Re: ftp server: create/delete user by web interface
Hello Sebastian Sorry for the delay but I was very bussy. Am Thu, Sep 04, 2008 at 09:31:03AM +0200 Sebastian Tymków schrieb: Have you tried cpanel or webmin ? I checked webmin but not very depth. Or maybe you're looking for solution like ftp server and accounts in database ? This is a possible way. Probably the combination ftp users in a database is ok. Which one is the best solution? I've three FreeBSD 7.0 server. Im looking for a combination where I can create/delete etc. ftp users as a non-root user (probably from a template). Regards, -- Martin Schweizer [EMAIL PROTECTED] PC-Service M. Schweizer GmbH; Bannholzstrasse 6; CH-8608 Bubikon Tel. +41 55 243 30 00; Fax: +41 55 243 33 22; http://www.pc-service.ch; public key : http://www.pc-service.ch/pgp/public_key.asc; fingerprint: EC21 CA4D 5C78 BC2D 73B7 10F9 C1AE 1691 D30F D239; ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ftp server: create/delete user by web interface
Hello, 2008/9/8 Martin Schweizer [EMAIL PROTECTED] Or maybe you're looking for solution like ftp server and accounts in database ? This is a possible way. Probably the combination ftp users in a database is ok. Which one is the best solution? I've three FreeBSD 7.0 server. Im looking for a combination where I can create/delete etc. ftp users as a non-root user (probably from a template). I haven't used such solution,but you can try pureftpd+sql backed or vsftpd with mysql backed. Best regards, Sebastian Tymków ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
[FreeBSD 6.3] Right-way to recover a module?
Hello I'm running Asterisk 1.4.20.1 on a FreeBSD that I compiled from the Ports collection. It's the second time I'm having an issue with a FXO card and/or the Zaptel driver that connects the card to the OS. I couldn't figure out what else to do, so I just rebooted the server, but I'd like to know what happened, and whether there's a less drastic solution. Here's some infos: === # /usr/local/etc/rc.d/zaptel stop zaptelkldunload: can't find file wcte12xp.ko: No such file or directory kldunload: can't find file wcte11xp.ko: No such file or directory kldunload: can't find file wct4xxp.ko: No such file or directory kldunload: can't find file wct1xxp.ko: No such file or directory kldunload: can't unload file: Device busy kldunload: can't find file wcfxo.ko: No such file or directory kldunload: can't find file tau32pci.ko: No such file or directory kldunload: can't find file qozap.ko: No such file or directory kldunload: can't unload file: Device busy Sep 6 19:11:12 freebsd kernel: kldunload: attempt to unload file that was loaded by the kernel # kldstat Id Refs AddressSize Name 19 0xc040 7a05b0 kernel 21 0xc0ba1000 5c304acpi.ko 121 0xc2d6c000 19000linux.ko 131 0xc3ba9000 32000zaptel.ko 171 0xc3c0d000 a000 wcfxs.ko # kldunload -i 13 kldunload: can't unload file: Device busy # kldunload -i 17 kldunload: can't unload file: Device busy === Support tells me something that I don't understand but could be comprehensible by FreeBSD experts : have you checked the modules? it is still under the kernel? i am not very sure the location of ko file in freebsd, please check that, according to the error, it reports that the ko files lost. Thanks for any tip. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: LVM2 under FreeBSD ?
Le 07/09/2008 à 23:21:20+0200, Polytropon a écrit On Sun, 7 Sep 2008 14:09:42 +, nicodache [EMAIL PROTECTED] wrote: Do yoy know of any solution available as port that would provide me with the same features as LVM ? (resize of partitions while running, to adapt /var to my needs without copying, unmouting, resizing, rebooting, etc) As it has been mentioned before, ZFS is much more professional of course. You can add storage to /var or /home without needing to move any content to a new disk. ZFS is part of the base system. Yes of course ZFS is very powerful FS, but I'm not very sure it's ready (on FreeBSD) for production. Regards. -- Albert SHIH SIO batiment 15 Observatoire de Paris Meudon 5 Place Jules Janssen 92195 Meudon Cedex Heure local/Local time: Lun 8 sep 2008 09:34:20 CEST ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: LVM2 under FreeBSD ?
Yes of course ZFS is very powerful FS, but I'm not very sure it's ready (on you meant very powerrequiring ;) FreeBSD) for production. Regards. -- Albert SHIH SIO batiment 15 Observatoire de Paris Meudon 5 Place Jules Janssen 92195 Meudon Cedex Heure local/Local time: Lun 8 sep 2008 09:34:20 CEST ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: incomplete build
=== Running ldconfig /sbin/ldconfig -m /usr/local/lib === Registering installation for libthai-0.1.5_3 === Returning to build of kdelibs-3.5.8 === kdelibs-3.5.8 depends on shared library: tiff.4 - found === kdelibs-3.5.8 depends on shared library: xml2.5 - found === kdelibs-3.5.8 depends on shared library: xslt.2 - found === kdelibs-3.5.8 depends on shared library: cups - not found === Verifying install for cups in /usr/ports/print/cups-base === Patching for cups-base-1.3.5_2 === Applying FreeBSD patches for cups-base-1.3.5_2 Ignoring previously applied (or reversed) patch. 10 out of 10 hunks ignored--saving rejects to cups/ipp.c.rej = Patch patch-CVE-2007-4351 failed to apply cleanly. *** Error code 1 Stop in /usr/ports/print/cups-base. *** Error code 1 Stop in /usr/ports/x11/kdelibs3. *** Error code 1 Stop in /usr/ports/x11/kdebase3. *** Error code 1 Stop in /usr/ports/x11/kdebase3. *** Error code 1 Stop in /usr/ports/x11/kde3. # _ See how Windows connects the people, information, and fun that are part of your life. http://clk.atdmt.com/MRT/go/msnnkwxp1020093175mrt/direct/01/___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Mon, 8 Sep 2008 02:47:47 -0700, David Southwell [EMAIL PROTECTED] wrote: Hi Could anyone tell me what entry I should make in postfix configuration files to bounce mails directed to [EMAIL PROTECTED] that emanate from a source outside my local network. Sorry to ask the question here but postfix users mailing list is currently rejecting mails from servers on a dynamic ip address - so I cannot get through to ask a question there. I don't think that restriction is going to be lifted any time soon. So why are you not using your ISP to relay emails, using its mail gateway (which should have a static IP address)? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Monday 08 September 2008 03:57:11 you wrote: On Mon, 8 Sep 2008 02:47:47 -0700, David Southwell [EMAIL PROTECTED] wrote: Hi Could anyone tell me what entry I should make in postfix configuration files to bounce mails directed to [EMAIL PROTECTED] that emanate from a source outside my local network. Sorry to ask the question here but postfix users mailing list is currently rejecting mails from servers on a dynamic ip address - so I cannot get through to ask a question there. I don't think that restriction is going to be lifted any time soon. So why are you not using your ISP to relay emails, using its mail gateway (which should have a static IP address)? I think the restriction is OTT especially in the light of civil liberties issues. I do not like the fact that a number of governments (including most european ones) now have the right to access all emails that pass through an ISP's server. They do not have the right to access private server systems unless they have a warrant. BIG BROTHER is watching far too much. Frankly I am surprised that organisations such as Postfix are not aware of the issue and realise the civil liberties implicati Another emerging issue is cable operators refusing to allow fixed IP address so they can receive revenue from reporting on user usage data. Additionally low volume users, unless they pay a high premium and subscribe to a business service cannot acquire fixed IPs. IN some areas that are primarily residential they will not even allow fixed IPs at any price. This movement to commercialise the internet and limit access in this way is deplorable when there are alternative methods of dealing with legitimate problems. David ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Monday 08 September 2008 03:38:05 Sahil Tandon wrote: David Southwell [EMAIL PROTECTED] wrote: Could anyone tell me what entry I should make in postfix configuration files to bounce mails directed to [EMAIL PROTECTED] that emanate from a source outside my local network. After permitting your networks in the smtpd_recipient_restrictions, use check_recipient_access to REJECT any messages with an RCPT TO [EMAIL PROTECTED] http://www.postfix.org/postconf.5.html#check_recipient_access http://www.postfix.org/access.5.html Thanks very much.. I seem to be struggling getting with the postfix command structure. If you have the time would you be kind enough to give me specific examples of the actual entries to be made in the appropriate files. In case it is relevant my server has a number of virtual domains but the problem I am getting is on the primary address for the mail server. Assume the email address in question is [EMAIL PROTECTED] which appears to be subjected to problems and I want to permit only addresses on the local network to send emails to that address. Thanks in advance No problem if you are too busy David ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Monday 08 September 2008 04:10:11 Sahil Tandon wrote: David Southwell [EMAIL PROTECTED] wrote: Sorry to ask the question here but postfix users mailing list is currently rejecting mails from servers on a dynamic ip address - so I cannot get through to ask a question there. Incidentally, your IP is also listed on several RBLs. You are right - that is why I am asking this question to help me fix the problem. Someone hacked our network. I have fixed most stuff but need to fix this issue to close the final door. !!! Someone got a trojan onto my wifes windows 32 bit system which has access to my picture library (I am a photographer). It has taken me three days to fix the problem there and then I found they had used that route to get onto the freebsd server. I have blocked that access now but there are some things to fix on the mail suystem and this is one of them. I think I have closed most loopholes now. If you could help me with this one it would be appreciated. Thanks for your help David ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
I do not like the fact that a number of governments (including most european ones) now have the right to access all emails that pass through an ISP's only if you use big operators. BIG BROTHER is watching far too much. Frankly I am surprised that we have democracy. in democracy majority decides for everybody. majority wanted it for they own good. minority has to shut up or go away. Another emerging issue is cable operators refusing to allow fixed IP address so they can receive revenue from reporting on user usage data. could you please tell more about the sentence above. maybe it's my bad english but i don't understand. why constantly changing user IP could help reporting user data and getting revenue? This movement to commercialise the internet and limit access in this way is deplorable when there are alternative methods of dealing with legitimate even now we are more restricted than people in China, where they have chinese internet with very very limited access to outside, but withing chinese internet there are very little limits. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Monday 08 September 2008 04:19:11 Wojciech Puchar wrote: I do not like the fact that a number of governments (including most european ones) now have the right to access all emails that pass through an ISP's only if you use big operators. All UK operators are big operators and covered by this -- if you provide internet access you jhave to give government access!! BIG BROTHER is watching far too much. Frankly I am surprised that we have democracy. in democracy majority decides for everybody. majority wanted it for they own good. minority has to shut up or go away. A democracy that does not respect minority rights including civil liberties is not a democracy but an authoritarian state. Another emerging issue is cable operators refusing to allow fixed IP address so they can receive revenue from reporting on user usage data. could you please tell more about the sentence above. maybe it's my bad english but i don't understand. why constantly changing user IP could help reporting user data and getting revenue? They keep track of who is connected by using hardware info and by use of login security. This movement to commercialise the internet and limit access in this way is deplorable when there are alternative methods of dealing with legitimate even now we are more restricted than people in China, where they have chinese internet with very very limited access to outside, but withing chinese internet there are very little limits. Whether anyone else is more or less affected is irrelevant. I would not want to sanction state executions in my own country because state executions are permitted in either USA or China or Iran or Iraq!! Neither would I want to approve breaches of civil liberties because there are breaches in Chine. David ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Error :Code 1
I try to build and install custom kernel.However when i write this command, make buildkernel KERNCONF=MYKERNEL I got this error: ERROR:Missing kernel configuration file(s) (MYKERNEL) Error code 1 Stop in /usr/src Error code 1 Stop in /usr/src Can somebody help me! Thanks, -Hilmi You need to create a kernel config file and give it a name like MYKERNEL Place this file in /usr/src/sys/i386/conf/ If you use amd64 then it needs to go in /usr/src/sys/amd64/conf/ If you named that file KRNL then the command needs to be: make buildkernel KERNCONF=KRNL regards Johan No virus found in this outgoing message. Checked by AVG - http://www.avg.com Version: 8.0.169 / Virus Database: 270.6.19/1659 - Release Date: 8-9-2008 7:01 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Mon, 8 Sep 2008 04:33:14 -0700, David Southwell [EMAIL PROTECTED] wrote: On Monday 08 September 2008 03:57:11 you wrote: On Mon, 8 Sep 2008 02:47:47 -0700, David Southwell [EMAIL PROTECTED] wrote: Could anyone tell me what entry I should make in postfix configuration files to bounce mails directed to [EMAIL PROTECTED] that emanate from a source outside my local network. Sorry to ask the question here but postfix users mailing list is currently rejecting mails from servers on a dynamic ip address - so I cannot get through to ask a question there. I don't think that restriction is going to be lifted any time soon. So why are you not using your ISP to relay emails, using its mail gateway (which should have a static IP address)? I think the restriction is OTT especially in the light of civil liberties issues. I do not like the fact that a number of governments (including most european ones) now have the right to access all emails that pass through an ISP's server. They do not have the right to access private server systems unless they have a warrant. 'Civil liberties' are only meaningful in the context of a specific 'civilization'. Welcome to the civilization that allows spammers to use dynamic IP addresses to disrupt, annoy, cause harm, commit commercial and all other sorts of fraud. It is not a perfect civilization, but it's the one we have, and trying to hide our heads in the sand about the *real* problem these restrictions are trying to solve isn't going to make things much better any time soon now. One may easily argue that the 'civil laws' that forbid stealing from other people are 'limiting the freedom we have to use the potentially boundless resources available all over the place'. I don't think anyone would consider the argument in favor of stealing as very sound. The same can be said of the IP address space. One can argue for days, for weeks, or even _years_, that requiring a static IP address to be able to post to a 'common resource' --like the mailing list-- is a limit to the freedom of everyone. I'm not very convinced this limit is as bad as you are trying to describe, though. In particular, I am not really convinced the 'freedom' of everyone to post from non-static IP addresses is worth the immediate problems this would cause by massively increasing the problems we have with spam mail even today. Giorgos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Monday 08 September 2008 04:47:49 Giorgos Keramidas wrote: On Mon, 8 Sep 2008 04:33:14 -0700, David Southwell [EMAIL PROTECTED] wrote: On Monday 08 September 2008 03:57:11 you wrote: On Mon, 8 Sep 2008 02:47:47 -0700, David Southwell [EMAIL PROTECTED] wrote: Could anyone tell me what entry I should make in postfix configuration files to bounce mails directed to [EMAIL PROTECTED] that emanate from a source outside my local network. Sorry to ask the question here but postfix users mailing list is currently rejecting mails from servers on a dynamic ip address - so I cannot get through to ask a question there. I don't think that restriction is going to be lifted any time soon. So why are you not using your ISP to relay emails, using its mail gateway (which should have a static IP address)? I think the restriction is OTT especially in the light of civil liberties issues. I do not like the fact that a number of governments (including most european ones) now have the right to access all emails that pass through an ISP's server. They do not have the right to access private server systems unless they have a warrant. 'civil liberties' are only meaningful in the context of a specific 'civilization'. Welcome to the civilization that allows spammers to use dynamic IP addresses to disrupt, annoy, cause harm, commit commercial and all other sorts of fraud. One may easily argue that the 'civil laws' that forbid stealing from other people are 'limiting the freedom we have to use the potentially boundless resources available all over the place'. I don't think anyone would consider the argument in favor of stealing as very sound. The same can be said of the IP address space. One can argue for days, nay for _weeks_ or even years, that requiring a static IP address to be able to post to a 'common resource' --like the mailing list-- is a limit to the freedom of everyone. I'm not very convinced this limit is as bad as you are trying to describe, though. Giorgos In yesterday's world anyone could send a physical letter to any address anywhere in the world. I get spam letters through the letter box it is up to me to chuck them in the bin. Why should the internet be different especially when the restrictions on fixed IPs are brought about soleley for commercial interests. If the same protocol was applied to physical mail then we would not have been allowed to send letters unless we had a big building to send it from and all letters would have had to have had a big building sending address. No banning on the grounds of address type is discriminations. Yes bad because there has been specific abuse and ban until the abuse is cleaned up.. but do not ban on type of address!! It would be like saying only the rich could send letters!! David ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Monday 08 September 2008 05:09:03 Giorgos Keramidas wrote: On Mon, 8 Sep 2008 05:21:03 -0700, David Southwell [EMAIL PROTECTED] wrote: If the same protocol was applied to physical mail then we would not have been allowed to send letters unless we had a big building to send it from and all letters would have had to have had a big building sending address. We have a big building; it's called Post Office. Or do you think that someone determined enough cannot monitor where you are sending physical letters? I agree and they do BUT they need a warrant to do so!! That is the safeguard. With the internet no warrant is needed. There is no protection for civil liberties as applies with pohysical mail. David ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Error :Code 1
mohd hilmi mohd salleh wrote: I try to build and install custom kernel.However when i write this command, make buildkernel KERNCONF=MYKERNEL I got this error: ERROR:Missing kernel configuration file(s) (MYKERNEL) Error code 1 Stop in /usr/src Error code 1 Stop in /usr/src Can somebody help me! Thanks, -Hilmi Let me guess, you have been reading the Handbook and taken the instructions *too* literally ;) MYKERNEL is your kernel configuration file, and you should create it yourself by hand, before running the command. You can start with a copy of GENERIC. Better to keep it in your own folder rather than /usr/src/sys/i386/conf. (I assume you use the i386 version) Example (as root): cd /usr/src/sys/i386/conf cp GENERIC /root/MYKERNEL ln -s /root/MYKERNEL . Now edit /root/MYKERNEL and make any changes you wish. Then run your make command. (Note: Typically, you will name it after the machine's hostname rather than MYKERNEL) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
David Southwell: In yesterday's world anyone could send a physical letter to any address anywhere in the world. I get spam letters through the letter box it is up to me to chuck them in the bin. Why should the internet be different especially when the restrictions on fixed IPs are brought about soleley for commercial interests. Because of sheer volume... in yesterday's world one was not able to send thousands of letters in a few seconds for free...or by using services one has not paid for... -- Zbigniew Szalbot www.LCWords.com smime.p7s Description: S/MIME Cryptographic Signature
Re: LVM2 under FreeBSD ?
