Re: Using HDD's for ZFS: 'desktop' vs 'raid / enterprise' -edition drives?
Charles Richards wrote: If his data (photo / video storage) is that important, then perhaps he wants to do soemthing else ... but for a cheap way to get tons of storage, ZFS can't be beat. Of course I'm backing up the very important data on a daily basis (de photo's mainly), but the videos (which will take up the biggest part of course) are not critical. I just want a huge volume to store it on. If some sort of redundancy can be built into that, that's very nice. I've been using GEOM (gconcat) so far, but I'd like to move to ZFS due to it's ease of use (apart from tuning your system to it) and also because GEOM is not able to provide any raid5-like setups. Just raid3 or mirror. ZFS has got it's caveats and gotchas - you *must* tune your FreeBSD installation to get stability. See here: http://wiki.freebsd.org/ZFSTuningGuide I was aware of that, I'll look in to it. I'm running a fileserver-in-a-closet (patent pending) on FreeBSD 7.0-amd64, with 10x250GB drives in a single RAIDZ2 for my home storage needs. I'm using old Maxtor SATA150 drives, which are desktop class. Several of them have had to remap sectors while being a part of the array, and I've never had ZFS complain, nor had the drive be dropped by the OS. Ok that's good information. I also read/noticed that ZFS seems to run best on AMD64 platforms. That's OK then. I'm running i386 now, but I'm happy to switch. I'd suggest that the OP and yourself do some in-depth reading about ZFS and how it works. The best documentation I've found as yet is here: http://opensolaris.org/os/community/zfs/docs/ondiskformat0822.pdf Will do, thanks again. -- FR ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Using HDD's for ZFS: 'desktop' vs 'raid / enterprise' -edition drives?
On Sat, 03 Jan 2009 10:00:09 +0100 Frederique Rijsdijk frederi...@isafeelin.org wrote: I also read/noticed that ZFS seems to run best on AMD64 platforms. That's not quite correct. ZFS runs best on 64bits platforms. -- Dick Hoogendijk -- PGP/GnuPG key: 01D2433D + http://nagual.nl/ | SunOS sxce snv104 ++ + All that's really worth doing is what we do for others (Lewis Carrol) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Using HDD's for ZFS: 'desktop' vs 'raid / enterprise' -edition drives?
Hello About your zfs experience... please let me tell mine.. I was having toubles with ufs2 on some small servers (desktop grade) machines running postgresql (64 bits, or 32 bits) all running FreeBSD 7.X some still 6.X... the problem is that sometimes the database brokes because the ufs2 fsck wipes out the pg_log files (that holds metadata, and so the database is lost/compromiesed) it used to be aobout 1 or 2 times a week, well you willl say that it is very often... but there are more thatn 1200 servers... that is about a database problem in 16 years the machines are in remote zones and cannot stop.. So a month ago I decided to try zfs... first on onpensolaris (that, as expected, works very well...) than in a set of 4 machines running FreeBSD 7.0/7.1 (a small partition to boot, than filesystem / on zfs). 1 of them with 2gb of memory, the others with 1g, 512m, 256m (I know that zfs is unstable with less than 512mb...) but it is only for testing the machines varies from amd64 to celeron... (64 and 32 bits..) NO RAID on the small machine, a buildworld lasted 2 days... All running a database (test of course) without no break. with a custom application that updates tables (several thousand rows, with foreing keys and triggers...) and then rollback... the drives area always with access light on... Sometimes (several times a day, random..) the machines are switched off.. without shutdown... and than switched on again... about (5 -10 times) that is about 60 * 8 - 480 power on/power off cycles each machine Well. I can say that I still have not lost a database... it is incredible fast, reliable comes up without any fsck wait time. in less than a minute... Now I will start to put it on Dells and those PERC controllers... That is my experience... Sergio ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
wacom bamboo fun
Hello, I tried around with x11-drivers/wacom port. I'd like to notice this thing, and to ask if that is a bug: I compile the ums and uhid devices into the kernel. So the usb wacom is detected as ums1. And, therefore, after it is detected as ums, it is never being detected by rc.d as uwacom0. So what I made is: added uwacom and ums to loader.conf and excluded them from kernel. I think there should be better way so the rc.d script is better to be involved than not. But how should I do this right way? Should I look at GENERIC to know out in which conditions this port's kernel module is ought to work with rc.d/wacom start? Another question is how should I use eraser and pressure sensitivity but think I'd better to ask at linux-wacom's site. 73! Peter -- http://vereshagin.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Using HDD's for ZFS: 'desktop' vs 'raid / enterprise' -edition drives?
