Re: Procmail error
> > > Probably the wrong forum for this, but since it's on a freebsd system: > > > > I have mutt installed on two other freebsd computers. I fetch pop > > mail via getmail, and procmail puts things where they belong. I just > > installed freebsd 7.0 on another computer with what I thought were the > > exact same settings for all of the mail programs involved. When I try > > to retrieve mail I get this error message: > > > > Delivery error (command procmail 3695 error (127, exec of command > > procmail failed (refuse to invoke external commands as root or GID 0 > > by default))) > > > > I'm a relative newbie here and would appreciate it if someone could > > give me a heads up on this. > > > > Rem > > Are you running getmail as root? Boy, I hope not. And I have this entry in my aliases file: root: rem so I'm not collecting mail as root. Rem ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Procmail error
On Mon, 7 Jul 2008 22:05:04 -0700 Rem P Roberti <[EMAIL PROTECTED]> wrote: > Probably the wrong forum for this, but since it's on a freebsd system: > > I have mutt installed on two other freebsd computers. I fetch pop > mail via getmail, and procmail puts things where they belong. I just > installed freebsd 7.0 on another computer with what I thought were the > exact same settings for all of the mail programs involved. When I try > to retrieve mail I get this error message: > > Delivery error (command procmail 3695 error (127, exec of command > procmail failed (refuse to invoke external commands as root or GID 0 > by default))) > > I'm a relative newbie here and would appreciate it if someone could > give me a heads up on this. > > Rem Are you running getmail as root? -- Anders Trobäck http://www.troback.com/ Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Jails and IP Aliasing
Jason Morgan wrote: On 2008.07.07 12:16:44, David Allen wrote: # grep fxp0 /etc/rc.conf ifconfig_fxp0="inet 10.0.1.2 netmask 0xff00" ifconfig_fxp0_alias0="10.0.1.3 netmask 0x" ifconfig_fxp0_alias1="10.0.1.4 netmask 0x" ifconfig_fxp0_alias2="10.0.1.5 netmask 0x" My understanding from the handbook is that the mask should be set to all ones if the alias is for an address that's part of the same network. For a different segment, it's the first alias that should be set to the real netmask, with any additional aliases using a netmask of all ones. Granted, the broadcast addresses looks odd. If I my programming skills were better, I'd just read through the code and understand what's really happening, but for now, I'm just taking the FreeBSD folks at their word at following instructions. That's a roundabout way of saying I think your aliases are set up incorrectly. ;-) That it quite possible (I do notice the newer documentation calling for netmask 0x). But I have never had any trouble over the last three years so, you know how it is, if it ain't (too) broke ... Using a /32 netmask for aliases in the same network as the primary address used to be mandatory until sometime during the 6.x RELEASE series. It is still recommended in the various documentation, and it does make it clear to the administrator which is the primary address when looking at ifconfig output, when that distinction is important[*]. Using the 'natural' netmask for the network the aliases are part of has worked for several years: this seems to be what most new users expect and it's familiar for users of other operating systems. As far as I know, there is no technical or performance reason to prefer one style over the other -- just a matter of administrator preference. Cheers, Matthew [*] ie. which is the source address used for connection /from/ the server. If all the aliases are used for jails, or all your software is configured to bind to one or other of the addresses this doesn't come into play. -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Procmail error
Probably the wrong forum for this, but since it's on a freebsd system: I have mutt installed on two other freebsd computers. I fetch pop mail via getmail, and procmail puts things where they belong. I just installed freebsd 7.0 on another computer with what I thought were the exact same settings for all of the mail programs involved. When I try to retrieve mail I get this error message: Delivery error (command procmail 3695 error (127, exec of command procmail failed (refuse to invoke external commands as root or GID 0 by default))) I'm a relative newbie here and would appreciate it if someone could give me a heads up on this. Rem ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: tape device not configured
On Mon, 07 Jul 2008 23:21:15 +0200 Papp Tamas <[EMAIL PROTECTED]> wrote: > hi All, > > I have a new Exabyte VXA-320, I show it in dmesg as sa0. > When I try to access it for example by mt, it says, "Device not > configured", and of cource is not working. > > sa0 at ahd0 bus 0 target 2 lun 0 > sa0: Removable Sequential Access SCSI-3 device > sa0: 160.000MB/s transfers (80.000MHz DT, offset 126, 16bit) > > > What do I miss? > > Thank you very much, > > tamas What is the exact command you are using? -- Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?" Anders Trobäck http://www.troback.com/ - ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
quota and sendmail accepts <10k mail size
Greetings, I setup my mail server on freebsd7.0R and it is working great! However, I have a problem on quota. It suppose to block any incoming message to specific user which is under quota. But sendmail can still send to the user under quota if the mail size is ~ less than 10k. Quota only works when the mail size is greater than 13k. Is there any way to correct this problem? Please help. By the way, i disable the grace period via quota.h. #define MAX_IQ_TIME (0) /* seconds in 1 week */ #define MAX_DQ_TIME (0) /* seconds in 1 week */ And my mail users authenticate via ldap. Thank you and more power. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
wpa, static ip only on specific networks
Hello, How does one configure a wireless connection using wpa and dhcp on some networks and wpa with a static ip on others? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Capturing ATA devices serial numbers
atacontrol cap device On Mon, 7 Jul 2008, Vaughn Clinton wrote: All, I'm looking for a FreeBSD utility that will allow me to query a disk for its serial number. Can you point me to such a tool that'll allow me to do so? Regards, * Vaughn E. Clinton Systems Analyst Scientific Computing Resources HPC-3 Los Alamos National Laboratory 505-606-2103 - Voice 505-664-7819 - Pager * ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
tape device not configured
hi All, I have a new Exabyte VXA-320, I show it in dmesg as sa0. When I try to access it for example by mt, it says, "Device not configured", and of cource is not working. sa0 at ahd0 bus 0 target 2 lun 0 sa0: Removable Sequential Access SCSI-3 device sa0: 160.000MB/s transfers (80.000MHz DT, offset 126, 16bit) What do I miss? Thank you very much, tamas ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Jails and IP Aliasing
Did you take the necessary steps to restrict the IP addresses on which sendmail on the host and the jail listen? The jail man page only says: To configure sendmail(8), it is necessary to modify /etc/mail/sendmail.cf. but you'll probably end up adjusting the DAEMON_OPTIONS lines of your sendmail.mc (freebsd.mc, freebsd.submit.mc) and recreating your cf files. g. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Sound on amd64
First, my apologies - I sent my last missive to Conrad, and not to the list. I'm replying to myself with an update. Details below. Kurt On Sun, Jul 6, 2008 at 2:51 PM, Kurt Buff <[EMAIL PROTECTED]> wrote: > On Sun, Jul 6, 2008 at 2:24 PM, Conrad J. Sabatier <[EMAIL PROTECTED]> wrote: >> On Sun, 06 Jul 2008 10:25:58 +0200 >> Tore Lund <[EMAIL PROTECTED]> wrote: >> >>> Kurt Buff wrote: >>> > On Sat, Jul 5, 2008 at 8:48 PM, Conrad J. Sabatier <[EMAIL PROTECTED]> >>> > wrote: >>> >> On Sat, 5 Jul 2008 19:02:09 -0700 >>> >> "Kurt Buff" <[EMAIL PROTECTED]> wrote: >>> >> ... >>> >> Do you have both the generic sound support (sound) as well as the >>> >> specific hardware driver enabled in your kernel config? >>> > >>> > Sigh. Always something new to learn. >>> >>> Just wondering, why do people modify the kernel when kernel loadable >>> modules can handle the sound card? Is it necessary on some types of >>> hardware? >> >> Well, probably the main reason most people do it is to strip away any >> unneeded functionality. The GENERIC kernel contains a whole slew of >> drivers and options that most people don't need, but are intended to >> support a wide range of hardware configurations "out of the box". You >> can greatly reduce the kernel's size by only including the features you >> really need. > > I tried a new kernel, but that didn't work, for whatever reason, but > editing loader.conf did, sort of. I tried adding > > sound_load="YES" > snd_hda_load="YES" > hint.pcm.0.config="gpio0 gpio1 gpio2 gpio3 gpio4 gpio5 gpio6 gpio7" > > but while the cd player now works, I'm not getting output from the > built-in speakers - it just sounds like it's coming from a long way > away - I can barely make it out. I suppose that means it's coming from > the headphone setup, but I'm not sure of that. > > I've been googling, but haven't figured this out yet. > > Kurt More careful reading shows that the hint line goes in /boot/device.hints, but placing it there does not improve the situation, though the sound does seem to be emitting from the speakers. It's just that it's very soft, and I can't get it any louder, though using the slider control in gnome will silence it. This is a recent Thinkpad T61, and grepping dmesg reveals that the sound system is detected as an Intel 82801H, and the codec used seems to be the Analog Devices AD1984. I'm running 7-STABLE, updated on Saturday. Thoughts on how to improve this would be much appreciated. Kurt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Capturing ATA devices serial numbers
