w3m - Segmentation fault

2009-05-20 Thread Zbigniew Komarnicki
Hello,

I try today install port w3m (www/w3m) and got segmentation fault. Is somone 
else have such trouble? FreeBSD 7.2-RELEASE, AMD64.

# make install clean 
...
cc  -I. -I. -O2 -fno-strict-aliasing -pipe   -I/usr/include/openssl 
-I/usr/local/include -I/usr/local/include -DHAVE_CONFIG_H 
-DAUXBIN_DIR=\/usr/local/libexec/w3m\  
-DCGIBIN_DIR=\/usr/local/libexec/w3m/cgi-bin\ 
-DHELP_DIR=\/usr/local/share/w3m\  -DETC_DIR=\/usr/local/etc\ 
-DCONF_DIR=\/usr/local/etc/w3m\  -DRC_DIR=\~/.w3m\  
-DLOCALEDIR=\/usr/local/share/locale\ -c 
myctype.c
cc  -I. -I. -O2 -fno-strict-aliasing -pipe   -I/usr/include/openssl 
-I/usr/local/include -I/usr/local/include -DHAVE_CONFIG_H 
-DAUXBIN_DIR=\/usr/local/libexec/w3m\  
-DCGIBIN_DIR=\/usr/local/libexec/w3m/cgi-bin\ 
-DHELP_DIR=\/usr/local/share/w3m\  -DETC_DIR=\/usr/local/etc\ 
-DCONF_DIR=\/usr/local/etc/w3m\  -DRC_DIR=\~/.w3m\  
-DLOCALEDIR=\/usr/local/share/locale\ -c 
hash.c
ar rv libindep.a Str.o indep.o regex.o textlist.o parsetag.o myctype.o hash.o
ar: creating libindep.a
a - Str.o
a - indep.o
a - regex.o
a - textlist.o
a - parsetag.o
a - myctype.o
a - hash.o
ranlib libindep.a
cc  -I. -I. -O2 -fno-strict-aliasing -pipe   -I/usr/include/openssl 
-I/usr/local/include -I/usr/local/include -DHAVE_CONFIG_H 
-DAUXBIN_DIR=\/usr/local/libexec/w3m\  
-DCGIBIN_DIR=\/usr/local/libexec/w3m/cgi-bin\ 
-DHELP_DIR=\/usr/local/share/w3m\  -DETC_DIR=\/usr/local/etc\ 
-DCONF_DIR=\/usr/local/etc/w3m\  -DRC_DIR=\~/.w3m\  
-DLOCALEDIR=\/usr/local/share/locale\ -o 
mktable mktable.o 
dummy.o -L/usr/local/lib -lm -L. -lindep  -L/usr/local/lib -lgc
sort funcname.tab | nawk -f ./functable.awk  functable.tab
./mktable 100 functable.tab  functable.c
Segmentation fault (core dumped)
*** Error code 139

Stop in /usr/ports/www/w3m/work/w3m-0.5.2.
*** Error code 1

Stop in /usr/ports/www/w3m.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: Unable to read from CCID USB reader

2009-05-20 Thread Hans Petter Selasky
On Tuesday 19 May 2009, Mario Pavlov wrote:
 Hi,
 I tired CURRENT and it's working for me :)
 I only have one small issue...
 when I unplug the reader pcscd goes to some sort of infinite loop
 it would print this forever:

 48111939 ccid_usb.c:491:WriteUSB() usb_bulk_write(/dev/usb//dev/ugen4.2):
 Device busy 0020 ifdwrapper.c:469:IFDStatusICC() Card not transacted:
 612
 0010 eventhandler.c:333:EHStatusHandlerThread() Error communicating to:
 ACS ACR 38U-CCID 00 00 00402930 ccid_usb.c:491:WriteUSB()
 usb_bulk_write(/dev/usb//dev/ugen4.2): Device not configured 0021
 ifdwrapper.c:469:IFDStatusICC() Card not transacted: 612
 0010 eventhandler.c:333:EHStatusHandlerThread() Error communicating to:
 ACS ACR 38U-CCID 00 00 00402953 ccid_usb.c:491:WriteUSB()
 usb_bulk_write(/dev/usb//dev/ugen4.2): Device not configured 0016
 ifdwrapper.c:469:IFDStatusICC() Card not transacted: 612
 0010 eventhandler.c:333:EHStatusHandlerThread() Error communicating to:
 ACS ACR 38U-CCID 00 00 ...

Maybe a bug in the pcsc driver.

 ...
 ...

 firefox does almost the same thing:

 [opensc-pkcs11] reader-pcsc.c:1015:pcsc_detect_readers: returning with: No
 readers found [opensc-pkcs11] reader-pcsc.c:906:pcsc_detect_readers:
 SCardEstablishContext failed: 0x8010001d [opensc-pkcs11]
 reader-pcsc.c:1015:pcsc_detect_readers: returning with: No readers found
 [opensc-pkcs11] reader-pcsc.c:906:pcsc_detect_readers:
 SCardEstablishContext failed: 0x8010001d [opensc-pkcs11]
 reader-pcsc.c:1015:pcsc_detect_readers: returning with: No readers found
 ...
 ...
 ...