Le 08/09/2008 à 11:02:05+0200, Wojciech Puchar a écrit Yes of course ZFS is very powerful FS, but I'm not very sure it's ready (on you meant very powerrequiring ;) Yes...but can you say if we have many power (RAM, CPU, etc...) we can use ZFS in production ? Regards. -- Albert SHIH SIO batiment 15 Observatoire de Paris Meudon 5 Place Jules Janssen 92195 Meudon Cedex Heure local/Local time: Lun 8 sep 2008 13:23:01 CEST ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
wmp54g card not recognized
Sorry, email misfired. Please ignore. Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
K-Diamond's New Single
Your Email client is not formated to view HTML emails. We have included the text email of the message. With the success of his street certified club banger Table Dance Dallas,TX based rap artist K-Diamondz reminds us why we all love Hip Hop. Journey with K-Diamondz as he sings a beautiful ballad to his beloved girlfriend on this soon to be hip hop classic Hip Hop Got Me. K-Diamondz insists that he is so in love with Hip Hop he tattooed it on his hand. Drops Booking K-Diamondz Hip Hop Got Me Street Pop Records Street Pop 469-951-0930 [EMAIL PROTECTED] myspace.com/streetpoppromotions http://sharebee.com/abb741b6 THE MIXSHOW BLAST DJ'Z sent this email to [EMAIL PROTECTED] Questions? Contact [EMAIL PROTECTED] or THE MIXSHOW BLAST DJ'Z, c/o FanBridge, Inc. - 295 Greenwich Street, New York, New York 10007, United States Privacy Policy - http://www.FanBridge.com/learn/privacy.php Unsubscribe - http://www.FanBridge.com/unsubscribe/immed.php?userid=61585[EMAIL PROTECTED]confCode=9t3FrF471252ett9a1e6Y9bhrP Update Your Information: http://www.FanBridge.com/signup/fanupdate.php?userid=61585[EMAIL PROTECTED]confCode=9t3FrF471252ett9a1e6Y9bhrP Forward to a friend: http://mixshowblast.fanbridge.com/signup/forward.php?userid=61585sid=76458559cid=478098cc=9t3FrF471252ett9a1e6Y9bhrP This email message is powered by FanBridge: http://www.FanBridge.com/b.php?id=61585 Free Email and Mobile fan list management for bands. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: File system corruption upon reboot with gmirror
Hello, Afaic this only happens on a power loss or otherwise unclean shutdown but I used the reboot command from the shell (in a background (sleep Don't use reboot, use shutdown -r now. I also had the same problem once (had to get physical access to the box to fix it) and it was because of the reboot. Bye, Nejc ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: LVM2 under FreeBSD ?
Le 08/09/2008 à 13:24:51+0200, Wojciech Puchar a écrit Yes of course ZFS is very powerful FS, but I'm not very sure it's ready (on you meant very powerrequiring ;) Yes...but can you say if we have many power (RAM, CPU, etc...) we can use if you just want to waste that power - you probably could. I don't very like the «probably» ;-) IMHO ZFS is something amazing, I'm using it on Solaris, and whe you have ~30 To on the server you cannot use UFS or ext3 or anything to need a fsck (event it's not every time, when one of our linux server need to make his fsck that block everything). So I'm very happy the ZFS is on FreeBSD, and I'm waiting when ZFS become stable and could use in production. All of that to say it's not a «waste that power» for me if ZFS working. Regards. -- Albert SHIH SIO batiment 15 Observatoire de Paris Meudon 5 Place Jules Janssen 92195 Meudon Cedex Téléphone : 01 45 07 76 26 Heure local/Local time: Lun 8 sep 2008 13:26:32 CEST ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [laptop-discuss] wmp54g card not recognized
Here is the output from scanpci: pci bus 0x cardnum 0x00 function 0x00: vendor 0x8086 device 0x254c Intel Corporation E7501 Memory Controller Hub pci bus 0x cardnum 0x02 function 0x00: vendor 0x8086 device 0x2543 Intel Corporation E7500/E7501 Hub Interface B PCI-to-PCI Bridge pci bus 0x cardnum 0x1d function 0x00: vendor 0x8086 device 0x2482 Intel Corporation 82801CA/CAM USB Controller #1 pci bus 0x cardnum 0x1d function 0x01: vendor 0x8086 device 0x2484 Intel Corporation 82801CA/CAM USB Controller #2 pci bus 0x cardnum 0x1d function 0x02: vendor 0x8086 device 0x2487 Intel Corporation 82801CA/CAM USB Controller #3 pci bus 0x cardnum 0x1e function 0x00: vendor 0x8086 device 0x244e Intel Corporation 82801 PCI Bridge pci bus 0x cardnum 0x1f function 0x00: vendor 0x8086 device 0x2480 Intel Corporation 82801CA LPC Interface Controller pci bus 0x cardnum 0x1f function 0x01: vendor 0x8086 device 0x248b Intel Corporation 82801CA Ultra ATA Storage Controller pci bus 0x cardnum 0x1f function 0x03: vendor 0x8086 device 0x2483 Intel Corporation 82801CA/CAM SMBus Controller pci bus 0x0001 cardnum 0x01 function 0x00: vendor 0x8086 device 0x1229 Intel Corporation 82557/8/9/0/1 Ethernet Pro 100 pci bus 0x0002 cardnum 0x1c function 0x00: vendor 0x8086 device 0x1461 Intel Corporation 82870P2 P64H2 I/OxAPIC pci bus 0x0002 cardnum 0x1d function 0x00: vendor 0x8086 device 0x1460 Intel Corporation 82870P2 P64H2 Hub PCI Bridge pci bus 0x0002 cardnum 0x1e function 0x00: vendor 0x8086 device 0x1461 Intel Corporation 82870P2 P64H2 I/OxAPIC pci bus 0x0002 cardnum 0x1f function 0x00: vendor 0x8086 device 0x1460 Intel Corporation 82870P2 P64H2 Hub PCI Bridge pci bus 0x0003 cardnum 0x03 function 0x00: vendor 0x1814 device 0x0301 RaLink RT2561/RT61 802.11g PCI pci bus 0x0003 cardnum 0x06 function 0x00: vendor 0x1002 device 0x5960 ATI Technologies Inc RV280 [Radeon 9200 PRO] pci bus 0x0003 cardnum 0x06 function 0x01: vendor 0x1002 device 0x5940 ATI Technologies Inc RV280 [Radeon 9200 PRO] (Secondary) pci bus 0x0004 cardnum 0x01 function 0x00: vendor 0x8086 device 0x100f Intel Corporation 82545EM Gigabit Ethernet Controller (Copper) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Mon, 8 Sep 2008 05:21:03 -0700, David Southwell [EMAIL PROTECTED] wrote: If the same protocol was applied to physical mail then we would not have been allowed to send letters unless we had a big building to send it from and all letters would have had to have had a big building sending address. We have a big building; it's called Post Office. Or do you think that someone determined enough cannot monitor where you are sending physical letters? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
David Southwell [EMAIL PROTECTED] wrote: Sorry to ask the question here but postfix users mailing list is currently rejecting mails from servers on a dynamic ip address - so I cannot get through to ask a question there. Incidentally, your IP is also listed on several RBLs. -- Sahil Tandon [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: LVM2 under FreeBSD ?