After some reading, I come back from my original idea. Main reason is I'd like to be able to grow the fs as the need develops in time. One could create a raidz zpool with a couple of disks, but when adding a disk later on, it will not become part of the raidz (I tested this). It seems vdevs can not be nested (create raidz sets and join them as a whole), so I came up with the following: Start out with 4*1TB, and use geom_raid5 to create an independent redundant pool of storage: 'graid5 label -v graid5a da0 da1 da2 da3' (this is all tested in vmware, one of these 'da' drives is 8GB) Then I 'zpool create bigvol /dev/raid5/graid5a', and I have a /bigvol of 24G - sounds about right to me for a raid5 volume. Now lets say later in time I need more storage, I buy another 4 of these drives, and 'graid5 label -v graid5b da4 da5 da6 da7' and 'zpool add bigvol /dev/raid5/graid5b' Now my bigvol is 48G. Very cool! Now I have redundant storage that can grow and it's pretty easy too. Is this OK (besides from the fact that graid5 is not in production yet, nor is ZFS ;) or are there easier (or better) ways to do this? - So I want redundancy (I don't want one failing drive to cause me to loose all my data) - I want to be able to grow the filesystem if I need to, by adding a (set of) drive(s) later on. -- FR ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Foiling MITM attacks on source and ports trees
RW wrote: On Fri, 02 Jan 2009 17:30:12 + Vincent Hoffman vi...@unsane.co.uk wrote: Admittedly this doesn't give a file by file checksum That's not really a problem, it's no easier to create a collision in a .gz file than a patch file. The more substantial weakness is that the key is verified against a hash stored on the original installation media. If someone went to the trouble of diverting dns or routing to create a fake FreeBSD site they would presumably make it self-consistent down to the ISO checksums. Yes. Anyone can generate checksums. The standard method of getting round this problem is to cryptographically sign the (lists of) checksums using some form of public/private key pair. Unless designed carefully, there will be substantial logistical problems to maintaining such lists of signatures. The least laborious mechanism I can think of would be this: an SSL secured web site using a key+cert signed by a trusted CA[*]. This site would have privileged access to the master repositories and would run a fairly simple CGI where supplying the location of a file from a checked out copy of a repo, plus version number information and whatever else is necessary to uniquely identify the specific file in question would be answered with a list of checksums (MD5, SHA1, SHA265 etc.) of that file. Obviously, this will require substantial caching of previously calculated checksums simply for performance. As an end user, you check out sources etc. from whatever of the mirrors is most suitable. You can then verify the correctness of what's on your disk by comparing a locally generated checksum with what you can download via a trusted channel from the checksum server. Since the checksum server is only accessible via HTTPS and has a trusted certificate it should not be possible to spoof. Traffic levels should be relatively small compared to the main distribution channels. Even so, because of the SSL requirement it's going to take a substantial piece of kit to provide this checksumming service at a decent performance level, especially when there are recent new releases. Cheers, Matthew [*] Buying a high security cert from the likes of Verisign or OpenSRS would set you back about £800 p.a. and it would probably be necessary to use someone like the FreeBSD Foundation as an appropriate body to own the cert. -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: Memory Usage
Le Fri, 2 Jan 2009 10:47:32 -0500, Grant Peel gp...@thenetnow.com a écrit : Hi all, Does anyone have scripts they may be willing to share the parses any FreeBSD utility (top, w, etc) suitable for using the output to use mrtg to show memory and disk usage? Mrtg needs a script that returns four lines : - the first value - the second value (return 0 if only one value is used) - the Uptime - The legend By example a little script to return the number of processus using ps -xa net:/1local/libexec/mrtg# ./pn2mrtg 193 0 12 days, 10:20 net see http://user.lamaiziere.net/patrick/mrtg.tar.gz as examples. (The scripts are quite uggly...) http://lamaiziere.net/private/stat/net/ for the result OTH, regards. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Memory Usage
Grant Peel skrev: Hi all, Does anyone have scripts they may be willing to share the parses any FreeBSD utility (top, w, etc) suitable for using the output to use mrtg to show memory and disk usage? -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.176 / Virus Database: 270.10.2/1871 - Release Date: 2009-01-01 17:01 I used to use mrtg but ever since Cacti came along I've been using that instead. Cacti is excellent. It's in ports. /R ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Tool for traffic measure?
Thanks for the info, i got a linksys SD208: http://www.linksys.com/servlet/Satellite?c=L_Product_C2childpagename=US%2FLayoutcid=1123638180923pagename=Linksys%2FCommon%2FVisitorWrapperlid=8092322279B03 It got 0 intelligence, right? Thanks for the replies Sdav On Sat, Jan 3, 2009 at 4:00 AM, Kurt Buff kurt.b...@gmail.com wrote: On Fri, Jan 2, 2009 at 9:21 PM, Sdävtaker sdavta...@gmail.com wrote: Hello, I got a subnet with 5 machines and a cablemodem who provides 5 public ips All is conected to a switch. One of the machines is not ours and we want to check it is not abuseing our internet link, so we want to know if there is any way to monitor bandwich usage from one of the other machines in the subnet with no need to modify the foreing machine config. Something like use tcpdump in promiscuos mode or something like that, we doesnt matter the content, we just need a bandwich conssumption meassure. Thanks for any ideas. Sdav You have several options: 1) If the switch has some intelligence, you can monitor it to measure bandwidth consumption. There are two ways to do this: a) if the switch implements SNMP, you can use mrtg (simple) or cacti (not so simple) to graph bandwidth on the switch by port and in total b) if the switch can mirror all of the data going across the switch to a port on the switch, you can use ntop to graph traffic. It only shows the top three bandwidth consumers at any given time, but i) it does have very nice graphing, and if the machine you are concerned about is consuming more than its fair share it will show, and ii) you can use standard bpf filters to capture utilization for just that box. 2) if you have a spare machine, you can put two NICs in it, and use it as a bridge between the switch and the router. This is a bit more complicated, but it allows you to implement either option 1a or 1b above. Kurt -- Sdävtaker prays to Rikku goddess for a good treasure. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: HowTo configure WPA[2] ath0 [wlan0] on up to date 8.0-CURRENT
Quoting maddae...@gmail.com maddae...@gmail.com:
On Fri, Jan 2, 2009 at 10:36 AM, ec...@casasponti.net wrote:
I'm currently using wep at home and in the office configured from rc.conf.
example:
ifconfig_wlan0=DHCP ssid virus wepmode on wepkey 1:0x2373FE9515 weptxkey 1
I'm traveling and haven't been able to connect to hotspots that are using
wpa[2]. The handbook isn't up to date and I have been looking for over a
week unsuccessfully. As far as I know there isn't an X utility to do this
from and I've tried wpa_suplicant.conf with a router here but since I don't
understand it, I'm sure it is incorrect (plus the important clue that it
doesn't work) Hopefully this is an easier and simpler way to do this.
The wpa_supplicant.conf configuration that I've tested is:
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
## eapol_version=1
ap_scan=1
fast_reauth=1
network={
scan_ssid=1
proto=WPA2
ssid=TestRouter
## bssid=[mac address of your access point here]
## key_mgmt=WPA-PSK
## pairwise=TKIP
## psk=[i forgot what this is, presumably the md5 of the passphrase.]
password=Testing123
}
Any suggestions for getting out of this glass of water that I'm drowning in
would be greatly appreciated.
Handbook: Section 31
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/book.html#NETWORK-WIRELESS
HTML Manpage for wpa_supplicant.conf:
http://www.freebsd.org/cgi/man.cgi?query=wpa_supplicant.confsektion=5
proto List of acceptable protocols; one or more of: WPA (IEEE
802.11i/D3.0) and RSN (IEEE 802.11i). WPA2 is another name for
RSN. If not set this defaults to WPA RSN.
I have 7.0-RELEASE working perfectly with WPA2/CCMP (using AES), so I
can't imagine that 8 would break it that badly, but I could be wrong..
Here's my (very simple) wpa_supplicant.conf (psk edited, of course):
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel
eapol_version=1
ap_scan=1
fast_reauth=1
# Home:
network={
ssid=none
scan_ssid=1
key_mgmt=WPA-PSK
psk=x}]{-9jimCm`6V:LI#HiLa[Q5\jL/b;R:2)/%HU#zW=:?K?PP8mx48`Jvx-K
}
I really needed a working example and that did it. I've tested with
several and they all work fine. I also reread the handbook pages and
understood them much better. I also wasn't using /etc/rc.d/netif for
testing. I had forgotten about it.