 I guess this is not FreeBSD's fault, is it ?

If the usb device /dev/usb/xxx for your device is not accessible to firefox 
then firefox can't open it.

--HPS
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: Backing up FreeBSD and other Unix systems securely

2009-05-20 Thread Valentin Bud
On Mon, May 18, 2009 at 9:38 PM, Karl Vogel
vogelke+u...@pobox.comvogelke%2bu...@pobox.com
 wrote:

  On Sun, 17 May 2009 09:12:57 -0700,
  Kelly Jones kelly.terry.jo...@gmail.com said:

 K I like this plan because it does versioned backups, and doesn't backup
 K identical files twice. I dislike it because I lose Mozy's unlimited disk
 K space.

 K % Is there software that already does this?

   I have a 3-Tbyte server running FreeBSD-6.1 that does something very
   similar.  I don't bother with encrypting the filenames or hashes
   because we control the box, and if I'm not at work, other admins
   might need to restore something quickly.

   We have around 3.7 million files from 5 other servers backed up
   under two 1.5-Tbyte filesystems, /mir01 and /mir02.  My setup looks
   like this:

 +-mir01
 |  +-HASH
 |  |  +-00
 |  |  |  +-00
 |  |  |  +-01
  ...
 |  |  +-01
   ...
 |  |  +-fe
 |  |  +-ff
 |  +-server1
 |  +-server2
 +-mir02
 |  +-HASH
 |  +-server3
 |  +-server4
 |  +-server5

   The HASH directories have two levels of subdirectories 00-ff.
   That's been more than sufficient to keep directories from getting
   too big; I average around 25 files per directory.

   I do hourly backups on the other fileservers using something like the
   find and timestamp method you mentioned, but I ignore 0-length files
   because they always hash to the same value.  The backup directories
   for the second fileserver look like this for 5 May 2009:

 +-mir01
 |  +-server2
 |  |  +-2009
 |  |  |  +-0505
 |  |  |  |  +-070700
 |  |  |  |  |  +-doc  (filesystem)
 |  |  |  |  |  +-home
 |  |  |  |  +-080700
 |  |  |  |  |  +-doc
 |  |  |  |  |  +-home
 ...
 |  |  |  |  +-190700
 |  |  |  |  |  +-home

   After the backups are rsynced to the backup server, I find any regular
   files with only one link, compute the RMD160 hash of the contents, and
   make a hardlink to the appropriate filename under the HASH directory.
   People love to make copies of copies of files, so this really cuts down
   on the disk space used.

   The hardlinks make it easy to avoid restoring things that aren't what
   the user had in mind; if a file's been corrupted, I can tell when it
   happened just by looking at the inode, so I don't restore an earlier
   version that's also junk.  I can also tell if there were duplicates
   anywhere on the fileserver at the time the user lost the good version;
   it's a lot faster for them to get a known good copy from somewhere
   else on the fileserver than it is to restore over the network.

   The software is just a few scripts to do things like find files with
   just one link, compute hashes, do hardlinks, etc.  I can put up a tarball
   if anyone's interested.


Hello Kelly,

 I am doing something similar at a company i work for. I would be interested
to see your scripts
to make a comparison.

thanks,
v


 --
 Karl Vogel  I don't speak for the USAF or my company

 The best way for the Government to maintain its credit is to pay as it
 goes-not by resorting to loans, but by keeping out of debt-through an
 adequate income secured by a system of taxation, external or internal,
 or both.  --Pres. William McKinley's First Inaugural Address, March 4, 1897
 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to 
 freebsd-questions-unsubscr...@freebsd.org




-- 
network warrior since 2005
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: jail's adjkerntz

2009-05-20 Thread v
On Wed, May 20, 2009 at 1:42 PM, alexus ale...@gmail.com wrote:
 inside of my jail i get following emails...

 adjkerntz[25058]: sysctl(set: machdep.adjkerntz): Operation not permitted

 i dont remember getting these before...
 i did changed time zone recently though...


you have changed time zone in the hostOS or in the jail?



 --
 http://alexus.org/
 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: jail's adjkerntz

2009-05-20 Thread Herbert J. Skuhra
2009/5/20 alexus ale...@gmail.com:
 inside of my jail i get following emails...

 adjkerntz[25058]: sysctl(set: machdep.adjkerntz): Operation not permitted

 i dont remember getting these before...
 i did changed time zone recently though...

Hi!

You can disable adjkerntz in /etc/crontab:

#1,31   0-5 *   *   *   rootadjkerntz -a

And then run '/etc/rc.d/cron restart'.

- Herbert
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: Blowfish encryption key length

2009-05-20 Thread Ivan Voras
Kelly Jones wrote:
 I want to use a random Blowfish key to encrypt files, so I did this:
 
 dd if=/dev/random of=mykey.bf count=100 bs=100
 
 to create a 10K byte mykey.bf file. I can now encrypt foo.txt by doing:
 
 openssl enc -bf -pass file:mykey.bf -in foo.txt  foo.txt.encrypted
 
 However, man enc says Blowfish and RC5 algorithms use a 128 bit key.
 