On 2008.07.07 13:54:06, Vaughn Clinton wrote: > All, > > I'm looking for a FreeBSD utility that will allow me to query a disk for its > serial number. Can you point me to such a tool that'll allow me to do so? Assuming you mean a hard disk, if you can run smartmontools, this is from smartctl(8): -i, --info Prints the device model number, serial number, firmware version, and ATA Standard version/revision information. Says if the device supports SMART, and if so, whether SMART support is cur- rently enabled or disabled. If the device supports Logical Block Address mode (LBA mode) print current user drive capacity in bytes. (If drive is has a user protected area reserved, or is "clipped", this may be smaller than the potential maximum drive capacity.) Indicates if the drive is in the smartmontools data- base (see '-v' options below). If so, the drive model family may also be printed. If '-n' (see below) is specified, the power mode of the drive is printed. Full man page is here: http://smartmontools.sourceforge.net/man/smartctl.8.html Port is here: /usr/ports/sysutils/smartmontools HTH, ~Jason Morgan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Capturing ATA devices serial numbers
All, I'm looking for a FreeBSD utility that will allow me to query a disk for its serial number. Can you point me to such a tool that'll allow me to do so? Regards, * Vaughn E. Clinton Systems Analyst Scientific Computing Resources HPC-3 Los Alamos National Laboratory 505-606-2103 - Voice 505-664-7819 - Pager * ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Jails and IP Aliasing
On 2008.07.07 12:16:44, David Allen wrote: > On Mon, Jul 7, 2008 at 10:54 AM, Jason Morgan > <[EMAIL PROTECTED]> wrote: > > On 2008.07.07 09:51:33, David Allen wrote: > >> Unless I'm losing my mind, I'm encountering what seems to yet another > >> gotcha with jails. The following has been dumbed down for clarity and > >> brevity. > >> > >> - > >> # hostname > >> jailhost.example.org > >> > >> # host jailhost > >> jailhost.example.org has address 10.0.1.2 > >> > >> # ifconfig fxp0 > >> fxp0: flags=8843 metric 0 mtu 1500 > >> options=b > >> ether 00:07:e9:c8:2e:32 > >> inet 10.0.1.2 netmask 0xff00 broadcast 10.0.1.255 > >> inet 10.0.1.3 netmask 0x broadcast 10.0.1.3 > >> inet 10.0.1.4 netmask 0x broadcast 10.0.1.4 > >> media: Ethernet autoselect (100baseTX ) > >> status: active > > > > This is the output for my jail interface. Notice that your jail > > aliases are broadcasting on the jail's IP. I don't know if this is an > > issue or not (my jails run on i386 FBSD 6.3), but it's something to > > look at. How are you setting the aliases? > > > > sk0: flags=8843 mtu 1500 > > options=b > > inet 10.0.0.1 netmask 0xff00 broadcast 10.0.0.255 > > inet 10.0.0.101 netmask 0xff00 broadcast 10.0.0.255 > > inet 10.0.0.201 netmask 0xff00 broadcast 10.0.0.255 > > ether xx:xx:xx:xx:xx:xx > > media: Ethernet autoselect (1000baseTX ) > > status: active > > My own aliases: > > # grep fxp0 /etc/rc.conf > ifconfig_fxp0="inet 10.0.1.2 netmask 0xff00" > ifconfig_fxp0_alias0="10.0.1.3 netmask 0x" > ifconfig_fxp0_alias1="10.0.1.4 netmask 0x" > ifconfig_fxp0_alias2="10.0.1.5 netmask 0x" > > My understanding from the handbook is that the mask should be set to all > ones if the alias is for an address that's part of the same network. For > a different segment, it's the first alias that should be set to the real > netmask, with any additional aliases using a netmask of all ones. > > Granted, the broadcast addresses looks odd. If I my programming skills > were better, I'd just read through the code and understand what's really > happening, but for now, I'm just taking the FreeBSD folks at their word at > following instructions. That's a roundabout way of saying I think your > aliases are set up incorrectly. ;-) That it quite possible (I do notice the newer documentation calling for netmask 0x). But I have never had any trouble over the last three years so, you know how it is, if it ain't (too) broke ... > If you're not seeing the behaviour I'm seeing, do let me know. But to > clarify with a concrete example, the following is what I see on the > jailhost (10.0.1.2) when it connects to port 25 on one of the > jails (10.0.1.5). > > # tcpdump -nqti lo0 port 25 > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on lo0, link-type NULL (BSD loopback), capture size 96 bytes > IP 10.0.1.5.62110 > 10.0.1.5.25: tcp 0 > IP 10.0.1.5.25 > 10.0.1.5.62110: tcp 0 > IP 10.0.1.5.62110 > 10.0.1.5.25: tcp 0 > IP 10.0.1.5.25 > 10.0.1.5.62110: tcp 89 > IP 10.0.1.5.62110 > 10.0.1.5.25: tcp 0 > > # netstat -nf inet > Active Internet connections > Proto Recv-Q Send-Q Local Address Foreign Address(state) > tcp4 0 0 10.0.1.5.2510.0.1.5.62110 ESTABLISHED > tcp4 0 0 10.0.1.5.62110 10.0.1.5.25ESTABLISHED > > # sockstat -4 -p 25 > USER COMMANDPID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS > root sendmail 16594 1 tcp4 10.0.1.5:25 10.0.1.5:62110 > root sendmail 16594 4 tcp4 10.0.1.5:25 10.0.1.5:62110 > root sendmail 16594 7 tcp4 10.0.1.5:25 10.0.1.5:62110 > root telnet 16593 3 tcp4 10.0.1.5:6211010.0.1.5:25 > > Why the jailhost is suddenly using the jail's IP address is beyond me. I am actually getting the same results when telnetting to port 25 on my mailserver jail. Someone else here should be able to offer better advice. Sorry, I couldn't help. Good luck, ~Jason ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Jails and IP Aliasing
On Mon, Jul 7, 2008 at 10:54 AM, Jason Morgan <[EMAIL PROTECTED]> wrote: > On 2008.07.07 09:51:33, David Allen wrote: >> Unless I'm losing my mind, I'm encountering what seems to yet another >> gotcha with jails. The following has been dumbed down for clarity and >> brevity. >> >> - >> # hostname >> jailhost.example.org >> >> # host jailhost >> jailhost.example.org has address 10.0.1.2 >> >> # ifconfig fxp0 >> fxp0: flags=8843 metric 0 mtu 1500 >> options=b >> ether 00:07:e9:c8:2e:32 >> inet 10.0.1.2 netmask 0xff00 broadcast 10.0.1.255 >> inet 10.0.1.3 netmask 0x broadcast 10.0.1.3 >> inet 10.0.1.4 netmask 0x broadcast 10.0.1.4 >> media: Ethernet autoselect (100baseTX ) >> status: active > > This is the output for my jail interface. Notice that your jail > aliases are broadcasting on the jail's IP. I don't know if this is an > issue or not (my jails run on i386 FBSD 6.3), but it's something to > look at. How are you setting the aliases? > > sk0: flags=8843 mtu 1500 > options=b > inet 10.0.0.1 netmask 0xff00 broadcast 10.0.0.255 > inet 10.0.0.101 netmask 0xff00 broadcast 10.0.0.255 > inet 10.0.0.201 netmask 0xff00 broadcast 10.0.0.255 > ether xx:xx:xx:xx:xx:xx > media: Ethernet autoselect (1000baseTX ) > status: active My own aliases: # grep fxp0 /etc/rc.conf ifconfig_fxp0="inet 10.0.1.2 netmask 0xff00" ifconfig_fxp0_alias0="10.0.1.3 netmask 0x" ifconfig_fxp0_alias1="10.0.1.4 netmask 0x" ifconfig_fxp0_alias2="10.0.1.5 netmask 0x" My understanding from the handbook is that the mask should be set to all ones if the alias is for an address that's part of the same network. For a different segment, it's the first alias that should be set to the real netmask, with any additional aliases using a netmask of all ones. Granted, the broadcast addresses looks odd. If I my programming skills were better, I'd just read through the code and understand what's really happening, but for now, I'm just taking the FreeBSD folks at their word at following instructions. That's a roundabout way of saying I think your aliases are set up incorrectly. ;-) If you're not seeing the behaviour I'm seeing, do let me know. But to clarify with a concrete example, the following is what I see on the jailhost (10.0.1.2) when it connects to port 25 on one of the jails (10.0.1.5). # tcpdump -nqti lo0 port 25 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on lo0, link-type NULL (BSD loopback), capture size 96 bytes IP 10.0.1.5.62110 > 10.0.1.5.25: tcp 0 IP 10.0.1.5.25 > 10.0.1.5.62110: tcp 0 IP 10.0.1.5.62110 > 10.0.1.5.25: tcp 0 IP 10.0.1.5.25 > 10.0.1.5.62110: tcp 89 IP 10.0.1.5.62110 > 10.0.1.5.25: tcp 0 # netstat -nf inet Active Internet connections Proto Recv-Q Send-Q Local Address Foreign Address(state) tcp4 0 0 10.0.1.5.2510.0.1.5.62110 ESTABLISHED tcp4 0 0 10.0.1.5.62110 10.0.1.5.25ESTABLISHED # sockstat -4 -p 25 USER COMMANDPID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS root sendmail 16594 1 tcp4 10.0.1.5:25 10.0.1.5:62110 root sendmail 16594 4 tcp4 10.0.1.5:25 10.0.1.5:62110 root sendmail 16594 7 tcp4 10.0.1.5:25 10.0.1.5:62110 root telnet 16593 3 tcp4 10.0.1.5:6211010.0.1.5:25 Why the jailhost is suddenly using the jail's IP address is beyond me. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: anyone been crazy enough to mirror wikipedia?
On Sun, Jul 06, 2008 at 05:05:27PM -0700, [EMAIL PROTECTED] wrote: > > In my house, we had an encyclopedia because I was in school ... > > > it was useful for research papers. > > I suspect the usefulness would depend on what one's teachers meant > by "research", which tends to change with grade level. > > In elementary and middle school, certainly. In high school, maybe. > In college, probably not. Postgraduate, almost certainly not; at > that level one should be using primary sources (and likely know > enough to be writing articles *for* an encyclopedia :) It was "useful" in grade school because teachers didn't actually believe anyone at that age would ever go beyond the encyclopedia except in the case of token satisfaction of assignment requirements. It was "useful" in middle school and beyond the same way Wikipedia is now: it gave me ideas of the sorts of directions to take my research when I sought out more rigorously researched sources of information. I certainly never cited an encyclopedia in any research paper after sixth grade -- because I wasn't an idiot. -- Chad Perrin [ content licensed PDL: http://pdl.apotheon.org ] Larry Wall: "You can never entirely stop being what you once were. That's why it's important to be the right person today, and not put it off till tomorrow." pgpfUC7dCcP7O.pgp Description: PGP signature
Re: OT: anyone been crazy enough to mirror wikipedia?