Yes of course ZFS is very powerful FS, but I'm not very sure it's ready (on you meant very powerrequiring ;) Yes...but can you say if we have many power (RAM, CPU, etc...) we can use if you just want to waste that power - you probably could. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Sterlen Roberts New Single My Girl
Your Email client is not formated to view HTML emails. We have included the text email of the message. MIXSHOWBLAST PRESENTS - STERLEN ROBERTS - http://sharebee.com/fbf6493c THE MIXSHOW BLAST DJ'Z sent this email to [EMAIL PROTECTED] Questions? Contact [EMAIL PROTECTED] or THE MIXSHOW BLAST DJ'Z, c/o FanBridge, Inc. - 295 Greenwich Street, New York, New York 10007, United States Privacy Policy - http://www.FanBridge.com/learn/privacy.php Unsubscribe - http://www.FanBridge.com/unsubscribe/immed.php?userid=61585[EMAIL PROTECTED]confCode=9t3FrF471252ett9a1e6Y9bhrP Update Your Information: http://www.FanBridge.com/signup/fanupdate.php?userid=61585[EMAIL PROTECTED]confCode=9t3FrF471252ett9a1e6Y9bhrP Forward to a friend: http://mixshowblast.fanbridge.com/signup/forward.php?userid=61585sid=76458559cid=478105cc=9t3FrF471252ett9a1e6Y9bhrP This email message is powered by FanBridge: http://www.FanBridge.com/b.php?id=61585 Free Email and Mobile fan list management for bands. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: safest way to upgrade a production server
On 8 Sep 2008 , [EMAIL PROTECTED] entreated about freebsd-questions Digest, Vol 232, Issue 1: Hi John So, my first question is, do I really need to do this? yes If so, what is the minimum amount of upgrading I can do to be safe? And how? I track RELENG_7_0 in my source tree, but only build it when I see somehting important in UPDATING. what is important? stuff like,I don't run bind, so can ignore any bind related issues, but I do run Samba and Apache, so if anything effects them, I get right on it. If I need to build world (I have a custom kernel) I can do it anytime, then after it is built (and kernel) I come in on a Saturday and take the server to single user and install world and kernel etc etc, following all the relevant instructions. The thing that can take most time is mergemaster, but so what? on a Saturday that only affects web visitors for half an hour or so. I also think I need to do this using freebsd-update to do a binary update, to upgrade on an errata branch. if you are not running custom kernels then freebsd-update is fantastic. I use it on my 2 print servers, which have almost identicle 'minimal' setups and don't need a custom kernel. I've never done this, so will try upgrading a test system, first. If all goes well, I will give it a whirl on one of the production servers. I have installed all my software from ports, so I do this: - keep the ports tree updated. I wrote a little script that gets called from cron on Monday morning early, that sends me an email telling me what ports have been updated in the last week. this mornings list is 1 2 ipmitool 1 2 mailman 1 4 rsync 1 5 samba 1 9 apcupsd 2 1 lsof 2 10 pear-XML_Parser 4 4 libksba 7 7 libxslt 9 11 pear-Log 10 58 gtk 24 1 png 54 5 apache The numbers are 'required by', and 'requires', giving me an idea of how many things are affected by this upgrade. - following that list, I decide whether to upgrade now or leave it till next week. - to upgrade, I run 'portupgrade -vrR portname' and just fill in the portname from my emailed list. sometimes I do several related ports at the same time, like all php* or lib* - restart any services that were upgraded, in my case usually samba, but sometimes net-snmp and so on. - TEST with some early experiences in having a portupgrade break things, I prefer not to do a 'portupgrade -a', instead doing them one by one and thus seeing all the messages and so on. Note that I do this Monday or Tuesday morning, on a live server with ~25 local users online, and external web service, and have never had a huge problem. A few years ago the horde upgrade broke a lot of stuff, but I fixed it from the backups of the setup files I keep on another server. I tar /etc /usr/local/etc /usr/local/www/horde/config and so on. havn't needed them in ages, but I do it anyway. Frankly, I find this idea terrifying, but I guess it needs to be done. yeah, me too, but it gets easier. keep records of what you have done, and what the results are. makes problem tracking easier. I use a 'sort of a blog' so I can access the information remotely. I used to have the blog on a machine in a different building but that has become impossible, so now it exists on 2 local machines. if the main machine dies I can still see my blog entries for help in fixing it. info on how you set something up is just as important as backups of the machine itself. uname -a FreeBSD ***servername*** 6.3-PRERELEASE FreeBSD 6.3-PRERELEASE #1: Mon Dec 3 09:46:53 EST 2007 [EMAIL PROTECTED]:/usr/obj/usr/ src/sys/INET_ON amd64 oooh, that is a bit old I think. -- DA Fo rsythNetwork Supervisor Principal Technical Officer -- Institute for Water Research http://www.ru.ac.za/institutes/iwr/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Error :Code 1
I try to build and install custom kernel.However when i write this command, make buildkernel KERNCONF=MYKERNEL I got this error: ERROR:Missing kernel configuration file(s) (MYKERNEL) Error code 1 Stop in /usr/src Error code 1 Stop in /usr/src Can somebody help me! Thanks, -Hilmi ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Error :Code 1
On Sun, 7 Sep 2008 22:14:38 -0700 (PDT) mohd hilmi mohd salleh [EMAIL PROTECTED] wrote: I try to build and install custom kernel.However when i write this command, make buildkernel KERNCONF=MYKERNEL I got this error: ERROR:Missing kernel configuration file(s) (MYKERNEL) Error code 1 Your kernel configuration file is missing or has another name. Read: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-building.html Andreas -- GnuPG key : 0x2A573565|http://www.gnupg.org/howtos/de/ Fingerprint: 925D 2089 0BF9 8DE5 9166 33BB F0FD CD37 2A57 3565 pgpS9VJIaglq7.pgp Description: PGP signature
Re: safest way to upgrade a production server
uname -a FreeBSD ***servername*** 6.3-PRERELEASE FreeBSD 6.3-PRERELEASE #1: Mon Dec 3 09:46:53 EST 2007 [EMAIL PROTECTED]:/usr/obj/usr/ src/sys/INET_ON amd64 oooh, that is a bit old I think. I chose this server as an example, because it's the oldest one. I didn't install the OS on this server, the vendor did. Not sure why they chose a prerelease version... perhaps 6.3 was almost ready to go and they wanted to put us on the 6.3 branch? I don't know. Anyway, I guess what I should do is patch this to the latest 6.3 version? Or should I go to the latest 6.x version? I am pretty sure I don't want to experiment with a 7.x upgrade. -- John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
File system corruption upon reboot with gmirror
Hi guys, I recently updated my FreeBSD 6.3 on our server to the latest patch with freebsd-update and seeing that it involved some kernel patches on 64bit I had to reboot. So I carried out an automated reboot during low-load times but alas, the box never came back up again. After gaining physical access to the console I realised that it choked on the unclean /usr file system and was unable to proceed as the automatic fsck failed, prompting for an emergency shell. An fsck -y followed by a reboot sorted out the issue but it caused a good 1.5h of total downtime which should have been only 4min. So, why was the file system unclean even though I rebooted properly? Afaic this only happens on a power loss or otherwise unclean shutdown but I used the reboot command from the shell (in a background (sleep 21600; reboot) but that shouldn't matter). So surely it would have flushed all the buffers in time? Or is the standard 60 seconds it waits maximum for kernel tasks to finish upon reboot too low and it couldn't finish in time (in which case, how do I change that?)? To give you a bit more background, I run a gmirror(8) RAID 1 over two disks whose health seems intact (zero bad gmirror log entries): $ mount /dev/mirror/gm0s1a on / (ufs, local) devfs on /dev (devfs, local) /dev/mirror/gm0s1e on /tmp (ufs, local, soft-updates) /dev/mirror/gm0s1f on /usr (ufs, local, soft-updates) /dev/mirror/gm0s1d on /var (ufs, local, soft-updates) Gunther ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Monday 08 September 2008 05:03:30 Zbigniew Szalbot wrote: David Southwell: In yesterday's world anyone could send a physical letter to any address anywhere in the world. I get spam letters through the letter box it is up to me to chuck them in the bin. Why should the internet be different especially when the restrictions on fixed IPs are brought about soleley for commercial interests. Because of sheer volume... in yesterday's world one was not able to send thousands of letters in a few seconds for free...or by using services one has not paid for... In the past world one paid to send and received for free. That was the deal. In the past people abused the mail system by using forged stamps or freepost labels. There is no difference. I pay for my connection to receive.. and pay for my connection to send. Some people just want to not paly their part in absorbing the risks that go with participation. It is up to us to defend our systems. To classify a whole load of users, the majority of whom are genuine, as invalid users is degrading and discriminatory. My point of viwew -- you are entitled to yours but IMHO not to enforce it!! David ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Postfix issue
Hi Could anyone tell me what entry I should make in postfix configuration files to bounce mails directed to [EMAIL PROTECTED] that emanate from a source outside my local network. Sorry to ask the question here but postfix users mailing list is currently rejecting mails from servers on a dynamic ip address - so I cannot get through to ask a question there. Thanks David ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [FreeBSD 6.3] Right-way to recover a module?
=== # /usr/local/etc/rc.d/zaptel stop zaptelkldunload: can't find file wcte12xp.ko: No such file or directory kldunload: can't find file wcte11xp.ko: No such file or directory kldunload: can't find file wct4xxp.ko: No such file or directory kldunload: can't find file wct1xxp.ko: No such file or directory kldunload: can't unload file: Device busy kldunload: can't find file wcfxo.ko: No such file or directory kldunload: can't find file tau32pci.ko: No such file or directory kldunload: can't find file qozap.ko: No such file or directory kldunload: can't unload file: Device busy is still under the kernel? i am not very sure the location of ko file in freebsd, please check that, according to the error, it reports that the ko files lost. Thanks for any tip. ___ on my machine here: [EMAIL PROTECTED] ~]# pkg_info -L zaptel-1.4.6_7|less Information for zaptel-1.4.6_7: Files: /usr/local/bin/fxo_test /usr/local/bin/fxotune /usr/local/bin/ztcfg /usr/local/bin/ztmonitor /usr/local/bin/zttest /usr/local/bin/zttool /usr/local/etc/zaptel.conf.sample /usr/local/include/zaptel/tonezone.h /usr/local/include/zaptel/zaptel.h /usr/local/lib/libtonezone.a /usr/local/lib/zaptel/linker.hints /usr/local/lib/zaptel/qozap.ko /usr/local/lib/zaptel/tau32pci.ko /usr/local/lib/zaptel/wcfxo.ko /usr/local/lib/zaptel/wcfxs.ko /usr/local/lib/zaptel/wct1xxp.ko /usr/local/lib/zaptel/wct4xxp.ko /usr/local/lib/zaptel/wcte11xp.ko /usr/local/lib/zaptel/wcte12xp.ko /usr/local/lib/zaptel/zaphfc.ko /usr/local/lib/zaptel/zaptel.ko /usr/local/lib/zaptel/ztdummy.ko /usr/local/etc/rc.d/zaptel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
David Southwell [EMAIL PROTECTED] wrote: Could anyone tell me what entry I should make in postfix configuration files to bounce mails directed to [EMAIL PROTECTED] that emanate from a source outside my local network. After permitting your networks in the smtpd_recipient_restrictions, use check_recipient_access to REJECT any messages with an RCPT TO [EMAIL PROTECTED] http://www.postfix.org/postconf.5.html#check_recipient_access http://www.postfix.org/access.5.html -- Sahil Tandon [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Error :Code 1
On Sun, 7 Sep 2008 22:14:38 -0700 (PDT), mohd hilmi mohd salleh [EMAIL PROTECTED] wrote: I try to build and install custom kernel.However when i write this command, make buildkernel KERNCONF=MYKERNEL I got this error: ERROR:Missing kernel configuration file(s) (MYKERNEL) Error code 1 Stop in /usr/src Error code 1 Stop in /usr/src Can somebody help me! Check if your kernel configuration file is named MYKERNEL and is located in /usr/src/sys/i386/conf (in case you're using x86). You may have chosen another name? Pay attention to case sensitivity, MyKerNel != MYKERNEL. :-) -- Polytropon From Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
State of 3d video, which vendor has best support?
Hi all, I'm about to build a new pc, the first in quite a few years. My problem is that I can't find out if I should choose a 3D chipset from Intel, Ati, or nVidia. What's the state of support, track record, and such for these nowadays? I'm planning to use FreeBSD (duh) mainly as a quad-core, dual-headed, desktop workstation, but would very much like to be able to play the occasional BZFlag (call me oldschool). Which vendor I choose will affect my options for motherboard and (onboard/separate) video, which will affect my choice of CPU, and so on. So this seems to be a fundamental question, but I can't find an authoritative guide to 3D in FreeBSD. Any tips? :o) KlaymenDK -- 010\001\111 -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: switching discs during install
Hey, James Strother, if i'm on the same wavelength with you on this, god knows how many times my pc almost made it out the window with this swapping thingy. don't know if this helps a bit at this point to at least save some energy. Well _last _ thing first --- i finally downloaded the dvd, which is well worth it in the long run ( from mini if i recall, plus someone here gave a link ), but if you have a slow connection or download limits, it is a bit hard to suggest that at the moment since 7.1 is around the corner and i'm not sure if that means new discs with latest packages will be available anyway. Apart from that, i am very much new to fbsd, but did quite a few fresh installs before i found my best setup, so here are a few points that made life easier for me. Firstly, which shouldn't be new - cd1 has the base system, source and ports tree, and Xorg. After that kde for instance, can be entirely installed from cd2 ( which i am most familiar with); and i always just do one package or *chunk* at a time. But i just used to install cd1 (base, src/ports, and xorg), reboot without installing packages, copy the packages directory off cd2 to my hard disc under /home and then still use sysinstall to add them from there - by selecting from an existing filesystem' instead of from CD/DVD. But this never gave my trouble since kde is entirely on cd2. To add cd3 might need fixing the index file for sysinstall to work - not sure; but using pkg_add should work from the hard disk. This is just in case you need to reinstall, but i know it does not solve what you hoped for; which i think is still not so straightforward. Here is a basic idea of what i can make of the swapping discs thing. eg. Gnome as the basic meta-port is mainly on cd2 - (i think!). However, i remember coming across a part in the porter's handbook that recommends dependencies, for any given port, be listed alphabetically. So say apache (e.g.) was added as a gnome dependency, (maybe not directly - say depend of a depend) but it is not actually a part of the meta-port, and most probably on cd3-- then it still gets added/installed alphabetically or just before the package that needs it. ( I had noticed some roughly alphabetical order once that made me think that - unless i was hallucinating). I hope this makes sense - even if it not the case - because i am in a rush and i had to comment as this had bugged me alot. Still, even the dvd packages (which are the same version as on the cds with 7-release) are pretty much all outdated now, besides the fact that you will have to build them all from ports, since packages are only available for Stable. I actually built kde4.1 twice from scratch before realising it was easier to upgrade to 7Stable, then add packages using portupgrade -NP -- which saves a local copy of all downloaded packages under /usr/ports/packages/All, and saved my lots of time later. It works better than pkg_add -rK; which only saves the package you ask for and none of the downloaded dependencies. Sorry if i made a mess of this right now. i'm finally up to date right now with all my packages and running 7.1 prerelease, so will see what happens with 7.1 release before i bother making my own dvd with latest packages. phew. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: State of 3d video, which vendor has best support?