 Does this mean mykey.bf could've been just 16 bytes (128 bits) long?

Yes.

 Or am I misunderstanding the word key here?

That's how block ciphers work, nothing special here. Keys must be of the
size(s) supported by the algorithm.

If you read the openssl manual more closely, it says it expects the
password file to be a text file, containing lines of text, and the first
line will be used for encrypting. It will most likely hash the password
thus retrieved into a suitable key for the cipher.



signature.asc
Description: OpenPGP digital signature


Re: jail's adjkerntz

2009-05-20 Thread Daniel Bye
On Wed, May 20, 2009 at 11:31:46AM +0200, Herbert J. Skuhra wrote:
 2009/5/20 alexus ale...@gmail.com:
  inside of my jail i get following emails...
 
  adjkerntz[25058]: sysctl(set: machdep.adjkerntz): Operation not permitted
 
  i dont remember getting these before...
  i did changed time zone recently though...
 
 Hi!
 
 You can disable adjkerntz in /etc/crontab:
 
 #1,31   0-5 *   *   *   rootadjkerntz -a
 
 And then run '/etc/rc.d/cron restart'.

No need. cron wakes up every minute and reads all known crontabs afresh,
including the system one in /etc/crontab.

-- 
Daniel Bye
 _
  ASCII ribbon campaign ( )
 - against HTML, vCards and  X
- proprietary attachments in e-mail / \


pgp2c62KmrrkP.pgp
Description: PGP signature


Xorg manual configuration

2009-05-20 Thread freebsd-questions
I haven't got any response to Xorg in a jail, so I'll try and wing it... That 
said, I do need some help trying to figure out how to:

1. Determine exactly what Xorg is probing for (what details it needs, etc). So 
far I think I need memory address ranges, chipsets, etc. Found a lot of stuff 
in the log, but I'm not sure if its enough or all I need.

2. Then take the details and set them out in the Xorg.conf. (VideoAdaptor 
Section?)

What I'm finding really annoying is why the manual configuration systems are 
completely unavailable as of now. I remember my first crack at getting X 
running on a 4.3 system, and having to go through screens of configurations for 
the monitor, card, inputs, etc. Ok, its cool now that we don't need to do this 
anymore, but it does kill things if you're trying this in a system which is 
restrictive.

From all the info I gathered so far /dev/io is used for the probing. IF the 
details are entered manually, then surely this would mean it doesn't need io. 
I'm still not sure what to do about /dev/mem and /dev/kmem.

This is just an experiment- please do humour me and let me have my fun trying 
to bang my head even against the brick wall- who knows? Maybe I'll get 
somewhere... :)

 Msg sent via @Mail - http://atmail.com/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: apache not starting on reboot

2009-05-20 Thread Mel Flynn
On Monday 18 May 2009 10:55:00 Odhiambo  ワシントン wrote:
 On Mon, May 18, 2009 at 11:03 AM, Brent Clark 
brentgclarkl...@gmail.comwrote:
  Hiya
 
  I have the following in my /etc/rc.conf
 
  mitm# cat /etc/rc.conf | grep apache
  apache22_enable=YES
  mitm#
 
  The problem I seem to be experiencing is that if I reboot the machine,
  then apache does not come up. Its only on when I run
 
  /usr/local/etc/rc.d/apache22 restart
 
  that apache is running and available.
 
  If anyone could assist me on where I went wrong or on what route and / or
  path to look, I would be most grateful.

 Start by looking at /var/log/messages

Better yet, /var/log/httpd-error.log. On restart, does it give a apache not 
running? message or is it running, but not responding to requests?
-- 
Mel
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: proftpd TLS

2009-05-20 Thread Mel Flynn
On Tuesday 19 May 2009 21:18:48 alexus wrote:
 On Tue, May 19, 2009 at 2:26 PM, Mehul Ved mehul.n@gmail.com wrote:
  On Tue, May 19, 2009 at 11:14 PM, alexus ale...@gmail.com wrote:
  i start it as a root, but it switchs to non-root
 
  nobody 52346  0.0  0.1 11820  4208  ??  SsJ  Sun06PM   0:00.66
  proftpd: (accepting connections) (proftpd)
 
  Check the value for 'user' in proftpd.conf. It will be nobody. Change
  it to root.
 
  --
 
  Dyslexics have more fnu.  - http://kingsly.net/tmp/fortune.php/1242364116

 wouldn't it sort of make it more risky in terms of security to run
 ftpd as root vs nobody?
 in general daemon do not run as root and thats for a reason..

Yes, don't do it. Is proftpd started as root? Then this shouldn't occur, 
although a forum post[1] suggests that mod_cap can fiddle with this.

[1] http://forums.proftpd.org/smf/index.php?topic=1315.0
-- 
Mel
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: Limiting resources in cron jobs

2009-05-20 Thread Mel Flynn
On Saturday 16 May 2009 19:27:22 Kirk Strauser wrote:

 www:\

  :cputime=300:\
  :tc=default:

 I've run cap_mkdb /etc/login.conf to make that live.  Then, I used
 vipw to change www's class:

 www:*:80:80:www:0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin

 However, I can trigger the error condition and watch the child
 Ghostscript process run for 6-7 minutes before I kill it.

