Re: How to compile a c file into out file?

[Martin Tournoij]

On Thu, Jul 24, 2008 at 02:15:25PM +0800, EdwardKing wrote:
> I compile a c file,like follows:
> $gcc other1.obj other2.obj myfile.c
> 
> Then it create a a.out file.my question is how to create a file named 
> myfile.out instead of name a.out?

Use the -o parameter, ie:
% cc -o file file.c

-- 
Martin Tournoij
[EMAIL PROTECTED]
http://www.daemonforums.org

QOTD:
Captain Penny's Law:
You can fool all of the people some of the time, and some
of the people all of the time, but you Can't Fool Mom.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: How to compile a c file into out file?

[Paul Procacci]

EdwardKing wrote:
> I compile a c file,like follows:
> $gcc other1.obj other2.obj myfile.c
>
> Then it create a a.out file.my question is how to create a file named 
> myfile.out instead of name a.out?
>
>
> --
> Confidentiality Notice: The information contained in this e-mail and any 
> accompanying attachment(s) is intended only for the use of the intended 
> recipient and may be confidential and/or privileged of Neusoft Group Ltd., 
> its subsidiaries and/or its affiliates. If any reader of this communication 
> is not the intended recipient, unauthorized use, forwarding, printing, 
> storing, disclosure or copying is strictly prohibited, and may be unlawful. 
> If you have received this communication in error, please immediately notify 
> the sender by return e-mail, and delete the original message and all copies 
> from your system. Thank you. 
> ---
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
>   

use the -o flag to specify a filename of your liking.

gcc -o somefile somefile.c somefile.o anotherfile.o ... ... ...

~Paul

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

How to compile a c file into out file?

[EdwardKing]

I compile a c file,like follows:
$gcc other1.obj other2.obj myfile.c

Then it create a a.out file.my question is how to create a file named 
myfile.out instead of name a.out?


--
Confidentiality Notice: The information contained in this e-mail and any 
accompanying attachment(s) is intended only for the use of the intended 
recipient and may be confidential and/or privileged of Neusoft Group Ltd., its 
subsidiaries and/or its affiliates. If any reader of this communication is not 
the intended recipient, unauthorized use, forwarding, printing, storing, 
disclosure or copying is strictly prohibited, and may be unlawful. If you have 
received this communication in error, please immediately notify the sender by 
return e-mail, and delete the original message and all copies from your system. 
Thank you. 
---

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

How to make Windows application run under emulator wine show UNICODE characters?

[Yuri]

All UNICODE characters show as small rectangles.

Anybody knows which fonts should I install to cure this?

Yuri

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Spamassassin very slow

[jdow]

That says you are driving spamd into swapping. The two canonical
reasons for SpamAssassin to be really slow are dead BL sites or
overrunning memory and going into heavy swapping. You made a
change to reduce the amount of swapping. Hence you probably have
too many children at any one time.

Modify your minimum and maximum number of children. For best results
you MAY want only one child per processor you can spare from other
work. Regardless, use "top" to see when you go into swapping with the
spamd load. When you do, back off the number of children running at
any given time.

Check rule sets you are using with RDJ. Some of them require incredible
amounts of memory to run. I run enough rules to pull down about 60
megabytes of memory. There are some rule sets that can go over 100
megabytes on the SARE site (SpamAssassin Rules Emporium). 40 children
at 100 megabytes each could use a "lot of machine". {^_-}

You might consider investigating the spamassassin users list at
apache.org. You can find it via the SpamAssassin home page,
http://www.spamassassin.org/

{^_^}   Joanne
- Original Message - 
From: "lyd mc" <[EMAIL PROTECTED]>

Sent: Tuesday, 2008, July 22 23:31



Hi James,

I remove spamc on .procmailrc and I can see lots of improvements!

Thanx,

alyd

--- On Wed, 7/23/08, James Tanis <[EMAIL PROTECTED]> wrote:
From: James Tanis <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]

"lyd mc" <[EMAIL PROTECTED]> wrote:


What causes spamassassin to slow?

Here is my config:

snippet from sendmail.mc
..  ..

I have .procmailrc in every home directory of my mail users and it goes

like

this:


So if I'm understanding you correctly.. your calling spamc from a sendmail
milter *and* .procmailrc. That's pretty redundant and would definately 
slow

you down. Choose one based on your needs.



I also have RulesDuJour installed and spammassassin --lint does complain

about

it.



Extra rules can slow you down regardless of syntax, but most computers
created this decade can handle RulesDuJour fine. Personally I think your
main problem is that your effectively spam checking every message twice. 
The

spamassassin queues most likely get filled followed by sendmail having to
wait and queue up the slack.

--
James Tanis
Technical Coordinator
Monsignor Donovan Catholic High School
e: [EMAIL PROTECTED]



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 
"[EMAIL PROTECTED]" 


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

portupgrade policykit problem

[Alain G. Fabry]

Hi,

Hope I didn't do something stupid here

Tried to 'portupgrade -R policykit' but it came back with an error. So I 
deinstalled it and now I'm trying to reinstall it, but it fails with the 
following error.


R=\""/usr/local/etc"\" -DPACKAGE_DATA_DIR=\""/usr/local/share"\" 
-DPACKAGE_BIN_DIR=\""/usr/local/bin"\" -DPACKAGE_LOCALSTATE_DIR=\""/var"\" 
-DPACKAGE_LOCALE_DIR=\""/usr/local/share/locale"\" 
-DPACKAGE_LIB_DIR=\""/usr/local/lib"\" -D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT 
-DKIT_COMPILATION -I/usr/local/include/glib-2.0 
-I/usr/local/lib/glib-2.0/include-I/usr/local/include  -O2 
-fno-strict-aliasing -pipe  -Wall -Wchar-subscripts -Wmissing-declarations 
-Wnested-externs -Wpointer-arith -Wcast-align -Wsign-compare -Wformat 
-Wformat-security -MT kit-string.lo -MD -MP -MF .deps/kit-string.Tpo -c -o 
kit-string.lo kit-string.c
 cc -DHAVE_CONFIG_H -I. -I../.. -I../../src -I../../src 
-DPACKAGE_LIBEXEC_DIR=\"/usr/local/libexec\" 
-DPACKAGE_SYSCONF_DIR=\"/usr/local/etc\" 
-DPACKAGE_DATA_DIR=\"/usr/local/share\" -DPACKAGE_BIN_DIR=\"/usr/local/bin\" 
-DPACKAGE_LOCALSTATE_DIR=\"/var\" 
-DPACKAGE_LOCALE_DIR=\"/usr/local/share/locale\" 
-DPACKAGE_LIB_DIR=\"/usr/local/lib\" -D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT 
-DKIT_COMPILATION -I/usr/local/include/glib-2.0 
-I/usr/local/lib/glib-2.0/include -I/usr/local/include -O2 -fno-strict-aliasing 
-pipe -Wall -Wchar-subscripts -Wmissing-declarations -Wnested-externs 
-Wpointer-arith -Wcast-align -Wsign-compare -Wformat -Wformat-security -MT 
kit-string.lo -MD -MP -MF .deps/kit-string.Tpo -c kit-string.c  -fPIC -DPIC -o 
.libs/kit-string.o
kit-string.c:141: error: redefinition of 'strndup'
kit-string.c:119: error: previous definition of 'strndup' was here
gmake[3]: *** [kit-string.lo] Error 1
gmake[3]: Leaving directory 
`/usr/ports/sysutils/policykit/work/PolicyKit-0.9/src/kit'
gmake[2]: *** [all-recursive] Error 1
gmake[2]: Leaving directory 
`/usr/ports/sysutils/policykit/work/PolicyKit-0.9/src'
gmake[1]: *** [all-recursive] Error 1
gmake[1]: Leaving directory `/usr/ports/sysutils/policykit/work/PolicyKit-0.9'
gmake: *** [all] Error 2
*** Error code 2

Stop in /usr/ports/sysutils/policykit.


Also tried 'make distclean' and a new 'make install clean', but it keeps on 
failing.

I hope that in case I need to reboot, it won't crash my system. But I'll 
postpone my reboot as long as possible. Maybe I can reinstall it with your 
advice.

Thanks,

Alain
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Slapd not starting

[Tim Judd]

[EMAIL PROTECTED] wrote:

I was having some troubles with the samba install telling me that openldap
2.3.42 and 2.4.10 would conflict.  I had installed openldap 2.4.10 server
and I guess that was the problem.  It seemed to start up just fine, but
since I could not get samba to install and it kept giving me the error
that the clients would conflict, I decided just to uninstall 2.4.10 and
install the 2.3.42.

Now when I try to /usr/local/etc/rc.d/slapd start, it just seems to sit
there and then goes back to the prompt.

I checked the port with sockstat -4 -p 389 and it is not running.  I don't
see anything in the /var/log/messages about it so I am not sure what is
going on.

I am confused why 2.4.1 seemd to run fine, but 2.3.42 does not even though
the config files are the same.  Thanks for any info.



Here is my /usr/local/etc/openldap/ldap.conf

SIZELIMIT200
HOST 127.0.0.1
URI ldap://server.bloomfield.k12.mo.us
ssl start_tls
tls_cacert /etc/ssl/cacert.crt

and here is my /usr/local/etc/openldap/slapd.conf

include/usr/local/etc/openldap/schema/core.schema
include/usr/local/etc/openldap/schema/cosine.schema
include/usr/local/etc/openldap/schema/nis.schema
include/usr/local/etc/openldap/schema/inetorgperson.schema
include/usr/local/etc/openldap/schema/samba.schema

pidfile  /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args
logfile  /var/log/slapd.log
loglevel -1
sizelimit -1

modulepath/usr/local/libexec/openldap
moduleloadback_bdb

security ssf=128
TLSCertificateFile /etc/ssl/cert.crt
TLSCertificateKeyFile /etc/ssl/cert.key
TLSCACertificateFile /etc/ssl/cacert.crt

database   bdb
suffix "dc=server,dc=bloomfield.k12.mo.us"
rootdn "cn=Manager,dc=server,dc=bloomfield.k12.mo.us"

rootpw ###

directory/var/db/openldap-data

index objectClass eq
index cn,sn,uid,displayName pres,sub,eq
index uidNumber,gidNumber eq
index sambaSID  eq
index sambaPrimaryGroupSID eq
index sambaDomainName  eq
index memberUID eq
index default

  
A 2.4.x database already established (as soon as 2.4 was run) may not be 
compatible with 2.3.x (not verified).


the missing rc.conf values to start 2.3?

and OpenLDAP won't log to ANYTHING until configured to do so.

I'm going from memory on this last peice --
in slapd.conf, insert a "loglevel 256" statement anywhere before the 
database definitions
in /etc/syslog.conf define before the middle chunk of comments (seems 
it's picky) you need to add EITHER (which I think is the latter of these 
two):

slapd.*   /var/log/slapd.log-OR-
local4.*   /var/log/slapd.log

touching (creating) /var/log/slapd.log to create the file,
restarting syslogd
restart slapd

That should start logging.  Now why it's not any easier to setup, I 
don't know.


HTH.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Samba and LDAP install on FreeBSD

[Tim Judd]

[EMAIL PROTECTED] wrote:

Here is my problem.  I installed the OpenLdap 2.4.10 server and SASL
client.  I then went to install the Samba 3.0.30 Port and it tells me that
it needs to install OpenLDAP client 2.3.42, but the 2.4.10 is in the same
place and I need to deinstall it.  I deinstall 2.4.10 and samba will
install, but now openldap will not run because it has missing files.  I
went to reinstall the 2.4.10 SASL client, but it tells me that the
openldap 2.3.42 needs to be removed.

If I go to remove the 2.3.42 openldap client, it tells me that samba
3.0.30 relies on it.  I am kind of stuck here.  Does samba 3.0.30 not work
with openldap 2.4?  Do I have to have openldap 2.3?

Thanks for any suggestions.

  
as I had also written in a previous mail just moments ago earlier in the 
queue 


A 2.4.x database already established (as soon as 2.4 was run) may not be 
compatible with 2.3.x (not verified).


the missing rc.conf values to start 2.3?

and OpenLDAP won't log to ANYTHING until configured to do so.

I'm going from memory on this last peice --
in slapd.conf, insert a "loglevel 256" statement anywhere before the 
database definitions
in /etc/syslog.conf define before the middle chunk of comments (seems 
it's picky) you need to add EITHER (which I think is the latter of these 
two):

slapd.*   /var/log/slapd.log-OR-
local4.*   /var/log/slapd.log

touching (creating) /var/log/slapd.log to create the file,
restarting syslogd
restart slapd

That should start logging.  Now why it's not any easier to setup, I 
don't know.


HTH.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Can't ping

[Tim Judd]

Rem P Roberti wrote:

Can someone tell what is going on here.  All of a sudden I can't ping.
When I try a get this message:

ping: sendto: Permission denied

All internet functions seem to be working fine...just can't ping.