On Mon, Jul 07, 2008 at 02:19:29AM -0700, Ted Mittelstaedt wrote: > > But I don't see that the print encyclopedia articles are that accurate > either, at least, not after time. Particularly on the controversal stuff. Exactly my thought on the matter. One major benefit of Wikipedia over print encyclopedias, for instance, is the fact that it suffers less institutional bias. -- Chad Perrin [ content licensed PDL: http://pdl.apotheon.org ] Bjarne Stroustrup: "An ugly operation should have an ugly syntactic form." pgpgf6534XI9n.pgp Description: PGP signature
Re: Why would it make such a difference to move mysqld to another machine?
John Almberg wrote: > I asked a question the other day about using top on a multi-processor > machine. As a side note, I asked how mysqld could be consuming more > than 100% of CPU power... [snip] > Well, that mysqld reading should have been a warning to me. This > weekend, my webserver with about 20 database-driven websites got > clobbered by Slurp and Googlebot. Between the two of them, they had > over 50 robot instances crawling my machine at the same time > (visible, thanks to pftop). > > Apache handled them fine, and the load average was still pretty low > (2-3 on an 8 core machine) but mysqld turned into a major bottleneck. > It was showing 180-220% WCPU on 'top', and just couldn't keep up with > all the requests. Page loads crawled to a stop. Big problem! > > Luckily, I have a pretty powerful machine sitting right next to my > main webserver that I mainly use for backup. The two servers are > directly connected to each other with a twisted ethernet cable, using > extra NIC cards in the machines, so they have a fast, dedicated 'LAN' > to share. > > Desperate, I moved mysqld to this other machine, so basically this > second machine became a dedicated database server. > > The improvement this change made seems out of proportion. Both > machines are now cruising with extremely low load averages and the > WCPU for the mysqld instance on the new machine is practically zero. > > I'm not complaining. Problem solved. But I am scratching my head over > how mysql could be getting crushed on the first, 8 core/8G machine, > but running cool as a cucumber on the second, 2-core/2G machine??? > [snip] One data point to consider is that libthr uses process scope as its default. MySQL uses system scope unless the Makefile knob WITH_PROC_SCOPE_PTH=yes is used to change it. When this is done MySQL will tend to hog resources and Apache would probably have been the process sufferring. I believe most of the MySQL tuning info I've read wrt multi-core was centered around the use of libthr in conjunction with the ULE scheduler. However, that being said, most of this would be more potentially beneficial to a MySQL server running on its own machine, as opposed to sharing a machine with Apache. As the other eagle eyes spotted, the difference in IO caching between the two is probably the important factor, and well covered. Your Apache also seemed a little on the "fat" side - keep in mind that all the modules loading in your httpd.conf are initialized in each instance Apache forks a child to handle a request. You may consider an audit to determine which modules you actually require and comment out those you don't. You'll be able to fork more children in the memory you have available. This also brings to the forefront the process fork() vs event driven threading. I've been using lighttpd for about a year now, running PHP and Python as FastCGI. The lighttpd instance only contains one process but spawns additional threads to service requests. The main difference here is that all the threads in the process have access to the same resource pool, (ie the database connection layer) while in the fork() model the resources each child process initializes are only usable by that child alone. There is a well known bottleneck in the Apache process forking model that eventually starves new children from getting access to the backend database in a timely manner. Some will turn off http_keepalives in order to get children to release db connections sooner but this is really only a stopgap solution. I don't necessarily advocate any of this for "right now", but more as subject material to be examined for the future. Lighttpd is certainly not a replacement for Apache in all situations at all. And the Apache threaded worker-mpm was really designed for Windows and can hit a PHP problem if it hits any non thread-safe code in PHP that barfs. Should you have excess memory available because Apache isn't using it all memcached may be a consideration. My thoughts here are only carve out a memcached chunk in RAM if Apache is leaving some available. With MySQL running on a second machine you may choose to turn MySQL's query_caching on in lieu of memcached. It probably isn't as good as memcached as it's on the wrong end of the TCP connection, but it can help. Also, just like turning off Apache modules you don't need also turn off INNODB if you are not using it. What you seem to have experienced here is the "Slashdot" effect - your setup was running fine as long as it only received a certain level of load traffic. The jump you got hit with has served to illuminate the bottlenecks that get hit when traffic ramps up. Make use of the opportunity. -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Jails and IP Aliasing
Hello, On 2008.07.07 09:51:33, David Allen wrote: > Unless I'm losing my mind, I'm encountering what seems to yet another > gotcha with jails. The following has been dumbed down for clarity and > brevity. > > - > # hostname > jailhost.example.org > > # host jailhost > jailhost.example.org has address 10.0.1.2 > > # ifconfig fxp0 > fxp0: flags=8843 metric 0 mtu 1500 > options=b > ether 00:07:e9:c8:2e:32 > inet 10.0.1.2 netmask 0xff00 broadcast 10.0.1.255 > inet 10.0.1.3 netmask 0x broadcast 10.0.1.3 > inet 10.0.1.4 netmask 0x broadcast 10.0.1.4 > media: Ethernet autoselect (100baseTX ) > status: active This is the output for my jail interface. Notice that your jail aliases are broadcasting on the jail's IP. I don't know if this is an issue or not (my jails run on i386 FBSD 6.3), but it's something to look at. How are you setting the aliases? sk0: flags=8843 mtu 1500 options=b inet 10.0.0.1 netmask 0xff00 broadcast 10.0.0.255 inet 10.0.0.101 netmask 0xff00 broadcast 10.0.0.255 inet 10.0.0.201 netmask 0xff00 broadcast 10.0.0.255 ether xx:xx:xx:xx:xx:xx media: Ethernet autoselect (1000baseTX ) status: active Cheers, ~Jason ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: Adding a new hard drive, and using geom
> > > I bought a second hard drive for my computer since my /usr > partition > > was getting full. I don't want to deal with hardware raid since I > > don't want to be dependent on a certain hardware vendor or > chipset, so > > I'm wanting to go with geom. I'd prefer to not have to > backup all my > > data(I know I should anyway, but it's a 500gb hard drive, > and drives > > are growing faster than backup solutions). Would it be > possible to do > > a geom stripe to expand /usr and keep all the data or would I just > > need to backup everything, and then put it all back? If I > must deal > > with backing up and erasing, and considering that the > current /usr and > > the new drive aren't the same size, how would I go about mirroring > > other paritions and striping /usr? Would that still be easily > > bootable(no special hacks or workarounds)? > > > > Any tips or other recommendations would be appreciated. > Check this tutorial, step-by-step, very helpful: http://www.freebsddiary.org/gmirror.php ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Adding a new hard drive, and using geom
On Sun, Jul 06, 2008 at 01:13:17AM -0500, Joshua Isom wrote: > I bought a second hard drive for my computer since my /usr partition > was getting full. I don't want to deal with hardware raid since I > don't want to be dependent on a certain hardware vendor or chipset, so > I'm wanting to go with geom. I'd prefer to not have to backup all my > data(I know I should anyway, but it's a 500gb hard drive, and drives > are growing faster than backup solutions). Would it be possible to do > a geom stripe to expand /usr and keep all the data or would I just need > to backup everything, and then put it all back? If I must deal with > backing up and erasing, and considering that the current /usr and the > new drive aren't the same size, how would I go about mirroring other > paritions and striping /usr? Would that still be easily bootable(no > special hacks or workarounds)? > > Any tips or other recommendations would be appreciated. Well, it depends a little on how you have your first drive broken up. I don't put all that much in to /usr, but some people put almost everything there including users' home directories. I put home directories in /home, not /usr/home (and then make /home one of those big(ger) storage spaces where things can grow, but not everyone does that. Anyway, Since you don't really seem to be interested in raid or other such arrangements, (for this I think you make a good choice) my suggestion is that you just fdisk-bsdlabel-newfs it to one large slice and partition. Presuming is is sata and it is only the second drive it would then be /dev/ad1s1a (or da1s1a if it is SCSI or SAS). I would then make a mount point something like /work (or whatever name makes sense for you) and then mount there (and fix up /etc/fstab). Then I would move chunks of /usr and other partitions that are getting full in to it and make symlinks.That gives you a lot of flexibility and you don't have to worry about managing stripes and raid. If something like /var/db or /usr/home grow wildly, you can easily add yet another drive or even a raid and move those there later. Some things to move there, depending on how you are presently set up, might be:/usr/local, /usr/src, /usr/ports, /usr/home /var/log, /var/spool, /var/db/ It is easy to move them and make symlinks. For example: Build the slice using fdisk, the partition using bsdlabel and newfs it taking the defaults. mount /dev/ad0s1a /work cd /usr/local tar cvpf /work/ulocal.tar * cd /work mkdir usr.local cd usr.local tar xvpf ../ulocal.tar Take some time to look it over and make sure it is good. cd /usr mv local oldlocal ln -s /work/usr.local local Make sure it works by cd-ing to /usr/local/... and making sure you get where you want and all is well. rm -rf oldlocal cd /work rm ulocal.tar I prefer this slightly longer procedure because it leaves stuff around in case of error until I get a chance to check it out. But, you could just run the tar piped to a tar with an embedded cd and it would also work just fine. I also like to name the directories I move mnemonically such as the usr.local (or usr.src or var.log, etc) because it keeps things clear. jerry > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Jails and IP Aliasing