On Monday 08 September 2008, KlaymenDK wrote: I'm about to build a new pc, the first in quite a few years. My problem is that I can't find out if I should choose a 3D chipset from Intel, Ati, or nVidia. What's the state of support, track record, and such for these nowadays? This is becoming a FAQ. You should be able to find some good information in a couple of relatively recent threads. The nutshell summary (in my opinion, from memory) is this: nVidia support is good w/ the binary driver on i386. Not available on amd64 ati support is great for hardware supported by radeon(4x). The manpage has a pretty good list. Better support for fancier cards (hd, etc) is coming but not quite all the way there intel support is very good. Not quite as many souped-up options but modern onboard intel graphics are more than adequate for almost anything, including many games. Personally I would look for Intel gfx in a laptop and a well-supported ATI card for a desktop. I'm planning to use FreeBSD (duh) mainly as a quad-core, dual-headed, desktop workstation, but would very much like to be able to play the occasional BZFlag (call me oldschool). Which vendor I choose will affect my options for motherboard and (onboard/separate) video, which will affect my choice of CPU, and so on. So this seems to be a fundamental question, but I can't find an authoritative guide to 3D in FreeBSD. JN ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
cvsup.uk.freebsd.org down
I just noticed this cvs server is down I've switched to cvsup2 which seems fine for now, I presume any updates to 2 are not dependent on cvsup.uk.freebsd being up? thanks Paul. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Sendmail become open relay
Hi guys need help.. My mailserver become an open relay. Unknown user can now send mail. snippet from mailq m88C8iWq042874 689 Mon Sep 8 20:08 [EMAIL PROTECTED] (Deferred: Name server: mx1.mail.tw.yahoo.com.: host name loo) [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] I don't have user 'osxch' and there others can also send.. best regars thnx alydio ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Sendmail become open relay
This might be more general advice than a specific help, but i've found most bad mail originating from me comes from php driven forum sites. After originally patching the php src to log sitenames that send mail, i found enabling MAILHEAD support in php build adds customs headers which help to identify the site anyway. I plan on adding a milter to pick these up dynamically, but for now, it helps identify sites from stuck items in mailq. i.e a grep into mailq for X-PHP-Script /var/spool/mqueue/qfm83AltWj045560:H??X-PHP-Script: www.siteonserver.com/signup.php for x.101.27.178 Its easy to spot dubious scripts as the ip is commonly the same. gd luck. Paul. lyd mc wrote: Hi guys need help.. My mailserver become an open relay. Unknown user can now send mail. snippet from mailq m88C8iWq042874 689 Mon Sep 8 20:08 [EMAIL PROTECTED] (Deferred: Name server: mx1.mail.tw.yahoo.com.: host name loo) [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] I don't have user 'osxch' and there others can also send.. best regars thnx alydio ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- http://www.ifdnrg.com *Ultra fast and secure web hosting Live and on demand video streaming Custom online Solutions * *Paul Macdonald* Director [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] www.ifdnrg.com http://www.ifdnrg.com *IFDNRG* 127 Rose St South Lane, Edinburgh, EH2 4BB 0044.(0)131.2257470 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: switching discs during install
On Sun, Sep 07, 2008 at 07:06:03AM -0400, Randy Pratt wrote: On Sun, 7 Sep 2008 10:22:37 +0100 Mike Clarke [EMAIL PROTECTED] wrote: On Sunday 07 September 2008, James Strother wrote: That said, I still think that as long as the freebsd foundation distributes CD images it would be worthwhile to make them as effective as possible. Actually, even if the install were moved to a DVD, the ordered install I proposed would still improve the situation. When the packages are haphazardly ordered on the disc, the CD/DVD reader is forced to perform a large number of seeks that dramatically reduces data throughput. When they are read in order, read rates should be much better. They might not be as haphazard as you suggest. ISTR once reading that the CDs were arranged with the most popular packages on the first CD so that you would only need to download disk 2 (and 3) if you wanted some of the less common packages. With your suggested layout it's quite likely that a package which most of the others depend on would be right down at the bottom of the list with the result that you'd invariably need to download all 3 CD images. I think the best way to avoid the need for frequent CD switching would be for sysinstall to sort the list of selected packages into CD order before installing them. I imagine this would require some changes to pkg_add to prevent it from installing dependencies and I expect the possible benefits would not be considered to be sufficient to justify the effort. Another way to avoid switching CDs is to select an FTP server for installing packages. This also avoids downloading bits you don't need or want. I think the OP mentioned having a difficult or slow internet connection as being part of the reason for the question/comment. Although I enjoy having a 100MB line to my office into a 10GB backbone, still not all people are that fortunate and I don't even have a good line at home where I am still stuck with dialup (so I drag my machine in to the office for installs). jerry There is another discussion: http://docs.freebsd.org/cgi/mid.cgi?1220762797.29265.43.camel which would address the disk swapping by removing all the packages from disc1 and providing a DVD of packages that could be used after installation. HTH, Randy -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ssh
joeb [EMAIL PROTECTED] writes: In FreeBSD 6.2 and older the port SSH listened on was controlled by /etc/services. Now in 7.0 SSH no longer looks at /etc/services to find out what port to listen on. Is this by design or error in the move to a newer release of SSH? I hadn't noticed that sshd had *ever* used that file for that purpose. It can be explicitly configured for a variety of address/port configurations, using the Port and ListenAddress configurations in the sshd_config file. Or overridden on the command line. I recommend you leave the services file standard and modify the config file, because that's how other admins would expect you to have done it anyway. When it comes to security through obscurity don't be so fast to shoot it down. On my system port 22 was receiving over 700 scans or login attempts a day. Changing the SSH to use xx22 port stopped all the high school and college script kiddies cold. Now I only get maybe 5 hits on my xx22 port every 3 months. I would word it a little differently. I don't think of changing the ssh port as providing security at all: what it does is allows you to put less effort into providing (roughly) the same security. Still a desirable goal. -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org/~lowell/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
joomla15-1.5.3 has known vulnerabilities:
Hi all one of the co-locatin customer want to use joomla(lestest version 15) i want to install from port but i ve taken this error [EMAIL PROTECTED] /usr/ports/www/joomla15]# make install clean === joomla15-1.5.3 has known vulnerabilities: = joomla -- flaw in the reset token validation. Reference: http://www.FreeBSD.org/ports/portaudit/8514b6e7-6f0f-11dd-b3db-001c2514716c.html = Please update your ports tree and try again. *** Error code 1 Stop in /usr/ports/www/joomla15. [EMAIL PROTECTED] /usr/ports/www/joomla15]# port is updated firstly it would install i patch it but not install -- Share now a pigeon's flight Bluebound along the ancient skies, Its women forever hair and mammal, A Mediterranean town may arise If you rip apart a pigeon's heart. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: file root partition
On Sun, Sep 07, 2008 at 05:39:27PM -0400, Nicholas Langford wrote: Hello all, File named YES appears in root partition. Ive searched but nothing online...any ideas? Sounds like you answered yes to something that was actually looking for some file name, maybe as tmp space. Look what is inside of it. If it is junk, get ride of it. jerry thanks Nicholas ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: joomla15-1.5.3 has known vulnerabilities:
tethys ocean [EMAIL PROTECTED] writes: Hi all one of the co-locatin customer want to use joomla(lestest version 15) i want to install from port but i ve taken this error [EMAIL PROTECTED] /usr/ports/www/joomla15]# make install clean === joomla15-1.5.3 has known vulnerabilities: = joomla -- flaw in the reset token validation. Reference: http://www.FreeBSD.org/ports/portaudit/8514b6e7-6f0f-11dd-b3db-001c2514716c.html = Please update your ports tree and try again. *** Error code 1 Stop in /usr/ports/www/joomla15. [EMAIL PROTECTED] /usr/ports/www/joomla15]# port is updated firstly it would install i patch it but not install If you have patched to fix the vulnerability, then you can just disable portaudit. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
changing network interface names
hi- i have a computer with 2 ethernet interfaces (a dell poweredge 2900) on which the interface names are transposed logically versus physically (e.g. the interface labelled ethernet 1 is named bce1 and the interface labelled ethernet 2 is labelled bce0). how can i change this, aside from using the ifconfig name argument? thanks -ben ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: changing network interface names
On Sep 8, 2008, at 11:24 AM, benjamin thielsen wrote: hi- i have a computer with 2 ethernet interfaces (a dell poweredge 2900) on which the interface names are transposed logically versus physically (e.g. the interface labelled ethernet 1 is named bce1 and the interface labelled ethernet 2 is labelled bce0). how can i change this, aside from using the ifconfig name argument? thanks -ben Ben, The manpage for rc.conf includes the following example: It is also possible to rename interface by doing: ifconfig_ed0_name=net0 ifconfig_net0=inet 10.0.0.1 netmask 0x Obviously you can also do this manually w/ ifconfig, but I suspect hat you'd like this change to occurr everytime you restart. Cheers, Mikel King CEO, Olivent Technologies Senior Editor, Daemon News Columnist, BSD Magazine 6 Alpine Court Medford, NY 11763 http://www.olivent.com http://www.daemonnews.org http://www.bsdmag.org http://www.jafdip.com skype: mikel.king t: 631.627.3055 m: 646.554.3660 +--+ Do You know where your towel is? +--+ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Sendmail become open relay
On Sep 8, 2008, at 7:26 AM, Paul Macdonald wrote: This might be more general advice than a specific help, but i've found most bad mail originating from me comes from php driven forum sites. After originally patching the php src to log sitenames that send mail, i found enabling MAILHEAD support in php build adds customs headers which help to identify the site anyway. I plan on adding a milter to pick these up dynamically, but for now, it helps identify sites from stuck items in mailq. i.e a grep into mailq for X-PHP-Script /var/spool/mqueue/qfm83AltWj045560:H??X-PHP-Script: www.siteonserver.com/signup.php for x.101.27.178 Its easy to spot dubious scripts as the ip is commonly the same. gd luck. Paul. I was thinking somewhat the same thing. It can be the leveraging of any scripts if the server is a web server of any sort. Spammers test every possible crack against your scripts. While you attempt to find which is being leveraged, you can minimize the damage by using the MAX_RCPTS_PER_MESSAGE within sendmail. It allows you to catch and destroy their use of your system prior to much mail going out. You set this value to 2 and it's impossible to send in one pass to more than two recipients. Monitoring your mailq will allow you to see quickly if someone has got your number. This will help keep you off BLs while you tighten your security. lyd mc wrote: Hi guys need help.. My mailserver become an open relay. Unknown user can now send mail. snippet from mailq m88C8iWq042874 689 Mon Sep 8 20:08 [EMAIL PROTECTED] (Deferred: Name server: mx1.mail.tw.yahoo.com.: host name loo) [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] I don't have user 'osxch' and there others can also send.. best regars thnx alydio ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions- [EMAIL PROTECTED] -- http://www.ifdnrg.com *Ultra fast and secure web hosting Live and on demand video streaming Custom online Solutions * *Paul Macdonald* Director [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] www.ifdnrg.com http://www.ifdnrg.com *IFDNRG* 127 Rose St South Lane, Edinburgh, EH2 4BB 0044.(0)131.2257470 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions- [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
openoffice spadmin doesn't install fonts
Ok, this used to work ... I'm using oo 2.4.0 on release-7.0-p3. Using the add fonts menu in spadmin, it copies the TT font files into /usr/local/openoffice.org-2.4.0/share/fonts but they never show up in the font menu in the writer. Does anyone know? Does this have something to do with fontconfig? Thanks, Rich ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
HW recommendations for light weight server
I know that this is pretty far off topic, but I'm asking anyway. I need to purchase/rebuild a relatively light-weight server for a small LAN. It will run a small MySQL server, DNS, DHCP, nagios, LDAP, syslog-ng and a few other things, serving only a LAN. My previous box running this was a cheapo Fry's reject. I went through two power supplies on that one, before I gave up on it. My current box is an HP Pavilion Slimline s3220n http://h10025.www1.hp.com/ewfrf/wc/document?docname=c01154947lc=endlc=encc=uslang=enproduct=3548659 that I got at a CompUSA fire sale. Although it is still running, the case near the power supply is very hot to the touch and it is giving off a terrible stench. CPU temperatures are perfectly fine, but I'm taking the smell as a very bad sign. That machine came with many things that I don't use (DVD burner (only used during FreeBSD installation), TV tuner, Wireless, etc) so they shouldn't be drawing any power. I need something that will run 24/7 in an environment that can sometimes get up to 30C. (I live in Texas, and try not to over do the air conditioning.) Something with an amd64 architecture would make the transition easier, since I might be able to use my current disk. So any thoughts or recommendations will be welcome. If people wish to email me off list, I'll provide a summary of responses. Cheers, -j -- Jeffrey Goldberghttp://www.goldmark.org/jeff/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: how do I disable the generation of XOFFs when using tip over aserial port to another device
-Original Message- From: Wayne Sierke [mailto:[EMAIL PROTECTED] Sent: Saturday, September 06, 2008 1:12 AM To: Jeff Haran Cc: freebsd-questions@freebsd.org Subject: Re: how do I disable the generation of XOFFs when using tip over aserial port to another device On Fri, 2008-09-05 at 12:20 -0700, Jeff Haran wrote: Dear Sirs, I have connected one of the RS232 ports of my PC with FreeBSD (v6.3) on it to a device that does not understand XON/XOFF flow control. I run the tip program to connect to that device. How do I configure tip and/or the serial port so that the FreeBSD PC will NOT send XOFFs or XONs to the device? When I run: stty -a -f /dev/cuad0 where /dev/cuad0 is the device associated with the port, it outputs (among other things): iflags: ... ixon -ixoff ... From my reading of the stty man page, I would think that means the port is already configured to not send XOFFs. Is there something I need to do to /etc/remote to tell tip to not enable XON/XOFF? Please respond to this email address as I do not subscribe to the mailing list. Thanks, Jeff Haran Hi Jeff, I think there might be a problem with the man page for tip(1) on 6.x, as an entry for 'tandem' was added to the tip sources about 2 years ago. It's in the 7.x man page as you can see at: http://www.freebsd.org/cgi/man.cgi?query=tipmanpath=FreeBSD+7 .0-RELEASEformat=html in 'Variables'. 'tandem' shows up in a variable listing (~v) in tip on a 6.x system I have here but I don't have an appropriate set up at hand to verify that it operates correctly. Let us know how you go with it. If it works for you then a PR would be in order. Wayne [1] Extract from the tip(1) man page on 7.x: tandem (bool) Use XON/XOFF flow control to throttle data from the remote host; abbreviated ta. The default value is true unless the nt capability has been specified in /etc/remote, in which case the default value is false. Wayne, Thanks for the response. After I sent the original email, I found the tandem variable in the tip source code and toggling it off did indeed disable the generation of XOFFs. It would have been easier if tandem had been documented in the 6.3 man pages. It would also be convenient if there was some way to set these tip varibles non-interactively (e.g. via a command line option, .rc file or some such thing). I am using tip in an expect script to automate a test case and coding the expect script to generate the ~s escape sequence to turn tandem off was something less than straight forward. Jeff Haran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPFW uid logging...