Rem
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
  

pinging from a jail?  check your sysctls.  raw ips something or other.

HTH
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: libbz2.so.3 ?

[Len Conrad]

FreeBSD 6.3-R
amavis, spammassassin, clamav installed via ports
clamav is logging :




Jul 23 16:08:32 mx2 amavis[2626]: (02626-01-2) (!!)run_av 
(ClamAV-clamscan) FAILED - unexpected exit 1, 
output="/libexec/ld-elf.so.1: Shared object "libbz2.so.3" not 
found, required by "clamscan""

All the system has similar is:
find / -iname "*libbz2*"
/usr/lib/libbz2.a
/usr/lib/libbz2.so.2
/usr/lib/libbz2.so
/usr/lib/libbz2_p.a
Really nothing on Google about libbz2.so.3


You installed a 7.x/8.x package.


ok, thanks. I see where that did happen, grabbed the wrong one from freshports.

deleted clamav pkg

added the "6" clamav.

Now get a different error:

/usr/local/etc/rc.d/clamav-freshclam start

Starting clamav_freshclam.

/libexec/ld-elf.so.1: Shared object "libc.so.7" not found, required 
by "libgmp.so.7"


Len


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: [freebsd-questions] Re: Port Management on a larger scale

[darko]

On Wed, Jul 23, 2008 at 6:06 PM, Tuc at T-B-O-H.NET <[EMAIL PROTECTED]> wrote:

>2) Taking down or a failure of the NFS server pulls EVERY
> other system with it.



..just thinking out loud here...but.. what if you had 2 identical NFS/rsync
servers and used them together in a standby/failover method.

i.e. when you have to bring down one NFS/rsync server, you direct all
clients to the other and vice versa.






>
>3) Working with lockd/statd can be problematic at times.
>4) NFS on FreeBSD varies (I'M TOLD) between versions as to
> effectiveness, issues, etc.
>5) I've run into issues where some programs are just NOT
> happy running over NFS (hylafax for me for example. POTENTIALLY a locking
> issue, but running a locking tester shows everything fine, but it
> just for the life of it won't work over NFS for me atleast).
>
>Since this is a "personal" system, I put up with it. When
> I get the time/energy I'm going to break all the systems apart.
>
>Tuc/TBOH
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> [EMAIL PROTECTED]"
>



-- 
regards,
dg

"..but the more you use clever tricks, the less support you'll get ..." --
M.W.Lucas
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Installing jdk on 7-Release: Has known vulnerabilities from 2005?

[Kris Kennaway]

Torgeir Hoffmann wrote:

Hi again!


when I try to install linux-sun-jdk16 from ports I get:

===>  linux-sun-jdk-1.6.0.07 has known vulnerabilities:
=> jdk -- jar directory traversal vulnerability.
   Reference:

=> Please update your ports tree and try again.
*** Error code 1

This refers to a vulnerability from 2005 (!). I get the same thing with
the 1.5 port.
I desperately want to avoid building the native version due to the fact
that I have a not that sporty laptop, and the packages from the freebsd
foundation is not available yet.

I have the latest portsnap port snapshot.

Update your portaudit database.


I did that.

portaudit -Fda

Still, same thing. Thought this was very strange as well.

Anything else that I should have done? (It's probably right in front of me!)


Talk to the port maintainer if you think the vulnerability no longer 
exists, or build with DISABLE_VULNERABILITIES if you choose to override 
the warning.


Kris

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Installing jdk on 7-Release: Has known vulnerabilities from 2005?

[Torgeir Hoffmann]

Hi again!

>> when I try to install linux-sun-jdk16 from ports I get:
>>
>> ===>  linux-sun-jdk-1.6.0.07 has known vulnerabilities:
>> => jdk -- jar directory traversal vulnerability.
>>Reference:
>> 
>> => Please update your ports tree and try again.
>> *** Error code 1
>>
>> This refers to a vulnerability from 2005 (!). I get the same thing with
>> the 1.5 port.
>> I desperately want to avoid building the native version due to the fact
>> that I have a not that sporty laptop, and the packages from the freebsd
>> foundation is not available yet.
>>
>> I have the latest portsnap port snapshot.
>
> Update your portaudit database.

I did that.

portaudit -Fda

Still, same thing. Thought this was very strange as well.

Anything else that I should have done? (It's probably right in front of me!)

Many thanks,

Torgeir

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: FreeBSD for webserver?

[Ted Mittelstaedt]

> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Gonzalo Nemmi
> Sent: Wednesday, July 23, 2008 1:02 AM
> To: freebsd-questions@freebsd.org
> Subject: Re: FreeBSD for webserver?
>
>
> On Wednesday 23 July 2008 03:47:04 Ted Mittelstaedt wrote:
> > > This seems to be a common misperception about ports.  Ports
> > > aren't something
> > > magical.  They do exactly what you would do from the commandline (i.e.
> > > ./configure, make, make install), except they come with
> several bonuses.
> > >
> > > 1) The port maintainer has already worked out all the quirks to
> > > make it compile
> > > and install properly on FreeBSD.  2) The port maintainer has
> > > already supplied
> > > patches that allow the software to build correctly on FreeBSD.
> > > 3) All the
> > > dependencies are already taken care of.  4) Upgrading is
> quite simple and
> > > straightforward.  5) The software is now
> > > architechture-independent (in most
> > > cases), meaning you can move from Intel to AMD (for example)
> > > without having to
> > > worry that the software will no longer build and you'll have to
> > > start from
> > > scratch again.
> > >
> > > For example, I decided today that I wanted to try out some
> software named
> > > "arguseye".  So I downloaded and untarred the program.  I
> looked at the
> > > dependencies.  It requires a number of perl modules, some of
> > > which are not in
> > > ports.  So, I just created three new perl ports to satisfy those
> > > dependencies
> > > and submitted them this afternoon.
> > >
> > > Once those are accepted into the tree, I'll create the arguseye
> > > port and submit
> > > it as well.  Then, when someone else wants to install arguseye,
> > > all they will
> > > have to do is type "make install clean" in the port directory and
> > > everything
> > > that they need will be installed for them.
> > >
> > > Unless you're a glutton for punishment, why would you do all that
> > > yourself?
> >
> > Because maybe you don't care for the porter's choice of defaults.
> >
> > Many programs come with hard-coded defaults that are modified
> > in a config file.  For example cistron-radius.  Another example
> > is the dspam port.  The porter for that insisted on using a
> > default of apache vhost.  However the default apache port does
> > not activate this.  I don't give a rat's ass that vhost is
> > supposedly more secure.  Another one that always pisses me off
> > is the porter's choice in building uw-imap to turn off plaintext
> > passwords.  And the default for pine is also to turn off
> > plaintext support.
> >
> > Another problem is that not all porters are good about maintaining
> > their ports.  For example icradius.  Someone spent a lot of time
> > creating the port for that.  Then just let it die.  Another is
> > the open source ingres database.  Julian ported that one then
> > lost interest, it died sometime around FBSD 4.X
> >
> > Another problem with ports is that all of them like pulling the
> > original source from the author's site.  I've had a few where the
> > author released the code under GPL then a few years later lost
> > interest, stopped paying whatever ISP he had the main site for
> > the program at, and the porter also lost interest in the project
> > and never bothered obtaining the last available tarfile from
> > the authors site and uploading it to freebsd, then both disappeared.
> > Another one I can recall is the gated code, similar issue.
> >
> > The fundamental achillies heel of the ports system is it makes
> > the assumption that every package in the ports system is popular
> > and will be supported for the indefinite future by the original
> > package developer.  The ports system counts on this insofar that
> > it assumes that if the original porter loses interest and stops
> > tracking the master site, that someone else will step in and
> > assume responsibility for maintaining the port.
> >
> > The reality is that in every release of FreeBSD, some ports go
> > wanting for sponsors, and nobody steps forward and so when the
> > port stops building, the FreeBSD maintainers simply cut it out
> > of the ports tree, plus anything dependent on it.
> >
> > This assumption is fine for people running vanilla apache or
> > whatever systems, which is most people.  But, if your doing
> > anything that isn't plain-jane middle of the road, you better
> > assume that if your using a series of ports, to make detailed
> > notes, and save the ports, and save the patches, and save
> > the distfiles.  You may need to see how they did it in an
> > older FreeBSD system when a new version of FreeBSD comes out
> > that is missing one or more of the ports you depend on.
> >
> > Ultimately, ports isn't any different than most other things.
> > When it's properly executed it's great.  But proper execution
> > of the entire thing depends on every porter who has an active
> > port in the system doing the right thing, and there's so many of
> > 

Re: system hangs on boot up if no internet available

[Roland Smith]

On Wed, Jul 23, 2008 at 03:04:15PM -0700, Dave Abouav wrote:
> Chuck Swiger wrote:
> > On Jul 23, 2008, at 2:25 PM, Dave Abouav wrote:
> >> I setup a FreeBSD server (v 6.1) for my company as a simple Samba 
> >> server. It works fine. Except once in awhile our access to the 
> >> outside internet goes out (due to our ISP), and when it does the 
> >> FreeBSD server gets hung up, even after rebooted.

What does hung up mean in the case that it's not rebooted? 

> >> This happened this 
> >> morning, so I put a console on it, and rebooted it. I saw that it 
> >> gets hung trying to start sshd. No error messages are given. If I hit 
> >> Control-C, to skip loading sshd, then the rest of the boot-up goes 
> >> normally and people can again access the server. Any ideas how I can 
> >> avoid this problem? I'd rather not skip the loading of sshd. I don't 
> >> have any special programs on the server that contact the outside world.
> >
> > It's probably doing something which needs a DNS lookup.  Do you have a 
> > subnet-local nameserver available, or does simply waiting for 2 
> > minutes or so for a timeout do the trick?
> >
[please don't top-post!]
> Our DNS goes through our ISP. The IP addresses of their DNS servers are 
> hard-coded into the server's /etc/rc.conf file.  No amount of waiting 
> seems to help. It always just hangs trying to load sshd.

First, try starting sshd in test mode (-t) to see if your config and
keys are OK. 

Then, with the outside connection down, try starting sshd with the -d
and -e options (and other options that you might have specified in
/etc/rc.conf) to see where it goes wrong.

Roland
-- 
R.F.Smith   http://www.xs4all.nl/~rsmith/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914  B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)


pgpQf4677Ffdy.pgp
Description: PGP signature

Re: system hangs on boot up if no internet available

[Kevin Kinsey]

Dave Abouav wrote:
Our DNS goes through our ISP. The IP addresses of their DNS servers are 
hard-coded into the server's /etc/rc.conf file.  No amount of waiting 
seems to help. It always just hangs trying to load sshd.


Chuck Swiger wrote:

On Jul 23, 2008, at 2:25 PM, Dave Abouav wrote:
I setup a FreeBSD server (v 6.1) for my company as a simple Samba 
server. It works fine. Except once in awhile our access to the 
outside internet goes out (due to our ISP), and when it does the 
FreeBSD server gets hung up, even after rebooted. This happened this 
morning, so I put a console on it, and rebooted it. I saw that it 
gets hung trying to start sshd. No error messages are given. If I hit 
Control-C, to skip loading sshd, then the rest of the boot-up goes 
normally and people can again access the server. Any ideas how I can 
avoid this problem? I'd rather not skip the loading of sshd. I don't 
have any special programs on the server that contact the outside world.


It's probably doing something which needs a DNS lookup.  Do you have a 
subnet-local nameserver available, or does simply waiting for 2 
minutes or so for a timeout do the trick?







Workaround, perhaps:  set "UseDNS no" in /etc/ssh/sshd_config and try
again?  Perhaps better to run named or something locally, if that helps,
but doing this would at least test Chuck's theory (which seems about
correct to me, though why it *never* goes on I don't know).

Kevin Kinsey
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Installing jdk on 7-Release: Has known vulnerabilities from 2005?

[Kris Kennaway]

Torgeir Hoffmann wrote:

Hi,

when I try to install linux-sun-jdk16 from ports I get:

===>  linux-sun-jdk-1.6.0.07 has known vulnerabilities:
=> jdk -- jar directory traversal vulnerability.
   Reference:

=> Please update your ports tree and try again.
*** Error code 1

This refers to a vulnerability from 2005 (!). I get the same thing with
the 1.5 port.
I desperately want to avoid building the native version due to the fact
that I have a not that sporty laptop, and the packages from the freebsd
foundation is not available yet.

I have the latest portsnap port snapshot.


Update your portaudit database.

Kris
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Installing jdk on 7-Release: Has known vulnerabilities from 2005?