Unless I'm losing my mind, I'm encountering what seems to yet another gotcha with jails. The following has been dumbed down for clarity and brevity. - # hostname jailhost.example.org # host jailhost jailhost.example.org has address 10.0.1.2 # ifconfig fxp0 fxp0: flags=8843 metric 0 mtu 1500 options=b ether 00:07:e9:c8:2e:32 inet 10.0.1.2 netmask 0xff00 broadcast 10.0.1.255 inet 10.0.1.3 netmask 0x broadcast 10.0.1.3 inet 10.0.1.4 netmask 0x broadcast 10.0.1.4 media: Ethernet autoselect (100baseTX ) status: active # grep jail /etc/rc.conf ... jail_ns_hostname="ns.example.org" jail_ns_ip="10.0.1.3" ... jail_mail_hostname="mail.example.org" jail_mail_ip="10.0.1.4" # sockstat -4l USER COMMANDPID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS root sendmail 11556 4 tcp4 10.0.1.4:25 *:* root syslogd10591 6 udp4 10.0.1.4:514 *:* root sendmail 10438 4 tcp4 10.0.1.3:25 *:* bind named 4011 20 udp4 10.0.1.3:53 *:* bind named 4011 21 tcp4 10.0.1.3:53 *:* bind named 4011 22 tcp4 10.0.1.3:953 *:* root syslogd897 6 udp4 10.0.1.3:514 *:* root sshd 715 3 tcp4 10.0.1.2:22 *:* root syslogd563 6 udp4 127.0.0.1:514 *:* root sendmail 489 4 tcp4 127.0.0.1:25 *:* - If I telnet from the jailhost to mail.example.org 25, for example, both outgoing and incoming connections appear to sockstat, tcpdump, etc. on the jailhost as using the jail's IP address! Similarly, if I perform a DNS lookup on the jailhost (using the ns.example.org jail for resolution), both incoming and outgoing connections occur on the jail's IP address. Granted, everything is really happening over the loopback address, but a connection originating from the jailhost to a jail should appear to be using the jailhost's IP address, or so I'd like to think. If it doesn't, then the scenario is awkward at best when trying to understand or debug issues. The thought occurred to me, however, that I could add a new network card and reserve that for the IP aliases needed by the jails. But I'm not sure whether that will work in telling me who's who, or whether I'll discover another gotcha. ;-) Comments, questions and complaints all welcomed. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Reconfiguring network interfaces
On Sun, Jul 6, 2008 at 8:12 AM, Mel <[EMAIL PROTECTED]> wrote: > On Sunday 06 July 2008 16:06:49 David Allen wrote: > >> I need to make several wholesale changes to a few different systems, >> and I'd prefer to do it over SSH without losing connectivity where >> possible. I know I can use ifconfig, or edit /etc/rc.conf directly >> and reboot, but is there a canonical way to make the changes in >> /etc/rc.conf and "reload" those changes to ensure everything is in a >> known state? From what I can determine, running netif stop/start >> would work, but would require I do that locally. > > So, you want to make changes to a machine and confirm they're correct, but > when they're not, the old settings should be restored: > > 0) make sure sshd listens on all ip's ('INADDR_ANY'), not preconfigured set. > > # cp -p /etc/rc.conf /etc/rc.conf.BEFORE_CHANGE > # ${EDITOR} /etc/rc.conf > # cp -p /etc/rc.conf /etc/rc.conf.CHANGES > > Then this script, say /root/bin/testrc.sh: > = > #!/bin/sh > > /etc/rc.d/netif stop > sleep 1 > /etc/rc.d/netif start > # sleep for 5 minutes, should be ample time to re-establish the ssh > # connection. > sleep 300 > # We were not killed, this means the connection is faulty > cp -p /etc/rc.conf.BEFORE_CHANGE /etc/rc.conf > /etc/rc.d/netif stop > sleep 1 > /etc/rc.d/netif start > = > > Then run as: > daemon -p /var/run/testrc.pid /root/bin/testrc.sh > > When you can log back in, simply: > kill `cat /var/run/testrc.pid` ; rm /var/run/testrc.pid > And rm /etc/rc.conf.BEFORE_CHANGE if you feel comfy. > > If you couldn't log back in, inspect /etc/rc.conf.CHANGES and adjust, rm the > pid file, rince and repeat. LOL. You've turned what was could have been an awkward scenario and a cheap and dirty hack into something almost elegant. Me, I'm just trying to save some trips but I'm sure there's enough of us who have encountered a situation where physical access is out of the question or simply not doable. My thanks to everyone that replied. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Wrong dependency being installed
On Mon, Jul 07, 2008 at 05:18:01PM +0200, Mel wrote: > On Monday 07 July 2008 15:07:23 Jesse Sheidlower wrote: > > I'm running apache22 on a FreeBSD-7.0 system. When I try to > > install the port www/mod_line_edit, the ports system tries to > > install apache20 alongside of it, despite the fact that I have > > apache22 installed already. > > > > The Makefile has WITH_APACHE2=YES, but if I change this to > > WITH_APACHE22, then it tries to install apache13. > > > > How can I use the ports system to build this against my > > installed version of Apache? > > APACHE_PORT=www/apache22 >> /etc/make.conf > > See /usr/ports/Mk/bsd.apache.mk for details. Thanks, that did the trick. Jesse Sheidlower ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
automount is not recognizing option longname
Hello list, I have setup amd and it works fine. Only one special situation is making me crazy. When I want to use a USB-Stick without data on it, amd is mounting it with the 8.3-limitation. I've added the option longname in my map-file but it still ignores this option... Does somebody knows about this behavior? My amd.map: usb type:=pcfs;opts:=utimout=1,longname;dev:=/dev/da0s1 With regards Stevan Tiefert ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: .htaccess or OS related?
On Monday 07 July 2008 14:46:47 Bill Moran wrote: > In response to "Jos Chrispijn" <[EMAIL PROTECTED]>: > > Bill, > > > > > -Original Message- > > Keep the list in the loop on replies. > > > > The algorithm is part of Apache and has little or nothing to do with > > > the OS on which it runs. > > > > I see, so .htpasswd is an Apache utility then; didn't know that. > > > > > And the encryption used to store passwords in .htaccess files is known > > > to be weak. If you need something strong, look to one of the other > > > mod_* security packages instead of .htaccess passwords. > > > > What other mod_* security package would you recommend? > > I won't _recommend_ anything. However, I will point out that there's a > mod_ldap, mod_auth_kerb, and mod_auth_pam. There are probably others > that I'm forgetting. The encryption of htpasswd files is only a concern, when: - the password databases themselves are downloadable - you have a shared host and local users have access to your password databases Using one of the modules described above, won't solve anything (as you can still store the passwords in md5 or even weaker hash) and will need support from your hosting provider. Those modules are meant to centralize user management, not to increase password encryption. If you want to improve the hash with which password are stored, then use the '-s' option to htpasswd(1), which will use SHA, rather then MD5. If you want to protect your users more, then you should use mod_auth_digest, which instructs the browser to hash it's password before sending it over the internet. -- Mel Problem with today's modular software: they start with the modules and never get to the software part. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: .htaccess or OS related?
Written by Jerry McAllister on 07/07/08 10:26>> > On Mon, Jul 07, 2008 at 02:18:49PM +0200, Jos Chrispijn wrote: > >> I ran into a problem last night that I was able to solve, but generated a >> question: >> >> I have this hosting provider (uses Debian OS) on which I can't use htpasswd >> to generate user and password to protect a single file. > > Probably was not in your path. You may have to find out where it > is and add that directory to your path or use the full pathname when > invoking it. > > >> To have this done I solved it as follows: did a htpasswd on my own server >> (FreeBSD 7) and simply copied the file with the user:password (scrambled) to >> my home directory I have with this hosting provider and referred in the >> .htaccess to it. And now comes the fun stuff: it worked without probs. >> >> >> So the algorithm that is used on FreeBSD to scramble a user password is the >> same as it is used by Debian? Isn't that a security gap? > > That is something done by Apache and is common to all implementations > unless you change it. I never looked, but I think it uses one of > the commonly use encryption algorithms, maybe even the same one > used for regular passwords. > > > jerry > > In fact it's either an Apache adaptation of MD5, SHA, plaintext, or the system's crypt(). The encryption mechanism can be specified per-user with the m,d,s, and p flags. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: .htaccess or OS related?
