take a shot at that yet. If the load order is always the same, then of course I can just remove the flush command from the second rule set and it will solve the problem. Again, I haven't looked into that yet. I've also noticed there are new rc.conf variables (e.g. firewall_myservices, firewall_allowservices) that appear to be intended to configure default rules for me, but I have not investigated them. Perhaps I should? In /etc/rc.conf the firewall statements I have are: firewall_enable=YES firewall_logging=YES firewall_type=CLIENT ipv6_firewall_enable=YES ipv6_firewall_logging=YES ipv6_firewall_type=CLIENT and this is 7.0-BETA2 - Bob ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
7.0-B2 IPFW/IP6FW interaction
Bob Johnson writes: On my test system, the IPv6 ruleset is loaded first, and then when the IPv4 ruleset is loaded, the flush command in rc.firewall removes all of the IPv6 rules, so I end up with default deny for IPv6, plus all of my normal IPv4 rules. It's possible that this interaction explains the other oddities I thought I've seen but haven't reliably reproduced. I fixed it by removing the flush commands from both rc.firewall and rc.firewall6, but I expect this broke the proper operation of /etc/rc.d/ipfw restart (although I haven't actually tested that. I just manually flush the rules if I need to restart the firewall). There are a number of good reasons to Not Do That, which others can explain better than I. Instead let me suggest you make a copy of those scripts, then ponder this part of my rc.conf: firewall_enable=YES # Set to YES to enable firewall functionality firewall_type=UNKNOWN # Firewall type (see /etc/rc.firewall) firewall_script=/etc/ipfw.master # Use this instead of /etc/rc.firewall ipv6_firewall_enable=YES # Set to YES to enable IPv6 firewall ipv6_firewall_type=UNKNOWN# see /etc/rc.firewall6 ipv6_firewall_script=/etc/ipfw.v6.set # Which script to run to # set up the IPv6 firewall ipv6_firewall_flags= # see /etc/rc.firewall6 Robert Huff ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: OT: Looking for some inpiration with UPS setup
NetOpsCenter wrote: Christopher Key wrote: I've a FreeBSD fileserver, a solid state router (Linksys box running OpenWRT) and a couple of gigabit switches that I'd like to move onto a UPS (I'm primarily looking at the APC Smart-UPS line). I have a similar setup in my noc shed. I got 2 old APC units that a client had replaced and attached a 120 AMP stationery batteries to them. They will power the switch, 3 servers and KVM switches and a monitor for 6 hours uninterrupted. It's not pretty to look at but is stable and does the job nicely. I'm rather pressed for space, this gear is in a tiny cupboard also storing the traditional contents of a utility room and garage. I'd manged to allow myself 1 shelf, 30cm x 50cm x 20cm for the UPS gear. That might just be enough space to squeeze in a UPS and a 120Ah SLA battery, which would keep both up for at least 6h, hopefully enough to span most outages. For outages longer than that, I'd probably not mind losing my DHCP leases anyway. Are there any specific requirements for the attached batteries, or will any 12V SLA battery suffice? It's just a shame that no UPS units offer a WOL option for waking up attached equipment. Regards, Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
CVS setup
Hello Everyone I am trying to get cvs(up ?) to run on Eclipse Webmin also. I have 6.2 stable running! How may I get the source for say 6.2 stable pre 6.3 prerelease ? I can do this the normal way on freebsd but I would like a copy to mess with on Eclipse localy! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: nanobsd, picobsd, tinybsd
I'd expected a more level headed reply from this FreeBSD list. How is a newbie supposed to know the differenced and how can I test this if I don't have a spare machine? My question was more out of interest. This mailing list is called FreeBSD-Questions, so why can't I asked a reasonable question and expect a reasonable reply...? On Nov 10, 2007 9:40 AM, Giorgos Keramidas [EMAIL PROTECTED] wrote: On 2007-11-09 17:01, John Smith [EMAIL PROTECTED] wrote: Can anybody please explain to my what the differences are between nanobsd, picobsd and tinybsd. They all seem to be doing the same (creating a minimal FreeBSD image that can be used in embedded systems), or is this not right? What don't you experiment with them, and see? :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: nanobsd, picobsd, tinybsd
John Smith wrote: I'd expected a more level headed reply from this FreeBSD list. How is a newbie supposed to know the differenced and how can I test this if I don't have a spare machine? My question was more out of interest. This mailing list is called FreeBSD-Questions, so why can't I asked a reasonable question and expect a reasonable reply...? On Nov 10, 2007 9:40 AM, Giorgos Keramidas [EMAIL PROTECTED] wrote: On 2007-11-09 17:01, John Smith [EMAIL PROTECTED] wrote: Can anybody please explain to my what the differences are between nanobsd, picobsd and tinybsd. They all seem to be doing the same (creating a minimal FreeBSD image that can be used in embedded systems), or is this not right? What don't you experiment with them, and see? :) Please read the explanations on each page. You'll find that they differ as follows: http://www.tinybsd.org/tinybsd -- TinyBSD (I emphasize the words tools, scripts, development, and dynamically linked). http://www.freebsd.org/doc/en_US.ISO8859-1/articles/nanobsd/index.html -- nanobsd (sounds like a complete, read-only system). http://en.wikipedia.org/wiki/PicoBSD -- picobsd (obsolete; replaced by nanobsd according to the Wiki page). -Garrett ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: freebsd-questions Digest, Vol 196, Issue 38