[Torgeir Hoffmann]

Hi,

when I try to install linux-sun-jdk16 from ports I get:

===>  linux-sun-jdk-1.6.0.07 has known vulnerabilities:
=> jdk -- jar directory traversal vulnerability.
   Reference:

=> Please update your ports tree and try again.
*** Error code 1

This refers to a vulnerability from 2005 (!). I get the same thing with
the 1.5 port.
I desperately want to avoid building the native version due to the fact
that I have a not that sporty laptop, and the packages from the freebsd
foundation is not available yet.

I have the latest portsnap port snapshot.

Hope somebody can help me. Is there any other way I can get the jdk
without building it?


Hope for quick reply,

Torgeir

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: [freebsd-questions] Re: Port Management on a larger scale

[Tuc at T-B-O-H.NET]

> 
> Or you could mount /usr/local from a single NFS server on all others,
> keeping them automatically in sync but that might strain the NFS server
> and make it a single point of failure which is undesirable. Maybe it
> would be better to use the Coda filesystem in this case.=20
> 
In theory this sounded great when I first did it, but now, not
so great. 

1) I have to keep all the machines on the same OS release.
2) Taking down or a failure of the NFS server pulls EVERY
other system with it.
3) Working with lockd/statd can be problematic at times.
4) NFS on FreeBSD varies (I'M TOLD) between versions as to
effectiveness, issues, etc.
5) I've run into issues where some programs are just NOT
happy running over NFS (hylafax for me for example. POTENTIALLY a locking
issue, but running a locking tester shows everything fine, but it
just for the life of it won't work over NFS for me atleast).

Since this is a "personal" system, I put up with it. When
I get the time/energy I'm going to break all the systems apart.

Tuc/TBOH
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: system hangs on boot up if no internet available

[Dave Abouav]

Our DNS goes through our ISP. The IP addresses of their DNS servers are 
hard-coded into the server's /etc/rc.conf file.  No amount of waiting 
seems to help. It always just hangs trying to load sshd.


Chuck Swiger wrote:

On Jul 23, 2008, at 2:25 PM, Dave Abouav wrote:
I setup a FreeBSD server (v 6.1) for my company as a simple Samba 
server. It works fine. Except once in awhile our access to the 
outside internet goes out (due to our ISP), and when it does the 
FreeBSD server gets hung up, even after rebooted. This happened this 
morning, so I put a console on it, and rebooted it. I saw that it 
gets hung trying to start sshd. No error messages are given. If I hit 
Control-C, to skip loading sshd, then the rest of the boot-up goes 
normally and people can again access the server. Any ideas how I can 
avoid this problem? I'd rather not skip the loading of sshd. I don't 
have any special programs on the server that contact the outside world.


It's probably doing something which needs a DNS lookup.  Do you have a 
subnet-local nameserver available, or does simply waiting for 2 
minutes or so for a timeout do the trick?




--

Dave Abouav
Product Manager & Software Engineer
KWJ Engineering, Transducer Technology Division
Phone: (510) 791-0951
Fax: (510) 794-4330
Email: [EMAIL PROTECTED]

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Port Management on a larger scale

[Roland Smith]

On Tue, Jul 22, 2008 at 12:41:46AM -0400, Derek Belrose wrote:
> What is the recommended way of doing port management? 

There doesn't seem to be a single standard way of doing this. There are
several things you could do, assuming that all servers use identically
configured software.

Probably the least effort would be to update and test the ports one
server, then use rsync to push /usr/local from that server to all
others. This is efficient because you only have to build stuff once, an
can then easily push it to other machines.

Alternatively you could use one server to build packages which are then
stored on a shared filesystem to install on all others, but that sounds
like more work to me.

Or you could mount /usr/local from a single NFS server on all others,
keeping them automatically in sync but that might strain the NFS server
and make it a single point of failure which is undesirable. Maybe it
would be better to use the Coda filesystem in this case. 

I'd favor the rsync approach, because it keeps data and programs locally
accessible on each machine while making in easy and efficient to
syncronize from a test machine to others.

Roland
-- 
R.F.Smith   http://www.xs4all.nl/~rsmith/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914  B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)


pgp0RPMWiPfaC.pgp
Description: PGP signature

Re: system hangs on boot up if no internet available

[Chuck Swiger]

On Jul 23, 2008, at 2:25 PM, Dave Abouav wrote:
I setup a FreeBSD server (v 6.1) for my company as a simple Samba  
server. It works fine. Except once in awhile our access to the  
outside internet goes out (due to our ISP), and when it does the  
FreeBSD server gets hung up, even after rebooted. This happened this  
morning, so I put a console on it, and rebooted it. I saw that it  
gets hung trying to start sshd. No error messages are given. If I  
hit Control-C, to skip loading sshd, then the rest of the boot-up  
goes normally and people can again access the server. Any ideas how  
I can avoid this problem? I'd rather not skip the loading of sshd. I  
don't have any special programs on the server that contact the  
outside world.


It's probably doing something which needs a DNS lookup.  Do you have a  
subnet-local nameserver available, or does simply waiting for 2  
minutes or so for a timeout do the trick?


--
-Chuck

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

system hangs on boot up if no internet available

[Dave Abouav]

I setup a FreeBSD server (v 6.1) for my company as a simple Samba 
server. It works fine. Except once in awhile our access to the outside 
internet goes out (due to our ISP), and when it does the FreeBSD server 
gets hung up, even after rebooted. This happened this morning, so I put 
a console on it, and rebooted it. I saw that it gets hung trying to 
start sshd. No error messages are given. If I hit Control-C, to skip 
loading sshd, then the rest of the boot-up goes normally and people can 
again access the server. Any ideas how I can avoid this problem? I'd 
rather not skip the loading of sshd. I don't have any special programs 
on the server that contact the outside world.


Thanks,
Dave
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: libbz2.so.3 ?

[Kris Kennaway]

Len Conrad wrote:

FreeBSD 6.3-R

amavis, spammassassin, clamav installed via ports

clamav is logging :

Jul 23 16:08:32 mx2 amavis[2626]: (02626-01-2) (!!)run_av 
(ClamAV-clamscan) FAILED - unexpected exit 1, 
output="/libexec/ld-elf.so.1: Shared object "libbz2.so.3" not found, 
required by "clamscan""


All the system has similar is:

find / -iname "*libbz2*"
/usr/lib/libbz2.a
/usr/lib/libbz2.so.2
/usr/lib/libbz2.so
/usr/lib/libbz2_p.a

Really nothing on Google about libbz2.so.3


You installed a 7.x/8.x package.

Kris
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Port Management on a larger scale

[Derek Belrose]

Sorry if this has been asked before, but I've inherited a fairly large  
number of FreeBSD servers.  All of them are running 6.3.


What is the recommended way of doing port management?  Or if there  
isn't a recommended way of updating ports on 10-15 servers, what do  
people do?  How do you handle port upgrades that deal with custom  
compile configurations (such as exim with postgresql)?  Do you build a  
port on one system and install it as a package on all the others?


I come from a Slackware background, and in the past I would compile  
the update on a test system then distribute and install to all the  
other servers.


Thanks for your input!
Derek
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

libbz2.so.3 ?

[Len Conrad]

FreeBSD 6.3-R

amavis, spammassassin, clamav installed via ports

clamav is logging :

Jul 23 16:08:32 mx2 amavis[2626]: (02626-01-2) (!!)run_av 
(ClamAV-clamscan) FAILED - unexpected exit 1, 
output="/libexec/ld-elf.so.1: Shared object "libbz2.so.3" not found, 
required by "clamscan""


All the system has similar is:

find / -iname "*libbz2*"
/usr/lib/libbz2.a
/usr/lib/libbz2.so.2
/usr/lib/libbz2.so
/usr/lib/libbz2_p.a

Really nothing on Google about libbz2.so.3

Len


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

boot -s hangs

[Peter Clark]

Hello,

I have a FreeBSD install that will hang when trying to enter single user 
mode. If I use "shutdown now" from the console the system will return 
"System shutdown time has arrived" as expected but it will just hang 
there indefinitely. If I use option 4 (enter single user mode) from the 
boot options menu everything seems to boot properly until:
"Trying to mount root from ufs:/dev/mfid0s1a" and that is where it 
hangs. In both cases it never returns a cursor or the expected "enter 
path" statement. In both cases I can ctrl-alt-delete the box once and it 
synchs disks and nicely reboots. If I go through standard booting it 
boots just fine. I am a bit stumped by this. Is this some weird raid 
card issue? I am not sure how to really trouble shoot this.
/var/log/messages and /var/log/console do not even show the hung boot as 
having happened.


# uname -a
FreeBSD greed.mtmary.edu 7.0-RELEASE-p3 FreeBSD 7.0-RELEASE-p3 #0: Wed 
Jul 23 14:19:22 CDT 2008 
[EMAIL PROTECTED]:/usr/src/sys/amd64/compile/PETE-GENERIC-AMD64  amd64


# dmesg
Copyright (c) 1992-2008 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 7.0-RELEASE-p3 #0: Wed Jul 23 14:19:22 CDT 2008
[EMAIL PROTECTED]:/usr/src/sys/amd64/compile/PETE-GENERIC-AMD64
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Xeon(R) CPU   E5410  @ 2.33GHz (2336.82-MHz 
K8-class CPU)

  Origin = "GenuineIntel"  Id = 0x10676  Stepping = 6

Features=0xbfebfbff

Features2=0xce3bd>
  AMD Features=0x20100800
  AMD Features2=0x1
  Cores per package: 4
usable memory = 2133131264 (2034 MB)
avail memory  = 2058424320 (1963 MB)
ACPI APIC Table: 
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
 cpu0 (BSP): APIC ID:  0
 cpu1 (AP): APIC ID:  1
 cpu2 (AP): APIC ID:  2
 cpu3 (AP): APIC ID:  3
ioapic0  irqs 0-23 on motherboard
ioapic1  irqs 24-47 on motherboard
lapic0: Forcing LINT1 to edge trigger
acpi0:  on motherboard
acpi0: [ITHREAD]
acpi0: Power Button (fixed)
Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x408-0x40b on acpi0
acpi_hpet0:  iomem 0xfed0-0xfed003ff on 
acpi0

Timecounter "HPET" frequency 14318180 Hz quality 900
cpu0:  on acpi0
est0:  on cpu0
est: CPU supports Enhanced Speedstep, but is not recognized.
est: cpu_vendor GenuineIntel, msr 720072006000720
device_attach: est0 attach returned 6
p4tcc0:  on cpu0
cpu1:  on acpi0
est1:  on cpu1
est: CPU supports Enhanced Speedstep, but is not recognized.
est: cpu_vendor GenuineIntel, msr 720072006000720
device_attach: est1 attach returned 6
p4tcc1:  on cpu1
cpu2:  on acpi0
est2:  on cpu2
est: CPU supports Enhanced Speedstep, but is not recognized.
est: cpu_vendor GenuineIntel, msr 720072006000720
device_attach: est2 attach returned 6
p4tcc2:  on cpu2
cpu3:  on acpi0
est3:  on cpu3
est: CPU supports Enhanced Speedstep, but is not recognized.
est: cpu_vendor GenuineIntel, msr 720072006000720
device_attach: est3 attach returned 6
p4tcc3:  on cpu3
acpi_button0:  on acpi0
pcib0:  port 0xca2,0xca3,0xcf8-0xcff on acpi0
pci0:  on pcib0
pcib1:  at device 2.0 on pci0
pci1:  on pcib1
pcib2:  irq 16 at device 0.0 on pci1
pci2:  on pcib2
pcib3:  irq 16 at device 0.0 on pci2
pci3:  on pcib3
pcib4:  at device 0.0 on pci3
pci4:  on pcib4
mfi0:  mem 
0xb8b0-0xb8b0,0xb890-0xb891 irq 18 at device 14.0 on pci4

mfi0: Megaraid SAS driver Ver 2.00
mfi0: 1093 (270141940s/0x0020/0) - Shutdown command received from host
mfi0: 1094 (4278190080s/0x0020/0) - PCI 0x041000 0x04411 0x048086 
0x043501: Firmware initialization started (PCI ID 0411/1000/3501/8086)

mfi0: 1095 (4278190080s/0x0020/0) - Type 18: Firmware version 1.12.00-0310
mfi0: 1096 (4278190080s/0x0020/0) - PCI 0x041000 0x04411 0x048086 
0x043501: Firmware initialization started (PCI ID 0411/1000/3501/8086)

mfi0: 1097 (4278190080s/0x0020/0) - Type 18: Firmware version 1.12.00-0310
mfi0: 1098 (4278190095s/0x0008/0) - Battery temperature is normal
mfi0: 1099 (4278190095s/0x0008/0) - Battery Present
mfi0: 1100 (4278190095s/0x0020/0) - Type 18: Board Revision
mfi0: 1101 (4278190137s/0x0002/1) - PD 03(e0/s3) err 3: PD 03(e0x00/s3) 
reset (Type 03)
mfi0: 1102 (4278190141s/0x0004/0) - PD 11(e1/s255) event: Enclosure 
(SES) discovered on PD 0b(c None/p1)
mfi0: 1103 (4278190141s/0x0002/0) - PD 11(e11/s255) event: Inserted: 
Encl PD 0b
mfi0: 1104 (4278190141s/0x0002/0) - Type 29: Inserted: PD 0b(c None/p1) 
Info: enclPd=0b, scsiType=d, portMap=09, 
sasAddr=50015074f5c46000,
mfi0: 1105 (4278190141s/0x0002/0) - PD 12(e11/s0) event: Inserted: PD 
0c(e0x0b/s0)
mfi0: 1106 (4278190141s/0x0002/0) - Type 29: Inserted: PD 0c(e0x0b/s0) 
Info: enclPd=0b, scsiType=0, portMap=00, 
sasAddr=0b221d0a75787d4a,
mfi0: 1107 (4278190141s/0x0002/0) - PD 13(e11/s1) event: Inserted: PD 
0d(e0x0b/s