On Mon, Jul 07, 2008 at 02:18:49PM +0200, Jos Chrispijn wrote: > I ran into a problem last night that I was able to solve, but generated a > question: > > I have this hosting provider (uses Debian OS) on which I can't use htpasswd > to generate user and password to protect a single file. Probably was not in your path. You may have to find out where it is and add that directory to your path or use the full pathname when invoking it. > > To have this done I solved it as follows: did a htpasswd on my own server > (FreeBSD 7) and simply copied the file with the user:password (scrambled) to > my home directory I have with this hosting provider and referred in the > .htaccess to it. And now comes the fun stuff: it worked without probs. > > > So the algorithm that is used on FreeBSD to scramble a user password is the > same as it is used by Debian? Isn't that a security gap? That is something done by Apache and is common to all implementations unless you change it. I never looked, but I think it uses one of the commonly use encryption algorithms, maybe even the same one used for regular passwords. jerry > > Jos > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Wrong dependency being installed
On Monday 07 July 2008 15:07:23 Jesse Sheidlower wrote: > I'm running apache22 on a FreeBSD-7.0 system. When I try to > install the port www/mod_line_edit, the ports system tries to > install apache20 alongside of it, despite the fact that I have > apache22 installed already. > > The Makefile has WITH_APACHE2=YES, but if I change this to > WITH_APACHE22, then it tries to install apache13. > > How can I use the ports system to build this against my > installed version of Apache? APACHE_PORT=www/apache22 >> /etc/make.conf See /usr/ports/Mk/bsd.apache.mk for details. -- Mel Problem with today's modular software: they start with the modules and never get to the software part. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Recovering root password from a drive by mounting the cdrom
Thanks Manolis for your response. This disk is running freebsd but it's from iomega software company on an unsupported raid controller product of theirs. I can't get any help from them even for a price. I could boot up the disk in single user but at the login prompt I can't type anything, even if I boot up in multi user mode. That's why I was trying the cd path hoping I could get in that way. Yes I think my console may been marked as 'insecure' in /etc/ttys that's why I am not able to get in as you said. I try the options you gave me below and see what I could find. Thanks much # mukarram Mukarram Syed [EMAIL PROTECTED] - Original Message From: Manolis Kiagias <[EMAIL PROTECTED]> To: Mukarram Syed <[EMAIL PROTECTED]> Cc: freebsd-questions@freebsd.org Sent: Monday, July 7, 2008 12:12:17 AM Subject: Re: Recovering root password from a drive by mounting the cdrom Mukarram Syed wrote: > Thanks for this response and others. > However, my problem does not look to be so simple. > > I boot off the install cd and get into the fixit prompt. > > I dmesg | less and get the device name that I think is my hard drive /dev/ad0. > I fdisk /dev/ad0 and get information about 3 slices. I am think /dev/ad0 > slice 3 is the root file system because slice 3 has a greatest amount of disk > space and that looks like my root partition > Then I ls -l /dev |grep ad0 and it spits out a number for /dev/ad0 like ad0s0 > ad0s1 ad0s3 etc. > I am assuming /dev/ad0s3 is slice 3 which I believe it to be my root > partition. > So I mount it: > mount /dev/ad0s3 /mnt > I do a df -k and find that /mnt has 0 bytes available. To check I cd /mnt > and ls and don't find any data in it. > I check/dev/ad0s2 /dev/ad0s1 in the same way. None of it has any data. > > I guess there is something else that I am missing at this point. > > Can anyone advise. > > Thanks > > # mukarram > > > Mukarram Syed > [EMAIL PROTECTED] > > > There must be something wrong if don't see any partitions in any of the slices. You should see something like ad0s1a, ad0s1d, ad0s1f ... Are you able to boot the server normally, from its own disk? Are you able to boot into single user mode, by selecting it from the boot menu? If you can boot into single user mode, you can change the password immediately by doing something like: mount -o rw / mount -a passwd (then exit and boot will continue) If you are asked for a root password when going into single user mode, your console has been marked as 'insecure' in /etc/ttys. You will need to boot with the live CD, mount the root partition and change /etc/ttys, then reboot in single user mode and change the password. This is the easiest way IMHO. If you are not asked for a password when getting into single user mode, you don't need the live CD at all. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: OT: anyone been crazy enough to mirror wikipedia?
On Mon, Jul 07, 2008 at 12:04:10AM -0400, DAve wrote: > Ted Mittelstaedt wrote: > > > >>-Original Message- > >>From: [EMAIL PROTECTED] > >>[mailto:[EMAIL PROTECTED] Behalf Of Chad Perrin > >>Sent: Monday, June 30, 2008 10:05 PM > >>To: FreeBSD Mailing List > >>Subject: Re: OT: anyone been crazy enough to mirror wikipedia? > >> > >> > >>On Mon, Jun 30, 2008 at 05:15:39PM -0400, DAve wrote: > >>>Steve Franks wrote: > So call me a sociopath, but times are a bit scary. I'd like to do the > 2000's equivalent of the 1960's bomb shelter, and have my very own > snapshot in case of major local/regional internet disruption, etc. > > What would be the best way to go about this. I see with <1T words, it > appears doable on current technology. Maybe they should offer a > snapshot on DVDs or disk as a fundraiser? I'd drop $300 for some sort > of officially licenced copy, I suspect there are other freaks that > would too... > >>>When the world gets that bad, Wikipedia is the least of my concerns, > >>>slightly ahead of who is winning American Idol. If it comes to > >>the point > >>>the internet goes down for a long period of time, that $300 is better > >>>spent on a garden. > >>> > >>>Just my thoughts. > >>Actually . . . if things get that bad, you're going to need some > >>firepower to protect your garden (and everything else you don't want > >>taken from you by force). To properly protect a garden, you'd need to > >>make it a community farm, with community members who have and will use > >>firearms to protect it (and your Wikipedia mirror). > >> > >>Of course, I greatly admire the impulse to protect the collected > >>knowledge of Wikipedia from disaster. It's also practical -- because it > >>contains a lot of information that might be of use (including good > >>subsistence gardening information, for those of us who don't have > >>naturally green thumbs). > >> > > > >If the crash comes and you don't have 4 - 5 years of experience > >running a garden on your land, plus your own well, your gonna starve. > > > >Veggies are very particular as to the kind of soil they like, and the > >light and water they get. And it takes several years of trying different > >ones to figure out the ones that do best in your soil. And most modern > >veggies are hybrids and the seed is genetically engineered, and patented. > >Many varieties are, in fact, sterile. Many others require irrigation to > >produce sizable yields. > > > >To put in a "heritage" garden that will produce given the normally > >occurring rainfall in your area takes someone with many years of > >experience in your area growing gardens. By the time you would > >be able to get one going from info in wikipedia, you would have > >died of starvation. > > > >Ted > > Some of us will have veggies/skills/water for trade. But what he says is > true. It ain't as easy as read a page, plant a row. If I have a question > on FreeBSD, Wikipedia is my last resort, after phone calls. While it is > useful I suppose to some, I would never base a decision on anything I > read there. It is useful for key words and topics to expand a search > through better sources, but not much else. If Wikipedia is killing > Encyclopedia sales, it is because people are willing to accept > mediocrity over accuracy if accuracy comes at a price and mediocrity is > free. > > It has been my experience, maybe things have changed, that a hardbound > reference book is the equivalent of asking Bunny Watson for an answer, > and Wikipedia is like asking Cliffy on Cheers. Now, if you think Print Encyclopedias and/or Wikipedia are incomplete and inaccurate, try checking out textbooks for Middle school, High school and even undergraduate college. jerry > > DAve > > > -- > Don't tell me I'm driving the cart! > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: minimum xorg install for clients side
On Mon, Jul 07, 2008 at 03:27:30PM +0200, Anders Troback wrote: > On Mon, 7 Jul 2008 11:17:11 +0100 > Anton Shterenlikht <[EMAIL PROTECTED]> wrote: > > > On Sun, Jul 06, 2008 at 08:05:24PM +0200, Anders Trob??ck wrote: > > > On Sun, 6 Jul 2008 16:24:08 +0100 > > > Anton Shterenlikht <[EMAIL PROTECTED]> wrote: > > > > > > > On Sun, Jul 06, 2008 at 02:16:36PM +0200, Anders Trob??ck wrote: > > > > > > > > > > If you want to have a remote GUI logon with XDMCP install XDM, > > > > > GDM or KDM then you can start X with the -query parameter! > > > > > > > > > > If this wasn't what you where asking please ask again:-) > > > > > > > > sorry, I wasn't clear. > > > > > > > > I have 2 FBSD boxes: a server with no graphics card (S) and a > > > > laptop (L). I want to run X applications on S and see the results > > > > on L. The applications I run on S are typically xpdf, gs, xfig, > > > > display, firefox, etc. > > > > > > > > While I could install ports/xorg on both boxes, this is probably > > > > excessive. Since I won't run any xorg applications on L, I > > > > probably don't need xorg-apps on L. Likewise, since I'm not > > > > running xorg server on S, I probably don't need xorg-server on S. > > > > This is my basic understanding of xorg server-clients model. Is > > > > this logic correct? > > > > > > > > However, I'm not sure on what box (S, L or both) I need: > > > > xorg-libraries > > > > xorg-fonts > > > > xorg-drivers > > > > xorg-protos > > > > > > > > etc. > > > > > > > > > > If you are after a real minimal installation with XDMCP you can do > > > like this: > > > > > > On S: > > > x11/xdm > > > > > > On L: > > > x11-servers/xorg-server > > > x11-drivers/xf86-input-keyboard > > > x11-drivers/xf86-input-mouse > > > x11-drivers/xf86-video-intel (or what ever card you have) > > > x11-fonts/font-alias > > > x11-fonts/font-cursor-misc > > > x11-fonts/font-misc-misc > > > > > > Configure X on L: > > > X -configure > > > X -config xorg.conf.new > > > cp xorg.conf.new /etc/X11/xorg.conf > > > > > > Configure XDM on S: > > > Read http://www.freebsd.org/doc/en/books/handbook/x-xdm.html > > > > > > Start XDM on S: > > > xdm > > > (if you want it to start after reboot look for a line about xdm > > > (ttyv8) in /etc/ttys, change off to on) > > > > > > Start X on L: > > > X -query S > > > > Anders thanks > > > > I tried to follow your guidelines, but cannot see the login prompt > > after X -query S. I also cannot see port 177 open on S, only: > > > > 6000/tcp open X11 > > > > Should 177/udp and /tcp be open on S? How to do this? > > > > I've the following line in /etc/ttys: > > > > ttyv8 "/usr/X11R6/bin/xdm -daemon"xterm on secure > > > > and: > > > > % ps ax|grep xdm > > 38718 ?? Is 0:00.08 /usr/X11R6/bin/xdm -daemon ttyv8 > > 44523 ?? Rs 0:17.61 /usr/local/bin/X :0 > > -auth /usr/local/lib/X11/xdm/auth 44524 ?? Ss 0:08.04 xdm: :0 > > (xdm) 45544 v4 RL+0:00.01 grep xdm > > % > > > > and I commented out this line in xdm-config > > > > !DisplayManager.requestPort:0 > > > > What am I missing? > > > > > > many thanks > > anton > > > > How does you /usr/local/lib/X11/xdm/Xaccess look? > > Try to put: > > LISTEN xxx.xxx.xxx.xxx > > where the xxx thing are the ip of S! I've the following two lines in Xaccess * LISTEN xx.xx.xx.xx where xx is the server ip. So it should give access to any server to xdm. I also notice these errors in xdm.log: xdm error (pid 9961): server open failed for myhost:0, giving up xdm error (pid 4191): Display myhost:0 cannot be opened xdm error (pid 4191): Display myhost:0 is being disabled where myhost is the nodename of L. I also realsed I might not need xdmcp, as I seem to be able to run graphical apps on S with ssh X11 forwarding. In which case all I need are the actual applications I run, e.g xterm or xpdf. So your initial responce to my question makes sense to me now. many thanks anton -- Anton Shterenlikht Room 2.6, Queen's Building Mech Eng Dept Bristol University University Walk, Bristol BS8 1TR, UK Tel: +44 (0)117 928 8233 Fax: +44 (0)117 929 4423 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Fwd: Trouble with Intel WIFI ipw2200
-- Forwarded message -- From: Diego F. Arias R. <[EMAIL PROTECTED]> Date: Mon, Jul 7, 2008 at 9:24 AM Subject: Re: Trouble with Intel WIFI ipw2200 To: Mel <[EMAIL PROTECTED]> Not working is dhcp is not getting ip address then i set up one to use tcpdump. If i set one, dont works either. On Mon, Jul 7, 2008 at 5:56 AM, Mel <[EMAIL PROTECTED]> wrote: > On Monday 07 July 2008 03:03:48 Diego F. Arias R. wrote: > >> i have installed freebsd on my laptop but i have a weird problem. I >> can assosiate with my AP(AccessPoint) using my WEp key but dont works. >> If i try to use DHCP or set a IP address dont works but if i put >> tcpdump i can see a few packets. If i try with a keyless network it >> works. >> >> >> yatusabes# uname -a >> FreeBSD yatusabes 7.0-RELEASE-p2 FreeBSD 7.0-RELEASE-p2 #0: Wed Jun 18 >> 07:33:20 UTC 2008 >> [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 >> >> yatusabes# ifconfig iwi0 >> iwi0: flags=8843 metric 0 mtu 1500 >> ether 00:13:ce:e8:e8:f4 >> inet 192.168.122.1 netmask 0xff00 broadcast 192.168.122.255 >> media: IEEE 802.11 Wireless Ethernet autoselect >> status: associated >> ssid "Dark Princess" channel 1 (2412 Mhz 11g) bssid >> 00:1b:11:9b:19:7c authmode OPEN privacy ON deftxkey 1 wepkey 1:104-bit >> bmiss 10 scanvalid 60 bgscan bgscanintvl 300 bgscanidle 250 roam:rssi11g 7 >> roam:rate11g 5 protmode CTS >> >> >> yatusabes# ifconfig iwi0 ssid "Dark Princess" wepkey thekey weptxkey 1 up > > > This is up and working. So define 'not working'. Other then your IP being .1 > in /24 network, which is generally used for the router, I don't see anything > wrong. If the key wasn't accepted, it wouldn't be associated. > > > -- > Mel > > Problem with today's modular software: they start with the modules >and never get to the software part. > -- mmm, interesante. -- mmm, interesante. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Why would it make such a difference to move mysqld to anothermachine?