Check with top what the CPU time is, it's not the same as the wall clock.
-- 
Mel
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: synchronize time

2009-05-20 Thread Mel Flynn
On Tuesday 19 May 2009 15:08:35 Greg Larkin wrote:
 Mel Flynn wrote:
  On Saturday 16 May 2009 18:02:13 Roy Stuivenberg wrote:
  Hi Mel,
 
  /etc/ntp.conf is empty.
 
  You'd need a server...Just one line is enough, f.e.:
  echo 'server ntp.xs4all.nl' /etc/ntp.conf

 Hi all,

 I have been using the ntp.org server pool successfully.  There are
 instructions for configuring your NTP server to connect to it here:

 http://www.pool.ntp.org/en/use.html

I know about these, but they suffer from the same bug as Slashdot comments and 
Wikipedia: everybody's an expert syndrome.
Also, Xs4all is a dutch provider, running FreeBSD since Windriver dumped BSDi.
-- 
Mel
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: FreeBSD 7.1 opencrypto -- kern.cryptodevallowsoft

2009-05-20 Thread Brendan Kennedy
 openssl speed -evp des-ede3-cbc -engine cryptodev

works! thanks Brian.

looking for that patch now...

2009/5/19 Patrick Lamaizière patf...@davenulle.org:
 Le Tue, 19 May 2009 14:25:24 +0100,
 Brendan Kennedy brendan.kenn...@gmail.com:

 Agreed! The driver doesn't seem to be getting executed through
 OpenSSH/OpenSSL for ssh session setup either (it used to work that way
 on FreeBSD 6.2, I don't know if this feature has been left up to the
 user to enable in FreeBSD 7.x??).

 This is a known problem, you must patch openssl to make it work with
 cryptodev on FreeBSD 7.x (8.x).

 There are some patchs, but I don't find them right now... Check the PR
 database and the mailing lists.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: proftpd TLS

2009-05-20 Thread alexus
On Wed, May 20, 2009 at 7:46 AM, Mel Flynn
mel.flynn+fbsd.questi...@mailing.thruhere.net wrote:
 On Tuesday 19 May 2009 21:18:48 alexus wrote:
 On Tue, May 19, 2009 at 2:26 PM, Mehul Ved mehul.n@gmail.com wrote:
  On Tue, May 19, 2009 at 11:14 PM, alexus ale...@gmail.com wrote:
  i start it as a root, but it switchs to non-root
 
  nobody 52346  0.0  0.1 11820  4208  ??  SsJ  Sun06PM   0:00.66
  proftpd: (accepting connections) (proftpd)
 
  Check the value for 'user' in proftpd.conf. It will be nobody. Change
  it to root.
 
  --
 
  Dyslexics have more fnu.  - http://kingsly.net/tmp/fortune.php/1242364116

 wouldn't it sort of make it more risky in terms of security to run
 ftpd as root vs nobody?
 in general daemon do not run as root and thats for a reason..

 Yes, don't do it. Is proftpd started as root? Then this shouldn't occur,
 although a forum post[1] suggests that mod_cap can fiddle with this.

 [1] http://forums.proftpd.org/smf/index.php?topic=1315.0
 --
 Mel


if i set User in proftpd.conf to root, then it runs as a root
the other thing is mod_cap has something to do with Linux compatibility w/ POSIX
I run FreeBSD...

-- 
http://alexus.org/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: proftpd TLS

2009-05-20 Thread alexus
On Wed, May 20, 2009 at 10:13 AM, alexus ale...@gmail.com wrote:
 On Wed, May 20, 2009 at 7:46 AM, Mel Flynn
 mel.flynn+fbsd.questi...@mailing.thruhere.net wrote:
 On Tuesday 19 May 2009 21:18:48 alexus wrote:
 On Tue, May 19, 2009 at 2:26 PM, Mehul Ved mehul.n@gmail.com wrote:
  On Tue, May 19, 2009 at 11:14 PM, alexus ale...@gmail.com wrote:
  i start it as a root, but it switchs to non-root
 
  nobody 52346  0.0  0.1 11820  4208  ??  SsJ  Sun06PM   0:00.66
  proftpd: (accepting connections) (proftpd)
 
  Check the value for 'user' in proftpd.conf. It will be nobody. Change
  it to root.
 
  --
 
  Dyslexics have more fnu.  - http://kingsly.net/tmp/fortune.php/1242364116

 wouldn't it sort of make it more risky in terms of security to run
 ftpd as root vs nobody?
 in general daemon do not run as root and thats for a reason..

 Yes, don't do it. Is proftpd started as root? Then this shouldn't occur,
 although a forum post[1] suggests that mod_cap can fiddle with this.

 [1] http://forums.proftpd.org/smf/index.php?topic=1315.0
 --
 Mel


 if i set User in proftpd.conf to root, then it runs as a root
 the other thing is mod_cap has something to do with Linux compatibility w/ 
 POSIX
 I run FreeBSD...