Re: The Design and Implementation of the FreeBSD Operating System

[Aggelidis Nikos]

On Wed, Jul 23, 2008 at 12:06 AM, Gonzalo Nemmi <[EMAIL PROTECTED]> wrote:
> On Tuesday 22 July 2008 15:23:15 Erik Trulsson wrote:
>> On Tue, Jul 22, 2008 at 11:09:17AM -0400, FreeBSD Questions wrote:
>> > This book was printed in August 2004.  This predates FBSD 5, and I
>> > know there were some significant changes between the 4.x and 5.x
>> > branches.  We've progressed further and are now into version 7.  How
>> > well does this book apply to more current versions of FreeBSD, such as
>> > version 7?
>>
>> The 2004 edition of that book does cover FreeBSD 5.2  (says so clearly on
>> the cover anyway.) This means that all the major changes between 4.x and
>> 5.x should be included in it.
>> There have been many changes in FreeBSD since then, of course, but most of
>> those changes have been fairly evolutionary in nature, so most of the book
>> should still apply reasonably well.
>
> Actually .. I'd be more than willing to buy an updated version of that book
> too .. I _do_ undertand your point of view but to be honest, I'd rather buy a
> new copy that prints everything up to _yesterday_ and that has at least some
> hints into tomorrow ...
>
> Yet your point is completly valid one.. and that's why "The Design and
> Implementation of the FreeBSD Operating System" is the only book that I've
> been hesitant on buying so far ... Lucas (Absolute FreeBSD, 2nd Edition),
> Lavigne (The Best of FreeBSD Basics), Kong (BSD rootkits),  Lehey (Download
> edition:) ) are all over my desktop as I write this mail, and I consult them
> daily ... Farrokhi (Network Administration with FreeBSD) and Hong (Building a
> Server with FreeBSD 7) are the ones coming in the next batch ...
>
> So far .. there are only three books I would have bought but I didn't because
> I thought the situation could improve ... those are: "The Design and
> Implementation of the FreeBSD Operating System", "BSD Hacks" and "The FreeBSD
> HandBook"... same reason for all of them .. too old by now (although I think
> I'll buy "BSD Hacks" anyways .. I just can't resist buying Lavigne books :( )
>
> (let alone the fact that I would rather buy them all through freebsdmall.com
> that from amazon .. I think freebsdmall would do good if they would offer the
> whole Reed's Media library and the No Starch Press BSD related titles ... i
> would surely buy everything from them =P)
>
> Finally; Editor, Publisher, _Dear_Writer_: if you guys are hesitant .. I think
> there's at least two copies of an updated version of "The Design and
> Implementation .. " already sold with a lot more on the way :)
>
> --
> Blessings
> Gonzalo Nemmi

I couldn't agree more with Gonzalo... i find myself in the exact same position.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Free BSD 6.3 Export Control Classification

[Jerry McAllister]

On Wed, Jul 23, 2008 at 10:18:32AM -0600, Chocas, Connie S wrote:

>  I could not find anything referencing export controls for FreeBSD.  You may 
> find the following link for Apache Software Foundation products helpful.  
> This is the type is information that is needed to determine what is required 
> to legally export software.  If FreeBSD has any cryptographic functions 
> there are export restrictions that need to be considered.
> http://www.apache.org/licenses/exports/#matrix

I don't know about the legal details and I don't have time to read up
about it, but I would note that FreeBSD is already exported by default
since it is copied by people in many countries and there are mirrors
in other countries.It is not explicitly exported by the FreeBSD
Foundation, but its movement around the world is quite thorough, done
by those who use it.

There was a time that the encryption issue made things difficult for
some people using FreeBSD, but the Gov standards were changed and
the issue quieted down.   I don't know if it is solved.

jerry

> 
> Connie
> 
> -Original Message-
> From: Jerry McAllister [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, July 23, 2008 9:12 AM
> To: darko gavrilovic
> Cc: Chocas, Connie S; freebsd-questions@FreeBSD.org
> Subject: Re: Free BSD 6.3 Export Control Classification
> 
> On Tue, Jul 22, 2008 at 06:54:39PM -0400, darko gavrilovic wrote:
> 
> > http://www.freebsd.org/where.html
> 
> I don't see anywhere in that reference that the question is answered
> or even alluded to.   It does give information on how to obtain a
> copy of FreeBSD, but nothing about ECC.
> 
> jerry
> 
> 
> >
> > On Tue, Jul 22, 2008 at 4:54 PM, Chocas, Connie S <[EMAIL PROTECTED]>wrote:
> >
> > > I would appreciate you assistance in providing the U.S. Commerce
> > > Department Export Control Classification for FreeBSD 6.3.
> > > Thank you,
> > >
> > > Connie Chocas
> > > Sandia National Laboratories
> > > Classification and Export Control
> > > Phone: (505) 844-5982; Fax: (505) 284-4927
> > > Email:  [EMAIL PROTECTED]
> > >
> > >
> > >
> > > ___
> > > freebsd-questions@freebsd.org mailing list
> > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > > To unsubscribe, send any mail to "
> > > [EMAIL PROTECTED]"
> > >
> >
> >
> >
> > --
> > regards,
> > dg
> >
> > "using fsdb(8) and clri(8) was like climbing Mount Everest in sandals
> > and shorts.
> > Since writing that, I've tried them more than once and discovered that
> > I was wrong.
> > You don't get the shorts." -- M.W. Lucas
> > ___
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "[EMAIL PROTECTED]"
> 
> 
> 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: The Design and Implementation of the FreeBSD Operating System

[James Tanis]

"Kevin Kinsey" <[EMAIL PROTECTED]> wrote:
> I stand ready for correction, but "Design & Implementation" is mostly
> about, well, the design of the system itself ... not an operational
> manual but a programmer's guide to OS internals.  And, not only that,
> but it's about 4.4BSD (1993?), so the exact OS described is quite old*;
> however, it's of great value not only as history but as 4.4BSD has
> fed code into not only FreeBSD, but NetBSD, OpenBSD, and others.
> (see /usr/share/misc/bsd-family-tree).  If that's not of interest
> to you I'd not worry about this book --- no offence to Mr. McKusick
> et al, of course.

Your thinking of "The Design and Implementation of the 4.4BSD Operating
System" not "The Design and Implementation of the FreeBSD Operating System."
They are, believe it or not, two different books. Your point is just as
valid though as far as it being "not an operational manual but a
programmer's guide to OS internals."
--
James Tanis
Technical Coordinator
Monsignor Donovan Catholic High School
e: [EMAIL PROTECTED]


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Free BSD 6.3 Export Control Classification

[Chocas, Connie S]

 I could not find anything referencing export controls for FreeBSD.  You may 
find the following link for Apache Software Foundation products helpful.  This 
is the type is information that is needed to determine what is required to 
legally export software.  If FreeBSD has any cryptographic functions there are 
export restrictions that need to be considered.
http://www.apache.org/licenses/exports/#matrix

Connie

-Original Message-
From: Jerry McAllister [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 23, 2008 9:12 AM
To: darko gavrilovic
Cc: Chocas, Connie S; freebsd-questions@FreeBSD.org
Subject: Re: Free BSD 6.3 Export Control Classification

On Tue, Jul 22, 2008 at 06:54:39PM -0400, darko gavrilovic wrote:

> http://www.freebsd.org/where.html

I don't see anywhere in that reference that the question is answered
or even alluded to.   It does give information on how to obtain a
copy of FreeBSD, but nothing about ECC.

jerry


>
> On Tue, Jul 22, 2008 at 4:54 PM, Chocas, Connie S <[EMAIL PROTECTED]>wrote:
>
> > I would appreciate you assistance in providing the U.S. Commerce
> > Department Export Control Classification for FreeBSD 6.3.
> > Thank you,
> >
> > Connie Chocas
> > Sandia National Laboratories
> > Classification and Export Control
> > Phone: (505) 844-5982; Fax: (505) 284-4927
> > Email:  [EMAIL PROTECTED]
> >
> >
> >
> > ___
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "
> > [EMAIL PROTECTED]"
> >
>
>
>
> --
> regards,
> dg
>
> "using fsdb(8) and clri(8) was like climbing Mount Everest in sandals
> and shorts.
> Since writing that, I've tried them more than once and discovered that
> I was wrong.
> You don't get the shorts." -- M.W. Lucas
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Auto-saving distfiles on freebsd

[cpghost]

On Wed, 23 Jul 2008 18:06:36 +0200
Kris Kennaway <[EMAIL PROTECTED]> wrote:

> cpghost wrote:
> > On Wed, 23 Jul 2008 16:51:10 +0200
> > Kris Kennaway <[EMAIL PROTECTED]> wrote:
> > 
> >> cpghost wrote:
> >>> On Tue, Jul 22, 2008 at 11:47:04PM -0700, Ted Mittelstaedt wrote:
>  Another problem with ports is that all of them like pulling the
>  original source from the author's site.  I've had a few where the
>  author released the code under GPL then a few years later lost
>  interest, stopped paying whatever ISP he had the main site for
>  the program at, and the porter also lost interest in the project
>  and never bothered obtaining the last available tarfile from
>  the authors site and uploading it to freebsd, then both
>  disappeared. Another one I can recall is the gated code, similar
>  issue.
> >>> Why not add this to pointyhat scripts? Just upload a copy of every
> >>> *new* distfile ever encountered from the author's page to freebsd
> >>> (unless there are legal constraints not to do so, of course)?
> >> We've regularly collected and published port distfiles for at
> >> least a decade (with increasingly higher frequency as disk space
> >> came to permit).  It may come as no surprise that Ted is talking
> >> out of his ass again :)
> >>
> >> Kris
> > 
> > Ah, thanks! Good to know, and it's good news! :)
> > 
> > Will distfiles for ports that are no longer in the tree
> > remain there as well, so that these ports can still be
> > compiled with an older ports tree (yes, I know about the
> > hairy security and dependency issues involved with old
> > unmaintained and even dead ports...)?
> 
> Yes, as I mentioned in another reply it's been years since I have had
> to clean out old distfiles for space reasons, and there's no other
> need to do that so they will remain indefinitely.
> 
> Kris

Great! That's indeed the best solution. ;)

Thanks again,
-cpghost.

-- 
Cordula's Web. http://www.cordula.ws/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Auto-saving distfiles on freebsd

[Kris Kennaway]

cpghost wrote:

On Wed, 23 Jul 2008 16:51:10 +0200
Kris Kennaway <[EMAIL PROTECTED]> wrote:


cpghost wrote:

On Tue, Jul 22, 2008 at 11:47:04PM -0700, Ted Mittelstaedt wrote:

Another problem with ports is that all of them like pulling the
original source from the author's site.  I've had a few where the
author released the code under GPL then a few years later lost
interest, stopped paying whatever ISP he had the main site for
the program at, and the porter also lost interest in the project
and never bothered obtaining the last available tarfile from
the authors site and uploading it to freebsd, then both
disappeared. Another one I can recall is the gated code, similar
issue.

Why not add this to pointyhat scripts? Just upload a copy of every
*new* distfile ever encountered from the author's page to freebsd
(unless there are legal constraints not to do so, of course)?
We've regularly collected and published port distfiles for at least a 
decade (with increasingly higher frequency as disk space came to 
permit).  It may come as no surprise that Ted is talking out of his

ass again :)

Kris


Ah, thanks! Good to know, and it's good news! :)

Will distfiles for ports that are no longer in the tree
remain there as well, so that these ports can still be
compiled with an older ports tree (yes, I know about the
hairy security and dependency issues involved with old
unmaintained and even dead ports...)?


Yes, as I mentioned in another reply it's been years since I have had to 
clean out old distfiles for space reasons, and there's no other need to 
do that so they will remain indefinitely.