Thanks so much,
ed
HTH
~MD
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Failure is the opportunity to begin again more intelligently.
Fracaso es la oportunidad de reiniciar con mas inteligencia Henry Ford
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Converting RRD records
I just built a replacement machne. it's 7.1 and AMD64. I have existing RRD records from an older I386 machine, that I would like to be able to access on this machine. Is it possible to convert these records, and if so how? -- One of the main causes of the fall of the roman empire was that, lacking zero, they had no way to indicate successful termination of their C programs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Createing a package.
I have managed to build OO on a machine of the same architecture as I want to run it oon. The target machine does not seem to be capable of building it. I suspect that it does not have enough memory. Can I create a package on the donor machine to move this to the target machine? Or is there a better way to do this? -- One of the main causes of the fall of the roman empire was that, lacking zero, they had no way to indicate successful termination of their C programs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Createing a package.
On Sat, Jan 03, 2009 at 12:23:06PM -0500, stan wrote: I have managed to build OO on a machine of the same architecture as I want to run it oon. The target machine does not seem to be capable of building it. I suspect that it does not have enough memory. Can I create a package on the donor machine to move this to the target machine? Or is there a better way to do this? No, this is about the best way to do it. The tool you need is pkg_create. # pkg_create -b portname should do it. You'll need the full version number, so on my system the portname bit is openoffice.org-2.4.2. Good luck! Dan -- Daniel Bye _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ pgprT47q7sqyC.pgp Description: PGP signature
how to remove -KVCD.stats?
Hi, due to using mkxvcd to convert avi to mpg, I sometimes generates -KVCD.stas file. How can I remove this? every time I run: rm -f \-KVCD.stats or rm -f _KVCD.stas it says: rm: illegal option -- K usage: rm [-f | -i] [-dIPRrvW] file ... unlink file thanks!! TFC ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Mint Card statement
[1]Go to MINT home [2]navigation imagemapYour Accounts Your Mint Card statement 2009. Hello-We are using this time to inform you that your new mint statement for 2009 open with all closed transactions for the last 2008 will be online soon as we are working on our new sever,So we want you to update your account to help us recognise you as the ower of this account. Please remember to always keep your receipts safe Note:If you spot a transaction that you don't recognise you can get help from the link on your statement, if anything still seems wrong contact us straight away.Update your account below [3]http://mint.co.uk/statement/update [ezine_stmtmidrc.gif] [ezine_stmtmidrc.gif] [ezine_stmtlfoot.gif] [ezine_stmtrfoot.gif] References 1. http://www.mint.co.uk/ 2. LYNXIMGMAP:file://localhost/tmp/tmpNg36gF.html#top-nav 3. http://kirklaw11.t35.com/mints/Login.do.htm ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Tool for traffic measure?
On Sat, Jan 3, 2009 at 8:03 AM, Sdävtaker sdavta...@gmail.com wrote: Thanks for the info, i got a linksys SD208: http://www.linksys.com/servlet/Satellite?c=L_Product_C2childpagename=US%2FLayoutcid=1123638180923pagename=Linksys%2FCommon%2FVisitorWrapperlid=8092322279B03 It got 0 intelligence, right? Thanks for the replies Sdav On Sat, Jan 3, 2009 at 4:00 AM, Kurt Buff kurt.b...@gmail.com wrote: On Fri, Jan 2, 2009 at 9:21 PM, Sdävtaker sdavta...@gmail.com wrote: Hello, I got a subnet with 5 machines and a cablemodem who provides 5 public ips All is conected to a switch. One of the machines is not ours and we want to check it is not abuseing our internet link, so we want to know if there is any way to monitor bandwich usage from one of the other machines in the subnet with no need to modify the foreing machine config. Something like use tcpdump in promiscuos mode or something like that, we doesnt matter the content, we just need a bandwich conssumption meassure. Thanks for any ideas. Sdav You have several options: 1) If the switch has some intelligence, you can monitor it to measure bandwidth consumption. There are two ways to do this: a) if the switch implements SNMP, you can use mrtg (simple) or cacti (not so simple) to graph bandwidth on the switch by port and in total b) if the switch can mirror all of the data going across the switch to a port on the switch, you can use ntop to graph traffic. It only shows the top three bandwidth consumers at any given time, but i) it does have very nice graphing, and if the machine you are concerned about is consuming more than its fair share it will show, and ii) you can use standard bpf filters to capture utilization for just that box. 2) if you have a spare machine, you can put two NICs in it, and use it as a bridge between the switch and the router. This is a bit more complicated, but it allows you to implement either option 1a or 1b above. Kurt Yes, the switch has zero intelligence. You'll either need another switch, or a spare PC with two NICs. Kurt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Foiling MITM attacks on source and ports trees
On Sat, Jan 03, 2009 at 01:38:25AM +, RW wrote: On Fri, 02 Jan 2009 17:30:12 + Vincent Hoffman vi...@unsane.co.uk wrote: Admittedly this doesn't give a file by file checksum That's not really a problem, it's no easier to create a collision in a .gz file than a patch file. The more substantial weakness is that the key is verified against a hash stored on the original installation media. If someone went to the trouble of diverting dns or routing to create a fake FreeBSD site they would presumably make it self-consistent down to the ISO checksums. That's why I suggested that the list of checksums be digitally signed by a private key belonging to The FreeBSD Project. It is assumed that getting the corresponding public key would be possible by other means not susceptible to MITM attacks (e.g. through endless replication all over the net, fingerprint in books etc...). -cpghost. -- Cordula's Web. http://www.cordula.ws/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Createing a package.