Hey all, I have the following rule set up in ipfw to limit the exposure of bad php scripts and trojans that try to send mail directly. allow tcp from any to any dst-port 25 uid root deny log tcp from any to any dst-port 25 out However, the log messages I get look like this: Sep 8 13:21:11 security.info prime kernel: ipfw: 610 Deny TCP 72.9.101.130:58117 209.85.133.114:25 out via em0 Sep 8 13:21:16 security.info prime kernel: ipfw: 610 Deny TCP 72.9.101.130:56672 202.12.31.144:25 out via em0 Sep 8 13:21:16 security.info prime kernel: ipfw: 610 Deny TCP 72.9.101.130:58131 209.85.133.27:25 out via em0 Sep 8 13:21:28 security.info prime kernel: ipfw: 610 Deny TCP 72.9.101.130:58117 209.85.133.114:25 out via em0 Sep 8 13:21:32 security.info prime kernel: ipfw: 610 Deny TCP 72.9.101.130:58131 209.85.133.27:25 out via em0 Sep 8 13:22:45 security.info prime kernel: ipfw: 610 Deny TCP 72.9.101.130:65313 64.202.166.12:25 out via em0 Sep 8 13:22:45 security.info prime kernel: ipfw: 610 Deny TCP 72.9.101.130:65313 64.202.166.12:25 out via em0 Sep 8 13:22:46 security.info prime kernel: ipfw: 610 Deny TCP 72.9.101.130:65313 64.202.166.12:25 out via em0 Sep 8 13:22:49 security.info prime kernel: ipfw: 610 Deny TCP 72.9.101.130:65313 64.202.166.12:25 out via em0 Which is to say, they don't include the UID -- and I have several hundred sites, each with its own UID. Yes, I could go ahead and set up a thousand deny rules, one for each UID -- but being able to log this info (since it IS being checked) would be great. Thoughts? -Dan Mahoney -- Dan Mahoney Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: how do I disable the generation of XOFFs when using tip over aserial port to another device
On Mon, 2008-09-08 at 10:50 -0700, Jeff Haran wrote: -Original Message- From: Wayne Sierke [mailto:[EMAIL PROTECTED] Sent: Saturday, September 06, 2008 1:12 AM To: Jeff Haran Cc: freebsd-questions@freebsd.org Subject: Re: how do I disable the generation of XOFFs when using tip over aserial port to another device On Fri, 2008-09-05 at 12:20 -0700, Jeff Haran wrote: Dear Sirs, I have connected one of the RS232 ports of my PC with FreeBSD (v6.3) on it to a device that does not understand XON/XOFF flow control. I run the tip program to connect to that device. How do I configure tip and/or the serial port so that the FreeBSD PC will NOT send XOFFs or XONs to the device? When I run: stty -a -f /dev/cuad0 where /dev/cuad0 is the device associated with the port, it outputs (among other things): iflags: ... ixon -ixoff ... From my reading of the stty man page, I would think that means the port is already configured to not send XOFFs. Is there something I need to do to /etc/remote to tell tip to not enable XON/XOFF? Please respond to this email address as I do not subscribe to the mailing list. Thanks, Jeff Haran Hi Jeff, I think there might be a problem with the man page for tip(1) on 6.x, as an entry for 'tandem' was added to the tip sources about 2 years ago. It's in the 7.x man page as you can see at: http://www.freebsd.org/cgi/man.cgi?query=tipmanpath=FreeBSD+7 .0-RELEASEformat=html in 'Variables'. 'tandem' shows up in a variable listing (~v) in tip on a 6.x system I have here but I don't have an appropriate set up at hand to verify that it operates correctly. Let us know how you go with it. If it works for you then a PR would be in order. Wayne [1] Extract from the tip(1) man page on 7.x: tandem (bool) Use XON/XOFF flow control to throttle data from the remote host; abbreviated ta. The default value is true unless the nt capability has been specified in /etc/remote, in which case the default value is false. Wayne, Thanks for the response. After I sent the original email, I found the tandem variable in the tip source code and toggling it off did indeed disable the generation of XOFFs. It would have been easier if tandem had been documented in the 6.3 man pages. It would also be convenient if there was some way to set these tip varibles non-interactively (e.g. via a command line option, .rc file or some such thing). I am using tip in an expect script to automate a test case and coding the expect script to generate the ~s escape sequence to turn tandem off was something less than straight forward. Jeff Haran I encountered exactly the same situation just recently when I set up cu to monitor a serial console from another box. I'd like to be able to unset beautify and set the script and record variables on startup but couldn't see how it might be done other than patching the source. In your case, however, it seems you're in luck. Take another look at that last sentence in the description of 'tandem'. You should be able to add the 'nt' (presumably, no tandem) capability to /etc/remote. Wayne ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Can't start MySQL 5.0.67
I've got a server running FreeBSD7 and got MySQL 5.0.67 installed on it today. I ran mysql_install_db and then assigned the root password. I tried to get it running on boot (mysql_enable=YES) and by hand (/usr/local/etc/rc.d/mysql-server start) but I can't get the daemon to start. What else do I need to do to get this working? - Joe _ Stay up to date on your PC, the Web, and your mobile phone with Windows Live. http://clk.atdmt.com/MRT/go/msnnkwxp1020093185mrt/direct/01/___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: switching discs during install
Jerry McAllister wrote: On Sun, Sep 07, 2008 at 07:06:03AM -0400, Randy Pratt wrote: On Sun, 7 Sep 2008 10:22:37 +0100 Mike Clarke [EMAIL PROTECTED] wrote: On Sunday 07 September 2008, James Strother wrote: That said, I still think that as long as the freebsd foundation distributes CD images it would be worthwhile to make them as effective as possible. Actually, even if the install were moved to a DVD, the ordered install I proposed would still improve the situation. When the packages are haphazardly ordered on the disc, the CD/DVD reader is forced to perform a large number of seeks that dramatically reduces data throughput. When they are read in order, read rates should be much better. They might not be as haphazard as you suggest. ISTR once reading that the CDs were arranged with the most popular packages on the first CD so that you would only need to download disk 2 (and 3) if you wanted some of the less common packages. With your suggested layout it's quite likely that a package which most of the others depend on would be right down at the bottom of the list with the result that you'd invariably need to download all 3 CD images. I think the best way to avoid the need for frequent CD switching would be for sysinstall to sort the list of selected packages into CD order before installing them. I imagine this would require some changes to pkg_add to prevent it from installing dependencies and I expect the possible benefits would not be considered to be sufficient to justify the effort. Another way to avoid switching CDs is to select an FTP server for installing packages. This also avoids downloading bits you don't need or want. I think the OP mentioned having a difficult or slow internet connection as being part of the reason for the question/comment. Although I enjoy having a 100MB line to my office into a 10GB backbone, still not all people are that fortunate and I don't even have a good line at home where I am still stuck with dialup (so I drag my machine in to the office for installs). jerry There is another discussion: http://docs.freebsd.org/cgi/mid.cgi?1220762797.29265.43.camel which would address the disk swapping by removing all the packages from disc1 and providing a DVD of packages that could be used after installation. HTH, Randy -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Aloha, Slow internet is an unforunate fact of life. Here in Hawaii we have many military installations and many times they down load or up load satellite or other images that hog our Trans Oceanic band width. I have a 3 meg download line and it is excellent most of the time. However, when there are certain missions or satellite tests going on it slows things noticably. I have found that by using the Australian Mirrors can help from here or trying one of the less popular mirrors from MIT or one of the Canadian ones can really speed up down loads. I Make a copy of CD 1 FreeBSD and then load a minimal install (with ports). Then down load from a FreeBSD server anything else I need for the server or desktop I am setting up. And select one of the ftp mirrors that is normally not too choked. Best of luck. ~Al Plant - Honolulu, Hawaii - Phone: 808-284-2740 + http://hawaiidakine.com + http://freebsdinfo.org + + http://aloha50.net - Supporting - FreeBSD 6.* - 7.* - 8.* + email: [EMAIL PROTECTED] All that's really worth doing is what we do for others.- Lewis Carrol ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: which gray is best for print?
On Sep 7, 2008, at 6:22 PM, Bernt Hansson wrote: Polytropon skrev: Anyway, the best reading contrast - black on white - No. The best contrast is light yellow background with black letters. I play around with terminal colors occasionally (a great time waster) but the main colors I care about in a terminal are my vim color scheme... those looks best in a black on white terminal. I know because for years I used a white on black terminal, but always had a hard time seeing the dark blue on black... it finally dawned on me that it would look a lot better if I had a white background (duh!) I guess you could create your own color schemes for everything, but I don't have that kind of time! -- John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
freebsd 7.0 and jail
Hello: I am trying to build jails on 7.0 system and got errors: / Installing everything -- cd /usr/src; make -f Makefile.inc1 install === share/info (install) === lib (install) === lib/csu/i386-elf (install) gcc -O2 -fno-strict-aliasing -pipe -I/usr/src/lib/csu/i386-elf/../common -I/usr/src/lib/csu/i386-elf/../../libc/include -Wsystem-headers -Wall -Wno-format-y2k -W -Wno-unused-parameter -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Wreturn-type -Wcast-qual -Wwrite-strings -Wswitch -Wshadow -Wcast-align -Wunused-parameter -Wchar-subscripts -Winline -Wnested-externs -Wredundant-decls -Wno-pointer-sign -c crt1.c gcc:No such file or directory *** Error code 1 Stop in /usr/src/lib/csu/i386-elf. *** Error code 1 Stop in /usr/src/lib. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. *** Error code 1 /// looks like the code of jail is broken, did anyone have similar problem? I am working in an environment that is able to use freebsd-update script. Thanks in Advance ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Can't start MySQL 5.0.67
On Monday 08 September 2008, Joe Tseng said: I've got a server running FreeBSD7 and got MySQL 5.0.67 installed on it today. I ran mysql_install_db and then assigned the root password. I tried to get it running on boot (mysql_enable=YES) and by hand (/usr/local/etc/rc.d/mysql-server start) but I can't get the daemon to start. What else do I need to do to get this working? - Joe Check the logfiles in /var/db/mysql, they will usually tell you what it's choking on. My first guess without more info would be you probably don't have something configured correctly. Beech -- --- Beech Rintoul - FreeBSD Developer - [EMAIL PROTECTED] /\ ASCII Ribbon Campaign | FreeBSD Since 4.x \ / - NO HTML/RTF in e-mail | http://people.freebsd.org/~beech X - NO Word docs in e-mail | Skype: akbeech / \ - http://www.FreeBSD.org/releases/7.0R/announce.html --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: HW recommendations for light weight server
Jeffrey Goldberg wrote: I know that this is pretty far off topic, but I'm asking anyway. I need to purchase/rebuild a relatively light-weight server for a small LAN. It will run a small MySQL server, DNS, DHCP, nagios, LDAP, syslog-ng and a few other things, serving only a LAN. My previous box running this was a cheapo Fry's reject. I went through two power supplies on that one, before I gave up on it. My current box is an HP Pavilion Slimline s3220n http://h10025.www1.hp.com/ewfrf/wc/document?docname=c01154947lc=endlc=encc=uslang=enproduct=3548659 that I got at a CompUSA fire sale. Although it is still running, the case near the power supply is very hot to the touch and it is giving off a terrible stench. CPU temperatures are perfectly fine, but I'm taking the smell as a very bad sign. That machine came with many things that I don't use (DVD burner (only used during FreeBSD installation), TV tuner, Wireless, etc) so they shouldn't be drawing any power. I need something that will run 24/7 in an environment that can sometimes get up to 30C. (I live in Texas, and try not to over do the air conditioning.) Something with an amd64 architecture would make the transition easier, since I might be able to use my current disk. So any thoughts or recommendations will be welcome. If people wish to email me off list, I'll provide a summary of responses. Cheers, -j Aloha, My servers are housed in a shed. I have louvers at the top and bottom so the laws of convection work well. I have had hot powersupplies at times. I usually change them to a heavy duty one mostly taken from cast off military or HP boxes. This usually solves the problem nicely. Also in every one of my servers I added a big fan over and above the ones that come with the box. (I dont have to worry about noise with the servers since that are in the outside shed). For reference: I live in a uplands area on Oahu where our night temperatures is in the upper 60's (18c) and in the fall the daytime can be in the low 90's (35c) ~Al Plant - Honolulu, Hawaii - Phone: 808-284-2740 + http://hawaiidakine.com + http://freebsdinfo.org + + http://aloha50.net - Supporting - FreeBSD 6.* - 7.* - 8.* + email: [EMAIL PROTECTED] All that's really worth doing is what we do for others.- Lewis Carrol ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPFW uid logging...
In the last episode (Sep 08), Dan Mahoney, System Admin said: I have the following rule set up in ipfw to limit the exposure of bad php scripts and trojans that try to send mail directly. allow tcp from any to any dst-port 25 uid root deny log tcp from any to any dst-port 25 out However, the log messages I get look like this: Sep 8 13:21:11 security.info prime kernel: ipfw: 610 Deny TCP 72.9.101.130:58117 209.85.133.114:25 out via em0 Sep 8 13:21:16 security.info prime kernel: ipfw: 610 Deny TCP 72.9.101.130:56672 202.12.31.144:25 out via em0 Which is to say, they don't include the UID -- and I have several hundred sites, each with its own UID. Yes, I could go ahead and set up a thousand deny rules, one for each UID -- but being able to log this info (since it IS being checked) would be great. It should be possible to add a couple more arguments to ipfw_log() so that ipfw_chk() can pass it the ugid_lookup flag and a pointer to the fw_ugid_cache struct. Then you can edit ipfw_log to print the contents of that struct if ugid_lookup==1. That would result in the logging of uid for any failed packet that had to go through a uid check on the way to the deny rule. -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: safest way to upgrade a production server
On 9/8/08, John Almberg [EMAIL PROTECTED] wrote: uname -a FreeBSD ***servername*** 6.3-PRERELEASE FreeBSD 6.3-PRERELEASE #1: Mon Dec 3 09:46:53 EST 2007 [EMAIL PROTECTED]:/usr/obj/usr/ src/sys/INET_ON amd64 oooh, that is a bit old I think. I chose this server as an example, because it's the oldest one. I didn't install the OS on this server, the vendor did. Not sure why they chose a prerelease version... perhaps 6.3 was almost ready to go and they wanted to put us on the 6.3 branch? I don't know. I had the same problem, except I was the vendor. Set up a system with 6.3-PRERELEASE for testing, then forgot it wasn't -RELEASE and put it in production. Anyway, I guess what I should do is patch this to the latest 6.3 version? My strategy was to do a source-base upgrade to 6.3-RELEASE, and then use freebsd-update to apply critical patches. Freebsd-update only works on -RELEASE versions with generic kernels, but I find it much faster and easier than trying to do upgrades from source. You also need to keep track of ports that need updating: use portaudit for that. Or should I go to the latest 6.x version? I am pretty sure I don't want to experiment with a 7.x upgrade. I believe 6.3 is the latest 6.x version. For now the thing to do is get to an up-to-date 6.3 system. Then take your time figuring out the best strategy for the transition to 7.x. - Bob ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Can FreeBSD6.3 Generic Kernels Mount a Linux EXT3 FS?