Kris
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Auto-saving distfiles on freebsd

[cpghost]

On Wed, 23 Jul 2008 16:51:10 +0200
Kris Kennaway <[EMAIL PROTECTED]> wrote:

> cpghost wrote:
> > On Tue, Jul 22, 2008 at 11:47:04PM -0700, Ted Mittelstaedt wrote:
> >> Another problem with ports is that all of them like pulling the
> >> original source from the author's site.  I've had a few where the
> >> author released the code under GPL then a few years later lost
> >> interest, stopped paying whatever ISP he had the main site for
> >> the program at, and the porter also lost interest in the project
> >> and never bothered obtaining the last available tarfile from
> >> the authors site and uploading it to freebsd, then both
> >> disappeared. Another one I can recall is the gated code, similar
> >> issue.
> > 
> > Why not add this to pointyhat scripts? Just upload a copy of every
> > *new* distfile ever encountered from the author's page to freebsd
> > (unless there are legal constraints not to do so, of course)?
> 
> We've regularly collected and published port distfiles for at least a 
> decade (with increasingly higher frequency as disk space came to 
> permit).  It may come as no surprise that Ted is talking out of his
> ass again :)
> 
> Kris

Ah, thanks! Good to know, and it's good news! :)

Will distfiles for ports that are no longer in the tree
remain there as well, so that these ports can still be
compiled with an older ports tree (yes, I know about the
hairy security and dependency issues involved with old
unmaintained and even dead ports...)?

Thanks,
-cpghost.

-- 
Cordula's Web. http://www.cordula.ws/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: The Design and Implementation of the FreeBSD Operating System

[Lowell Gilbert]

Kevin Kinsey <[EMAIL PROTECTED]> writes:

> FreeBSD Questions wrote:
>> This book was printed in August 2004.  This predates FBSD 5, and I
>> know there were some significant changes between the 4.x and 5.x
>> branches.  We've progressed further and are now into version 7.  How
>> well does this book apply to more current versions of FreeBSD, such as
>> version 7?
>
> I stand ready for correction, but "Design & Implementation" is mostly
> about, well, the design of the system itself ... not an operational
> manual but a programmer's guide to OS internals.

Quite correct.

>   And, not only that,
> but it's about 4.4BSD (1993?), so the exact OS described is quite old*;

Not quite correct.  The more recent edition was retitled to more
accurately denote the fact that it covers FreeBSD (5).


-- 
Lowell Gilbert, embedded/networking software engineer, Boston area
http://be-well.ilk.org/~lowell/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD for webserver?

[Paul Schmehl]

--On Wednesday, July 23, 2008 11:06:30 +0200 VeeJay <[EMAIL PROTECTED]> wrote:


Really good contribution

I would of course go with ports but have a question in mind

What should be installation sequience?

1. Apache 2.2.9
2. MySQL 5.1.26
3. PHP 5.2.6


Install Apache before you install php.  Mysql doesn't matter.  The default 
installs of all three should be fine unless you're doing something unusual. 
You'll also need to install php-extensions.  Run "make config" first and decide 
which ones you need to have installed (after installing php5 of course.)



And are there any options you guys would like to suggest to avoide for
performance or security reasons?



Setup mysql to listen on localhost only *or* to not listen on tcp at all and 
use unix sockets instead.  Mysql, by default, comes with four accounts with 
blank passwords; [EMAIL PROTECTED], [EMAIL PROTECTED], ""@FQHN and ""@localhost (yes, 
that's "blank" @.)  Remove all those accounts except [EMAIL PROTECTED] and then 
set a very good password for root.  Create *new* and separate accounts for 
*every* database you create and grant only the rights needed to perform the 
task.  Most applications only need select, insert, update and delete.  Test it 
with those and add other rights if necessary.


Install portaudit and aggressively update when security issues are found in any 
of the apps on your server.  Do not enable any services that are not needed to 
do the job, and restrict access to ssh to only those networks and accounts that 
really need access.


--
Paul Schmehl
As if it wasn't already obvious,
my opinions are my own and not
those of my employer.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD for webserver?

[DAve]

Jerry McAllister wrote:

On Tue, Jul 22, 2008 at 09:01:44PM -0400, Sahil Tandon wrote:


Paul Schmehl <[EMAIL PROTECTED]> wrote:

[...]

Some people enjoy doing that.  Most people just want the software to work, 
be easy to maintain and upgrade and then stay out of their way. 
Ahem, and that 'just works' crowd is generally not found using FreeBSD or in 
an admin capacity. :-)



Huh???That is what you get with FreeBSD.   It works and
requires a lot less handholding as a server.  As a web server, FreeBSD
requires almost no admin tinkering.You set it up, configure Apache
and then it just works.

jerry



Confirmed, I am getting my first taste of Centos this month. We needed 
to use Centos to meet a client requirement. I could have the server up 
in a few hours with FBSD.


At the moment I am waiting for the Linux admin to finish building custom 
RPMs for everything I install because we need software either not in the 
YUM repository, or not configured the same as the RPM maintainer 
configured.


When I say "I'll just build from source" the blood runs out of his face 
and he says "That is not a good idea, everything needs to be an RPM, it 
would be bad, we can't do that".


What a pain.

DAve

--
Don't tell me I'm driving the cart!
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Auto-saving distfiles on freebsd

[Kris Kennaway]

James Tanis wrote:

"cpghost" <[EMAIL PROTECTED]> wrote:

The ports would still go to the primary sites (to conserve bandwidth),
but should the original distfile disappear, it would be still available
on freebsd.


I think his problem comes from the fact that some ports don't do this, not
that it isn't a good idea. The port maintainers just never did it.


No, you're both mistaken:

# MASTER_SITE_BACKUP
#   - Backup location(s) for distribution 
files and patch
# files if not found locally and 
${MASTER_SITES}/${PATCH_SITES}

# Default:
# 
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/${DIST_SUBDIR}/


All ports fall back to fetching from the master distfile repository if 
they can't be found at the upstream sites.  This dates back at least to 
1996.


Kris

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Auto-saving distfiles on freebsd (was: FreeBSD for webserver?)

[James Tanis]

"cpghost" <[EMAIL PROTECTED]> wrote:
> The ports would still go to the primary sites (to conserve bandwidth),
> but should the original distfile disappear, it would be still available
> on freebsd.

I think his problem comes from the fact that some ports don't do this, not
that it isn't a good idea. The port maintainers just never did it.
--
James Tanis
Technical Coordinator
Monsignor Donovan Catholic High School
e: [EMAIL PROTECTED]


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: The Design and Implementation of the FreeBSD Operating System

[Kevin Kinsey]

FreeBSD Questions wrote:

This book was printed in August 2004.  This predates FBSD 5, and I
know there were some significant changes between the 4.x and 5.x
branches.  We've progressed further and are now into version 7.  How
well does this book apply to more current versions of FreeBSD, such as
version 7?


I stand ready for correction, but "Design & Implementation" is mostly
about, well, the design of the system itself ... not an operational
manual but a programmer's guide to OS internals.  And, not only that,
but it's about 4.4BSD (1993?), so the exact OS described is quite old*;
however, it's of great value not only as history but as 4.4BSD has
fed code into not only FreeBSD, but NetBSD, OpenBSD, and others.
(see /usr/share/misc/bsd-family-tree).  If that's not of interest
to you I'd not worry about this book --- no offence to Mr. McKusick
et al, of course.

Kevin Kinsey

*Notwithstanding the fact that most likely the reason the last
edition was printed in '04 was because they'd updated it to
reflect changes in the previous 10 years.  Perhaps another edition
around 2013-14?
--
I can't understand why people are frightened of new ideas.
I'm frightened of the old ones.
-- John Cage
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Upgrade 6.2-Release to 7.0-Release - stuck!

[Marc Coyles]

Have left as is (for now). Finish the rest off tomorrow... The box runs WHM
/ cPanel... and just holds a few vhosts under single domain. DNS is handled
by ISP's servers...

If anything in original was modified, it was done by WHM/cPanel, not me...

Am at the freebsd-update install point now... so will have another look at
things in the morning with fresh eyes...

Ta fer the suggestions folks!

Marc A Coyles
ICT Support Team (ext 730)
Mbl: 07850 518106


-Original Message-
From: Kevin Kinsey [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 23, 2008 4:16 PM
To: [EMAIL PROTECTED]
Cc: freebsd-questions@freebsd.org
Subject: Re: Upgrade 6.2-Release to 7.0-Release - stuck!

Marc Coyles wrote:
> Am running freebsd-update following instructions at
>
http://www.daemonology.net/blog/2007-11-11-freebsd-major-version-upgrade.htm
l
>
> It’s decided that it can’t merge named.conf changes automagically and has
> dropped me into vi with the file open… looking as below. What exactly is
it
> wanting me to do? T’isn’t particularly clear, and this is the first time
> I’ve ever attempted an upgrade…

It's [apparently] expecting you to use vi to create a named.conf
that will work, and showing you the contents of both the old
named.conf and the one found in 7.0-RELEASE.  I'm not familiar
with freebsd-update (still using the old csup/buildworld routine)
but it sure look like mergemaster, more or less, except that
mergemaster not only allowed you to leave it until later and
do the merge "by hand" but also had a two-column "diff" with
a selector routine, so you could create a "merged" version
on-the-fly.

Is the box an important DNS server?  What happens if you just
save the file as is and try and come back to it later? (YMMV,
standard disclaimer, and all that).  if you've *never* edited
named.conf before, you'd probably be OK to just remove all the
current version stuff in favor of the 7.0-RELEASE stuff, *but*
generally all my boxen *have* been altered, so that wouldn't
work.

> <<< current version
> include "/etc/namedb/rndc.key";
>
> controls {
> inet 127.0.0.1 allow { localhost; } keys { "rndc-key"; };
> };
>
> // $FreeBSD: src/etc/namedb/named.conf,v 1.21.2.1 2005/09/10 08:27:27
dougb
> Exp
> $
> ===
> // $FreeBSD: src/etc/namedb/named.conf,v 1.26.4.1 2008/01/13 20:48:23
dougb
> Exp
> $
 7.0-RELEASE
> //
> // Refer to the named.conf(5) and named(8) man pages, and the
documentation
> // in /usr/share/doc/bind9 for more details.
> //
> // If you are going to set up an authoritative server, make sure you
> // understand the hairy details of how DNS works.  Even with
> // simple mistakes, you can break connectivity for affected parties,
> // or cause huge amounts of useless Internet traffic.
>
> options {
> <<< current version
> pid-file "/var/run/named/pid";
> ===
> // Relative to the chroot directory, if any
 7.0-RELEASE
> directory   "/etc/namedb";
> dump-file   "/var/dump/named_dump.db";
> statistics-file "/var/stats/named.stats";
>
> // If named is being used only as a local resolver, this is a safe
default.
> // For named to be accessible to the network, comment this option, specify
> // the proper IP address, or delete this option.
> listen-on   { 127.0.0.1; };
>
> // If you have IPv6 enabled on this system, uncomment this option for
> // use as a local resolver.  To give access to the network, specify
> // an IPv6 address, or the keyword "any".
> //  listen-on-v6{ ::1; };
>
> // These zones are already covered by the empty zones listed below.
> // If you remove the related empty zones below, comment these lines out.
> disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
> disable-empty-zone
> "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
> 0.0.0.0.0.0.IP6.ARPA";
> disable-empty-zone
> "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
> 0.0.0.0.0.0.IP6.ARPA";
>
> // In addition to the "forwarders" clause, you can force your name
> // server to never initiate queries of its own, but always ask its
> // forwarders only, by enabling the following line:
> //
> //  forward only;
> // If you've got a DNS server around at your upstream provider, enter
> // its IP address here, and enable the line below.  This will make you
> // benefit from its cache, thus reduce overall DNS traffic in the
Internet.
> /*
> forwarders {
> 127.0.0.1;
> };
> */
> /*
>  * If there is a firewall between you and nameservers you want
>  * to talk to, you might need to uncomment the query-source
>  * directive below.  Previous versions of BIND always asked
>  * questions using port 53, but BIND versions 8 and later
>  * use a pseudo-random unprivileged UDP port by default.
>  */
> // query-source address * port 53;
> };
>
> // If you enable a local name server, don't forget to enter 127.0.0.1
> // first in your 

Re: FreeBSD for webserver?

[Jerry McAllister]

On Tue, Jul 22, 2008 at 09:01:44PM -0400, Sahil Tandon wrote:

> Paul Schmehl <[EMAIL PROTECTED]> wrote:
> 
> [...]
> 
> > Some people enjoy doing that.  Most people just want the software to work, 
> > be easy to maintain and upgrade and then stay out of their way. 
> 
> Ahem, and that 'just works' crowd is generally not found using FreeBSD or in 
> an admin capacity. :-)


Huh???That is what you get with FreeBSD.   It works and
requires a lot less handholding as a server.  As a web server, FreeBSD
requires almost no admin tinkering.You set it up, configure Apache
and then it just works.

jerry


> 
> -- 
> Sahil Tandon <[EMAIL PROTECTED]>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Upgrade 6.2-Release to 7.0-Release - stuck!