Yes, that could be the case if the database was transferred by doing mysqldump on the first machine and then loading the dump on the second. This is indeed what I did. Odd that you ask this question, because my very first guess about this issue was that the database was corrupted in some way. However, I could not find any evidence of corruption, per se. I didn't realize that mysql records could become 'fragmented'... I guess this means the records are fragmented on disk as the database file is updated over time. The records in question (mainly product data) are not changed very often, and had been moved (using mysqldump) to this new machine in the last 6 weeks or so. So this doesn't sound like a likely cause. However, a very interesting thing to know... -- John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: FreeBSD and Active Directory
Well I figured at all out using Samba's WinBind and Kerberos. I will post the docs today or tomorrow, after I write them, to my blog at http://www.ctdx.net for everyones viewing pleasure. --- Chris Edwards Smartech Corp. Div. of AirNet Group http://www.airnetgroup.com http://www.smartechcorp.net [EMAIL PROTECTED] P: 423-664-7678 x114 C: 423-593-6964 F: 423-664-7680 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom McLaughlin Sent: Tuesday, July 01, 2008 12:30 PM To: Chris Edwards Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD and Active Directory On Thu, 2008-06-26 at 15:20 -0400, Chris Edwards wrote: > I have been put in charge of creating a single sign-on mechanism for our > Windows 2003 and FreeBSD servers. We are wanting to use Active Directory as > our LDAP server. I know of four different methods that could possibly work. > > 1. OpenLDAP > 2. Radius > 3. NIS > 4. WinBind / Samba > > Which is the most excepted/supported way to do this? Several of the severs > are very old, 4+ years old. > > Thanks for any help, > > --- > > Chris Edwards You need to handle two things, user identification and user authentication. OpenLDAP (actually nss_ldap) will do the id part and kerberos will do the authentication part. Unfortunately my AD related links for this are at work and I'm at home today. tom -- | tmclaugh at sdf.lonestar.org tmclaugh at FreeBSD.org | | FreeBSD http://www.FreeBSD.org | ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Possible ath (AR5212) disfunctionality on 7-STABLE
Greetings List. I recently upgraded a system to 7-STABLE and found that neither of my two ath-5212 based wireless pci devices were recognized. I actually had to revert to using a similar system that still had 6.3-STABLE installed. Has anyone else had similar experience, or does anyone have any information on this at all? I wanted to upgrade and use 7-STABLE for my wireless/wireline routing however, as it is right now, I am unable to even use the devices. -- Respectfully, Martes G Wigglesworth,CEO M.G.Wigglesworth,LLC [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: .htaccess or OS related?
> -Original Message- > Keep the list in the loop on replies. Oke, I will keep that in mind. > I won't _recommend_ anything. However, I will point out that there's a > mod_ldap, mod_auth_kerb, and mod_auth_pam. There are probably others > that I'm forgetting. I will have a look at it and start using that instead of how I do it now. Thanks for sharing, Jos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Why would it make such a difference to move mysqld to anothermachine?
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Bob McConnell wrote: | On Behalf Of Mel | On Sunday 06 July 2008 10:58:54 Matthew Seaman wrote: | |>> I suspect that you could have achieved a pretty good speed-up simply | by |>> adding another hard drive to your server and moving all of the | database |>> onto it, separate from the web root and any other areas which apache |>> would be doing a lot of read/write operations on. | | I have not been following this thread closely, and I don't know much | about MySQL, but I do have a question here. Is it possible that the | process of moving the database to the second machine also resulted in | cleaning up (defragmenting?) the files and reordering some tables to | more closely match their indexes? Would this reduce the response time on | the new server, at least until a significant amount of additional data | was added that reverses these effects? Yes, that could be the case if the database was transferred by doing mysqldump on the first machine and then loading the dump on the second. It wouldn't be the case if the data were transferred just by tarring up the DB data directory and copying it over. You can achieve the same effect by running 'OPTIMIZE TABLE foo;' from within MySQL or using 'mysqlcheck --optimize ...'. However, the scale of improvement described is rather more than can generally be achieved by table optimization. Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. Flat 3 ~ 7 Priory Courtyard PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate ~ Kent, CT11 9PW, UK -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.9 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEAREDAAYFAkhyG7UACgkQ3jDkPpsZ+VYDJwCgtaV/BOE+YqGICUEVht3y40Ga 7oAAn2nQOZjZ7oJsSXAi4KsoNXi8R0Vh =efqJ -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: .htaccess or OS related?
> I wonder whether the hosting provider will let the OP install > mod_whatever, even, if he could not be allowed to use htpasswd. I don't think that either, but as I have some other BSD servers myself, I really will start using this on my systems. Regarding to that provider, I will reroute the document thru my server as long as he can't provide what I am looking for. In the mean time I will discuss this issue with him. Jos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Wrong dependency being installed
I'm running apache22 on a FreeBSD-7.0 system. When I try to install the port www/mod_line_edit, the ports system tries to install apache20 alongside of it, despite the fact that I have apache22 installed already. The Makefile has WITH_APACHE2=YES, but if I change this to WITH_APACHE22, then it tries to install apache13. How can I use the ports system to build this against my installed version of Apache? Thanks. Jesse Sheidlower ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: minimum xorg install for clients side
On Mon, 7 Jul 2008 11:17:11 +0100 Anton Shterenlikht <[EMAIL PROTECTED]> wrote: > On Sun, Jul 06, 2008 at 08:05:24PM +0200, Anders Trob??ck wrote: > > On Sun, 6 Jul 2008 16:24:08 +0100 > > Anton Shterenlikht <[EMAIL PROTECTED]> wrote: > > > > > On Sun, Jul 06, 2008 at 02:16:36PM +0200, Anders Trob??ck wrote: > > > > > > > > If you want to have a remote GUI logon with XDMCP install XDM, > > > > GDM or KDM then you can start X with the -query parameter! > > > > > > > > If this wasn't what you where asking please ask again:-) > > > > > > sorry, I wasn't clear. > > > > > > I have 2 FBSD boxes: a server with no graphics card (S) and a > > > laptop (L). I want to run X applications on S and see the results > > > on L. The applications I run on S are typically xpdf, gs, xfig, > > > display, firefox, etc. > > > > > > While I could install ports/xorg on both boxes, this is probably > > > excessive. Since I won't run any xorg applications on L, I > > > probably don't need xorg-apps on L. Likewise, since I'm not > > > running xorg server on S, I probably don't need xorg-server on S. > > > This is my basic understanding of xorg server-clients model. Is > > > this logic correct? > > > > > > However, I'm not sure on what box (S, L or both) I need: > > > xorg-libraries > > > xorg-fonts > > > xorg-drivers > > > xorg-protos > > > > > > etc. > > > > > > > If you are after a real minimal installation with XDMCP you can do > > like this: > > > > On S: > > x11/xdm > > > > On L: > > x11-servers/xorg-server > > x11-drivers/xf86-input-keyboard > > x11-drivers/xf86-input-mouse > > x11-drivers/xf86-video-intel (or what ever card you have) > > x11-fonts/font-alias > > x11-fonts/font-cursor-misc > > x11-fonts/font-misc-misc > > > > Configure X on L: > > X -configure > > X -config xorg.conf.new > > cp xorg.conf.new /etc/X11/xorg.conf > > > > Configure XDM on S: > > Read http://www.freebsd.org/doc/en/books/handbook/x-xdm.html > > > > Start XDM on S: > > xdm > > (if you want it to start after reboot look for a line about xdm > > (ttyv8) in /etc/ttys, change off to on) > > > > Start X on L: > > X -query S > > Anders thanks > > I tried to follow your guidelines, but cannot see the login prompt > after X -query S. I also cannot see port 177 open on S, only: > > 6000/tcp open X11 > > Should 177/udp and /tcp be open on S? How to do this? > > I've the following line in /etc/ttys: > > ttyv8 "/usr/X11R6/bin/xdm -daemon"xterm on secure > > and: > > % ps ax|grep xdm > 38718 ?? Is 0:00.08 /usr/X11R6/bin/xdm -daemon ttyv8 > 44523 ?? Rs 0:17.61 /usr/local/bin/X :0 > -auth /usr/local/lib/X11/xdm/auth 44524 ?? Ss 0:08.04 xdm: :0 > (xdm) 45544 v4 RL+0:00.01 grep xdm > % > > and I commented out this line in xdm-config > > !DisplayManager.requestPort:0 > > What am I missing? > > > many thanks > anton > How does you /usr/local/lib/X11/xdm/Xaccess look? Try to put: LISTEN xxx.xxx.xxx.xxx where the xxx thing are the ip of S! -- Anders Trobäck http://www.troback.com/ Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: Why would it make such a difference to move mysqld to anothermachine?