On Fri, 09 Nov 2007 16:33:34 + Christopher Key [EMAIL PROTECTED] wrote: Apolgies for the slightly OT post, but I'm hoping that some of the ammased expertise might be able to suggest a solution. I've a FreeBSD fileserver, a solid state router (Linksys box running OpenWRT) and a couple of gigabit switches that I'd like to move onto a UPS (I'm primarily looking at the APC Smart-UPS line). The requirements for the FreeBSD system are pretty simple, it's not likely to be of any use if the power's out, so after a few minutes to allow any files open over the network to be saved, it should perform an orderly shutdown and remain off until the power returns. However, the router is a little different. It maintains some state information in RAM (dhcp leases etc) that I'd prefer not to lose during a short power outage, and it would also be useful to retain internet access, so ideally I'd like the router and switches to stay up for as long as the battery lasts in the UPS. Space and budget are limited, so ideally I'd like to achieve all this with a single UPS, which is where the problems arise. As I understant it, when the UPS wants to wake the attached machines up, it power cycles its output. This however will reset the router, which was what I was hoping to avoid. I've thought around the problem for some time, but not come up with any convincing solutions: 1) Use some sort of WOL command from the router to the FreeBSD system rather than having the UPS power cycle its output. How does the router know the power's returned? Can the UPS be set not to power cycle its power output when the power returns? 2) Use a second cheap UPS to 'protect' the router whilst the primary UPS cycles its power output. This seems rather crude, and would presumably reduce the battery life of the primary UPS due the losses in the second UPS. By the above, I understand you to be proposing to plug the secondary into the primary, rather than powering the two UPSes separately. Why would you do the former rather than the latter? 3) Have the UPS wake the PC via some other means. USB would seem to ideal choice, but the motherboard won't do a wake on USB from S5, and I'm can't find a UPS with an ethernet interface. 4) KISS. Buy two smaller, cheapers UPS units. I think that 4) may be the answer, though with this modification: buy the heavy duty UPS based on the server's needs. The router draws almost no current, probably far less than the UPS itself does when the line power has failed. Buy a minimal capacity UPS for the router, switches, etc. It will probably be able to keep them running for many hours, likely even days, during a power failure. Plug it into its own line current socket, not into the other UPS. Scott Bennett, Comm. ASMELG, CFIAG ** * Internet: bennett at cs.niu.edu * ** * A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army. * *-- Gov. John Hancock, New York Journal, 28 January 1790 * ** ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: nanobsd, picobsd, tinybsd
On Sat, Nov 10, 2007 at 03:45:30PM -0600, John Smith wrote: I'd expected a more level headed reply from this FreeBSD list. How is a newbie supposed to know the differenced Both nanobsd and picobsd have manual pages. Try 'man nanobsd' and 'man picobsd'. Picobsd has been superseded by nanobsd, whose primary is building system images for embadded systems. This is definitely not a newbie subject. and how can I test this if I don't have a spare machine? Use a virtual machine, like Qemu or vmware. My question was more out of interest. This mailing list is called FreeBSD-Questions, so why can't I asked a reasonable question and expect a reasonable reply...? You're supposed to look for answers yourself first. A quick googling of tinybsd, nanobsd and picobsd would have given you these links: http://www.tinybsd.org/tinybsd http://www.freebsd.org/doc/en_US.ISO8859-1/articles/nanobsd/index.html http://www.freebsd.org/doc/en_US.ISO8859-1/articles/nanobsd/howto.html http://en.wikipedia.org/wiki/PicoBSD Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgpDcGV52NrWX.pgp Description: PGP signature
Re: www.freebsd.org
On Sat, 10 Nov 2007 22:45:51 +0200, [EMAIL PROTECTED] wrote: 2007/11/10, Byung-Hee HWANG [EMAIL PROTECTED]: On Sat, 2007-11-10 at 12:27 -0500, Jerry McAllister wrote: On Sun, Nov 11, 2007 at 01:02:22AM +0900, Byung-Hee HWANG wrote: On Sat, 2007-11-10 at 16:59 +0200, [EMAIL PROTECTED] wrote: Hi. We are developers. If you want , we can help to you for Turkish language support.You can rely on us. We worked some projects. That's not true, you cannot help us. Please show us `uname -a'; What does that mean? Maybe they can contribute. Do you know some secret? As before i replied to Kris, that was my mistake. At that time, i knew einstein89 as a spammer. Again i speak, I am very sorry for the my rude remark, indeed.. -- Never get angry. Never make a threat. Reason with people. -- Vito Corleone, Chapter 1, page 57 bh, Please talk true. How did you know Einstein89 as a spammer? I am angry with you. You lie. I am disappointed at FreeBSD. I am sorry. i am sorry, please.. einstein89, i have no mouth to you.. please do not dislike freebsd for me.. only the bad thing was that your letter seemed like unusual at that time.. but now i can realize you are really trust guy at here freebsd area.. so please einstein89 forgive me please.. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: OT: Looking for some inpiration with UPS setup
Christopher Key wrote: NetOpsCenter wrote: Christopher Key wrote: I've a FreeBSD fileserver, a solid state router (Linksys box running OpenWRT) and a couple of gigabit switches that I'd like to move onto a UPS (I'm primarily looking at the APC Smart-UPS line). I have a similar setup in my noc shed. I got 2 old APC units that a client had replaced and attached a 120 AMP stationery batteries to them. They will power the switch, 3 servers and KVM switches and a monitor for 6 hours uninterrupted. It's not pretty to look at but is stable and does the job nicely. I'm rather pressed for space, this gear is in a tiny cupboard also storing the traditional contents of a utility room and garage. I'd manged to allow myself 1 shelf, 30cm x 50cm x 20cm for the UPS gear. That might just be enough space to squeeze in a UPS and a 120Ah SLA battery, which would keep both up for at least 6h, hopefully enough to span most outages. For outages longer than that, I'd probably not mind losing my DHCP leases anyway. Are there any specific requirements for the attached batteries, or will any 12V SLA battery suffice? It's just a shame that no UPS units offer a WOL option for waking up attached equipment. Hi, I wonder why it is such a big deal to keep the leases? Why not asssign static IP's to everything instead if it is a small setup? Just curious... --per ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: nanobsd, picobsd, tinybsd