[Kevin Kinsey]

Marc Coyles wrote:

Am running freebsd-update following instructions at
http://www.daemonology.net/blog/2007-11-11-freebsd-major-version-upgrade.html

It’s decided that it can’t merge named.conf changes automagically and has
dropped me into vi with the file open… looking as below. What exactly is it
wanting me to do? T’isn’t particularly clear, and this is the first time
I’ve ever attempted an upgrade…


It's [apparently] expecting you to use vi to create a named.conf
that will work, and showing you the contents of both the old
named.conf and the one found in 7.0-RELEASE.  I'm not familiar
with freebsd-update (still using the old csup/buildworld routine)
but it sure look like mergemaster, more or less, except that
mergemaster not only allowed you to leave it until later and
do the merge "by hand" but also had a two-column "diff" with
a selector routine, so you could create a "merged" version
on-the-fly.

Is the box an important DNS server?  What happens if you just
save the file as is and try and come back to it later? (YMMV,
standard disclaimer, and all that).  if you've *never* edited
named.conf before, you'd probably be OK to just remove all the
current version stuff in favor of the 7.0-RELEASE stuff, *but*
generally all my boxen *have* been altered, so that wouldn't
work.


<<< current version
include "/etc/namedb/rndc.key";

controls {
inet 127.0.0.1 allow { localhost; } keys { "rndc-key"; };
};

// $FreeBSD: src/etc/namedb/named.conf,v 1.21.2.1 2005/09/10 08:27:27 dougb
Exp
$
===
// $FreeBSD: src/etc/namedb/named.conf,v 1.26.4.1 2008/01/13 20:48:23 dougb
Exp
$

7.0-RELEASE

//
// Refer to the named.conf(5) and named(8) man pages, and the documentation
// in /usr/share/doc/bind9 for more details.
//
// If you are going to set up an authoritative server, make sure you
// understand the hairy details of how DNS works.  Even with
// simple mistakes, you can break connectivity for affected parties,
// or cause huge amounts of useless Internet traffic.

options {
<<< current version
pid-file "/var/run/named/pid";
===
// Relative to the chroot directory, if any

7.0-RELEASE

directory   "/etc/namedb";
dump-file   "/var/dump/named_dump.db";
statistics-file "/var/stats/named.stats";

// If named is being used only as a local resolver, this is a safe default.
// For named to be accessible to the network, comment this option, specify
// the proper IP address, or delete this option.
listen-on   { 127.0.0.1; };

// If you have IPv6 enabled on this system, uncomment this option for
// use as a local resolver.  To give access to the network, specify
// an IPv6 address, or the keyword "any".
//  listen-on-v6{ ::1; };

// These zones are already covered by the empty zones listed below.
// If you remove the related empty zones below, comment these lines out.
disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
disable-empty-zone
"0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
0.0.0.0.0.0.IP6.ARPA";
disable-empty-zone
"1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
0.0.0.0.0.0.IP6.ARPA";

// In addition to the "forwarders" clause, you can force your name
// server to never initiate queries of its own, but always ask its
// forwarders only, by enabling the following line:
//
//  forward only;
// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below.  This will make you
// benefit from its cache, thus reduce overall DNS traffic in the Internet.
/*
forwarders {
127.0.0.1;
};
*/
/*
 * If there is a firewall between you and nameservers you want
 * to talk to, you might need to uncomment the query-source
 * directive below.  Previous versions of BIND always asked
 * questions using port 53, but BIND versions 8 and later
 * use a pseudo-random unprivileged UDP port by default.
 */
// query-source address * port 53;
};

// If you enable a local name server, don't forget to enter 127.0.0.1
// first in your /etc/resolv.conf so this server will be queried.
// Also, make sure to enable it in /etc/rc.conf.

// The traditional root hints mechanism. Use this, OR the slave zones below.
zone "." { type hint; file "named.root"; };

/*  Slaving the following zones from the root name servers has some
significant advantages:
1. Faster local resolution for your users
2. No spurious traffic will be sent from your network to the roots
3. Greater resilience to any potential root server failure/DDoS

On the other hand, this method requires more monitoring than the
hints file to be sure that an unexpected failure mode has not
incapacitated your server.  Name servers that are serving a lot
of clients will benefit more from this approach than individual
hosts.  Use with caution.

Re: Free BSD 6.3 Export Control Classification

[Jerry McAllister]

On Tue, Jul 22, 2008 at 06:54:39PM -0400, darko gavrilovic wrote:

> http://www.freebsd.org/where.html

I don't see anywhere in that reference that the question is answered
or even alluded to.   It does give information on how to obtain a 
copy of FreeBSD, but nothing about ECC.

jerry


> 
> On Tue, Jul 22, 2008 at 4:54 PM, Chocas, Connie S <[EMAIL PROTECTED]>wrote:
> 
> > I would appreciate you assistance in providing the U.S. Commerce Department
> > Export Control Classification for FreeBSD 6.3.
> > Thank you,
> >
> > Connie Chocas
> > Sandia National Laboratories
> > Classification and Export Control
> > Phone: (505) 844-5982; Fax: (505) 284-4927
> > Email:  [EMAIL PROTECTED]
> >
> >
> >
> > ___
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "
> > [EMAIL PROTECTED]"
> >
> 
> 
> 
> -- 
> regards,
> dg
> 
> "using fsdb(8) and clri(8) was like climbing Mount Everest in sandals and
> shorts.
> Since writing that, I've tried them more than once and discovered that I was
> wrong.
> You don't get the shorts." -- M.W. Lucas
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Upgrade 6.2-Release to 7.0-Release - stuck!

[Vincent Hoffman]

Marc Coyles wrote:

Am running freebsd-update following instructions at
http://www.daemonology.net/blog/2007-11-11-freebsd-major-version-upgrade.htm
l

  
I did similar recently, although I went from 6.2 to 6.3 then to 7 
(almost certainly not necessary though.)



It’s decided that it can’t merge named.conf changes automagically and has
dropped me into vi with the file open… looking as below. What exactly is it
wanting me to do? T’isn’t particularly clear, and this is the first time
I’ve ever attempted an upgrade…

  
Basicly, its saying the current version contains whatever it lists up to 
the


===

and the 7 release version has whatever is after the seperator, up to the

>>  7.0-RELEASE

and you need to edit it to say what you want it to be. If you have never 
modifed the file, just delete the current stuff and leave the 
7.0-RELEASE stuff. I have a very customised named.conf so i just said 
that whatever was fine and then restored it from backup after the 
upgrade was finished.


Vince

<<< current version
include "/etc/namedb/rndc.key";

controls {
inet 127.0.0.1 allow { localhost; } keys { "rndc-key"; };
};

// $FreeBSD: src/etc/namedb/named.conf,v 1.21.2.1 2005/09/10 08:27:27 dougb
Exp
$
===
// $FreeBSD: src/etc/namedb/named.conf,v 1.26.4.1 2008/01/13 20:48:23 dougb
Exp
$
  

7.0-RELEASE


//
// Refer to the named.conf(5) and named(8) man pages, and the documentation
// in /usr/share/doc/bind9 for more details.
//
// If you are going to set up an authoritative server, make sure you
// understand the hairy details of how DNS works.  Even with
// simple mistakes, you can break connectivity for affected parties,
// or cause huge amounts of useless Internet traffic.

options {
<<< current version
pid-file "/var/run/named/pid";
===
// Relative to the chroot directory, if any
  

7.0-RELEASE


directory   "/etc/namedb";
dump-file   "/var/dump/named_dump.db";
statistics-file "/var/stats/named.stats";

// If named is being used only as a local resolver, this is a safe default.
// For named to be accessible to the network, comment this option, specify
// the proper IP address, or delete this option.
listen-on   { 127.0.0.1; };

// If you have IPv6 enabled on this system, uncomment this option for
// use as a local resolver.  To give access to the network, specify
// an IPv6 address, or the keyword "any".
//  listen-on-v6{ ::1; };

// These zones are already covered by the empty zones listed below.
// If you remove the related empty zones below, comment these lines out.
disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
disable-empty-zone
"0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
0.0.0.0.0.0.IP6.ARPA";
disable-empty-zone
"1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
0.0.0.0.0.0.IP6.ARPA";

// In addition to the "forwarders" clause, you can force your name
// server to never initiate queries of its own, but always ask its
// forwarders only, by enabling the following line:
//
//  forward only;
// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below.  This will make you
// benefit from its cache, thus reduce overall DNS traffic in the Internet.
/*
forwarders {
127.0.0.1;
};
*/
/*
 * If there is a firewall between you and nameservers you want
 * to talk to, you might need to uncomment the query-source
 * directive below.  Previous versions of BIND always asked
 * questions using port 53, but BIND versions 8 and later
 * use a pseudo-random unprivileged UDP port by default.
 */
// query-source address * port 53;
};

// If you enable a local name server, don't forget to enter 127.0.0.1
// first in your /etc/resolv.conf so this server will be queried.
// Also, make sure to enable it in /etc/rc.conf.

// The traditional root hints mechanism. Use this, OR the slave zones below.
zone "." { type hint; file "named.root"; };

/*  Slaving the following zones from the root name servers has some
significant advantages:
1. Faster local resolution for your users
2. No spurious traffic will be sent from your network to the roots
3. Greater resilience to any potential root server failure/DDoS

On the other hand, this method requires more monitoring than the
hints file to be sure that an unexpected failure mode has not
incapacitated your server.  Name servers that are serving a lot
of clients will benefit more from this approach than individual
hosts.  Use with caution.

To use this mechanism, uncomment the entries below, and comment
the hint zone above.
*/
/*
zone "." {
<<< current version
type hint;
file "/etc/namedb/named.root";
===
type slave;
file "slave/root

Re: connecting to a secured Windows 2003 terminal server

[Steve Bertrand]

Wojciech Puchar wrote:
doubt, since even after googling for nearly five days I couldn't find 
any solution.


Recently my company has updated their server to Windows 2003. The 
earlier 2000 server didn't have SSL enabled, so rdp/rdesktop worked 
for me without any problem. But now, as I try to connect to the 
server, it simply gives me

ERROR: recv: Connection reset by peer


why such questions are on FreeBSD list ?

rdp/rdesktop is not FreeBSD specific at all, and FreeBSD is not Windows.

search the rdesktop mailing list etc. and ask there!


Did you even consider the possibility that the OP is connecting to a 
terminal/rdp server from a FreeBSD workstation?


I know I've done it numerous times in the past. I think that if this is 
the case, its very FreeBSD related.


Steve
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Auto-saving distfiles on freebsd

[Kris Kennaway]

Matthew Seaman wrote:

cpghost wrote:


Why not add this to pointyhat scripts? Just upload a copy of every
*new* distfile ever encountered from the author's page to freebsd
(unless there are legal constraints not to do so, of course)?


Some might say that this already happens.

Well, it's on ftp.freebsd.org rather than pointyhat, and it's only for
the ports that are built by the package build cluster.  Take a look at 
ftp://ftp.freebsd.org/pub/FreeBSD/ports/distfiles/  (Warning: very long

listing)

I'm not sure what the policy is about getting rid of old distfiles, but
there are generally several generations of distfile in there -- about 2
or 3 years worth.


Basically we don't delete them any more unless we have to (e.g. porter 
accidentally allowed redistribution of a distfile for which we don't 
have permission).  In the past we (I) occasionally weeded out everything 
except for the past couple of release distfile sets (and the current 
set) because we needed the space, but this is a pain in the ass to do 
and there hasn't been a need in some years.


Thesedays we indeed collect distfiles with every build.

Kris
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Auto-saving distfiles on freebsd

[Kris Kennaway]

cpghost wrote:

On Tue, Jul 22, 2008 at 11:47:04PM -0700, Ted Mittelstaedt wrote:

Another problem with ports is that all of them like pulling the
original source from the author's site.  I've had a few where the
author released the code under GPL then a few years later lost
interest, stopped paying whatever ISP he had the main site for
the program at, and the porter also lost interest in the project
and never bothered obtaining the last available tarfile from
the authors site and uploading it to freebsd, then both disappeared.
Another one I can recall is the gated code, similar issue.


Why not add this to pointyhat scripts? Just upload a copy of every
*new* distfile ever encountered from the author's page to freebsd
(unless there are legal constraints not to do so, of course)?