The subject line is the question. I am not sure if it isn't working because I am using the wrong nomenclature for the file system I need to mount or if I need to do some more to the kernel which, right now, is just the standard FreeBSD generic build which usually has everything one normally needs. Thank you. Martin McCormick WB5AGZ Stillwater, OK ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Can't start MySQL 5.0.67
So I checked in that directory you suggested and I found this: 080908 13:35:05 mysqld started 080908 13:35:05 [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted to 4294967295 080908 13:35:05 [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted to 4294967295 080908 13:35:05 InnoDB: Operating system error number 13 in a file operation. InnoDB: The error means mysqld does not have the access rights to InnoDB: the directory. InnoDB: File name ./ibdata1 InnoDB: File operation call: 'create'. InnoDB: Cannot continue operation. 080908 13:35:05 mysqld ended So my questions are: 1. What directory is it referring to? Is it /var/db/mysql by default? I just tried to give ownership using chown -R mysql /var/db/mysql but that made no difference. 2. I've read also for this kind of issue I have to reinstall the software... When I initially installed this from ports I didn't use any kind of extra parameters. Are they needed? From: [EMAIL PROTECTED] To: freebsd-questions@freebsd.org Date: Mon, 8 Sep 2008 10:56:48 -0800 CC: [EMAIL PROTECTED] Subject: Re: Can't start MySQL 5.0.67 On Monday 08 September 2008, Joe Tseng said: I've got a server running FreeBSD7 and got MySQL 5.0.67 installed on it today. I ran mysql_install_db and then assigned the root password. I tried to get it running on boot (mysql_enable=YES) and by hand (/usr/local/etc/rc.d/mysql-server start) but I can't get the daemon to start. What else do I need to do to get this working? - Joe Check the logfiles in /var/db/mysql, they will usually tell you what it's choking on. My first guess without more info would be you probably don't have something configured correctly. Beech -- --- Beech Rintoul - FreeBSD Developer - [EMAIL PROTECTED] /\ ASCII Ribbon Campaign | FreeBSD Since 4.x \ / - NO HTML/RTF in e-mail | http://people.freebsd.org/~beech X - NO Word docs in e-mail | Skype: akbeech / \ - http://www.FreeBSD.org/releases/7.0R/announce.html --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] _ Want to do more with Windows Live? Learn “10 hidden secrets” from Jamie. http://windowslive.com/connect/post/jamiethomson.spaces.live.com-Blog-cns!550F681DAD532637!5295.entry?ocid=TXT_TAGLM_WL_domore_092008___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Kill NFS connection
Is there a way to kill an NFS connection to a server that's stopped responding? When I try to simply unmount it, I get a never-ending stream of server not responding messages. (Using FreeBSD 6.2, BTW.) Thanks, Patrick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Can't start MySQL 5.0.67
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe Tseng wrote: So I checked in that directory you suggested and I found this: 080908 13:35:05 mysqld started 080908 13:35:05 [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted to 4294967295 080908 13:35:05 [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted to 4294967295 080908 13:35:05 InnoDB: Operating system error number 13 in a file operation. InnoDB: The error means mysqld does not have the access rights to InnoDB: the directory. InnoDB: File name ./ibdata1 InnoDB: File operation call: 'create'. InnoDB: Cannot continue operation. 080908 13:35:05 mysqld ended So my questions are: 1. What directory is it referring to? Is it /var/db/mysql by default? I just tried to give ownership using chown -R mysql /var/db/mysql but that made no difference. 2. I've read also for this kind of issue I have to reinstall the software... When I initially installed this from ports I didn't use any kind of extra parameters. Are they needed? From: [EMAIL PROTECTED] To: freebsd-questions@freebsd.org Date: Mon, 8 Sep 2008 10:56:48 -0800 CC: [EMAIL PROTECTED] Subject: Re: Can't start MySQL 5.0.67 On Monday 08 September 2008, Joe Tseng said: I've got a server running FreeBSD7 and got MySQL 5.0.67 installed on it today. I ran mysql_install_db and then assigned the root password. I tried to get it running on boot (mysql_enable=YES) and by hand (/usr/local/etc/rc.d/mysql-server start) but I can't get the daemon to start. What else do I need to do to get this working? - Joe Check the logfiles in /var/db/mysql, they will usually tell you what it's choking on. My first guess without more info would be you probably don't have something configured correctly. Beech Hi Joe, Do you have a my.cnf file anywhere? If so, look for the following options and make sure that the directories they are set to are also accessible by the mysql user: innodb_data_home_dir innodb_data_file_path If that doesn't work, I often use truss (http://www.freebsd.org/cgi/man.cgi?query=trussapropos=0sektion=0manpath=FreeBSD+7.0-RELEASEformat=html) to debug permissions issues like this. You'll usually be able to tell from its output what syscall generates an EACCES and causes MySQL to fail. Regards, Greg - -- Greg Larkin http://www.FreeBSD.org/ - The Power To Serve http://www.sourcehosting.net/ - Ready. Set. Code. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIxX4k0sRouByUApARAsKWAJ9kXqvPltMfS8GE3GQWHKey1CxXZQCghwNz zzA4qQBzxZqci87+bufKCto= =rMlL -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Can't start MySQL 5.0.67
On Monday 08 September 2008, Joe Tseng said: So I checked in that directory you suggested and I found this: 080908 13:35:05 mysqld started 080908 13:35:05 [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted to 4294967295 080908 13:35:05 [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted to 4294967295 080908 13:35:05 InnoDB: Operating system error number 13 in a file operation. InnoDB: The error means mysqld does not have the access rights to InnoDB: the directory. InnoDB: File name ./ibdata1 InnoDB: File operation call: 'create'. InnoDB: Cannot continue operation. 080908 13:35:05 mysqld ended So my questions are: 1. What directory is it referring to? Is it /var/db/mysql by default? I just tried to give ownership using chown -R mysql /var/db/mysql but that made no difference. 2. I've read also for this kind of issue I have to reinstall the software... When I initially installed this from ports I didn't use any kind of extra parameters. Are they needed? Yes, the /var/db/mysql dir needs to be readable and writeable by mysql. Try the following: chown -R mysql:mysql /var/db/mysql. The error is telling you that innodb can't create /var/db/mysql/ibdata1. After fixing permissions, you may need to do another initdb. Beech From: [EMAIL PROTECTED] To: freebsd-questions@freebsd.org Date: Mon, 8 Sep 2008 10:56:48 -0800 CC: [EMAIL PROTECTED] Subject: Re: Can't start MySQL 5.0.67 On Monday 08 September 2008, Joe Tseng said: I've got a server running FreeBSD7 and got MySQL 5.0.67 installed on it today. I ran mysql_install_db and then assigned the root password. I tried to get it running on boot (mysql_enable=YES) and by hand (/usr/local/etc/rc.d/mysql-server start) but I can't get the daemon to start. What else do I need to do to get this working? - Joe Check the logfiles in /var/db/mysql, they will usually tell you what it's choking on. My first guess without more info would be you probably don't have something configured correctly. Beech -- --- Beech Rintoul - FreeBSD Developer - [EMAIL PROTECTED] /\ ASCII Ribbon Campaign | FreeBSD Since 4.x \ / - NO HTML/RTF in e-mail | http://people.freebsd.org/~beech X - NO Word docs in e-mail | Skype: akbeech / \ - http://www.FreeBSD.org/releases/7.0R/announce.html --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Can't start MySQL 5.0.67
Yeah that was it... The chown -R mysql:mysql /var/db/mysql was what did it... Thx to all for the help. - Joe From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: Mon, 8 Sep 2008 11:46:02 -0800 CC: freebsd-questions@freebsd.org Subject: Re: Can't start MySQL 5.0.67 On Monday 08 September 2008, Joe Tseng said: So I checked in that directory you suggested and I found this: 080908 13:35:05 mysqld started 080908 13:35:05 [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted to 4294967295 080908 13:35:05 [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted to 4294967295 080908 13:35:05 InnoDB: Operating system error number 13 in a file operation. InnoDB: The error means mysqld does not have the access rights to InnoDB: the directory. InnoDB: File name ./ibdata1 InnoDB: File operation call: 'create'. InnoDB: Cannot continue operation. 080908 13:35:05 mysqld ended So my questions are: 1. What directory is it referring to? Is it /var/db/mysql by default? I just tried to give ownership using chown -R mysql /var/db/mysql but that made no difference. 2. I've read also for this kind of issue I have to reinstall the software... When I initially installed this from ports I didn't use any kind of extra parameters. Are they needed? Yes, the /var/db/mysql dir needs to be readable and writeable by mysql. Try the following: chown -R mysql:mysql /var/db/mysql. The error is telling you that innodb can't create /var/db/mysql/ibdata1. After fixing permissions, you may need to do another initdb. Beech From: [EMAIL PROTECTED] To: freebsd-questions@freebsd.org Date: Mon, 8 Sep 2008 10:56:48 -0800 CC: [EMAIL PROTECTED] Subject: Re: Can't start MySQL 5.0.67 On Monday 08 September 2008, Joe Tseng said: I've got a server running FreeBSD7 and got MySQL 5.0.67 installed on it today. I ran mysql_install_db and then assigned the root password. I tried to get it running on boot (mysql_enable=YES) and by hand (/usr/local/etc/rc.d/mysql-server start) but I can't get the daemon to start. What else do I need to do to get this working? - Joe Check the logfiles in /var/db/mysql, they will usually tell you what it's choking on. My first guess without more info would be you probably don't have something configured correctly. Beech -- --- Beech Rintoul - FreeBSD Developer - [EMAIL PROTECTED] /\ ASCII Ribbon Campaign | FreeBSD Since 4.x \ / - NO HTML/RTF in e-mail | http://people.freebsd.org/~beech X - NO Word docs in e-mail | Skype: akbeech / \ - http://www.FreeBSD.org/releases/7.0R/announce.html --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] _ See how Windows connects the people, information, and fun that are part of your life. http://clk.atdmt.com/MRT/go/msnnkwxp1020093175mrt/direct/01/___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: changing network interface names
On Sep 08, 2008, at 12.03, Mikel King wrote: On Sep 8, 2008, at 11:24 AM, benjamin thielsen wrote: hi- i have a computer with 2 ethernet interfaces (a dell poweredge 2900) on which the interface names are transposed logically versus physically (e.g. the interface labelled ethernet 1 is named bce1 and the interface labelled ethernet 2 is labelled bce0). how can i change this, aside from using the ifconfig name argument? thanks -ben Ben, The manpage for rc.conf includes the following example: It is also possible to rename interface by doing: ifconfig_ed0_name=net0 ifconfig_net0=inet 10.0.0.1 netmask 0x Obviously you can also do this manually w/ ifconfig, but I suspect hat you'd like this change to occurr everytime you restart. Cheers, Mikel King hi- thanks for the reply. is there no other way aside from ifconfig? i was hoping for a mechanism to say something like this device at pci address X should be considered the first interface or such. pciconf - w seemed like it might be suitable, but i'm not quite sure how one would go about that. my goal is to be able to do it earlier in the boot process, and avoid playing musical interface names with ifconfig if i want to retain the existing naming convention. there must be some logic that relates to which interface is picked up or labelled first, no? thanks -ben ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPFW uid logging...