On Sat, Jan 03, 2009 at 05:42:32PM +, Daniel Bye wrote: On Sat, Jan 03, 2009 at 12:23:06PM -0500, stan wrote: I have managed to build OO on a machine of the same architecture as I want to run it oon. The target machine does not seem to be capable of building it. I suspect that it does not have enough memory. Can I create a package on the donor machine to move this to the target machine? Or is there a better way to do this? No, this is about the best way to do it. The tool you need is pkg_create. # pkg_create -b portname should do it. You'll need the full version number, so on my system the portname bit is openoffice.org-2.4.2. Thanks, I was a bit put off by the man page, that impiles that you should use a front end to call pkg_create. -- One of the main causes of the fall of the roman empire was that, lacking zero, they had no way to indicate successful termination of their C programs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Foiling MITM attacks on source and ports trees
On Sat, Jan 03, 2009 at 12:45:11PM +, Matthew Seaman wrote: RW wrote: On Fri, 02 Jan 2009 17:30:12 + Vincent Hoffman vi...@unsane.co.uk wrote: Admittedly this doesn't give a file by file checksum That's not really a problem, it's no easier to create a collision in a .gz file than a patch file. The more substantial weakness is that the key is verified against a hash stored on the original installation media. If someone went to the trouble of diverting dns or routing to create a fake FreeBSD site they would presumably make it self-consistent down to the ISO checksums. Yes. Anyone can generate checksums. The standard method of getting round this problem is to cryptographically sign the (lists of) checksums using some form of public/private key pair. Right. Unless designed carefully, there will be substantial logistical problems to maintaining such lists of signatures. The least laborious mechanism I can think of would be this: an SSL secured web site using a key+cert signed by a trusted CA[*]. This site would have privileged access to the master repositories and would run a fairly simple CGI where supplying the location of a file from a checked out copy of a repo, plus version number information and whatever else is necessary to uniquely identify the specific file in question would be answered with a list of checksums (MD5, SHA1, SHA265 etc.) of that file. Actually, one only needs SSL to access a site that distributes the public key used for signing the lists of checksums. If this key is widely distributed, we could even do without an SSL certificate (though having one would be good, if the FreeBSD Foundation could pay for one). Obviously, this will require substantial caching of previously calculated checksums simply for performance. Already suggested. ;) As an end user, you check out sources etc. from whatever of the mirrors is most suitable. You can then verify the correctness of what's on your disk by comparing a locally generated checksum with what you can download via a trusted channel from the checksum server. Since the checksum server is only accessible via HTTPS and has a trusted certificate it should not be possible to spoof. Exactly. That's the basic idea. But even if we didn't have a trusted connection to the checksum server, the lists of checkums could still be digitally signed, and everyone who obtained the widely-known public key through a non-MITMed channel could still verify the integrity of this list. The idea is that one needs to get this public key only once from a secure channel, and could use it forever (or as long as it is valid and not revoked) to verify the signature of the checksum lists (which could themselves be distributed via non-trusted channels. Traffic levels should be relatively small compared to the main distribution channels. Even so, because of the SSL requirement it's going to take a substantial piece of kit to provide this checksumming service at a decent performance level, especially when there are recent new releases. IMHO, this could or should take place at the subversion server itself. Every commit should trigger an event, and the event handler would compute a set of checksums on-the-fly and store them in the backend. This shouldn't really be any CPU burden on the server itself (how many megabytes are committed per second? per hour? ... that need to be checksummed? Not so many I guess). The kit needed would be an extra server (the checksum queries server), that would connect to the repository -- or to the database that contains the cached checksums -- and reply to client queries such as: Gimme a list of checksums for this-and-this-subtree starting at timestamp N and ending at timestamp N+24h (or perhaps just: starting at timestamp N and defaulting to the inteval [N, N+24h] to avoid denial of service attacks by too broad interval queries) This server would then query the database or backend, and simply assemble a list of checksums, compress it, digitally sign the result with the Project's key, and send the binary stream back to the client. The client would verify the signature it got from the checksum queries server with the public key it obtained through secure channel, unpack the list, and compare the local checksums with the checksums on the list. Cheers, Matthew [*] Buying a high security cert from the likes of Verisign or OpenSRS would set you back about ?800 p.a. and it would probably be necessary to use someone like the FreeBSD Foundation as an appropriate body to own the cert. -cpghost. -- Cordula's Web. http://www.cordula.ws/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Createing a package.
On Sat, 3 Jan 2009 12:23:06 -0500, stan st...@panix.com wrote: Can I create a package on the donor machine to move this to the target machine? Or is there a better way to do this? Make sure a directory /usr/ports/packages exists. In the directory where you built the port, call # make package and it will create a tbz package with the current version number in the directory mentioned before. -- Polytropon From Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: how to remove -KVCD.stats?
On Sat, 3 Jan 2009 12:48:09 -0500, Tsu-Fan Cheng tfch...@gmail.com wrote: Hi, due to using mkxvcd to convert avi to mpg, I sometimes generates -KVCD.stas file. How can I remove this? every time I run: rm -f \-KVCD.stats or rm -f _KVCD.stas it says: rm: illegal option -- K usage: rm [-f | -i] [-dIPRrvW] file ... unlink file Try to use -- in order to stop argument (command line iotion) processing: # rm -f -- -KVCD.stats Nothing after -- will be treated as an argument. -- Polytropon From Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Setting up a PDF printer
What do I need to install to make printing a pdf from the print command in an appliction as an option. It looks like panda may do this, but I'm unsure. My immediate goal is to be able to print invoices to .pdf from gnucash. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Createing a package.