We've regularly collected and published port distfiles for at least a 
decade (with increasingly higher frequency as disk space came to 
permit).  It may come as no surprise that Ted is talking out of his ass 
again :)


Kris

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Auto-saving distfiles on freebsd

[Matthew Seaman]

cpghost wrote:


Why not add this to pointyhat scripts? Just upload a copy of every
*new* distfile ever encountered from the author's page to freebsd
(unless there are legal constraints not to do so, of course)?


Some might say that this already happens.

Well, it's on ftp.freebsd.org rather than pointyhat, and it's only for
the ports that are built by the package build cluster.  Take a look at 
ftp://ftp.freebsd.org/pub/FreeBSD/ports/distfiles/  (Warning: very long

listing)

I'm not sure what the policy is about getting rid of old distfiles, but
there are generally several generations of distfile in there -- about 2
or 3 years worth.

Cheers,

Matthew

--
Dr Matthew J Seaman MA, D.Phil.   7 Priory Courtyard
 Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
 Kent, CT11 9PW



signature.asc
Description: OpenPGP digital signature

Re: connecting to a secured Windows 2003 terminal server

[Wojciech Puchar]

doubt, since even after googling for nearly five days I couldn't find any 
solution.


Recently my company has updated their server to Windows 2003. The earlier 
2000 server didn't have SSL enabled, so rdp/rdesktop worked for me without 
any problem. But now, as I try to connect to the server, it simply gives me

ERROR: recv: Connection reset by peer


why such questions are on FreeBSD list ?

rdp/rdesktop is not FreeBSD specific at all, and FreeBSD is not Windows.

search the rdesktop mailing list etc. and ask there!
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Upgrade 6.2-Release to 7.0-Release - stuck!

[Marc Coyles]

Am running freebsd-update following instructions at
http://www.daemonology.net/blog/2007-11-11-freebsd-major-version-upgrade.htm
l

It’s decided that it can’t merge named.conf changes automagically and has
dropped me into vi with the file open… looking as below. What exactly is it
wanting me to do? T’isn’t particularly clear, and this is the first time
I’ve ever attempted an upgrade…

<<< current version
include "/etc/namedb/rndc.key";

controls {
inet 127.0.0.1 allow { localhost; } keys { "rndc-key"; };
};

// $FreeBSD: src/etc/namedb/named.conf,v 1.21.2.1 2005/09/10 08:27:27 dougb
Exp
$
===
// $FreeBSD: src/etc/namedb/named.conf,v 1.26.4.1 2008/01/13 20:48:23 dougb
Exp
$
>>> 7.0-RELEASE
//
// Refer to the named.conf(5) and named(8) man pages, and the documentation
// in /usr/share/doc/bind9 for more details.
//
// If you are going to set up an authoritative server, make sure you
// understand the hairy details of how DNS works.  Even with
// simple mistakes, you can break connectivity for affected parties,
// or cause huge amounts of useless Internet traffic.

options {
<<< current version
pid-file "/var/run/named/pid";
===
// Relative to the chroot directory, if any
>>> 7.0-RELEASE
directory   "/etc/namedb";
dump-file   "/var/dump/named_dump.db";
statistics-file "/var/stats/named.stats";

// If named is being used only as a local resolver, this is a safe default.
// For named to be accessible to the network, comment this option, specify
// the proper IP address, or delete this option.
listen-on   { 127.0.0.1; };

// If you have IPv6 enabled on this system, uncomment this option for
// use as a local resolver.  To give access to the network, specify
// an IPv6 address, or the keyword "any".
//  listen-on-v6{ ::1; };

// These zones are already covered by the empty zones listed below.
// If you remove the related empty zones below, comment these lines out.
disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
disable-empty-zone
"0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
0.0.0.0.0.0.IP6.ARPA";
disable-empty-zone
"1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
0.0.0.0.0.0.IP6.ARPA";

// In addition to the "forwarders" clause, you can force your name
// server to never initiate queries of its own, but always ask its
// forwarders only, by enabling the following line:
//
//  forward only;
// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below.  This will make you
// benefit from its cache, thus reduce overall DNS traffic in the Internet.
/*
forwarders {
127.0.0.1;
};
*/
/*
 * If there is a firewall between you and nameservers you want
 * to talk to, you might need to uncomment the query-source
 * directive below.  Previous versions of BIND always asked
 * questions using port 53, but BIND versions 8 and later
 * use a pseudo-random unprivileged UDP port by default.
 */
// query-source address * port 53;
};

// If you enable a local name server, don't forget to enter 127.0.0.1
// first in your /etc/resolv.conf so this server will be queried.
// Also, make sure to enable it in /etc/rc.conf.

// The traditional root hints mechanism. Use this, OR the slave zones below.
zone "." { type hint; file "named.root"; };

/*  Slaving the following zones from the root name servers has some
significant advantages:
1. Faster local resolution for your users
2. No spurious traffic will be sent from your network to the roots
3. Greater resilience to any potential root server failure/DDoS

On the other hand, this method requires more monitoring than the
hints file to be sure that an unexpected failure mode has not
incapacitated your server.  Name servers that are serving a lot
of clients will benefit more from this approach than individual
hosts.  Use with caution.

To use this mechanism, uncomment the entries below, and comment
the hint zone above.
*/
/*
zone "." {
<<< current version
type hint;
file "/etc/namedb/named.root";
===
type slave;
file "slave/root.slave";
masters {
192.5.5.241;// F.ROOT-SERVERS.NET.
};
notify no;
>>> 7.0-RELEASE
};
<<< current version

zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "/etc/namedb/localhost.rev";
===
zone "arpa" {
type slave;
file "slave/arpa.slave";
masters {
192.5.5.241;// F.ROOT-SERVERS.NET.
};
notify no;
>>> 7.0-RELEASE
};
<<< current version

// RFC 3152
zone
"1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA"
{
type master;
file "/etc/namedb/localhost-v6.rev";
===
zone "in-

Auto-saving distfiles on freebsd (was: FreeBSD for webserver?)

[cpghost]

On Tue, Jul 22, 2008 at 11:47:04PM -0700, Ted Mittelstaedt wrote:
> Another problem with ports is that all of them like pulling the
> original source from the author's site.  I've had a few where the
> author released the code under GPL then a few years later lost
> interest, stopped paying whatever ISP he had the main site for
> the program at, and the porter also lost interest in the project
> and never bothered obtaining the last available tarfile from
> the authors site and uploading it to freebsd, then both disappeared.
> Another one I can recall is the gated code, similar issue.

Why not add this to pointyhat scripts? Just upload a copy of every
*new* distfile ever encountered from the author's page to freebsd
(unless there are legal constraints not to do so, of course)?

The ports would still go to the primary sites (to conserve bandwidth),
but should the original distfile disappear, it would be still available
on freebsd.

-cpghost.

-- 
Cordula's Web. http://www.cordula.ws/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: The Design and Implementation of the FreeBSD Operating System

[darko gavrilovic]

On Wed, Jul 23, 2008 at 8:12 AM, FreeBSD Questions <
[EMAIL PROTECTED]> wrote:

> details like the nitty-gritty of
> configuing sendmail, apache, samba, NFS, etc?


You might want to look at specific books targeting that software. Check
o'rielly.For example

http://search.oreilly.com/?q=sendmail


Note: you can also look at google books for some of these titles. I have
managed to find more that one that I needed and it's a free resource.
http://books.google.com/



> And what about "Absolute FreeBSD"?  It's updated for FreeBSD 7, so I
> know it's current.  Is it a "good book"?  Is it worth the read?  How
> valuable is its content?  (I know I'm asking some very subjective
> questions, but if I'm going to spend hundreds of $$$ to build my
> library in this area, I'd like at least a couple of opinions about the
> books I buy.)


I read it. I think it's a good FreeBSD book.





> Personally, I don't think I'd ever buy "The FreeBSD Handbook".  It's a
> really good resource, but as long as it's actively updated
> electronically it's too dynamic to buy a hardcopy.  I'd much rather
> read it online where I can get the latest revisions.



Do you mean "The Complete FreeBSD"? Thats available online for free.
http://www.lemis.com/grog/Documentation/CFBSD/

The "The FreeBSD Handbook" is the free resource available on www.freebsd.org
http://www.freebsd.org/doc/en/books/handbook/


>
>
> Kevin
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> [EMAIL PROTECTED]"
>



-- 
regards,
dg

"using fsdb(8) and clri(8) was like climbing Mount Everest in sandals and
shorts.
Since writing that, I've tried them more than once and discovered that I was
wrong.
You don't get the shorts." -- M.W. Lucas
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: The Design and Implementation of the FreeBSD Operating System

[dfeustel]

On Wed, Jul 23, 2008 at 04:12:51PM +0300, Manolis Kiagias wrote:
> FreeBSD Questions wrote:
>> And what about "Absolute FreeBSD"?  It's updated for FreeBSD 7, so I
>> know it's current.  Is it a "good book"?  Is it worth the read?  How
>> valuable is its content?  (I know I'm asking some very subjective
>> questions, but if I'm going to spend hundreds of $$$ to build my
>> library in this area, I'd like at least a couple of opinions about the
>> books I buy.)
>>
>>
>>   
>
> Absolute FreeBSD is an excellent book, a must have if you ask me.
> Excellent tips, very good explanation of how things work, relaxed and easy 
> writing style.
> You will get a lot out of this book. (Note: it is concentrated on server 
> tasks, you will not get any "X" tips from it)

I also recommend _X Power Tools_ for X-related info. Doesn't have
everything I would like to know about X, but it filled in many gaps for
me.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: The Design and Implementation of the FreeBSD Operating System

[Manolis Kiagias]

FreeBSD Questions wrote:

And what about "Absolute FreeBSD"?  It's updated for FreeBSD 7, so I
know it's current.  Is it a "good book"?  Is it worth the read?  How
valuable is its content?  (I know I'm asking some very subjective
questions, but if I'm going to spend hundreds of $$$ to build my
library in this area, I'd like at least a couple of opinions about the
books I buy.)


  


Absolute FreeBSD is an excellent book, a must have if you ask me.
Excellent tips, very good explanation of how things work, relaxed and 
easy writing style.
You will get a lot out of this book. (Note: it is concentrated on server 
tasks, you will not get any "X" tips from it)



Personally, I don't think I'd ever buy "The FreeBSD Handbook".  It's a
really good resource, but as long as it's actively updated
electronically it's too dynamic to buy a hardcopy.  I'd much rather
read it online where I can get the latest revisions.

Kevin
___

  


True, the handbook is under constant development - and it should be, to 
match the system
I have a printed version, and it is outdated in several sections. I find 
hardcopies easier to read though.


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

ng_netflow question

[Volodymyr Kostyrko]

Hi there.

I'm stuck with splitting input and output traffic. I can't use 
srcaddr/dstaddr as the machine generating traffic gets dynamic ip's. I'm 
thinking of using input/output for that purpose, but it's not clearly 
stated how this parameters are populated. I.e. for outbound connection 
we got input=0 and output=ifX but for inbound connections 
input=output=ifX. Am I missing something here? Should the outbound 
connections get output=0?


--
Sphinx of black quartz judge my vow.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: The Design and Implementation of the FreeBSD Operating System

[Dave]

On Wed, Jul 23, 2008 at 08:12:02AM -0400, FreeBSD Questions wrote:
>> Yet your point is completly valid one.. and that's why "The Design and
>> Implementation of the FreeBSD Operating System" is the only book that I've
>> been hesitant on buying so far ... Lucas (Absolute FreeBSD, 2nd Edition),
>> Lavigne (The Best of FreeBSD Basics), Kong (BSD rootkits),  Lehey (Download
>> edition:) ) are all over my desktop as I write this mail, and I consult them
>> daily ... Farrokhi (Network Administration with FreeBSD) and Hong (Building a
>> Server with FreeBSD 7) are the ones coming in the next batch ...
>
>Has anyone on the list read "Building a Server with FreeBSD 7: A
>Modular Approach"?  The description on bookpool.com makes it sound a
>little basic/superficial, covering topics such as how to install
>FreeBSD and how to install/configure programs via the ports.  I'm
>already very familiar with these topics; does anyone know if this book
>covers more advanced topics or details like the nitty-gritty of
>configuing sendmail, apache, samba, NFS, etc?

I have read this book. It's not very useful to me since I run
FreeBSD 7 as a desktop. But I did find it interesting. The book
provides setup info for many server services.

>And what about "Absolute FreeBSD"?  It's updated for FreeBSD 7, so I
>know it's current.  Is it a "good book"?  Is it worth the read?  How
>valuable is its content?  (I know I'm asking some very subjective
>questions, but if I'm going to spend hundreds of $$$ to build my
>library in this area, I'd like at least a couple of opinions about the
>books I buy.)

Yes. Yes. Very valuable. I give it 5/5 stars. 