 --
 http://alexus.org/


for test purposes i set it to root, but even with that i'm unable to
connect to ftp and my tls.log says following

May 20 10:16:58 mod_tls/2.2.1[41536]: error locking passphrase into
memory: Operation not permitted
May 20 10:16:58 mod_tls/2.2.1[41536]: using default OpenSSL
verification locations (see $SSL_CERT_DIR environment variable)
May 20 10:16:58 mod_tls/2.2.1[41536]: TLS/TLS-C requested, starting
TLS handshake
May 20 10:17:01 mod_tls/2.2.1[41536]: TLSv1/SSLv3 connection accepted,
using cipher DHE-RSA-AES256-SHA (256 bits)
May 20 10:17:01 mod_tls/2.2.1[41536]: Protection set to Private

and it hangs...

-- 
http://alexus.org/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: Limiting resources in cron jobs

2009-05-20 Thread Kirk Strauser

On May 20, 2009, at 7:00 AM, Mel Flynn wrote:

Check with top what the CPU time is, it's not the same as the wall  
clock.



Give me *some* credit. :-)
--
Kirk Strauser




___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: proftpd TLS

2009-05-20 Thread alexus
On Wed, May 20, 2009 at 10:18 AM, alexus ale...@gmail.com wrote:
 On Wed, May 20, 2009 at 10:13 AM, alexus ale...@gmail.com wrote:
 On Wed, May 20, 2009 at 7:46 AM, Mel Flynn
 mel.flynn+fbsd.questi...@mailing.thruhere.net wrote:
 On Tuesday 19 May 2009 21:18:48 alexus wrote:
 On Tue, May 19, 2009 at 2:26 PM, Mehul Ved mehul.n@gmail.com wrote:
  On Tue, May 19, 2009 at 11:14 PM, alexus ale...@gmail.com wrote:
  i start it as a root, but it switchs to non-root
 
  nobody 52346  0.0  0.1 11820  4208  ??  SsJ  Sun06PM   0:00.66
  proftpd: (accepting connections) (proftpd)
 
  Check the value for 'user' in proftpd.conf. It will be nobody. Change
  it to root.
 
  --
 
  Dyslexics have more fnu.  - http://kingsly.net/tmp/fortune.php/1242364116

 wouldn't it sort of make it more risky in terms of security to run
 ftpd as root vs nobody?
 in general daemon do not run as root and thats for a reason..

 Yes, don't do it. Is proftpd started as root? Then this shouldn't occur,
 although a forum post[1] suggests that mod_cap can fiddle with this.

 [1] http://forums.proftpd.org/smf/index.php?topic=1315.0
 --
 Mel


 if i set User in proftpd.conf to root, then it runs as a root
 the other thing is mod_cap has something to do with Linux compatibility w/ 
 POSIX
 I run FreeBSD...

 --
 http://alexus.org/


 for test purposes i set it to root, but even with that i'm unable to
 connect to ftp and my tls.log says following

 May 20 10:16:58 mod_tls/2.2.1[41536]: error locking passphrase into
 memory: Operation not permitted
 May 20 10:16:58 mod_tls/2.2.1[41536]: using default OpenSSL
 verification locations (see $SSL_CERT_DIR environment variable)
 May 20 10:16:58 mod_tls/2.2.1[41536]: TLS/TLS-C requested, starting
 TLS handshake
 May 20 10:17:01 mod_tls/2.2.1[41536]: TLSv1/SSLv3 connection accepted,
 using cipher DHE-RSA-AES256-SHA (256 bits)
 May 20 10:17:01 mod_tls/2.2.1[41536]: Protection set to Private

 and it hangs...

 --
 http://alexus.org/


actually, I take it back, I can connect even though I'm seeing this message

error locking passphrase into memory: Operation not permitted

but i guess my main concern it not to run it as root now

-- 
http://alexus.org/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: proftpd TLS

2009-05-20 Thread Mel Flynn
On Wednesday 20 May 2009 16:13:15 alexus wrote:
 On Wed, May 20, 2009 at 7:46 AM, Mel Flynn

 mel.flynn+fbsd.questi...@mailing.thruhere.net wrote:
  On Tuesday 19 May 2009 21:18:48 alexus wrote:
  On Tue, May 19, 2009 at 2:26 PM, Mehul Ved mehul.n@gmail.com wrote:
   On Tue, May 19, 2009 at 11:14 PM, alexus ale...@gmail.com wrote:
   i start it as a root, but it switchs to non-root
  
   nobody 52346  0.0  0.1 11820  4208  ??  SsJ  Sun06PM   0:00.66
   proftpd: (accepting connections) (proftpd)
  
   Check the value for 'user' in proftpd.conf. It will be nobody. Change
   it to root.
  
   --
  
   Dyslexics have more fnu.  -
   http://kingsly.net/tmp/fortune.php/1242364116
 
  wouldn't it sort of make it more risky in terms of security to run
  ftpd as root vs nobody?
  in general daemon do not run as root and thats for a reason..
 
  Yes, don't do it. Is proftpd started as root? Then this shouldn't occur,
  although a forum post[1] suggests that mod_cap can fiddle with this.
 