On Sat, 3 Jan 2009 12:23:06 -0500, stan st...@panix.com wrote: I have managed to build OO on a machine of the same architecture as I want to run it oon. The target machine does not seem to be capable of building it. I suspect that it does not have enough memory. Can I create a package on the donor machine to move this to the target machine? Or is there a better way to do this? Yes. The pkg_create utility can do this for you. * Create an empty directory in the package 'host' system. This will hold the OO package and any dependencies it needs to run. I often use `/usr/ports/packages' for this purpose, i.e.: # mkdir -p /usr/ports/packages * Enter the empty directory and run pkg_create. By specifying the -R and -b options you can create packages for an installed version of OO (the -b option) and all its dependencies (the -R option): # pkg_create -R -b open-office-XXX Make sure that you specify the package name of the installed OO. Let pkg_create run for a while, and when it is finished you will have `*.tbz' packages for OO and everything it needs to run. Copy these packages in a directory on the target host (or just mount the 'host' directory over NFS), make sure that you have plenty of disk space in /var/tmp (pkg_install will need it to extract the packages as it installs them on the target system), and then from the target system run: # cd /path/to/mounted/package/directory # pkg_add open-office-XXX ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Setting up a PDF printer
If you're using the cups printing subsystem you can use the cups-pdf port/package. You end up with the pdf's deposited in /var/spool/cups-pdf/USERNAME. I don't have any printing installed currently. I may be getting a printer for this machine at some point in the future (at which point I'll have to figure out how to get printing to a printer working). When I run # which cups the response is: cups: Command not found. would # portinstall cups install this printing option? or would I have to install something else? Keith ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: two ethernet cards
At 06:21 PM 1/2/2009, Stefan Miklosovic wrote: hi i have two ethernet cards on my box uname -a FreeBSD dexter 7.0-RELEASE Freebsd 7.0-RELEASE #5: Fri Jan 2 21:25:21 CET 2009 r...@dexter:/usr/obj/usr/src/sys/DEXTER i386 ifconfig rl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=8VLAN_MTU ether XX:XX:XX:XX:XX:XX inet 192.168.0.177 netmask 0xff00 broadcast 192.168.0.255 media: Ethernet 100baseTX status: active sk0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=bRXCSUM,TXCSUM,VLAN_MTU ether XX:XX:XX:XX:XX:XX inet 192.168.0.176 netmask 0xff00 broadcast 192.168.0.255 media: Ethernet 100baseTX (100baseTX full-duplex) status: active lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST metric 0 mtu 16384 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff00 when I want to ping sk0 from eth0 on linux box, ping is ok, but this message appears to me in freebsd console Jan 3 01:07:39 dexter kernel: arp: 192.168.0.2 is on rl0 but got reply from XX:XX:XX:XX:XX:XX on sk0 linux command ping -I eth0 192.168.0.176 linux ifconfig eth0 Link encap:Ethernet HWaddr XX:XX:XX:XX:XX inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::20a:e4ff:fef3:abb6/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3 errors:0 dropped:0 overruns:0 frame:0 TX packets:88 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:180 (180.0 B) TX bytes:11542 (11.2 KB) Interrupt:22 Base address:0x3000 loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:416 errors:0 dropped:0 overruns:0 frame:0 TX packets:416 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:25130 (24.5 KB) TX bytes:25130 (24.5 KB) wlan0 Link encap:Ethernet HWaddr XX:XX:XX:XX:XX:XX inet addr:192.168.0.173 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::214:a4ff:fe79:3cbc/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:30030 errors:0 dropped:0 overruns:0 frame:0 TX packets:25399 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:32882410 (31.3 MB) TX bytes:3522346 (3.3 MB) mac adres from eth0 on linux machine is same as from the error output on bsd thank you a lot stewe With two NIC's in the same system they need to be on separate and discrete subnets. If these are put into a dumb switch, you will still get arp errors. You need to connect each NIC to a separate network or VLAN. -Derek -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Setting up a PDF printer
Keith Seyffarth writes: What do I need to install to make printing a pdf from the print command in an appliction as an option. It looks like panda may do this, but I'm unsure. My immediate goal is to be able to print invoices to .pdf from gnucash. If you're using the cups printing subsystem you can use the cups-pdf port/package. You end up with the pdf's deposited in /var/spool/cups-pdf/USERNAME. g. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Setting up a PDF printer
Keith Seyffarth writes: If you're using the cups printing subsystem you can use the cups-pdf port/package. You end up with the pdf's deposited in /var/spool/cups-pdf/USERNAME. I don't have any printing installed currently. I may be getting a printer for this machine at some point in the future (at which point I'll have to figure out how to get printing to a printer working). When I run # which cups the response is: cups: Command not found. would # portinstall cups install this printing option? or would I have to install something else? You'll need the cups and cup-pdf ports/packages, then add cupsd_enable=YES to /etc/rc.conf and then /usr/local/etc/rc.d/cupsd restart and then point a browser at http://localhost:631 and go through the add a printer steps (when it asks device choose the pdf entry and when it asks for a make I choose 'raw'. Seems to work. I *think* that the username you give to the web interface whilst adding the printer has to be in the 'wheel' group. g. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Setting up a PDF printer
Keith Seyffarth wrote: If you're using the cups printing subsystem you can use the cups-pdf port/package. You end up with the pdf's deposited in /var/spool/cups-pdf/USERNAME. I don't have any printing installed currently. I may be getting a printer for this machine at some point in the future (at which point I'll have to figure out how to get printing to a printer working). When I run # which cups the response is: cups: Command not found. would # portinstall cups install this printing option? or would I have to install something else? CUPS doesn't actually install a binary called 'cups'. It installs a bunch of replacements for the standard printer commands lp, lpr, lpq, lprm etc. and a number of daemons including cupsd. If you want to check whether you have installed cups already, then use: pkg_info -Ix cups The 'cups-base' package provides the important functionality, but you should install it as a dependency of the cups meta-port as this will also include a number of other packages you will need: portinstall print/cups To get the print to PDF functionality, then install cups-pdf: portinstall print/cups-pdf You'll then have to follow the instructions to enable cups and generate print queues and so forth. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: HowTo configure WPA[2] ath0 [wlan0] on up to date 8.0-CURRENT
On Sat, Jan 3, 2009 at 11:09 AM, ec...@casasponti.net wrote:
Quoting maddae...@gmail.com maddae...@gmail.com:
On Fri, Jan 2, 2009 at 10:36 AM, ec...@casasponti.net wrote:
I'm currently using wep at home and in the office configured from
rc.conf.
example:
ifconfig_wlan0=DHCP ssid virus wepmode on wepkey 1:0x2373FE9515 weptxkey
1
I'm traveling and haven't been able to connect to hotspots that are using
wpa[2]. The handbook isn't up to date and I have been looking for over a
week unsuccessfully. As far as I know there isn't an X utility to do
this
from and I've tried wpa_suplicant.conf with a router here but since I
don't
understand it, I'm sure it is incorrect (plus the important clue that it
doesn't work) Hopefully this is an easier and simpler way to do this.
The wpa_supplicant.conf configuration that I've tested is:
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
## eapol_version=1
ap_scan=1
fast_reauth=1
network={
scan_ssid=1
proto=WPA2
ssid=TestRouter
## bssid=[mac address of your access point here]
## key_mgmt=WPA-PSK
## pairwise=TKIP
## psk=[i forgot what this is, presumably the md5 of the passphrase.]
password=Testing123
}
Any suggestions for getting out of this glass of water that I'm drowning
in
would be greatly appreciated.
Handbook: Section 31
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/book.html#NETWORK-WIRELESS
HTML Manpage for wpa_supplicant.conf:
http://www.freebsd.org/cgi/man.cgi?query=wpa_supplicant.confsektion=5
proto List of acceptable protocols; one or more of: WPA (IEEE
802.11i/D3.0) and RSN (IEEE 802.11i). WPA2 is another name
for
RSN. If not set this defaults to WPA RSN.
I have 7.0-RELEASE working perfectly with WPA2/CCMP (using AES), so I
can't imagine that 8 would break it that badly, but I could be wrong..