On Behalf Of Mel On Sunday 06 July 2008 10:58:54 Matthew Seaman wrote: >> I suspect that you could have achieved a pretty good speed-up simply by >> adding another hard drive to your server and moving all of the database >> onto it, separate from the web root and any other areas which apache >> would be doing a lot of read/write operations on. I have not been following this thread closely, and I don't know much about MySQL, but I do have a question here. Is it possible that the process of moving the database to the second machine also resulted in cleaning up (defragmenting?) the files and reordering some tables to more closely match their indexes? Would this reduce the response time on the new server, at least until a significant amount of additional data was added that reverses these effects? Thank you, Bob McConnell ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: .htaccess or OS related?
In response to "Odhiambo Washington" <[EMAIL PROTECTED]>: > I wonder whether the hosting provider will let the OP install > mod_whatever, even, if he could not be allowed to use htpasswd. I suppose, but if the OP is concerned about the security of his data beyond what the htpasswd command can do, he probably needs to get his data off a shared host anyway. > On 7/7/08, Bill Moran <[EMAIL PROTECTED]> wrote: > > In response to "Jos Chrispijn" <[EMAIL PROTECTED]>: > > > >> I ran into a problem last night that I was able to solve, but generated a > >> question: > >> > >> I have this hosting provider (uses Debian OS) on which I can't use > >> htpasswd > >> to generate user and password to protect a single file. > >> > >> To have this done I solved it as follows: did a htpasswd on my own server > >> (FreeBSD 7) and simply copied the file with the user:password (scrambled) > >> to > >> my home directory I have with this hosting provider and referred in the > >> .htaccess to it. And now comes the fun stuff: it worked without probs. > >> > >> > >> So the algorithm that is used on FreeBSD to scramble a user password is > >> the > >> same as it is used by Debian? Isn't that a security gap? > > > > The algorithm is part of Apache and has little or nothing to do with > > the OS on which it runs. > > > > And the encryption used to store passwords in .htaccess files is known > > to be weak. If you need something strong, look to one of the other mod_* > > security packages instead of .htaccess passwords. > > > > -- > > Bill Moran > > http://www.potentialtech.com > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > > > -- > Sent from Google Mail for mobile | mobile.google.com > > Best regards, > Odhiambo WASHINGTON, > Nairobi,KE > +254733744121/+254722743223 > _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ > > "Oh My God! They killed init! You Bastards!" > --from a /. post > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Bill Moran http://www.potentialtech.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: .htaccess or OS related?
I wonder whether the hosting provider will let the OP install mod_whatever, even, if he could not be allowed to use htpasswd. On 7/7/08, Bill Moran <[EMAIL PROTECTED]> wrote: > In response to "Jos Chrispijn" <[EMAIL PROTECTED]>: > >> I ran into a problem last night that I was able to solve, but generated a >> question: >> >> I have this hosting provider (uses Debian OS) on which I can't use >> htpasswd >> to generate user and password to protect a single file. >> >> To have this done I solved it as follows: did a htpasswd on my own server >> (FreeBSD 7) and simply copied the file with the user:password (scrambled) >> to >> my home directory I have with this hosting provider and referred in the >> .htaccess to it. And now comes the fun stuff: it worked without probs. >> >> >> So the algorithm that is used on FreeBSD to scramble a user password is >> the >> same as it is used by Debian? Isn't that a security gap? > > The algorithm is part of Apache and has little or nothing to do with > the OS on which it runs. > > And the encryption used to store passwords in .htaccess files is known > to be weak. If you need something strong, look to one of the other mod_* > security packages instead of .htaccess passwords. > > -- > Bill Moran > http://www.potentialtech.com > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > -- Sent from Google Mail for mobile | mobile.google.com Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ "Oh My God! They killed init! You Bastards!" --from a /. post ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: .htaccess or OS related?
In response to "Jos Chrispijn" <[EMAIL PROTECTED]>: > Bill, > > > -Original Message- Keep the list in the loop on replies. > > The algorithm is part of Apache and has little or nothing to do with > > the OS on which it runs. > > I see, so .htpasswd is an Apache utility then; didn't know that. > > > And the encryption used to store passwords in .htaccess files is known > > to be weak. If you need something strong, look to one of the other mod_* > > security packages instead of .htaccess passwords. > > What other mod_* security package would you recommend? I won't _recommend_ anything. However, I will point out that there's a mod_ldap, mod_auth_kerb, and mod_auth_pam. There are probably others that I'm forgetting. -- Bill Moran http://www.potentialtech.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: .htaccess or OS related?
In response to "Jos Chrispijn" <[EMAIL PROTECTED]>: > I ran into a problem last night that I was able to solve, but generated a > question: > > I have this hosting provider (uses Debian OS) on which I can't use htpasswd > to generate user and password to protect a single file. > > To have this done I solved it as follows: did a htpasswd on my own server > (FreeBSD 7) and simply copied the file with the user:password (scrambled) to > my home directory I have with this hosting provider and referred in the > .htaccess to it. And now comes the fun stuff: it worked without probs. > > > So the algorithm that is used on FreeBSD to scramble a user password is the > same as it is used by Debian? Isn't that a security gap? The algorithm is part of Apache and has little or nothing to do with the OS on which it runs. And the encryption used to store passwords in .htaccess files is known to be weak. If you need something strong, look to one of the other mod_* security packages instead of .htaccess passwords. -- Bill Moran http://www.potentialtech.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
.htaccess or OS related?
I ran into a problem last night that I was able to solve, but generated a question: I have this hosting provider (uses Debian OS) on which I can't use htpasswd to generate user and password to protect a single file. To have this done I solved it as follows: did a htpasswd on my own server (FreeBSD 7) and simply copied the file with the user:password (scrambled) to my home directory I have with this hosting provider and referred in the .htaccess to it. And now comes the fun stuff: it worked without probs. So the algorithm that is used on FreeBSD to scramble a user password is the same as it is used by Debian? Isn't that a security gap? Jos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Trouble with Intel WIFI ipw2200
On Monday 07 July 2008 03:03:48 Diego F. Arias R. wrote: > i have installed freebsd on my laptop but i have a weird problem. I > can assosiate with my AP(AccessPoint) using my WEp key but dont works. > If i try to use DHCP or set a IP address dont works but if i put > tcpdump i can see a few packets. If i try with a keyless network it > works. > > > yatusabes# uname -a > FreeBSD yatusabes 7.0-RELEASE-p2 FreeBSD 7.0-RELEASE-p2 #0: Wed Jun 18 > 07:33:20 UTC 2008 > [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 > > yatusabes# ifconfig iwi0 > iwi0: flags=8843 metric 0 mtu 1500 > ether 00:13:ce:e8:e8:f4 > inet 192.168.122.1 netmask 0xff00 broadcast 192.168.122.255 > media: IEEE 802.11 Wireless Ethernet autoselect > status: associated > ssid "Dark Princess" channel 1 (2412 Mhz 11g) bssid > 00:1b:11:9b:19:7c authmode OPEN privacy ON deftxkey 1 wepkey 1:104-bit > bmiss 10 scanvalid 60 bgscan bgscanintvl 300 bgscanidle 250 roam:rssi11g 7 > roam:rate11g 5 protmode CTS > > > yatusabes# ifconfig iwi0 ssid "Dark Princess" wepkey thekey weptxkey 1 up This is up and working. So define 'not working'. Other then your IP being .1 in /24 network, which is generally used for the router, I don't see anything wrong. If the key wasn't accepted, it wouldn't be associated. -- Mel Problem with today's modular software: they start with the modules and never get to the software part. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: minimum xorg install for clients side
On Sun, Jul 06, 2008 at 08:05:24PM +0200, Anders Trob??ck wrote: > On Sun, 6 Jul 2008 16:24:08 +0100 > Anton Shterenlikht <[EMAIL PROTECTED]> wrote: > > > On Sun, Jul 06, 2008 at 02:16:36PM +0200, Anders Trob??ck wrote: > > > > > > If you want to have a remote GUI logon with XDMCP install XDM, GDM > > > or KDM then you can start X with the -query parameter! > > > > > > If this wasn't what you where asking please ask again:-) > > > > sorry, I wasn't clear. > > > > I have 2 FBSD boxes: a server with no graphics card (S) and a laptop > > (L). I want to run X applications on S and see the results on L. > > The applications I run on S are typically xpdf, gs, xfig, display, > > firefox, etc. > > > > While I could install ports/xorg on both boxes, this is probably > > excessive. Since I won't run any xorg applications on L, I probably > > don't need xorg-apps on L. Likewise, since I'm not running xorg server > > on S, I probably don't need xorg-server on S. This is my basic > > understanding of xorg server-clients model. Is this logic correct? > > > > However, I'm not sure on what box (S, L or both) I need: > > xorg-libraries > > xorg-fonts > > xorg-drivers > > xorg-protos > > > > etc. > > > > If you are after a real minimal installation with XDMCP you can do like > this: > > On S: > x11/xdm > > On L: > x11-servers/xorg-server > x11-drivers/xf86-input-keyboard > x11-drivers/xf86-input-mouse > x11-drivers/xf86-video-intel (or what ever card you have) > x11-fonts/font-alias > x11-fonts/font-cursor-misc > x11-fonts/font-misc-misc > > Configure X on L: > X -configure > X -config xorg.conf.new > cp xorg.conf.new /etc/X11/xorg.conf > > Configure XDM on S: > Read http://www.freebsd.org/doc/en/books/handbook/x-xdm.html > > Start XDM on S: > xdm > (if you want it to start after reboot look for a line about xdm (ttyv8) > in /etc/ttys, change off to on) > > Start X on L: > X -query S Anders thanks I tried to follow your guidelines, but cannot see the login prompt after X -query S. I also cannot see port 177 open on S, only: 6000/tcp open X11 Should 177/udp and /tcp be open on S? How to do this? I've the following line in /etc/ttys: ttyv8 "/usr/X11R6/bin/xdm -daemon"xterm on secure and: % ps ax|grep xdm 38718 ?? Is 0:00.08 /usr/X11R6/bin/xdm -daemon ttyv8 44523 ?? Rs 0:17.61 /usr/local/bin/X :0 -auth /usr/local/lib/X11/xdm/auth 44524 ?? Ss 0:08.04 xdm: :0 (xdm) 45544 v4 RL+0:00.01 grep xdm % and I commented out this line in xdm-config !DisplayManager.requestPort:0 What am I missing? many thanks anton -- Anton Shterenlikht Room 2.6, Queen's Building Mech Eng Dept Bristol University University Walk, Bristol BS8 1TR, UK Tel: +44 (0)117 928 8233 Fax: +44 (0)117 929 4423 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Do I put down cputype in make.conf ?