  [1] http://forums.proftpd.org/smf/index.php?topic=1315.0
  --
  Mel

 if i set User in proftpd.conf to root, then it runs as a root

I said *start* as root. Theoretically, the pass phrase part for your 
certificate comes before dropping privileges. But maybe there's a bug in the 
code. Is proftpd running jailed or not?

-- 
Mel
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: Limiting resources in cron jobs

2009-05-20 Thread Mel Flynn
On Wednesday 20 May 2009 16:18:28 Kirk Strauser wrote:
 On May 20, 2009, at 7:00 AM, Mel Flynn wrote:
  Check with top what the CPU time is, it's not the same as the wall
  clock.

 Give me *some* credit. :-)

Sorry, haven't you heard? Financial crisis ;)
Are you sure cron respects login.conf? I don't see it mentioned in the man 
page. Have you tried modifying the offending crontab to run using limits(1) 
program?

AFAIK, cron doesn't use login(1) or underlying infrastructure, yet it uses 
pam.
-- 
Mel
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


No sound backend in kde4

2009-05-20 Thread Antonio Rieser
Hi,

I recently (re)-installed kde4.1 from packages, and I now see nothing
in the system settings/audio/backend, although I know that at least
Jack is installed (from ports), and before I reinstalled, I had three
options there. As a result, Juk does not even pretend to play files,
although YouTube, Mplayer play sound fine.  Please help!

Thanks in advance,

  Antonio Rieser
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


pthread_detach doesn't release memory

2009-05-20 Thread Peter Steele
I create a thread using something like this: 

pthread_t thread; 
pthread_create(thread, NULL, mythread, NULL); 
pthread_detach(thread); 

I use the detach because I want to make sure the thread's resource are 
reclaimed when the thread completes. However, this does not seem to work. Each 
time I create a thread the application's memory footprint grows by 128 bytes 
and this memory is never released. 

Am I doing this right? 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: Lenovo s9e or well supported netbook

2009-05-20 Thread Peter Harrison
Tuesday, 19 May 2009 at  6:38:05 -0600, Tim Judd said:
 On Tue, May 19, 2009 at 5:32 AM, Peter Harrison
 peter.piggy...@virgin.netwrote:
 
  Is anyone running FreeBSD on a Lenovo s9e? I'm in the market for a netbook,
  and have seen these fairly cheap but can't find anything on Google about
  anyone trying FreeBSD on one.
 
  I'd rather not run Linux, so can anyone share experiences of the Lenovo, or
  suggest a better supported netbook?
 
  Thanks,
 
  Peter Harrison
 
 
 
 Look at the T-series.  Google can probably confirm the general answer that
 they run unixen well.  The X series I think work, but you might and might
 not have better success with them.
 
 I use BSD on a Lenovo T60 with no problems. The USB bio-reader isn't
 recognized and sometimes the wpi0 looses it's link (but it looses it
 sometimes in Windows too).  Bring the link back up by
   ifconfig wpi0 up scan
 
 I don't know about the other series, but the T and X have got lots of google
 hits last time I checked.

Thanks for the suggestion Tim - and everyone else who replied. Sorry for not 
responding earlier.

I can certainly pick up a T23 reasonably cheaply, but I was thinking more of 
something kind of netbook sized - ie. with a 9in screen. Something that's a bit 
easier to lug around.

The s9e runs an Intel 945GSE chipset apparently. Any thoughts on that?

Thanks for the help.


Peter Harrison.
 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: compiling FreeBSD date on Linux

2009-05-20 Thread francis keyes
Hmm... the date program looks pretty simple but I don't understand the
Makfile:

#@(#)Makefile8.1 (Berkeley) 5/31/93
# $FreeBSD: src/bin/date/Makefile,v 1.11.30.1 2009/04/15 03:14:26 kensmith
Exp $

PROG=date
SRCS=date.c netdate.c vary.c
DPADD=${LIBUTIL}
LDADD=-lutil

.include bsd.prog.mk


Would it be possible to compile this without a makefile?


On Tue, May 19, 2009 at 9:38 PM, Chuck Robey chu...@telenix.org wrote:

 Polytropon wrote:
  On Tue, 19 May 2009 18:19:21 -0300, francis keyes fke...@gmail.com
 wrote:
  I would like to compile the FreeBSD date command for use on Linux
 because
  the FreeBSD version has some features that are not present in Linux.
  I downloaded all the files from
  http://www.freebsd.org/cgi/cvsweb.cgi/src/bin/date/ and tried to
 compile it
  but I get an error from the Makefile:
  Makefile:9: *** missing separator.  Stop.
 
  First of all, it seems that it's not that easy. FreeBSD's make
  is, if I am correct, a different one than the Linux make. It
  uses - if you look into date's Makefile, an include file,
  named bsd.prog.mk which is located outside of the date/ directory,
  this is /usr/share/mk/bsd.prog.mk or /usr/src/share/mk/bsd.prog.mk
  or /usr/src/tools/build/mk/bsd.prog.mk. You could try to write
  an own Makefile on Linux, or try to work without one...
 