On 2007-11-10 15:45, John Smith [EMAIL PROTECTED] wrote: On Nov 10, 2007 9:40 AM, Giorgos Keramidas [EMAIL PROTECTED] wrote: On 2007-11-09 17:01, John Smith [EMAIL PROTECTED] wrote: Can anybody please explain to my what the differences are between nanobsd, picobsd and tinybsd. They all seem to be doing the same (creating a minimal FreeBSD image that can be used in embedded systems), or is this not right? What don't you experiment with them, and see? :) I'd expected a more level headed reply from this FreeBSD list. How is a newbie supposed to know the differenced and how can I test this if I don't have a spare machine? My question was more out of interest. This mailing list is called FreeBSD-Questions, so why can't I asked a reasonable question and expect a reasonable reply...? Minus the typo in the original reply [s/What/Why/], I'm afraid that this is the only way to get hands-on experience with these systems. I'm sorry if the original response came out as ``odd''. More over, I don't really know what you mean by ``level headed'', other than ``not flame me for asking'', which is not something we tend to do in freebsd-questions. Having said that, a brief description of what each one of the systems you mentioned is: * PicoBSD used to work with earlier FreeBSD versions. I don't think it does work with recent 7.X versions or CURRENT. I wouldn't even go there right now, unless you want to ``forward port'' all the code which made PicoBSD tick, and make it work with recent FreeBSD releases. * NanoBSD is more ``modern'' than PicoBSD, and it works with 6.X, 7.X and CURRENT releases. One of the advantages of NanoBSD is that it's part of the base system and it is easy to use. Our documentation includes an article about NanoBSD at: http://www.freebsd.org/doc/en_US.ISO8859-1/articles/nanobsd/ Try reading the introduction of the article for some of the features of NanoBSD. * TinyBSD is a set of tools and scripts, which is also part of the base system. It definitely has a few good characteristics. For instance their documentation is Wiki-like and gets updated often. These short descriptions contain stuff that only scratches the surface of what it *feels* like to work with each system. If that's what you originally wanted, then Google and ten minutes or so would do fine. The important bits, however, are always in the details, and that's why you have to try NanoBSD and TinyBSD yourself, and see how much you like or dislike each one of them. - Giorgos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: CVS setup
[EMAIL PROTECTED] wrote: Hello Everyone I am trying to get cvs(up ?) to run on Eclipse Webmin also. I have 6.2 stable running! How may I get the source for say 6.2 stable pre 6.3 prerelease ? I can do this the normal way on freebsd but I would like a copy to mess with on Eclipse localy! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] So in your supfile for cvsup, you can change the prefix from /usr to something else. That will check out the sources to the directory you mentioned there. Rg, Tino ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: nanobsd, picobsd, tinybsd
On Sat, Nov 10, 2007 at 03:45:30PM -0600, John Smith wrote: I'd expected a more level headed reply from this FreeBSD list. How is a newbie supposed to know the differenced and how can I test this if I don't have a spare machine? My question was more out of interest. This mailing list is called FreeBSD-Questions, so why can't I asked a reasonable question and expect a reasonable reply...? Because, like the software creation, the responses on the questions list are done by volunteers. You happened to get one who seemed to need to respond, but didn't have any information to respond with. You will probably also get some more useful responses. (Sorry, I don't know much about nano, tiny or pico BSD except that those words tend to be used to imply very small) Of course, you could try to experiment. You could try dual-booting the machine you have and put those on the other part. jerry On Nov 10, 2007 9:40 AM, Giorgos Keramidas [EMAIL PROTECTED] wrote: On 2007-11-09 17:01, John Smith [EMAIL PROTECTED] wrote: Can anybody please explain to my what the differences are between nanobsd, picobsd and tinybsd. They all seem to be doing the same (creating a minimal FreeBSD image that can be used in embedded systems), or is this not right? What don't you experiment with them, and see? :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: nanobsd, picobsd, tinybsd
On Sat, Nov 10, 2007 at 06:05:35PM -0500, Jerry McAllister wrote: On Sat, Nov 10, 2007 at 03:45:30PM -0600, John Smith wrote: I'd expected a more level headed reply from this FreeBSD list. How is a newbie supposed to know the differenced and how can I test this if I don't have a spare machine? My question was more out of interest. This mailing list is called FreeBSD-Questions, so why can't I asked a reasonable question and expect a reasonable reply...? Because, like the software creation, the responses on the questions list are done by volunteers. You happened to get one who seemed to need to respond, but didn't have any information to respond with. Didn't notice who had made that response. It was by someone who would really know, but was still unfortunately short on information. jerry You will probably also get some more useful responses. (Sorry, I don't know much about nano, tiny or pico BSD except that those words tend to be used to imply very small) Of course, you could try to experiment. You could try dual-booting the machine you have and put those on the other part. jerry On Nov 10, 2007 9:40 AM, Giorgos Keramidas [EMAIL PROTECTED] wrote: On 2007-11-09 17:01, John Smith [EMAIL PROTECTED] wrote: Can anybody please explain to my what the differences are between nanobsd, picobsd and tinybsd. They all seem to be doing the same (creating a minimal FreeBSD image that can be used in embedded systems), or is this not right? What don't you experiment with them, and see? :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
PPD files vs printer drivers also LPD vs LPRng vs CUPS