>> So far .. there are only three books I would have bought but I didn't because
>> I thought the situation could improve ... those are: "The Design and
>> Implementation of the FreeBSD Operating System", "BSD Hacks" and "The FreeBSD
>> HandBook"... same reason for all of them .. too old by now (although I think
>> I'll buy "BSD Hacks" anyways .. I just can't resist buying Lavigne books :( )
>
>Personally, I don't think I'd ever buy "The FreeBSD Handbook".  It's a
>really good resource, but as long as it's actively updated
>electronically it's too dynamic to buy a hardcopy.  I'd much rather
>read it online where I can get the latest revisions.
>
>Kevin
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: The Design and Implementation of the FreeBSD Operating System

[FreeBSD Questions]

> Yet your point is completly valid one.. and that's why "The Design and
> Implementation of the FreeBSD Operating System" is the only book that I've
> been hesitant on buying so far ... Lucas (Absolute FreeBSD, 2nd Edition),
> Lavigne (The Best of FreeBSD Basics), Kong (BSD rootkits),  Lehey (Download
> edition:) ) are all over my desktop as I write this mail, and I consult them
> daily ... Farrokhi (Network Administration with FreeBSD) and Hong (Building a
> Server with FreeBSD 7) are the ones coming in the next batch ...

Has anyone on the list read "Building a Server with FreeBSD 7: A
Modular Approach"?  The description on bookpool.com makes it sound a
little basic/superficial, covering topics such as how to install
FreeBSD and how to install/configure programs via the ports.  I'm
already very familiar with these topics; does anyone know if this book
covers more advanced topics or details like the nitty-gritty of
configuing sendmail, apache, samba, NFS, etc?

And what about "Absolute FreeBSD"?  It's updated for FreeBSD 7, so I
know it's current.  Is it a "good book"?  Is it worth the read?  How
valuable is its content?  (I know I'm asking some very subjective
questions, but if I'm going to spend hundreds of $$$ to build my
library in this area, I'd like at least a couple of opinions about the
books I buy.)


> So far .. there are only three books I would have bought but I didn't because
> I thought the situation could improve ... those are: "The Design and
> Implementation of the FreeBSD Operating System", "BSD Hacks" and "The FreeBSD
> HandBook"... same reason for all of them .. too old by now (although I think
> I'll buy "BSD Hacks" anyways .. I just can't resist buying Lavigne books :( )

Personally, I don't think I'd ever buy "The FreeBSD Handbook".  It's a
really good resource, but as long as it's actively updated
electronically it's too dynamic to buy a hardcopy.  I'd much rather
read it online where I can get the latest revisions.

Kevin
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

max MFSROOT size

[Wojciech Puchar]

i made 350MB mfsroot, and loader simply ignores to load it.
with 100MB it works.

machine have 512MB RAM. how to fix it?

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD for webserver?

[Julien Cigar]

At least ports-mgmt/portaudit, which check if installed ports have
published security vulnerabilities.

I don't use PHP, but I used to create a separate user for each webapp
with a special login class, so I would run PHP in FCGI mode (with
something like xcache) instead of mod_php.

For the rest ... it's usually a question of configuration.

On Wed, 2008-07-23 at 11:06 +0200, VeeJay wrote:
> Really good contribution
> 
> I would of course go with ports but have a question in mind
> 
> What should be installation sequience?
> 
> 1. Apache 2.2.9
> 2. MySQL 5.1.26
> 3. PHP 5.2.6
> And are there any options you guys would like to suggest to avoide for
> performance or security reasons?
> 
> Regards
> 
> VJ
> On Tue, Jul 22, 2008 at 10:05 PM, VeeJay <[EMAIL PROTECTED]> wrote:
> 
> >  Hi there
> >
> > I am going to make 2 Webserver at my work going to handle 50 mil hits per
> > month... They are using Linux already. But being a FreeBSD fan, I have
> > proposed FreeBSD to my Boss convincing him that FreeBSD is more Fast and
> > Secure solution for his needs... And now I want to show the results...
> > *Hardware:*
> > Dell PowerEdge 2950 III having 2 x CPU 3,0 GHz Intel Xeon L5450 Quad-Core
> > 2x6MB cache WITH 16 GB RAM.
> >
> > *Tools:*
> > 1. FreeBSD 7 Production Release
> > 2. Apache 2.2.9
> > 3. MySQL 5.1.26
> > 4. PHP 5.2.6
> >
> > My question is, "*To get the speed, performance and security*":
> >
> > Should I use Ports or Packages to install all these tools One by One?
> >
> > *OR*
> > Should I use TAR files and compile them manually. For example giving
> > command line arguments and commands like
> >
> > ./configure --prefix=/www --enable-module=so
> > make
> > make install
> > cd ../php-xxx
> > ./configure --with-mysql --with-apxs=/www/bin/apxs
> > make
> > make install
> >
> > etc
> >
> > I have googled but still haven't reached to solution...personally I would
> > prefer comiling them with command line arguments
> > but then I seek some help from you guys i.e.
> >
> > How should I write this ./configure..stuff in FreeBSD and what would be
> > the best options combination, I must choose to get the speed, performane and
> > security in Apache, MySQL and PHP?
> >
> > Any suggestion is very welcomed!
> >
> > --
> > Thanks!
> >
> > BR / vj
> >
> 
> 
> 
-- 
Julien Cigar
Belgian Biodiversity Platform
http://www.biodiversity.be
Université Libre de Bruxelles (ULB)
Campus de la Plaine CP 257
Bâtiment NO, Bureau 4 N4 115C (Niveau 4)
Boulevard du Triomphe, entrée ULB 2
B-1050 Bruxelles
Mail: [EMAIL PROTECTED]
@biobel: http://biobel.biodiversity.be/person/show/471
Tel : 02 650 57 52

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Has anyone used libusb for accessing usb devices here?

[Tijl Coosemans]

On Wednesday 23 July 2008 06:20:09 Andrew Falanga wrote:
> On Tuesday 22 July 2008 08:38:58 Lowell Gilbert wrote:
>> "Andrew Falanga" <[EMAIL PROTECTED]> writes:
>>> I'd like to know if anyone here on the list has ever used libusb
>>> (http://libusb.sourceforge.net) for accessing usb devices.  I
>>> successfully compiled and installed it on my FreeBSD 7 laptop but
>>> when I run a test program no USB HUBs are found.  The same test on
>>> a Fedora box works fine.  I was wondering what the magic is for
>>> FreeBSD since the web site claims the package works on FreeBSD.
>>
>> libusb is in ports, and a number of other ports use it.
>> (See "make search key=libusb".)
>> That should provide a variety of working examples.
> 
> Ok, I've installed from the ports collection this time (at home now
> on my 6.2p11 box) and I'm seeing busses in my computer.  However,
> when I plug in my USB thumb drive, a Sandisk Cruizer Micro that the
> kernel does see as da0 (verified in /var/log/messages), I don't get
> any devices shown.

I'm not entirely sure, but it's possible it only shows ugen devices.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD for webserver?

[VeeJay]

Really good contribution

I would of course go with ports but have a question in mind

What should be installation sequience?

1. Apache 2.2.9
2. MySQL 5.1.26
3. PHP 5.2.6
And are there any options you guys would like to suggest to avoide for
performance or security reasons?

Regards

VJ
On Tue, Jul 22, 2008 at 10:05 PM, VeeJay <[EMAIL PROTECTED]> wrote:

>  Hi there
>
> I am going to make 2 Webserver at my work going to handle 50 mil hits per
> month... They are using Linux already. But being a FreeBSD fan, I have
> proposed FreeBSD to my Boss convincing him that FreeBSD is more Fast and
> Secure solution for his needs... And now I want to show the results...
> *Hardware:*
> Dell PowerEdge 2950 III having 2 x CPU 3,0 GHz Intel Xeon L5450 Quad-Core
> 2x6MB cache WITH 16 GB RAM.
>
> *Tools:*
> 1. FreeBSD 7 Production Release
> 2. Apache 2.2.9
> 3. MySQL 5.1.26
> 4. PHP 5.2.6
>
> My question is, "*To get the speed, performance and security*":
>
> Should I use Ports or Packages to install all these tools One by One?
>
> *OR*
> Should I use TAR files and compile them manually. For example giving
> command line arguments and commands like
>
> ./configure --prefix=/www --enable-module=so
> make
> make install
> cd ../php-xxx
> ./configure --with-mysql --with-apxs=/www/bin/apxs
> make
> make install
>
> etc
>
> I have googled but still haven't reached to solution...personally I would
> prefer comiling them with command line arguments
> but then I seek some help from you guys i.e.
>
> How should I write this ./configure..stuff in FreeBSD and what would be
> the best options combination, I must choose to get the speed, performane and
> security in Apache, MySQL and PHP?
>
> Any suggestion is very welcomed!
>
> --
> Thanks!
>
> BR / vj
>



-- 
Thanks!

BR / vj
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD for webserver?

[Gonzalo Nemmi]

On Wednesday 23 July 2008 03:47:04 Ted Mittelstaedt wrote:
> > This seems to be a common misperception about ports.  Ports
> > aren't something
> > magical.  They do exactly what you would do from the commandline (i.e.
> > ./configure, make, make install), except they come with several bonuses.
> >
> > 1) The port maintainer has already worked out all the quirks to
> > make it compile
> > and install properly on FreeBSD.  2) The port maintainer has
> > already supplied
> > patches that allow the software to build correctly on FreeBSD.
> > 3) All the
> > dependencies are already taken care of.  4) Upgrading is quite simple and
> > straightforward.  5) The software is now
> > architechture-independent (in most
> > cases), meaning you can move from Intel to AMD (for example)
> > without having to
> > worry that the software will no longer build and you'll have to
> > start from
> > scratch again.
> >
> > For example, I decided today that I wanted to try out some software named
> > "arguseye".  So I downloaded and untarred the program.  I looked at the
> > dependencies.  It requires a number of perl modules, some of
> > which are not in
> > ports.  So, I just created three new perl ports to satisfy those
> > dependencies
> > and submitted them this afternoon.
> >
> > Once those are accepted into the tree, I'll create the arguseye
> > port and submit
> > it as well.  Then, when someone else wants to install arguseye,
> > all they will
> > have to do is type "make install clean" in the port directory and
> > everything
> > that they need will be installed for them.
> >
> > Unless you're a glutton for punishment, why would you do all that
> > yourself?
>
> Because maybe you don't care for the porter's choice of defaults.
>
> Many programs come with hard-coded defaults that are modified
> in a config file.  For example cistron-radius.  Another example
> is the dspam port.  The porter for that insisted on using a
> default of apache vhost.  However the default apache port does
> not activate this.  I don't give a rat's ass that vhost is
> supposedly more secure.  Another one that always pisses me off
> is the porter's choice in building uw-imap to turn off plaintext
> passwords.  And the default for pine is also to turn off
> plaintext support.
>
> Another problem is that not all porters are good about maintaining
> their ports.  For example icradius.  Someone spent a lot of time
> creating the port for that.  Then just let it die.  Another is
> the open source ingres database.  Julian ported that one then
> lost interest, it died sometime around FBSD 4.X
>
> Another problem with ports is that all of them like pulling the
> original source from the author's site.  I've had a few where the
> author released the code under GPL then a few years later lost
> interest, stopped paying whatever ISP he had the main site for
> the program at, and the porter also lost interest in the project
> and never bothered obtaining the last available tarfile from
> the authors site and uploading it to freebsd, then both disappeared.
> Another one I can recall is the gated code, similar issue.
>
> The fundamental achillies heel of the ports system is it makes
> the assumption that every package in the ports system is popular
> and will be supported for the indefinite future by the original
> package developer.  The ports system counts on this insofar that
> it assumes that if the original porter loses interest and stops
> tracking the master site, that someone else will step in and
> assume responsibility for maintaining the port.
>
> The reality is that in every release of FreeBSD, some ports go
> wanting for sponsors, and nobody steps forward and so when the
> port stops building, the FreeBSD maintainers simply cut it out
> of the ports tree, plus anything dependent on it.
>
> This assumption is fine for people running vanilla apache or
> whatever systems, which is most people.  But, if your doing
> anything that isn't plain-jane middle of the road, you better
> assume that if your using a series of ports, to make detailed
> notes, and save the ports, and save the patches, and save
> the distfiles.  You may need to see how they did it in an
> older FreeBSD system when a new version of FreeBSD comes out
> that is missing one or more of the ports you depend on.
>
> Ultimately, ports isn't any different than most other things.
> When it's properly executed it's great.  But proper execution
> of the entire thing depends on every porter who has an active
> port in the system doing the right thing, and there's so many of
> them that statistically, some of them are going to be flakes.
>
> Ultimately, if your going to be a server admin, you need to
> know how to build your applications without ports.
>
> It's no different than, for example, I know how to pour and
> form concrete, I know how to plumb pipes.  But if I needed
> concrete poured, or pipes plumbed, I would call a contractor
> and a plumber, and because I know how to do these thing