 
 
  I suspect this is the first of many errors I will run into during this
  process.  Can anyone help me out with this or tell me if there is an
 easier
  way to get this version of the date command running in Linux?
 
  I'm not sure, but it's possible that FreeBSD can be used to
  compile date so it will run on Linux (cross-compier). Because
  I never tried this, I can't tell you how to achieve this.
 
  Furthermore, I'm not sure in how far date hooks into the FreeBSD
  kernel in order to work. It's completely possible that it would
  be easier to implement FreeBSD's date functionality in Linux's
  date command itself (from scratch).

 The code isn't all that hard to port, unless you're at a very basic level
 with
 C.  The compatibility level between the BSD Make (bmake) and the GNU Make
 (gmake) isn't all that great.  One killer problem is that gmake hasn't got
 any
 concept of a single central include directory, for automatically building
 up a
 per machine make environment.  Gmake can do the including (using a protocol
 which is unfortunately different than that of bmake) BUT you can't just
 rely on
 gmake looking into the bmake central directory (/usr/share/mk) for make
 include
 files.  All of those are named like bsd.port.mk, in that they all begin
 with
 bsd. and end in .mk, and there isn't any portability between bmake and
 gmake
 on those include files.  I have personally (in the past) written up a set
 of
 gmake compatible include files, so it CAN be done, but you getter have your
 hard
 hat on, it's not all that simple to do.

 The various timing commands in either the bsd libc or the Linux glibc look
 much
 alike, so the porting isn't all that hard, once you conquer the makefiles.

 


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: pthread_detach doesn't release memory

2009-05-20 Thread Steve Polyack

Peter Steele wrote:
I create a thread using something like this: 

pthread_t thread; 
pthread_create(thread, NULL, mythread, NULL); 
pthread_detach(thread); 

I use the detach because I want to make sure the thread's resource are reclaimed when the thread completes. However, this does not seem to work. Each time I create a thread the application's memory footprint grows by 128 bytes and this memory is never released. 

Am I doing this right? 

  

From man pthread_detach:

The *pthread_detach*() function indicates that system resources for the 
specified /thread/ should be reclaimed when the thread ends. If the 
thread is already ended, resources are reclaimed immediately. *This 
routine does not cause the thread to end.


*So, unless your 'mythread' routine has successfully completed, the 
associated resources will not be reclaimed.


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: compiling FreeBSD date on Linux

2009-05-20 Thread Roland Smith
On Wed, May 20, 2009 at 02:45:59PM -0300, francis keyes wrote:
 Hmm... the date program looks pretty simple but I don't understand the
 Makfile:
 
 #@(#)Makefile8.1 (Berkeley) 5/31/93
 # $FreeBSD: src/bin/date/Makefile,v 1.11.30.1 2009/04/15 03:14:26 kensmith
 Exp $
 
 PROG=date
 SRCS=date.c netdate.c vary.c
 DPADD=${LIBUTIL}
 LDADD=-lutil
 
 .include bsd.prog.mk
 
 
 Would it be possible to compile this without a makefile?

Sure. A command like gcc -o date date.c netdate.c vary.c works,
provided you patch date.c to remove the dependency on libutil (logwtmp
function). This will stop date from logging to wtmp(5).

- patch for date.c -
--- date.c.orig 2009-05-04 22:09:01.0 +0200
+++ date.c  2009-05-20 21:05:32.0 +0200
@@ -48,7 +48,7 @@
 #include ctype.h
 #include err.h
 #include locale.h
-#include libutil.h
+/*#include libutil.h*/
 #include stdio.h
 #include stdlib.h
 #include string.h
@@ -274,12 +274,12 @@
if (!jflag) {
/* set the time */
if (nflag || netsettime(tval)) {
-   logwtmp(|, date, );
+   /*logwtmp(|, date, );*/
tv.tv_sec = tval;
tv.tv_usec = 0;
if (settimeofday(tv, (struct timezone *)NULL))
err(1, settimeofday (timeval));
-   logwtmp({, date, );
+   /*logwtmp({, date, );*/
}
 
if ((p = getlogin()) == NULL)
- patch for date.c -

With this patch, the executable only depends on libc.

Note that I have only confirmed that it compiles _on FreeBSD_. There
might be additional differences between FreeBSD libc and the GNU libc
that is used on Linux that make further tinkering with the source necessary.

Roland
-- 
R.F.Smith   http://www.xs4all.nl/~rsmith/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914  B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)


pgpUB7NIpGWOc.pgp
Description: PGP signature


Re: pthread_detach doesn't release memory

2009-05-20 Thread Dan Nelson
In the last episode (May 20), Peter Steele said:
 I create a thread using something like this: 
 
 pthread_t thread; 
 pthread_create(thread, NULL, mythread, NULL); 
 pthread_detach(thread); 
 
 I use the detach because I want to make sure the thread's resource are
 reclaimed when the thread completes.  However, this does not seem to work. 
 Each time I create a thread the application's memory footprint grows by
 128 bytes and this memory is never released.