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Yavuz Maslak wrote: | I have a quad-core intel 64 bit cpu. | I got 7.0-STABLE-200806-amd64-disc1.iso from | ftp://ftp3.freebsd.org/pub/FreeBSD/snapshots/200806/ | I installed freebsd7.0-stable from it. | | the machine works well. But do I need to edit /etc/make.conf for cputype ? | if it need to be edited What should I put down it in /etc/make.conf ? You don't strictly /need/ to set the CPUTYPE in /etc/make.conf -- but you can if you like. It's a trade-off between getting some CPU specific compiler optimizations (which may or may not result in better performance) and being able to move compiled objects to machines with different CPUs. An appropriate setting in your case would be: ~ CPUTYPE?= core2 but there are usually several alternatives which would work. Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. Flat 3 ~ 7 Priory Courtyard PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate ~ Kent, CT11 9PW, UK -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.9 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEAREDAAYFAkhx7FMACgkQ3jDkPpsZ+VY6lACfT6r8AULaRonO4SADaCgYB0uF Pw8An0QDtl25omywbn3PKlm6MF7RB+Ue =48An -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Do I put down cputype in make.conf ?
I have a quad-core intel 64 bit cpu. I got 7.0-STABLE-200806-amd64-disc1.iso from ftp://ftp3.freebsd.org/pub/FreeBSD/snapshots/200806/ I installed freebsd7.0-stable from it. the machine works well. But do I need to edit /etc/make.conf for cputype ? if it need to be edited What should I put down it in /etc/make.conf ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: OT: anyone been crazy enough to mirror wikipedia?
> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of DAve > Sent: Sunday, July 06, 2008 9:04 PM > To: FreeBSD Mailing List > Subject: Re: OT: anyone been crazy enough to mirror wikipedia? > > > Ted Mittelstaedt wrote: > > > >> -Original Message- > >> From: [EMAIL PROTECTED] > >> [mailto:[EMAIL PROTECTED] Behalf Of Chad Perrin > >> Sent: Monday, June 30, 2008 10:05 PM > >> To: FreeBSD Mailing List > >> Subject: Re: OT: anyone been crazy enough to mirror wikipedia? > >> > >> > >> On Mon, Jun 30, 2008 at 05:15:39PM -0400, DAve wrote: > >>> Steve Franks wrote: > So call me a sociopath, but times are a bit scary. I'd like > to do the > 2000's equivalent of the 1960's bomb shelter, and have my very own > snapshot in case of major local/regional internet disruption, etc. > > What would be the best way to go about this. I see with <1T > words, it > appears doable on current technology. Maybe they should offer a > snapshot on DVDs or disk as a fundraiser? I'd drop $300 for > some sort > of officially licenced copy, I suspect there are other freaks that > would too... > >>> When the world gets that bad, Wikipedia is the least of my concerns, > >>> slightly ahead of who is winning American Idol. If it comes to > >> the point > >>> the internet goes down for a long period of time, that $300 is better > >>> spent on a garden. > >>> > >>> Just my thoughts. > >> Actually . . . if things get that bad, you're going to need some > >> firepower to protect your garden (and everything else you don't want > >> taken from you by force). To properly protect a garden, you'd need to > >> make it a community farm, with community members who have and will use > >> firearms to protect it (and your Wikipedia mirror). > >> > >> Of course, I greatly admire the impulse to protect the collected > >> knowledge of Wikipedia from disaster. It's also practical -- > because it > >> contains a lot of information that might be of use (including good > >> subsistence gardening information, for those of us who don't have > >> naturally green thumbs). > >> > > > > If the crash comes and you don't have 4 - 5 years of experience > > running a garden on your land, plus your own well, your gonna starve. > > > > Veggies are very particular as to the kind of soil they like, and the > > light and water they get. And it takes several years of trying > different > > ones to figure out the ones that do best in your soil. And most modern > > veggies are hybrids and the seed is genetically engineered, > and patented. > > Many varieties are, in fact, sterile. Many others require irrigation to > > produce sizable yields. > > > > To put in a "heritage" garden that will produce given the normally > > occurring rainfall in your area takes someone with many years of > > experience in your area growing gardens. By the time you would > > be able to get one going from info in wikipedia, you would have > > died of starvation. > > > > Ted > > Some of us will have veggies/skills/water for trade. But what he says is > true. It ain't as easy as read a page, plant a row. If I have a question > on FreeBSD, Wikipedia is my last resort, after phone calls. While it is > useful I suppose to some, I would never base a decision on anything I > read there. It is useful for key words and topics to expand a search > through better sources, but not much else. It really depends on what your looking up. I have found it an invaluable resource for looking up cultural topics that aren't high on the importance scale, if you know what I mean. For example, when the movie Cars came out, after we bought the DVD one evening after watching it I got curious about all the Route 66 references and looked up Route 66 on Wikipedia. It's trivial knowledge of course - is it really important to know that there's a leaning water tower along I-40, is that something you would pay for a print encyclopedia for? > If Wikipedia is killing > Encyclopedia sales, it is because people are willing to accept > mediocrity over accuracy if accuracy comes at a price and mediocrity is > free. > People have always accepted mediocrity over accuracy if accuracy comes at a price. Where have you been!?!? :-) But I don't see that the print encyclopedia articles are that accurate either, at least, not after time. Particularly on the controversal stuff. My parents, bless their hearts, bought a set of encyclopedias the year before I was born. Undoubtedly some encyclopedia salesman got at them. I got perhaps 2-3 years of use out of them from maybe 5th grade through 7th grade, before the demands on me for accuracy from school were serious enough that the information in them was mainly worthless. Not to mention that these were bought in '65 and had virtually nothing in them about the Civil Rights movement, let alone the Kennedy assasination, items that by 1978 were major watershed events that still had reprecussions.
Re: Recovering root password from a drive by mounting the cdrom
Mukarram Syed wrote: Thanks for this response and others. However, my problem does not look to be so simple. I boot off the install cd and get into the fixit prompt. I dmesg | less and get the device name that I think is my hard drive /dev/ad0. I fdisk /dev/ad0 and get information about 3 slices. I am think /dev/ad0 slice 3 is the root file system because slice 3 has a greatest amount of disk space and that looks like my root partition Then I ls -l /dev |grep ad0 and it spits out a number for /dev/ad0 like ad0s0 ad0s1 ad0s3 etc. I am assuming /dev/ad0s3 is slice 3 which I believe it to be my root partition. So I mount it: mount /dev/ad0s3 /mnt I do a df -k and find that /mnt has 0 bytes available. To check I cd /mnt and ls and don't find any data in it. I check/dev/ad0s2 /dev/ad0s1 in the same way. None of it has any data. I guess there is something else that I am missing at this point. Can anyone advise. Thanks # mukarram Mukarram Syed [EMAIL PROTECTED] There must be something wrong if don't see any partitions in any of the slices. You should see something like ad0s1a, ad0s1d, ad0s1f ... Are you able to boot the server normally, from its own disk? Are you able to boot into single user mode, by selecting it from the boot menu? If you can boot into single user mode, you can change the password immediately by doing something like: mount -o rw / mount -a passwd (then exit and boot will continue) If you are asked for a root password when going into single user mode, your console has been marked as 'insecure' in /etc/ttys. You will need to boot with the live CD, mount the root partition and change /etc/ttys, then reboot in single user mode and change the password. This is the easiest way IMHO. If you are not asked for a password when getting into single user mode, you don't need the live CD at all. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"