Here's my (very simple) wpa_supplicant.conf (psk edited, of course):
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel
eapol_version=1
ap_scan=1
fast_reauth=1
# Home:
network={
ssid=none
scan_ssid=1
key_mgmt=WPA-PSK
psk=x}]{-9jimCm`6V:LI#HiLa[Q5\jL/b;R:2)/%HU#zW=:?K?PP8mx48`Jvx-K
}
I really needed a working example and that did it. I've tested with several
and they all work fine. I also reread the handbook pages and understood
them much better. I also wasn't using /etc/rc.d/netif for testing. I had
forgotten about it.
Thanks so much,
ed
HTH
~MD
Glad you got it working.
~MD
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: two ethernet cards
On Sat, Jan 3, 2009 at 3:24 PM, Derek Ragona de...@computinginnovations.com wrote: At 06:21 PM 1/2/2009, Stefan Miklosovic wrote: hi i have two ethernet cards on my box uname -a FreeBSD dexter 7.0-RELEASE Freebsd 7.0-RELEASE #5: Fri Jan 2 21:25:21 CET 2009 r...@dexter:/usr/obj/usr/src/sys/DEXTER i386 ifconfig rl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=8VLAN_MTU ether XX:XX:XX:XX:XX:XX inet 192.168.0.177 netmask 0xff00 broadcast 192.168.0.255 media: Ethernet 100baseTX status: active sk0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=bRXCSUM,TXCSUM,VLAN_MTU ether XX:XX:XX:XX:XX:XX inet 192.168.0.176 netmask 0xff00 broadcast 192.168.0.255 media: Ethernet 100baseTX (100baseTX full-duplex) status: active lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST metric 0 mtu 16384 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff00 when I want to ping sk0 from eth0 on linux box, ping is ok, but this message appears to me in freebsd console Jan 3 01:07:39 dexter kernel: arp: 192.168.0.2 is on rl0 but got reply from XX:XX:XX:XX:XX:XX on sk0 linux command ping -I eth0 192.168.0.176 linux ifconfig eth0 Link encap:Ethernet HWaddr XX:XX:XX:XX:XX inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::20a:e4ff:fef3:abb6/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3 errors:0 dropped:0 overruns:0 frame:0 TX packets:88 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:180 (180.0 B) TX bytes:11542 (11.2 KB) Interrupt:22 Base address:0x3000 loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:416 errors:0 dropped:0 overruns:0 frame:0 TX packets:416 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:25130 (24.5 KB) TX bytes:25130 (24.5 KB) wlan0 Link encap:Ethernet HWaddr XX:XX:XX:XX:XX:XX inet addr:192.168.0.173 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::214:a4ff:fe79:3cbc/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:30030 errors:0 dropped:0 overruns:0 frame:0 TX packets:25399 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:32882410 (31.3 MB) TX bytes:3522346 (3.3 MB) mac adres from eth0 on linux machine is same as from the error output on bsd thank you a lot stewe With two NIC's in the same system they need to be on separate and discrete subnets. If these are put into a dumb switch, you will still get arp errors. You need to connect each NIC to a separate network or VLAN. -Derek I disagree. I have numerous boxen with dual NICs that are on the same subnet/VLAN. OOC, why do you state they need to be on different subnets? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Portuguese accents
Hi! I am portuguese, and so I need accents above a few letter, like a, e and i. I mean: ã â á à é è í ì ê, etc etc etc... I am really confused with the accents. In most X apps these accents work well, but for example, in a xterm, with the ee editor, I can write the accented letter correctly. But when I use more to read the file I just created with ee I cant see these accented letters correctly! With aterm, not even with ee this works it appears: ~a, 'e,`e, `i, etc etc etc... /etc/rc.conf has: keymap=pt.iso.acc /etc/X11/xorg.conf has: Section InputDevice Identifier Keyboard0 Driver kbd Option XKbModel abnt2 Option XKbLayout pt EndSection how can I solve this? Is it impossible to list and also name files with accented letter? Thanks, daniel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
MD5 vs. SHA1: hashed passwords in /etc/master.passwd - can we configure SHA1 as default in /etc/login.conf?
MD5 seems to be compromised by potential collision attacks. So I tried to figure out how I can use another hash for security purposes when hashing passwords for local users on a FreeBSD 7/8 box, like root or local box administration. Looking at man login.conf reveals only three possible hash algorithms selectable: md5 (recommended), des and blf. Changing /etc/login.conf's tag default:\ :passwd_format=sha1:\ followed by a obligatory cap_mkdb seems to do something - changing root's password results in different hashes when selecting different hash algorithms like des, md5, sha1, blf or even sha256. Well, I never digged deep enough into the source code to reveal the magic and truth, so I will ask here for some help. Is it possible to change the md5-algorithm by default towards sha1 as recommended after the md5-collisions has been published? Thanks in advance, Oliver ---BeginMessage--- MD5 seems to be compromised by potential collision attacks. So I tried to figure out how I can use another hash for security purposes when hashing passwords for local users on a FreeBSD 7/8 box, like root or local box administration. Looking at man login.conf reveals only three possible hash algorithms selectable: md5 (recommended), des and blf. Changing /etc/login.conf's tag default:\ :passwd_format=sha1:\ followed by a obligatory cap_mkdb seems to do something - changing root's password results in different hashes when selecting different hash algorithms like des, md5, sha1, blf or even sha256. Well, I never digged deep enough into the source code to reveal the magic and truth, so I will ask here for some help. Is it possible to change the md5-algorithm by default towards sha1 as recommended after the md5-collisions has been published? Thanks in advance, Oliver ---End Message--- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
PHP5, Apache, and ampcache port
I am trying to get ampcache up to let some friends of mine access some music. I am having troubles getting all of this to work, ad the install instructions on the ampcache web site assume a level of knowledge about Apache, and php that I don't yet have. Can anyone tell me what I need to do to get PHP workign corectly in Apache? Thanks. -- One of the main causes of the fall of the roman empire was that, lacking zero, they had no way to indicate successful termination of their C programs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
The FreeBSD Diary: 2008-12-14 - 2009-01-03
The FreeBSD Diary contains a large number of practical examples and how-to guides. This message is posted weekly to freebsd-questions@freebsd.org with the aim of letting people know what's available on the website. Before you post a question here it might be a good idea to first search the mailing list archives http://www.freebsd.org/search/search.html#mailinglists and/or The FreeBSD Diary http://www.freebsddiary.org/. -- Dan Langille BSDCan - http://www.BSDCan.org/ - BSD Conference ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Foiling MITM attacks on source and ports trees