On Mon, 8 Sep 2008, Dan Nelson wrote: In the last episode (Sep 08), Dan Mahoney, System Admin said: I have the following rule set up in ipfw to limit the exposure of bad php scripts and trojans that try to send mail directly. allow tcp from any to any dst-port 25 uid root deny log tcp from any to any dst-port 25 out However, the log messages I get look like this: Sep 8 13:21:11 security.info prime kernel: ipfw: 610 Deny TCP 72.9.101.130:58117 209.85.133.114:25 out via em0 Sep 8 13:21:16 security.info prime kernel: ipfw: 610 Deny TCP 72.9.101.130:56672 202.12.31.144:25 out via em0 Which is to say, they don't include the UID -- and I have several hundred sites, each with its own UID. Yes, I could go ahead and set up a thousand deny rules, one for each UID -- but being able to log this info (since it IS being checked) would be great. It should be possible to add a couple more arguments to ipfw_log() so that ipfw_chk() can pass it the ugid_lookup flag and a pointer to the fw_ugid_cache struct. Then you can edit ipfw_log to print the contents of that struct if ugid_lookup==1. That would result in the logging of uid for any failed packet that had to go through a uid check on the way to the deny rule. Okay, so if it's fairly easy to do, the question would be since I don't feel right hacking in this change myself -- how could I propose this as a feature? It's not a BUG per-se, but I think it could be useful to others as well. -Dan -- Pika Pika Pika! -Pikachu, of Pokemon fame. Dan Mahoney Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
logcheck doesn't work anymore
Hi, After upgrading logcheck from 1.1.1 to 1.2.54 I suddenly get errors of logcheck not working correctly: ... Warning: If you are seeing this message, your log files may not have been checked! Details: Could not run logtail or save output Check temporary directory: /tmp/logcheck.6IZZmq Also verify that the logcheck user can read all files referenced in /etc/logcheck/logcheck.logfiles! declare -x HOME=/var/lib/logcheck declare -x LOGNAME=logcheck declare -x MAILTO=root declare -x OLDPWD declare -x PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin declare -x PWD=/var/lib/logcheck declare -x SHELL=/bin/sh declare -x SHLVL=1 declare -x USER=logcheck ... In version 1.1.1 there was a script logcheck.sh in cron that ran every hour but that doesn't seem to exist anymore. Trying to run logcheck manually results in: ... logcheck should not be run as root. Use su to invoke logcheck: su logcheck -c /usr/local/bin/bash /usr/local/sbin/logcheck Or use sudo: sudo -u logcheck logcheck. ... But this doesn't seem to do anything. How can I use logcheck again? Thanks, Marco -- If I want your opinion, I'll ask you to fill out the necessary form. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
7-stable-amd64 on ibm x86-64 daughter card
I'm running 7-stable on an x86-64 card in an ibm server and was wondering if anyone else was, or in a similar environment, and has IO errors on the shared disk. The errors do not happen all the time, not even under heavy load, it seems to be at random. Shared disk presents itself as an LSI scsi disk. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: logcheck doesn't work anymore
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Marco Beishuizen wrote: Hi, After upgrading logcheck from 1.1.1 to 1.2.54 I suddenly get errors of logcheck not working correctly: ... Warning: If you are seeing this message, your log files may not have been checked! Details: Could not run logtail or save output Check temporary directory: /tmp/logcheck.6IZZmq Also verify that the logcheck user can read all files referenced in /etc/logcheck/logcheck.logfiles! declare -x HOME=/var/lib/logcheck declare -x LOGNAME=logcheck declare -x MAILTO=root declare -x OLDPWD declare -x PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin declare -x PWD=/var/lib/logcheck declare -x SHELL=/bin/sh declare -x SHLVL=1 declare -x USER=logcheck ... In version 1.1.1 there was a script logcheck.sh in cron that ran every hour but that doesn't seem to exist anymore. Trying to run logcheck manually results in: ... logcheck should not be run as root. Use su to invoke logcheck: su logcheck -c /usr/local/bin/bash /usr/local/sbin/logcheck Or use sudo: sudo -u logcheck logcheck. ... But this doesn't seem to do anything. How can I use logcheck again? Thanks, Marco Hi Marco, I recently committed the upgrade to logcheck, and I am looking into your problem now. I'll post back here with details once I've figured it out. Regards, Greg - -- Greg Larkin http://www.FreeBSD.org/ - The Power To Serve http://www.sourcehosting.net/ - Ready. Set. Code. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIxZRT0sRouByUApARAvMHAJ9329VDm8MF+6jK+3X1eRZuiuoHaQCePUyg BgkTBztxSWYkH2zozSfTiPI= =ipnk -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Problems with portsdb -Uu on FreeBSD 6.3
Hi people. Well I have time locking for a solution for this problem I have, I have googling around and have not found a solution, I have 2 serves running FreeBSD 6.1/6.2, normally I update my ports tree each day, but I already stop doing that because I still cannot fix the problems with the commmand: portsdb -Uu, each time I run that command on both servers I receive this error: Updating the ports index ... Generating INDEX.tmp - please wait..Makefile, line 56: Could not find bsd.port.options.mk make: fatal errors encountered -- cannot continue === sysutils/apcupsd failed *** Error code 1 I try to follow some sites solutions but no luck, I remove the port portupgrade and install again but again no luck, download the Index file, etc, etc, today I build a server, fresh install, update my ports with portsnap, them run the portsdb -Uu and again the same error. This could not be the sync of the server and my files, because the last time I try to sync my servers this was the same error I got today. I don't know if this is the only way we can have our ports sync: portsnap fetch portsnap update portsdb -Uu ? This is my normal commands I use to sync my ports, maybe I am wrong please confirm this if I'am wrong, but the error appear right in my server, what could I do to fix this error? I have seen other people with the same error and no solution yet. sysutils/apcupsd failed Thanks all for your time!!! FreeBSD 6.3-Release!!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Community Connect Europe 2008 - New Information
Dear , The celebration of the launch of Connect, Your Independent HP Business Technology Community, at HP Technology Forum Expo 2008 continues...this time in Mannheim, Germany. Exhibit now and come face-to-face with an anticipated 1,000 delegates who will participate in the first independent event hosted by the new organisation -- Community Connect Europe 2008 -- taking place 10-12 November. [1]Submit your application by 12 September and your company will be highlighted in the second distribution of the Community Connect Europe 2008 Advance Programme which is sent to more than 12,000 members. The consolidation of Connect means more members, more customers, more users, more networking opportunities, more exposure and more for you as an exhibitor! The event will provide the traditional HP NonStop content that previous ITUG Europe attendees have come to expect while promising to deliver more technical education from HP users from across many more HP enterprise platforms, including OpenVMS, HP-UX, Integrity, and Blades. Download the [2]Community Connect Europe 2008 Advance Programme a nd read why you will not want to miss this first-ever event to capitalise on the opportunity to gather in one place and showcase your products and service in front of HP users and customers in the HP enterprise technology arena that are there to learn about your business. To sign-up as an exhibitor and/or sponsor please download the [3]Exhibit and Sponsorship Programme or contact [4]Sara Kolovitz or +1.312.673.4779 Community Connect Europe 2008 [5]www.communityconnecteurope.org If you would like to opt out of all future Community Connect e-mail correspondence, please send an e-mail with opt out in the subject line to [EMAIL PROTECTED] References Visible links 1. http://www.communityconnecteurope.org/Exhibitors/index.cfm 2. http://lists.connect-community.org/t/740743/27611589/52726/0/ 3. http://www.communityconnecteurope.org/Exhibitors/Prospectus.pdf 4. file://localhost/tmp/[EMAIL PROTECTED] 5. http://lists.connect-community.org/t/740743/27595734/52467/0/ 6. mailto:[EMAIL PROTECTED] Hidden links: 7. http://lists.connect-community.org/t/740743/27595734/52466/0/ 8. http://lists.connect-community.org/t/740743/27595734/52469/0/ 9. http://lists.connect-community.org/t/740743/27595734/52470/0/ 10. http://lists.connect-community.org/t/740743/27595734/52471/0/ 11. http://lists.connect-community.org/t/740743/27595734/52472/0/ 12. http://lists.connect-community.org/t/740743/27595734/52473/0/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problems with portsdb -Uu on FreeBSD 6.3
-- From: perikillo [EMAIL PROTECTED] Sent: Monday, September 08, 2008 5:41 PM To: FreeBSD Mailing List freebsd-questions@freebsd.org Subject: Problems with portsdb -Uu on FreeBSD 6.3 Hi people. Well I have time locking for a solution for this problem I have, I have googling around and have not found a solution, I have 2 serves running FreeBSD 6.1/6.2, normally I update my ports tree each day, but I already stop doing that because I still cannot fix the problems with the commmand: portsdb -Uu, each time I run that command on both servers I receive this error: Updating the ports index ... Generating INDEX.tmp - please wait..Makefile, line 56: Could not find bsd.port.options.mk make: fatal errors encountered -- cannot continue === sysutils/apcupsd failed *** Error code 1 CVSUP your tree to straighten it out. I noticed that portsnap will not fix damaged/missing files. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Can't start MySQL 5.0.67
Joe Tseng wrote: Yeah that was it... The chown -R mysql:mysql /var/db/mysql was what did it... Thx to all for the help. - Joe [snip] Look in /usr/local/share/mysql for my.cnf examples you can use for tuning your install. One thing that bit me once was the location of the my.cnf changed. I used to keep it in /var/db/mysql but found after one particular upgrade it seemed like it wasn't being read any longer. That was because the FreeBSD port install's new default location changed to /usr/local/etc. -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
On Mon, 8 Sep 2008 05:35:14 -0700 David Southwell [EMAIL PROTECTED] wrote: I agree and they do BUT they need a warrant to do so!! That is the safeguard. With the internet no warrant is needed. There is no protection for civil liberties as applies with pohysical mail. First of all, this is not a civil liberties issue. Are you so naive that you honestly believe that by using a dynamic IP rather than securing a static one or using your hosts mail service that you have made the interception and viewing of your mail by someone other than its intended recipient impossible? Furthermore, what are you transmitting that makes you so paranoid? Why not just use some form of encryption if you are so paranoid? Your claim of civil liberties is bogus. Consider the rights of other users, in this case the Postfix mailing list, that does not want to be inundated with SPAM and accordingly blocks mail from sites that fail authentication tests. In your case, reverse DNS. -- Gerard [EMAIL PROTECTED] She won' go Warp 7, Cap'n! The batteries are dead! signature.asc Description: PGP signature
Re: Problems with portsdb -Uu on FreeBSD 6.3
On Mon, Sep 8, 2008 at 6:12 PM, Sean Cavanaugh [EMAIL PROTECTED] wrote: -- From: perikillo [EMAIL PROTECTED] Sent: Monday, September 08, 2008 5:41 PM To: FreeBSD Mailing List freebsd-questions@freebsd.org Subject: Problems with portsdb -Uu on FreeBSD 6.3 Hi people. Well I have time locking for a solution for this problem I have, I have googling around and have not found a solution, I have 2 serves running FreeBSD 6.1/6.2, normally I update my ports tree each day, but I already stop doing that because I still cannot fix the problems with the commmand: portsdb -Uu, each time I run that command on both servers I receive this error: Updating the ports index ... Generating INDEX.tmp - please wait..Makefile, line 56: Could not find bsd.port.options.mk make: fatal errors encountered -- cannot continue === sysutils/apcupsd failed *** Error code 1 CVSUP your tree to straighten it out. I noticed that portsnap will not fix damaged/missing files. Portsnap will if you do extract. It WONT if you do update. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix issue
David Southwell wrote: I pay for my connection to receive.. and pay for my connection to send. Some people just want to not paly their part in absorbing the risks that go with participation. It is up to us to defend our systems. Your server, your rules. You can whitelist or blacklist anyone you choose. The downside is that so can everybody else; your lack of non-generic rDNS means that mail to my server (alcatraz.sequestered.net) will bounce if not smarthosted through somewhere that has a static IP and properly configured DNS. This was deemed an acceptable threshold on my box when I was selecting anti-spam mechanisms. If you're that concerned about privacy, use GPG/PGP and request a key exchange. What's more is that I've applied that same metric at several employers, ranging from mid-sized businesses to universities. My previous (and current!) employers were familiar with all sides of the argument and ultimately decided to reject mail from dynamic address pools to combat spam. Complaining about it doesn't do much good, since (as previously stated) their server, their rules. To classify a whole load of users, the majority of whom are genuine, as invalid users is degrading and discriminatory. The majority of users smarthost their mail. If you want to retain control, drop the $15 a month on a VPS somewhere with a static IP, configure DNS correctly, and be your own smarthost; I did this for a while before I upgraded to a static IP at home. My point of viwew -- you are entitled to yours but IMHO not to enforce it!! Ah, but on my server I can enforce whatever makes the most sense for my userbase; my responsibility is to them, not to you. -- Jay Chandler / KB1JWQ Living Legend / Systems Exorcist Today's Excuse: multicasts on broken packets ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problems with portsdb -Uu on FreeBSD 6.3
http://www.freebsd.org/doc/en/books/handbook/portsnap.html I supposes that portsnap extract have to run just once, latter u have to just run portsnap fetch portsnap update? Sean, u say that I better mix cvsup + portsnap? This is normal? This would not broke my tree? Right now I already run cvsup and is running portsdb -Uu, I will let u know what happend, thanks!!! On Mon, Sep 8, 2008 at 3:19 PM, Schiz0 [EMAIL PROTECTED] wrote: On Mon, Sep 8, 2008 at 6:12 PM, Sean Cavanaugh [EMAIL PROTECTED] wrote: -- From: perikillo [EMAIL PROTECTED] Sent: Monday, September 08, 2008 5:41 PM To: FreeBSD Mailing List freebsd-questions@freebsd.org Subject: Problems with portsdb -Uu on FreeBSD 6.3 Hi people. Well I have time locking for a solution for this problem I have, I have googling around and have not found a solution, I have 2 serves running FreeBSD 6.1/6.2, normally I update my ports tree each day, but I already stop doing that because I still cannot fix the problems with the commmand: portsdb -Uu, each time I run that command on both servers I receive this error: Updating the ports index ... Generating INDEX.tmp - please wait..Makefile, line 56: Could not find bsd.port.options.mk make: fatal errors encountered -- cannot continue === sysutils/apcupsd failed *** Error code 1 CVSUP your tree to straighten it out. I noticed that portsnap will not fix damaged/missing files. Portsnap will if you do extract. It WONT if you do update. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problems with portsdb -Uu on FreeBSD 6.3
-- From: perikillo [EMAIL PROTECTED] Sent: Monday, September 08, 2008 7:25 PM To: FreeBSD Mailing List freebsd-questions@freebsd.org Subject: Re: Problems with portsdb -Uu on FreeBSD 6.3 http://www.freebsd.org/doc/en/books/handbook/portsnap.html I supposes that portsnap extract have to run just once, latter u have to just run portsnap fetch portsnap update? Sean, u say that I better mix cvsup + portsnap? This is normal? This would not broke my tree? Right now I already run cvsup and is running portsdb -Uu, I will let u know what happend, thanks!!! I've never fully trusted portsnap. I do run portsnap fetch before every portupgrade but I always follow it up with CVSUP and I usually find some more files that get changed anyway. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problems with portsdb -Uu on FreeBSD 6.3