I am trying to understand little bit better Unix printing. I am terribly confused about the real meaning of PPD files and printer drivers. According to this http://en.wikipedia.org/wiki/PostScript_Printer_Description PPD files are post script description files that act as a drivers for post script printers. This seems clear to me but I have never had a post script printer in my life. According to same page CUPS-PPD are used by CUPS to do post-script printing on non-postscript printers by directing files through CUPS-filter. Could somebody explain this things better to me. Every time I used CUPS the PPD files where enough to enable me printing. Did I really use some other drivers beside these PPD files or did CUPS communicate with my printers with some generic driver and just uses PPD files to do filtering. In LPD it seems to me that this is more clear as when I run ./SETUP apsfilter I am really question to select the driver from the Ghostscript collection. I have never used LPD without the apsfilter. What is the simplest way to send ps file to the printer that doesn't speak ps? If I could do that everything else is peace of cake. I read very carefully printing form the handbook but I want to learn more. Could anybody explain me if there are some strong reasons for choosing LPD over CUPS or LPRng system (seems just GUI added on the top of LPD) It would logical to me that LPD is safer (CUPS port has some security warnings) and maybe more reliable. In any case it is included in the base system and I prefer to use something included in the base system Thanks to ALL Predrag ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: PPD files vs printer drivers also LPD vs LPRng vs CUPS
Predrag Punosevac wrote: I am trying to understand little bit better Unix printing. I am terribly confused about the real meaning of PPD files and printer drivers. According to this http://en.wikipedia.org/wiki/PostScript_Printer_Description PPD files are post script description files that act as a drivers for post script printers. This seems clear to me but I have never had a post script printer in my life. According to same page CUPS-PPD are used by CUPS to do post-script printing on non-postscript printers by directing files through CUPS-filter. Could somebody explain this things better to me. Every time I used CUPS the PPD files where enough to enable me printing. Did I really use some other drivers beside these PPD files or did CUPS communicate with my printers with some generic driver and just uses PPD files to do filtering. In LPD it seems to me that this is more clear as when I run ./SETUP apsfilter I am really question to select the driver from the Ghostscript collection. I have never used LPD without the apsfilter. What is the simplest way to send ps file to the printer that doesn't speak ps? If I could do that everything else is peace of cake. I read very carefully printing form the handbook but I want to learn more. Could anybody explain me if there are some strong reasons for choosing LPD over CUPS or LPRng system (seems just GUI added on the top of LPD) It would logical to me that LPD is safer (CUPS port has some security warnings) and maybe more reliable. In any case it is included in the base system and I prefer to use something included in the base system Thanks to ALL Predrag ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] This seems http://www.linuxprinting.org/kpfeifle/LinuxKongress2002/Tutorial/III.PostScript-and-PPDs/III.PostScript-and-PPDs.html like a good starting point for my questions. Any Adobe or CUPS developers around that can give me more information. What should I read? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: PPD files vs printer drivers also LPD vs LPRng vs CUPS
On Sat, Nov 10, 2007 at 04:39:29PM -0700, Predrag Punosevac wrote: I am trying to understand little bit better Unix printing. I am terribly confused about the real meaning of PPD files and printer drivers. According to this http://en.wikipedia.org/wiki/PostScript_Printer_Description PPD files are post script description files that act as a drivers for post script printers. This seems clear to me but I have never had a post script printer in my life. They are not really drivers but more files that describe the capabilities of the printer. According to same page CUPS-PPD are used by CUPS to do post-script printing on non-postscript printers by directing files through CUPS-filter. Could somebody explain this things better to me. Every time I used CUPS the PPD files where enough to enable me printing. Did I really use some other drivers beside these PPD files or did CUPS communicate with my printers with some generic driver and just uses PPD files to do filtering. The latter. Cups uses the ghostscript program to translate postscript into something that the non-postscript printer can understand. What is the simplest way to send ps file to the printer that doesn't speak ps? If I could do that everything else is peace of cake. I read very carefully printing form the handbook but I want to learn more. Use ghostscript. This is what both apsfilter and cups do. They've just made it a lot easier than doing it yourself. And as you can see from the size of both cups and apsfilter 'everything else' is a substantial piece of cake. Could anybody explain me if there are some strong reasons for choosing LPD over CUPS or LPRng system (seems just GUI added on the top of LPD) It would logical to me that LPD is safer (CUPS port has some security warnings) and maybe more reliable. In any case it is included in the base system and I prefer to use something included in the base system In the past, lpd had a lot of security issues as well. I'm not sure if they're all solved. Both apsfilter and cups do more than standard lpd, which is only a printer spooler. Both cups and apsfilter look at what you're trying to print and try to convert it to a form suitable for printing. Standard lpr only understands a couple of ancient formats (ditroff, dvi, cif, plot) next to plain text. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgpCHd5TdzjCt.pgp Description: PGP signature
Re: PPD files vs printer drivers also LPD vs LPRng vs CUPS