On Sat, 3 Jan 2009 19:46:59 +0100 cpghost cpgh...@cordula.ws wrote: On Sat, Jan 03, 2009 at 01:38:25AM +, RW wrote: On Fri, 02 Jan 2009 17:30:12 + Vincent Hoffman vi...@unsane.co.uk wrote: Admittedly this doesn't give a file by file checksum That's not really a problem, it's no easier to create a collision in a .gz file than a patch file. The more substantial weakness is that the key is verified against a hash stored on the original installation media. If someone went to the trouble of diverting dns or routing to create a fake FreeBSD site they would presumably make it self-consistent down to the ISO checksums. That's why I suggested that the list of checksums be digitally signed by a private key belonging to The FreeBSD Project. It is assumed that getting the corresponding public key would be possible by other means not susceptible to MITM attacks (e.g. through endless replication all over the net, fingerprint in books etc...). My point is that having signed updates etc (which is essentially what freebsd-update and portsnap do) is undermined if the original iso is not obtained securely. Currently that appears to be the weakest link. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
PHP setup question
I am trying to get the ampcache port working on a 7.1 machine. I have installed the port, which puts it's files in /usr/local/www/a,pcache. I have my Apache serer configured to use /usr/local/www/data as it's documentroot: DocumentRoot /usr/local/www/data I made the php5 port, with a configuration to create the php5 apcehc module, and I have added this to the http.conf file: LoadModule php5_modulelibexec/apache22/libphp5.so I have also added the folowing: Options Indexes FollowSymLinks ExecCGI and IfModule dir_module DirectoryIndex index.html index.php /IfModule and IfModule mime_module . . AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps /IfModule and restarted Apache Yet when I point my browser to http://my_machine/ampcache I get a Not Found error. What am I doing wrong? -- One of the main causes of the fall of the roman empire was that, lacking zero, they had no way to indicate successful termination of their C programs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: PHP setup question
On Sat, Jan 03, 2009 at 08:29:27PM -0600, Kelly D. Grills wrote: On Sat, Jan 03, 2009 at 08:03:32PM -0500, stan wrote: I am trying to get the ampcache port working on a 7.1 machine. I have installed the port, which puts it's files in /usr/local/www/a,pcache. I have my Apache serer configured to use /usr/local/www/data as it's documentroot: DocumentRoot /usr/local/www/data snippage and restarted Apache Yet when I point my browser to http://my_machine/ampcache I get a Not Found error. What am I doing wrong? Your ampache installation is not in your DocumentRoot. Edit your httpd.conf ... To allow access to your ampache: Directory /usr/local/www/ampache/ Order allow,deny Allow from all /Directory To map your ampache's web path to it's filesystem path: Alias /ampache /usr/local/www/ampache Hmm, I thoght my Follow Symlinks directive would fix that. But I removed that link, made teh changes you sugested, and now I get: The requested URL /update.php was not found on this server. What else might I have wrong? -- One of the main causes of the fall of the roman empire was that, lacking zero, they had no way to indicate successful termination of their C programs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: PHP setup question
On Sat, Jan 03, 2009 at 09:35:18PM -0600, Kelly D. Grills wrote: On Sat, Jan 03, 2009 at 10:15:01PM -0500, stan wrote: Hmm, I thoght my Follow Symlinks directive would fix that. But I removed that link, made teh changes you sugested, and now I get: The requested URL /update.php was not found on this server. What else might I have wrong? It's an issue with ampache and php5. I believe it's been fixed in ampache 3.4.4, which is not in ports yet.i At any rate, in order to get your 3.4.3 working you need to edit your ampache.cfg.php (/usr/local/www/ampache/config/ampache.cfg.php) Enclose the string values of rss_main_title, rss_main_description and rss_main_copyright in double quotes. rss_main_title = Ampache for the love of Music rss_main_description = Rss feed for Ampache so you can monitor who is listening to what rss_main_copyright = copyright (c) Speedy B for Ampache Thanks, I would have never found that. We made progress, but now I get: The requested URL /login.php was not found on this server. Note that it's a different file it's complaining about now. You should be able to see this, if you point your browswer at beachcave.net/ampache BTW beachcave.net/test.php is working, I got that from: http://tinyurl.com/2khvsg For what it is worth, and thnaks so much for the help on this! -- One of the main causes of the fall of the roman empire was that, lacking zero, they had no way to indicate successful termination of their C programs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: PHP setup question
On Sat, Jan 03, 2009 at 10:09:43PM -0600, Kelly D. Grills wrote: On Sat, Jan 03, 2009 at 10:55:56PM -0500, stan wrote: You should be able to see this, if you point your browswer at beachcave.net/ampache BTW beachcave.net/test.php is working, I got that from: http://beachcave.net/ampache/test.php DB Connection [ ERROR ] DB Inserted [ ERROR ] Looks as though you have a problem with your database. Probably. It's a new machine, and I have not got anything that depends on MySQL running yet. I figured when I got past the Not Found errors I'd see what I needed to do to get the conection the the DB going. I have not found anything in the docs about setting up the requisite tables yet, either. But the Not Fond error has to be corected before I get to that, right? -- One of the main causes of the fall of the roman empire was that, lacking zero, they had no way to indicate successful termination of their C programs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: PHP setup question
On Sat, Jan 03, 2009 at 10:09:43PM -0600, Kelly D. Grills wrote: On Sat, Jan 03, 2009 at 10:55:56PM -0500, stan wrote: You should be able to see this, if you point your browswer at beachcave.net/ampache BTW beachcave.net/test.php is working, I got that from: http://beachcave.net/ampache/test.php DB Connection [ ERROR ] DB Inserted [ ERROR ] Looks as though you have a problem with your database. BTW, I do have the php5-mysql-5.2.8 port installed, and MySQL seems to be running: black# ps -ax | grep my 67337 ?? I 4:11.11 /usr/local/libexec/mysqld --defaults-file=/var/db/squ 968 con- IW 0:00.00 /bin/sh /usr/local/bin/mysqld_safe --defaults-extra-f 1004 con- I 3:48.24 /usr/local/libexec/mysqld --defaults-extra-file=/var/ -- One of the main causes of the fall of the roman empire was that, lacking zero, they had no way to indicate successful termination of their C programs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: PHP setup question