This cannot be possible: Updating the ports index ... Generating INDEX.tmp - please wait..Makefile, line 56: Could not find bsd.port.options.mk make: fatal errors encountered -- cannot continue === sysutils/apcupsd failed *** Error code 1 Again!!! Now, this could be a bug or what? I follow your instructions Sean and look again the same error, same port!!! This is my ports-supfile *default host=cvsup10.FreeBSD.org *default base=/var/db *default prefix=/usr *default release=cvs tag=. *default delete use-rel-suffix *default compress ## Ports Collection. ports-all This is my make.conf CPUTYPE?=pentium4 #NO_CPU_CFLAGS= # Don't add -march=cpu to CFLAGS automatically #NO_CPU_COPTFLAGS= # Don't add -march=cpu to COPTFLAGS automatically # CFLAGS= -O -pipe # CXXFLAGS+= -fconserve-space # MAKE_SHELL?=sh # BDECFLAGS= -W -Wall -ansi -pedantic -Wbad-function-cast -Wcast-align \ -Wcast-qual -Wchar-subscripts -Winline \ -Wmissing-prototypes -Wnested-externs -Wpointer-arith \ -Wredundant-decls -Wshadow -Wstrict-prototypes -Wwrite-strings COPTFLAGS= -O -pipe # Mtree will follow symlinks MTREE_FOLLOWS_SYMLINKS= -L # To enable installing ssh(1) with the setuid bit turned on ENABLE_SUID_SSH= #ENABLE_SUID_NEWGRP= # # To avoid building various parts of the base system: NO_ACPI=# do not build acpiconf(8) and related programs NO_ATM= # do not build ATM related programs and libraries #NO_AUTHPF= # do not build and install authpf (setuid/gid) NO_BLUETOOTH= # do not build Bluetooth related stuff #NO_BOOT= # do not build boot blocks and loader #NO_CRYPT= # do not build any crypto code #NO_CVS=# do not build CVS #NO_CXX=# do not build C++ and friends NO_DICT=# do not build the Webster dictionary files #NO_DYNAMICROOT=# do not link /bin and /sbin dynamically #NO_FORTRAN=# do not build g77 and related libraries NO_GAMES= # do not build games (games/ subdir) #NO_GDB=# do not build GDB #NO_GPIB= # do not build GPIB support NO_I4B= # do not build isdn4bsd package NO_INET6= # do not build IPv6 related programs and libraries #NO_INFO= # do not make or install info files NO_IPFILTER=# do not build IP Filter package #NO_KERBEROS= # do not build and install Kerberos 5 (KTH Heimdal) #NO_LIBC_R= # do not build libc_r (re-entrant version of libc) #NO_LIBPTHREAD= # do not build libpthread (M:N threading library) #NO_LIBTHR= # do not build libthr (1:1 threading library) #NO_LPR=# do not build lpr and related programs #NO_MAILWRAPPER=# do not build the mailwrapper(8) MTA selector #NO_MAN=# do not build manual pages #NO_MODULES=# do not build modules with the kernel #NO_NETCAT= # do not build netcat #NO_NIS=# do not build NIS support and related programs. # # If NO_NIS is set, you might need to adopt your # # nsswitch.conf(5) and remove `nis' entries. #NO_NLS_CATALOGS= # do not build NLS catalog support for csh(1) #NO_OBJC= # do not build Objective C support #NO_OPENSSH=# do not build OpenSSH #NO_OPENSSL=# do not build OpenSSL (implies NO_KERBEROS/NO_OPENSSH) NO_PF= # do not build PF firewall package #NO_PROFILE=# Avoid compiling profiled libraries NO_RCMDS= # do not build or install BSD r* commands (rsh, etc). #NO_SENDMAIL= # do not build sendmail and related programs #NO_SHARE= # do not go into the share subdir #NO_SHARED= # build /bin and /sbin statically linked (bad idea) NO_SHAREDOCS= # do not build the 4.4BSD legacy docs #NO_TCSH= # do not build and install /bin/csh (which is tcsh) #NO_TOOLCHAIN= # do not build programs for program development NO_USB= # do not build usbd(8) and related programs # # Variables that control how ppp(8) is built. PPP_NO_NAT= # do not build with NAT support (see make.conf(5)) PPP_NO_NETGRAPH=# do not build with Netgraph support PPP_NO_RADIUS= # do not build with RADIUS support PPP_NO_SUID=# build with normal permissions # TRACEROUTE_NO_IPSEC=# do not build traceroute(8) with IPSEC support NO_BIND=# Do not build any part of BIND #NO_BIND_DNSSEC=# Do not build dnssec-keygen, dnssec-signzone #NO_BIND_ETC= # Do not install files to /etc/namedb #NO_BIND_LIBS_LWRES=# Do not install the lwres library #NO_BIND_MTREE= # Do not run mtree to create chroot directories #NO_BIND_NAMED= # Do not build named, rndc, lwresd, etc. #NO_BIND_UTILS= # Do not build dig, host, nslookup, nsupdate
Re: Problems with portsdb -Uu on FreeBSD 6.3
perikillo wrote: http://www.freebsd.org/doc/en/books/handbook/portsnap.html I supposes that portsnap extract have to run just once, latter u have to just run portsnap fetch portsnap update? Sean, u say that I better mix cvsup + portsnap? This is normal? This would not broke my tree? Right now I already run cvsup and is running portsdb -Uu, I will let u know what happend, thanks!!! [snip] Unless you have a specific overriding reason to do -Uu you might want to try -uF instead. It's what I use and it's always worked. In fact, this is what I do to see if I need an upgrade: csup -L 2 ports portsdb -uF pkgdb -u portversion But since I have never used portsnap don't really know anything about it. -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problems with portsdb -Uu on FreeBSD 6.3
I have been trying a lot of things, I want to start again, I think I just need to delete /usr/ports? Let me read again the manual and see those Flags. I remember that the first time u run portsdb the manuals recommend to sue Uu, but let read the manual page, I will back soon!!! Thanks all for your support!!! On Mon, Sep 8, 2008 at 5:26 PM, Michael Powell [EMAIL PROTECTED]wrote: perikillo wrote: http://www.freebsd.org/doc/en/books/handbook/portsnap.html I supposes that portsnap extract have to run just once, latter u have to just run portsnap fetch portsnap update? Sean, u say that I better mix cvsup + portsnap? This is normal? This would not broke my tree? Right now I already run cvsup and is running portsdb -Uu, I will let u know what happend, thanks!!! [snip] Unless you have a specific overriding reason to do -Uu you might want to try -uF instead. It's what I use and it's always worked. In fact, this is what I do to see if I need an upgrade: csup -L 2 ports portsdb -uF pkgdb -u portversion But since I have never used portsnap don't really know anything about it. -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPFW uid logging...
On Mon, Sep 08, 2008 at 04:03:29PM -0400, Dan Mahoney, System Admin wrote: On Mon, 8 Sep 2008, Dan Nelson wrote: In the last episode (Sep 08), Dan Mahoney, System Admin said: I have the following rule set up in ipfw to limit the exposure of bad php scripts and trojans that try to send mail directly. allow tcp from any to any dst-port 25 uid root deny log tcp from any to any dst-port 25 out However, the log messages I get look like this: Sep 8 13:21:11 security.info prime kernel: ipfw: 610 Deny TCP 72.9.101.130:58117 209.85.133.114:25 out via em0 Sep 8 13:21:16 security.info prime kernel: ipfw: 610 Deny TCP 72.9.101.130:56672 202.12.31.144:25 out via em0 Which is to say, they don't include the UID -- and I have several hundred sites, each with its own UID. Yes, I could go ahead and set up a thousand deny rules, one for each UID -- but being able to log this info (since it IS being checked) would be great. It should be possible to add a couple more arguments to ipfw_log() so that ipfw_chk() can pass it the ugid_lookup flag and a pointer to the fw_ugid_cache struct. Then you can edit ipfw_log to print the contents of that struct if ugid_lookup==1. That would result in the logging of uid for any failed packet that had to go through a uid check on the way to the deny rule. Okay, so if it's fairly easy to do, the question would be since I don't feel right hacking in this change myself -- how could I propose this as a feature? It's not a BUG per-se, but I think it could be useful to others as well. send-pr it. Category=kern, Class=change-request. Reference this thread in the Fix section: http://lists.freebsd.org/pipermail/freebsd-hackers/2008-September/025920.html FWIW, I think it's also a good idea. The output formatting of the log line might need to be adjusted carefully though, since any programs which grep on a very strict regex will start failing. I'm inclined to recommend the string , UID xxx be appended to the existing string, e.g. Sep 8 13:21:11 security.info prime kernel: ipfw: 610 Deny TCP 72.9.101.130:58117 209.85.133.114:25 out via em0, UID 6592 -- | Jeremy Chadwickjdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Can FreeBSD6.3 Generic Kernels Mount a Linux EXT3 FS?
My thanks to a member of this list who showed me what I was doing wrong. in an example, the command is mount -t ext2fs /dev/[yourstoragedevicename] /mnt I had originally been typing -t ext2 which equals nothing to FreeBSD. Martin McCormick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Can FreeBSD6.3 Generic Kernels Mount a Linux EXT3 FS?
Martin McCormick wrote: My thanks to a member of this list who showed me what I was doing wrong. in an example, the command is mount -t ext2fs /dev/[yourstoragedevicename] /mnt I had originally been typing -t ext2 which equals nothing to FreeBSD. Martin McCormick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] lol, i could say something about it not being anything to freebsd... cheers mate mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Virtual machines hosted on FreeBSD 7
I have a FreeBSD 7 release I wanted to use as a host for virtual machines. What software is anyone else using to host virtual machines under FreeBSD? I'd just like to here what has worked, or what has not worked. I find it easier to find a solution asking for real world experiences. Thanks for your help. -Derek [EMAIL PROTECTED] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Can FreeBSD6.3 Generic Kernels Mount a Linux EXT3 FS?
The GENERIC kernel maybe have no ext2fs module. You can install it by: cd /usr/src/sys/module/ext2fs make make install clean and load the module kldload ext2fs If you do not have mount_ext2fs tool: cd /usr/src/sbin/mount_ext2fs make make install clean then, try to mount the ext2 partition. On Tue, Sep 9, 2008 at 10:38 AM, Martin McCormick [EMAIL PROTECTED] wrote: My thanks to a member of this list who showed me what I was doing wrong. in an example, the command is mount -t ext2fs /dev/[yourstoragedevicename] /mnt I had originally been typing -t ext2 which equals nothing to FreeBSD. Martin McCormick ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Virtual machines hosted on FreeBSD 7
Derek Ragona wrote: I have a FreeBSD 7 release I wanted to use as a host for virtual machines. What software is anyone else using to host virtual machines under FreeBSD? I'd just like to here what has worked, or what has not worked. I find it easier to find a solution asking for real world experiences. Thanks for your help. -Derek [EMAIL PROTECTED] In my honest opinion, there aren't many good ways of doing what I think you're wanting. VMware is a no go for now, or probably any time soon. I don't think virtualbox is running on freebsd yet. You could use jails, for just other freebsd installs, not really a VM so to speak. bochs is crap for this purpose, simics doesn't run on it worth a crap either. If I were you, I would use something else. say a hypervisor running on bare hardware, ie: VMware ESX, or similar. I would say xen if it was ready, but I don't think it is. Cheers Mate, Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: {Spam?} Re: Virtual machines hosted on FreeBSD 7
At 10:37 PM 9/8/2008, Michael wrote: Derek Ragona wrote: I have a FreeBSD 7 release I wanted to use as a host for virtual machines. What software is anyone else using to host virtual machines under FreeBSD? I'd just like to here what has worked, or what has not worked. I find it easier to find a solution asking for real world experiences. Thanks for your help. -Derek [EMAIL PROTECTED] In my honest opinion, there aren't many good ways of doing what I think you're wanting. VMware is a no go for now, or probably any time soon. I don't think virtualbox is running on freebsd yet. You could use jails, for just other freebsd installs, not really a VM so to speak. bochs is crap for this purpose, simics doesn't run on it worth a crap either. If I were you, I would use something else. say a hypervisor running on bare hardware, ie: VMware ESX, or similar. I would say xen if it was ready, but I don't think it is. Cheers Mate, Mike Mike, Thanks for the quick response. I had seen that there are a lot of non-working virtual machine implementations. It seems a shame that as well as FreeBSD runs there are no ways to run a VM on it. -Derek -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
how can i use ISO-8859-1??
Guys, This is one of the I've-been-meaning-to-ask questions; but other things keep happening that took precedence. Now it's time to ask what are the voodoo commands to set up in my ~/.zshrc or other initiation files (probably including my muttrc) that will let me print to stdout, characters like the e-aigu or u-umlaut and the currency pound or Euro? I keep running into '\240' characters that are likely M$ format commands. Catting a saved file thru Giorgos sed 's/[^[:print:]]/*/g' {or whatever} resolved that --and other such. But it isn't my main gripe. I realize this is probably a complex issue; it's time to work on a reasonable solution. thanks in advance for all insights, gary -- Gary Kline [EMAIL PROTECTED] http://www.thought.org Public Service Unix http://jottings.thought.org http://transfinite.thought.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Exiting Gnome
Started Gnome for first time. Can not figure how to exit (stop) gnome and return to the FreeBSD command line. The System/logout option just hangs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how can i use ISO-8859-1??
On Mon, 8 Sep 2008 21:35:07 -0700, Gary Kline [EMAIL PROTECTED] wrote: Guys, This is one of the I've-been-meaning-to-ask questions; but other things keep happening that took precedence. Now it's time to ask what are the voodoo commands to set up in my ~/.zshrc or other initiation files (probably including my muttrc) that will let me print to stdout, characters like the e-aigu or u-umlaut and the currency pound or Euro? I keep running into '\240' characters that are likely M$ format commands. [...] That's not really an ISO 8859-1 problem, but a locale setup issue. In my .bashrc file I have the following: # Locale setup. export LANG=C export LC_CTYPE=el_GR.ISO8859-7 export LC_COLLATE=el_GR.ISO8859-7 unset LC_ALL LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME You can use something similar to set things up for `en_US.ISO8859-1': # Locale setup. export LANG=C export LC_CTYPE=en_US.ISO8859-1 export LC_COLLATE=en_US.ISO8859-1 unset LC_ALL LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME If you want _everything_ to be displayed using the standard en_US conventions for en_US.ISO8859-1, you can alternatively use: export LANG=C export LC_ALL=en_US.ISO8859-1 unset LC_CTYPE LC_COLLATE LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME and let LC_ALL override everything. A slightly better idea (which doesn't hardcode LANG and LC_ALL for all shell instances) is to configure your personal `.login_conf' file with something like: me:\ :charset=iso-8859-1:\ :lang=en_US.ISO8859-1:\ :setenv=LC_ALL=en_US.ISO8859-1: With this in place you will get the 'correct' environment regardless of the login shell you are using: bash, csh or zsh. Note: By avoiding hardcoded locale setup in your shell startup file you can even spawn sub-shells with different locales. Here's how a zsh session with `en_US.ISO8859-1' can spawn a ksh session with a Greek locale for example: zsh env | egrep '^(LANG|LC_ALL)' LANG=en_US.ISO8859-1 LC_ALL=en_US.ISO8859-1 zsh env LANG='el_GR.ISO8859-7' LC_ALL='el_GR.ISO8859-7' ksh ksh$ mutt Note that this is only ``half of the setup'' though. You will then have to make sure that your terminal emulator can display ISO 8859-1 text correctly, by choosing an appropriate font set. The xlsfonts(1) and the fc-list(1) utilities can show you a list of installed fonts: # xlsfonts | fgrep '8859-1' # fc-list Pick one that includes ISO 8859-1 characters, and off you go :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Virtual machines hosted on FreeBSD 7
On Mon, Sep 08, 2008 at 10:21:56PM -0500, Derek Ragona wrote: I have a FreeBSD 7 release I wanted to use as a host for virtual machines. What software is anyone else using to host virtual machines under FreeBSD? I use Qemu and run XP, Solaris, Gentoo, and FreeBSD as guests. Speed is not super, but workable for me since it is just to play with. I'd just like to here what has worked, or what has not worked. I find it easier to find a solution asking for real world experiences. Thanks for your help. -Derek [EMAIL PROTECTED] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
BIG PUSSIES
Hi to group. New free mirror big pussies. Hight quality. http://videos.videosextube2009.com/big-pussies.html --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups cis080 group. To post to this group, send emailny mail to [EMAIL PROTECTED]