On Sat, 10 Nov 2007, Predrag Punosevac wrote: I am trying to understand little bit better Unix printing. I am terribly confused about the real meaning of PPD files and printer drivers. According to this http://en.wikipedia.org/wiki/PostScript_Printer_Description PPD files are post script description files that act as a drivers for post script printers. PPDs are files that describe what a PostScript printer can do. They may have PostScript routines in them that can be used by a driver to take advantage of the printer's abilities. According to same page CUPS-PPD are used by CUPS to do post-script printing on non-postscript printers by directing files through CUPS-filter. Could somebody explain this things better to me. Every time I used CUPS the PPD files where enough to enable me printing. Did I really use some other drivers beside these PPD files or did CUPS communicate with my printers with some generic driver and just uses PPD files to do filtering. Can't comment much on CUPS; I've never had the patience to work on it much. I prefer to have the responsibility to send correctly-formatted files to the printer myself, rather than have a filter system try to format things automatically. What is the simplest way to send ps file to the printer that doesn't speak ps? If I could do that everything else is peace of cake. Ghostscript is used to render a PostScript file into something the printer can handle. Ghostscript has a lot of built-in printer drivers. For example: /usr/local/bin/gs -dSAFER -dNOPAUSE -q -sDEVICE=ljet4 -sOutputFile=- - That takes PostScript on stdin and converts to PCL on stdout. If you save that to /usr/local/libexec/ps2pcl and make it executable, you can use it as an input filter in a printcap entry. gs -h will show you a list of built-in printer drivers in Ghostscript. Could anybody explain me if there are some strong reasons for choosing LPD over CUPS or LPRng system (seems just GUI added on the top of LPD) It would logical to me that LPD is safer (CUPS port has some security warnings) and maybe more reliable. In any case it is included in the base system and I prefer to use something included in the base system Printer filter systems have varying degrees of complexity and dependencies. lpd with simple filters is probably the simplest, with the lowest overhead because it's part of the base system. -Warren Block * Rapid City, South Dakota USA ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
linux firefox
Dear FreeBSD folks, I have a weird problem: linux-firefox and linux-firefox-devel behave the same way. When I quit them, and try to restart them, they complain about beeing already running. I have to manually delete /usr/compat/linux/root/.mozilla/firefox/*.prpfile/lock /usr/compat/linux/root/.mozilla/firefox/*.profile/.parentlock to be able to start them again. Normal firefox and firefox-devel do not behave this way, but I want to be able to use the linux-flashplugin. Any hints? (Apart from writing a wrapper removing the lockfiles... How ugly) Regards, Tino ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: flash: linux firefox vs linuxpluginwrapper
On Sun, Nov 11, 2007 at 01:53:40AM +, Tino Engel wrote: icantthinkofone wrote: Philip M. Gollucci wrote: Philip M. Gollucci wrote: John wrote: I've been struggling to get a handle on the FreeBSD system. Making good progress, but then I ran into the fact that Firefox on FreeBSD can't do flash. Definite showstopper, for me. Ok, then I tried to use the linuxpluginwrapper approach, and it didn't work. It made me recall, in reading up on FreeBSD, I did see where somebody installed both Firefox and Linx-firefox. So before I do battle with this Linux wrapper approach, I wondered if I would be better off simply installing the Linux-firefox? Is that easier? More likely to work? http://unix.derkeiler.com/Mailing-Lists/FreeBSD/questions/2007-07/msg01919.html cd /usr/ports/emulators/linux_base-fc6 ; make install clean There is now: cd /usr/ports/emulators/linux_base-f7 ; make install clean which you should use instead -- its newer :) btw, you don't need both native and Linux Firefox. Native Firefox an do flash just fine. ___ Well, how can it? I cannot build linuxpluginwrapper, it alway fails saying: === linuxpluginwrapper-20051113_8 doesn't support ELF symbol versioning, yet.. *** Error code 1 I I am using RELENG_7 on i386. Use www/nspluginwrapper. Yuri ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: flash: linux firefox vs linuxpluginwrapper
Philip M. Gollucci wrote: John wrote: I've been struggling to get a handle on the FreeBSD system. Making good progress, but then I ran into the fact that Firefox on FreeBSD can't do flash. Definite showstopper, for me. Ok, then I tried to use the linuxpluginwrapper approach, and it didn't work. It made me recall, in reading up on FreeBSD, I did see where somebody installed both Firefox and Linx-firefox. So before I do battle with this Linux wrapper approach, I wondered if I would be better off simply installing the Linux-firefox? Is that easier? More likely to work? http://unix.derkeiler.com/Mailing-Lists/FreeBSD/questions/2007-07/msg01919.html That will work just fine using flash7. When you need flash9, thats a different story. works on 6.2, 6.3, 7.0-current, 7.0-betaX, and 8.0-current. Flash 9 alway causes segfault when displaying flash movie in my linux-firefox. So what am I doing wrong. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: flash: linux firefox vs linuxpluginwrapper
icantthinkofone wrote: Philip M. Gollucci wrote: Philip M. Gollucci wrote: John wrote: I've been struggling to get a handle on the FreeBSD system. Making good progress, but then I ran into the fact that Firefox on FreeBSD can't do flash. Definite showstopper, for me. Ok, then I tried to use the linuxpluginwrapper approach, and it didn't work. It made me recall, in reading up on FreeBSD, I did see where somebody installed both Firefox and Linx-firefox. So before I do battle with this Linux wrapper approach, I wondered if I would be better off simply installing the Linux-firefox? Is that easier? More likely to work? http://unix.derkeiler.com/Mailing-Lists/FreeBSD/questions/2007-07/msg01919.html cd /usr/ports/emulators/linux_base-fc6 ; make install clean There is now: cd /usr/ports/emulators/linux_base-f7 ; make install clean which you should use instead -- its newer :) btw, you don't need both native and Linux Firefox. Native Firefox an do flash just fine. ___ Well, how can it? I cannot build linuxpluginwrapper, it alway fails saying: === linuxpluginwrapper-20051113_8 doesn't support ELF symbol versioning, yet.. *** Error code 1 I I am using RELENG_7 on i386. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: USB Console?