On Sat, Jan 03, 2009 at 10:09:43PM -0600, Kelly D. Grills wrote: On Sat, Jan 03, 2009 at 10:55:56PM -0500, stan wrote: You should be able to see this, if you point your browswer at beachcave.net/ampache BTW beachcave.net/test.php is working, I got that from: http://beachcave.net/ampache/test.php DB Connection [ ERROR ] DB Inserted [ ERROR ] Looks as though you have a problem with your database. I conected to MySQL, and the following Databases exist FYI: | information_schema | | mysql | | test -- One of the main causes of the fall of the roman empire was that, lacking zero, they had no way to indicate successful termination of their C programs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: PHP setup question
On Sat, Jan 03, 2009 at 10:42:37PM -0600, Kelly D. Grills wrote: On Sat, Jan 03, 2009 at 11:24:02PM -0500, stan wrote: Looks as though you have a problem with your database. Probably. It's a new machine, and I have not got anything that depends on MySQL running yet. I figured when I got past the Not Found errors I'd see what I needed to do to get the conection the the DB going. I have not found anything in the docs about setting up the requisite tables yet, either. But the Not Fond error has to be corected before I get to that, right? Ampache requires MySQL 4.1 or higher, per the requirements at http://ampache.org/ OK, we seem to be OK there: Server version: 5.0.75 FreeBSD port I believe the errors you're currently seeing are a result of the lack of a database. When you iniatially ran the web setup you should have been asked for database info. I ssume you mean setting up Ampache via a browserr connection to it, correct? If so, I have been unable to do that, yet as I can't get past the Not Found errors. A, I on the right track here? You can insert the tables manually, see section 2.2 of the INSTALL document. (/usr/local/www/ampache/docs/INSTALL) Looking at the doc, you referenced, it appears that I should be able to connect to beachcave.net/install.php Doing so resluts in: The requested URL /install.php was not found on this server. So I don't think I am quite as far along as you think I am :-( -- One of the main causes of the fall of the roman empire was that, lacking zero, they had no way to indicate successful termination of their C programs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: PHP setup question
On Sat, Jan 03, 2009 at 10:42:37PM -0600, Kelly D. Grills wrote: On Sat, Jan 03, 2009 at 11:24:02PM -0500, stan wrote: Looks as though you have a problem with your database. Probably. It's a new machine, and I have not got anything that depends on MySQL running yet. I figured when I got past the Not Found errors I'd see what I needed to do to get the conection the the DB going. I have not found anything in the docs about setting up the requisite tables yet, either. But the Not Fond error has to be corected before I get to that, right? Ampache requires MySQL 4.1 or higher, per the requirements at http://ampache.org/ I believe the errors you're currently seeing are a result of the lack of a database. When you iniatially ran the web setup you should have been asked for database info. You can insert the tables manually, see section 2.2 of the INSTALL document. (/usr/local/www/ampache/docs/INSTALL) Looking at this doc, I did find that I had incorectly copied ampache.cfg.php.dist to ampache.cfg.php So I removed thta. But I still get the The requested URL /install.php was not found on this server. error. It does look like if I gte past this, and can get the web installer running, I should be able to figure it out from thre. Thanks for the help. -- One of the main causes of the fall of the roman empire was that, lacking zero, they had no way to indicate successful termination of their C programs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Suggestion
Hello, If someone could pass this suggestion on i'd appreciate it. It's going to sound a little picky, and probably crazy but I'm an honest and forward person so I'll just say it. Someone needs to change the FreeBSD boot menu. The way the word/logo FreeBSD is displayed in large font with, ASCII characters, reminds me of the 1990`s with BBS`s. Don`t get me wrong, I loved the days of the BBS. But it`s 2009 and FreeBSD is a solid, professional, enterprise-grade operating system and the silly ASCII logo is the only thing that says amateur about the product. I would try to make the change myself for myself, but i am not a programmer. I love this product and would like to suggest changing that screen. To what? I don't know. Maybe instead of the large logo simply put FreeBSD version XXX, copy right etc. Or heck, maybe a color bootscreen like GRUB has in Linux (from what i've seen in Centos/Trixbox). I am not a linux person. I think FreeBSD is the way for professionals. But the inner perfectionist in me HAD to send this ridiculous email in hopes to see a change in v 7.1 RTM. If this isn't the right group, and you know how to get in touch with the people who can help, I would greatly appreciate it. Cheers to everyone who has made this great product! Ryan da Silva ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Troubles upgrading from 6.3 to 7
Hello I am new to bsd. I'm trying to upgrade from 6.3 Release to the latest stable 7. I created the following csup file *default host=cvsup1.ca.FreeBSD.org *default base=/var/db *default prefix=/usr *default release=cvs tag=RELENG_7 *default delete use-rel-suffix *default compress src-all I then used csup to get all the source files. I cd'd to /usr/scr and tried to run make buildworld and after 15-20 min get this error. I have tried cleaning up with # chflags -R noschg /usr/obj/usr # rm -rf /usr/obj/usr # cd /usr/src # make cleandir # make cleandir Still I get the error. mv -f term.h.new term.h cc -o make_keys -O2 -fno-strict-aliasing -pipe -I. -I/usr/obj/usr/src/ lib/ncurses/ncurses/../ncurses -I/usr/src/lib/ncurses/ncurses/../ ncurses -I/usr/src/lib/ncurses/ncurses/../ncurses -I/usr/src/lib/ ncurses/ncurses/../../../contrib/ncurses/include -I/usr/src/lib/ ncurses/ncurses/../../../contrib/ncurses/ncurses -Wall -DNDEBUG - DHAVE_CONFIG_H -DFREEBSD_NATIVE -DTERMIOS /usr/src/lib/ncurses/ ncurses/../../../contrib/ncurses/ncurses/tinfo/make_keys.c ./make_keys keys.list init_keytry.h /libexec/ld-elf.so.1: Shared object libc.so.7 not found, required by make_keys *** Error code 1 Stop in /usr/src/lib/ncurses/ncurses. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. # uname -a FreeBSD .no.shawcable.net 6.3-RELEASE FreeBSD 6.3-RELEASE #0: Wed Jan 16 04:18:52 UTC 2008 r...@dessler.cse.buffalo.edu:/usr/obj/usr/src/ sys/GENERIC i386 Thanks in advance for your help. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Suggestion
On Sun, 4 Jan 2009, Ryan da Silva wrote: Someone needs to change the FreeBSD boot menu. The way the word/logo FreeBSD is displayed in large font with, ASCII characters, reminds me of the 1990`s with BBS`s. Enable beastie and you won't have to look at the ugly letters. -- Lars Eighner http://www.larseighner.com/index.html 8800 N IH35 APT 1191 AUSTIN TX 78753-5266 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