On Sat, 10 Nov 2007, Jerahmy Pocott wrote: I was wondering if there is any way to put the console on a USB port? Since serial and parallel ports are becoming things of the past and many systems don't come with them any more.. Serial console on USB? The boot console? Probably not. Logging in to a booted system should work. I actually just got a PL2303 USB-to-serial adapter: http://www.newegg.com/product/product.asp?item=N82E16812149115 It shows up when the uplcom module is loaded. ucom creates /dev/cuaU0, which could be entered in /etc/ttys. (Rule #1 of serial: no matter how many cables and adapters you have, none will be correct and you will eventually have to buy or build one. That's why I haven't tested this yet.) -Warren Block * Rapid City, South Dakota USA ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ps options
I have spent all the time I can stand, going over the ps man page, but I can't see any option to get a hierarchical listing. I mean, where the listings are sorted to where parents come before children, and the children get indentation, so you can see at a glance what's running more easily. It's a standard thing on many OSes, and I was sorta hoping it'd be available on FreeBSD. Maybe under a different name? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ' Openssl.cnf ' and ' .rand ' file
On 11:22:10 Nov 10, White Hat wrote: openssl 0.9.7e-p1 25 Oct 2004 I have not been able to find an answer to this question on Google, so I figured I had better ask it here. In the '/etc/ssl/openssl.cnf' file, there is an entry for: RANDFILE= $dir/private/.rand# private random number file Well, that file does not exist. I cannot find it anywhere on my system and I have not been able to figure out how to create it. Also, where could I locate some information on the 'openssl.cnf' file. There does not appear to be a 'man' page for it. I would like some more information on what all of the settings mean and possibly how to set them for my particular needs. Why do you want it? You can use the openssl rand command for doing what you may be wanting to do. $ openssl rand 1 if you want binary output of length 1 bytes or you can use the -base64 switch for ASCII output. (You don't need the RANDFILE which is probably a seed or something) Most parts of OpenSSL are not documented properly and the source code is immensely hard to follow. I have worked with the guts of OpenSSL long ago and in spite of working with it for a long time, I have always found it hard to follow what happens where. :) The code is one of the most intricate uses of the wonderful C language. :) Enjoy the fun! :) Thanks. regards, Girish ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: flash: linux firefox vs linuxpluginwrapper
Boris Samorodov wrote: On Fri, 9 Nov 2007 17:08:12 -0500 Philip M. Gollucci wrote: Philip M. Gollucci wrote: John wrote: I've been struggling to get a handle on the FreeBSD system. Making good progress, but then I ran into the fact that Firefox on FreeBSD can't do flash. Definite showstopper, for me. Ok, then I tried to use the linuxpluginwrapper approach, and it didn't work. It made me recall, in reading up on FreeBSD, I did see where somebody installed both Firefox and Linx-firefox. So before I do battle with this Linux wrapper approach, I wondered if I would be better off simply installing the Linux-firefox? Is that easier? More likely to work? http://unix.derkeiler.com/Mailing-Lists/FreeBSD/questions/2007-07/msg01919.html cd /usr/ports/emulators/linux_base-fc6 ; make install clean There is now: cd /usr/ports/emulators/linux_base-f7 ; make install clean which you should use instead -- its newer :) Wow, what great timing, I was just starting to look about for a browser to give me flash. Let me ask this again, both for my own use, and for those folks (like me) who have googled this without success so far: if I wanted, as far as possible, to stay with FreeBSD-native apps (but willing to do whatever it takes, IF its the only way to success) how does someone get to having a browser run on FreeBSD, with the main requirement, that it run Flash. Oh. One more qualification (I can get a bit picky, I guess). I notice that there's a port for flashplugin9, not just 7. Is there ANY setup that allows flash9, not just flash7? The only limitation I keep active is, I don't run MS software. No Windows. I suppose, if it's the best way, I could even choose Wine (does this make me a Wino?) 'Preciate this, I'm anxious to get started. If I'm forced to it, I have a great amount of disk, I would give as much disk as it needs, to get this, I just need to overcome old prejudices over using too much disk. I guess I can't get used to having gigabytes, not megabytes, to play with. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cups-base problem
Reko Turja wrote: Dear all, Today I saw a security notice: ..snip... cat distinfo MD5 (cups-1.3.3-source.tar.bz2) = d4911e68b6979d16bc7a55f68d16cc53 SHA256 (cups-1.3.3-source.tar.bz2) = 5e9e5670777055293e309cb0cbb2758df9c1275bf648df70478b7389c2d804de SIZE (cups-1.3.3-source.tar.bz2) = 4077262 Update your ports and INDEX file as it seems that you are installing a vulnerable version of cups-base. The VuXML report says: Affects: cups-base 1.3.4 so the cups-1.3.3 still has the vulnerability mentioned in the report. Actually, I think the worst security problem I've seen is one I don't personally care to fix right now, but I guess I will soon. It's the fact that postscript is actually a language, one that's more general purpose in limitations than many people realize. Isn't that true? I think this means that my postscript interpreter (which is, for me, and I think for most, is ghostscript) should have some security controls on it, to limit postscript's direct access to local machine capabilities. I think that the options in gs for security are too little. It'd be pretty easy to write a really nasty worm. I remember laughing at my Windows friends, back when that Philappines worm hit, but we could get pretty easily hit on gs, or am I all wet? I don't much like pdf, but at least its not succeptible to such a thing, because pdf's not a general purpose language (not a language at all). Nobody's take advantage of it, but it'd be possible to write a general purpose docbook interpreter entirely in postscript. Wonder if modern gs limitations would allow such a big program? Sure would be convenient. -Rek ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ' Openssl.cnf ' and ' .rand ' file
Girish Venkatachalam wrote: On 11:22:10 Nov 10, White Hat wrote: openssl 0.9.7e-p1 25 Oct 2004 I have not been able to find an answer to this question on Google, so I figured I had better ask it here. In the '/etc/ssl/openssl.cnf' file, there is an entry for: RANDFILE= $dir/private/.rand# private random number file Well, that file does not exist. I cannot find it anywhere on my system and I have not been able to figure out how to create it. Also, where could I locate some information on the 'openssl.cnf' file. There does not appear to be a 'man' page for it. I would like some more information on what all of the settings mean and possibly how to set them for my particular needs. Why do you want it? You can use the openssl rand command for doing what you may be wanting to do. $ openssl rand 1 if you want binary output of length 1 bytes or you can use the -base64 switch for ASCII output. (You don't need the RANDFILE which is probably a seed or something) Most parts of OpenSSL are not documented properly and the source code is immensely hard to follow. I have worked with the guts of OpenSSL long ago and in spite of working with it for a long time, I have always found it hard to follow what happens where. :) Well, that's a bit of a personal opinion, but have you even used the sclient and sserver functions of the openssl command? Damn, but that's a fantastic debugging tool! Nicely documented in the openssl man page, too. The code is one of the most intricate uses of the wonderful C language. :) Enjoy the fun! :) Thanks. regards, Girish ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ps options
In the last episode (Nov 10), Chuck Robey said: I have spent all the time I can stand, going over the ps man page, but I can't see any option to get a hierarchical listing. I mean, where the listings are sorted to where parents come before children, and the children get indentation, so you can see at a glance what's running more easily. It's a standard thing on many OSes, and I was sorta hoping it'd be available on FreeBSD. Maybe under a different name? It's usually a separate command (ptree on Solaris for example). Try the sysutils/pstree port. -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
dealing with a failing drive
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I'd welcome suggestions on how (or whether) to try to revive a SCSI drive that's failing. This is on FreeBSD 6.2-RELENG on a Compaq Proliant DL320, onboard RAID and two SCSI drives in a RAID1 array. Today this system rebooted and hung on Compaq's what do you want the RAID controller to do? message. I told it to fix any errors. When I brought the system back up (after running fsck in single-user mode), the log had lots of errors like this: Nov 10 09:00:40 mail kernel: ida0: hard write error Nov 10 09:00:40 mail kernel: ida0: invalid request Nov 10 09:01:48 mail last message repeated 35 times Nov 10 09:03:49 mail last message repeated 571 times Nov 10 09:12:27 mail last message repeated 796 times I vaguely remember trying about a year ago to load a SMART utility from the ports collection but it wouldn't work on drives in a RAID array. Is there some other way to: a) diagnose/fix the errant disk here? b) monitor the health of disks on a Compaq controller so it doesn't get to this point to begin with? thanks in advance dn -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (Darwin) iD8DBQFHNlk+yPxGVjntI4IRAntlAJ9FWA2ez+BdnViq7mrIpkLBTLm/CgCfRyEA czDvMn6+8KjlI3V0iBG4U3I= =36+k -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
apache13-modperl problem: mod_dir, mod_mime
Hello, I have installed apache13-modperl from ports because I want to run a simple photoblog. However, there was no 'make config' option for modules, and here is the output of httpd -l: Compiled-in modules: http_core.c mod_so.c mod_perl.c suexec: disabled; invalid wrapper /usr/local/sbin/suexec I don't understand why mod_dir and mod_mime aren't installed by default. How can I serve pages without these? How can I get these modules installed? (I don't know where, if any, the .so files might be). Thanks, Doug ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: dealing with a failing drive
I'd welcome suggestions on how (or whether) to try to revive a SCSI drive that's failing. It depends on how valuable the data on the array is, and more importantly, how much funding you have at your disposal to fix the problem. If it were me, I would set aside the bad disk, connect a new disk to the card and re-synchronize the array. (Assuming one of the members still retains a good copy of the data.) Afterwards I would destroy, or toss the existing disk in the trash can (depending on the sensitivity of the data stored on it.) Is there some other way to: b)monitor the health of disks on a Compaq controller so it doesn't get to this point to begin with? There are various tools out there that attempt to 'monitor' the condition of disk drives to try and predict when failure is eminent. For valuable data, it is safer to setup a mirror and simply toss out bad disks as they fail. For extremely valuable data use a 3 disk array. With a 3 disk setup you will still be covered in the event that an additional disk craps out during the re-sync. To quote google's article on disk failure, regarding SMART: ...we find that failure prediction models based on SMART parameters alone are likely to be severely limited in the prediction accuracy, given that a large fraction of our failed drives have shown on SMART error signals whatsoever. This result suggests that SMART models are more useful in predicting trends for large aggregate populations that for individual components. http://labs.google.com/papers/disk_failures.pdf My 2 cents. -Modulok- On 11/10/07, David Newman [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I'd welcome suggestions on how (or whether) to try to revive a SCSI drive that's failing. This is on FreeBSD 6.2-RELENG on a Compaq Proliant DL320, onboard RAID and two SCSI drives in a RAID1 array. Today this system rebooted and hung on Compaq's what do you want the RAID controller to do? message. I told it to fix any errors. When I brought the system back up (after running fsck in single-user mode), the log had lots of errors like this: Nov 10 09:00:40 mail kernel: ida0: hard write error Nov 10 09:00:40 mail kernel: ida0: invalid request Nov 10 09:01:48 mail last message repeated 35 times Nov 10 09:03:49 mail last message repeated 571 times Nov 10 09:12:27 mail last message repeated 796 times I vaguely remember trying about a year ago to load a SMART utility from the ports collection but it wouldn't work on drives in a RAID array. Is there some other way to: a) diagnose/fix the errant disk here? b) monitor the health of disks on a Compaq controller so it doesn't get to this point to begin with? thanks in advance dn -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (Darwin) iD8DBQFHNlk+yPxGVjntI4IRAntlAJ9FWA2ez+BdnViq7mrIpkLBTLm/CgCfRyEA czDvMn6+8KjlI3V0iBG4U3I= =36+k -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
The FreeBSD Diary: 2007-10-21 - 2007-11-10
The FreeBSD Diary contains a large number of practical examples and how-to guides. This message is posted weekly to freebsd-questions@freebsd.org with the aim of letting people know what's available on the website. Before you post a question here it might be a good idea to first search the mailing list archives http://www.freebsd.org/search/search.html#mailinglists and/or The FreeBSD Diary http://www.freebsddiary.org/. -- Dan Langille BSDCan - http://www.BSDCan.org/ - BSD Conference ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: OT: Looking for some inpiration with UPS setup
On Fri, 09 Nov 2007 16:33:34 + Christopher Key [EMAIL PROTECTED] wrote: I've a FreeBSD fileserver, a solid state router (Linksys box running OpenWRT) and a couple of gigabit switches that I'd like to move onto a UPS (I'm primarily looking at the APC Smart-UPS line). The requirements for the FreeBSD system are pretty simple, it's not likely to be of any use if the power's out, so after a few minutes to allow any files open over the network to be saved, it should perform an orderly shutdown and remain off until the power returns. However, the router is a little different. It maintains some state information in RAM (dhcp leases etc) that I'd prefer not to lose during a short power outage, and it would also be useful to retain internet access, so ideally I'd like the router and switches to stay up for as long as the battery lasts in the UPS. Space and budget are limited, so ideally I'd like to achieve all this with a single UPS, which is where the problems arise. As I understant it, when the UPS wants to wake the attached machines up, it power cycles its output. This however will reset the router, which was what I was hoping to avoid. Looking at the relative power requirements, I suspect your Linksys WRT box would likely draw 12W max and perhaps a good deal less (check its specs or measure it) whereas your server + switches might draw 10 times that, even without a monitor staying on. (P-166 or 3GHz quad-core? :) Given you're using a main UPS that needs to cycle power to restart your server (presumably powered off by 'shutdown -p +1 message for syslog' ONO after several minutes running on UPS battery) then using a tiny UPS to run your router separately makes good sense. Have a look at, for example, http://phk.freebsd.dk/soekris/ups/ which supplies 12V for a Soekris 4501/4801 but could easily be adapted if the Linksys isn't happy with 12VDC input. A 12Ah SLA battery could run the Soekris at 6W (.5A) for maybe 20 hrs. The 250/12VAC transformer needed is likely in a nearby junkbox as a plugpak for some external modem, or you could use many 12-15VDC @1A unregulated supplies, which include the transformer and the first rectifier .. even more old modems used these. Meanwhile your larger (3-500VA?) UPS can look after your server etc. I've thought around the problem for some time, but not come up with any convincing solutions: 1) Use some sort of WOL command from the router to the FreeBSD system rather than having the UPS power cycle its output. How does the router know the power's returned? Can the UPS be set not to power cycle its power output when the power returns? No idea about the former, and I don't know if OpenWRT could be made to listen to the UPS and act on it - anything's possible I guess - but if the UPS is still running when power returns, it has to cycle power to wakeup the server somehow, or you need some sort of external swiching. 2) Use a second cheap UPS to 'protect' the router whilst the primary UPS cycles its power output. This seems rather crude, and would presumably reduce the battery life of the primary UPS due the losses in the second UPS. As above .. if the second UPS is small, it will be relatively efficient for its load, and can be run from the mains rather than the primary UPS. Anything bigger than 12Ah (or even 7Ah) for the router UPS is overkill, and it's more efficient to run the router on DC than its plugpak anyway. 3) Have the UPS wake the PC via some other means. USB would seem to ideal choice, but the motherboard won't do a wake on USB from S5, and I'm can't find a UPS with an ethernet interface. Some older laptops, at least, were reputed to do wake-on-serial input, but I'm not sure if that would work with (serial) UPS wiring or not. 4) KISS. Buy two smaller, cheapers UPS units. Or buy one, get one (nearly) free from the junkbox and a few bits from the local electronics store. Coopt a friendly engineering student if you're wary about the bit of soldering or choosing components. Generally: don't shutdown your server too soon .. I don't know about your situation, but here at least most blackouts, brownouts and surges last just a few seconds, sometimes short enough to reset server A while server B sails through, but outages more than a few minutes are much rarer (and are then likely to last perhaps hours). Sometimes power will come back for a few seconds then quit again, and you don't want too much stop/start, so if you can persuade your UPS to wait for a minute or so of good power before cycling its output back on, so much the safer. Cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ps options
Chuck Robey wrote: I have spent all the time I can stand, going over the ps man page, but I can't see any option to get a hierarchical listing. I mean, where the listings are sorted to where parents come before children, and the children get indentation, so you can see at a glance what's running more easily. It's a standard thing on many OSes, and I was sorta hoping it'd be available on FreeBSD. Maybe under a different name? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] See pstree (ports). Regards, Hugo ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cups-base problem
On Sat, Nov 10, 2007 at 09:41:43PM -0500, Chuck Robey wrote: Reko Turja wrote: Dear all, Today I saw a security notice: ..snip... cat distinfo MD5 (cups-1.3.3-source.tar.bz2) = d4911e68b6979d16bc7a55f68d16cc53 SHA256 (cups-1.3.3-source.tar.bz2) = 5e9e5670777055293e309cb0cbb2758df9c1275bf648df70478b7389c2d804de SIZE (cups-1.3.3-source.tar.bz2) = 4077262 Update your ports and INDEX file as it seems that you are installing a vulnerable version of cups-base. The VuXML report says: Affects: cups-base 1.3.4 so the cups-1.3.3 still has the vulnerability mentioned in the report. Actually, I think the worst security problem I've seen is one I don't personally care to fix right now, but I guess I will soon. It's the fact that postscript is actually a language, one that's more general purpose in limitations than many people realize. Isn't that true? I think this means that my postscript interpreter (which is, for me, and I think for most, is ghostscript) should have some security controls on it, to limit postscript's direct access to local machine capabilities. When using ghostscript you should always call it with the -dSAFER option, so it can only open files read-only. Or you could buy a postscript capable printer. I think that the options in gs for security are too little. It'd be pretty easy to write a really nasty worm. I remember laughing at my Windows friends, back when that Philappines worm hit, but we could get pretty easily hit on gs, or am I all wet? It's not as easy as it seems. It would be possible to write a postscript program that mails itself to other addresses. But no UNIX mail client that I know of automatically opens and renders postscript code, let alone with root privileges, which you need to do _real_ damage instead of just annoy people. So you'd need user intervention to spread the virus. And gathering addresses isn't straightforward either. Every mail program has it's own file for storing those. And there are usually multiple places where mail can be stored, and that can be in at least two formats (mbox and maildir). Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgprpEWz35YP8.pgp Description: PGP signature