Are you malloc'ing some data in your thread and not freeing it before
exiting?  pthread_detach simply lets the system discard the thread when it
exits instead of preserving the return code (for pthread_join to retrieve). 
It isn't responsible for freeing all memory allocated by the thread, and it
shouldn't, since one thread may allocate memory that another thread frees
later.

-- 
Dan Nelson
dnel...@allantgroup.com
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: compiling FreeBSD date on Linux

2009-05-20 Thread Mel Flynn
On Wednesday 20 May 2009 19:45:59 francis keyes wrote:
 Hmm... the date program looks pretty simple but I don't understand the
 Makfile:

 #@(#)Makefile8.1 (Berkeley) 5/31/93
 # $FreeBSD: src/bin/date/Makefile,v 1.11.30.1 2009/04/15 03:14:26 kensmith
 Exp $

 PROG=date
 SRCS=date.c netdate.c vary.c
 DPADD=${LIBUTIL}
 LDADD=-lutil

 .include bsd.prog.mk


 Would it be possible to compile this without a makefile?

This is because the under appreciated FreeBSD make system does a *lot* of work 
for you.

- You need libutil: /usr/src/lib/libutil or (probably faster), see which 
functions from libutil date uses and re-implement them.
- Resolve header issues in the above source files
- And then it's most likely easiest to use cmake or autotools on linux to 
compile.

-- 
Mel
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: compiling FreeBSD date on Linux

2009-05-20 Thread Polytropon
On Wed, 20 May 2009 14:45:59 -0300, francis keyes fke...@gmail.com wrote:
 Hmm... the date program looks pretty simple but I don't understand the
 Makfile:
 
 #@(#)Makefile8.1 (Berkeley) 5/31/93
 # $FreeBSD: src/bin/date/Makefile,v 1.11.30.1 2009/04/15 03:14:26 kensmith
 Exp $
 
 PROG=date

The final program name.



 SRCS=date.c netdate.c vary.c

The source files it depends on.



 DPADD=${LIBUTIL}

Needs to compile what ${LIBUTIL} point to, usually the
libutil directory in the src/ tree.



 LDADD=-lutil

Additional info for the linker: link against libutil.
This indicates that libutil is a build dependency for
the date program.



 .include bsd.prog.mk

Definitions, variables and what to do is there.



 Would it be possible to compile this without a makefile?

That was my initial idea. The date program seems to depend
on two things: First the kernel interface which would be
something similar in Linux, and the libutil library, which
is maybe present on Linux, too.




-- 
Polytropon
From Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: pthread_detach doesn't release memory

2009-05-20 Thread Peter Steele
I should have provided a little more detail. Even if I strip my thread function 
down to nothing more than this: 

void *mythread(void* param) 
{ 
pthread_exit(NULL); 
} 

my application still grows by 128 bytes each time I spawn a thread with this 
function. There is no explicit memory for me to deallocate, and my 
understanding was that by using pthread_detach then any temporary structures 
allocated by the OS would be released when the thread terminates. This doesn't 
seem to be the case though, so I'm assuming I'm doing something wrong but I do 
not know what. 

I use the follow simple app to test this behavior: 

int main() 
{ 
getchar(); 
pthread_t thread; 
pthread_create(thread, NULL, mythread, NULL); 
getchar(); 
printf(done); 
getchar(); 
} 

When I hit the first getchar, I check the application's size using ps from 
another terminal window. It shows 12312k. I then allow the application to 
proceed to the next getchar, and again check its size with ps. It shows 12440k. 
Finally, I let it proceed to the final getchar, and again ps shows 12440k. Even 
if I wait a while the size remains at 12440, and if I create additional 
threads, then each one adds to the application's footprint. 

What am I missing? 


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: jail's adjkerntz

2009-05-20 Thread alexus
On Wed, May 20, 2009 at 3:34 AM, v lvea...@gmail.com wrote:
 On Wed, May 20, 2009 at 1:42 PM, alexus ale...@gmail.com wrote:
 inside of my jail i get following emails...

 adjkerntz[25058]: sysctl(set: machdep.adjkerntz): Operation not permitted

 i dont remember getting these before...
 i did changed time zone recently though...


 you have changed time zone in the hostOS or in the jail?



 --
 http://alexus.org/
 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org



jail's

-- 
http://alexus.org/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: jail's adjkerntz

2009-05-20 Thread alexus
On Wed, May 20, 2009 at 5:31 AM, Herbert J. Skuhra h.sku...@gmail.com wrote:
 2009/5/20 alexus ale...@gmail.com:
 inside of my jail i get following emails...

 adjkerntz[25058]: sysctl(set: machdep.adjkerntz): Operation not permitted

 i dont remember getting these before...
 i did changed time zone recently though...

 Hi!

 You can disable adjkerntz in /etc/crontab:

 #1,31   0-5     *       *       *       root    adjkerntz -a

 And then run '/etc/rc.d/cron restart'.

 - Herbert
 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


would it brake something?
i didn't find it in manual, if this is normal shouldn't it be cover there?

-- 
http://alexus.org/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: compiling FreeBSD date on Linux

2009-05-20 Thread Mel Flynn

#warning Pedantic mode on
#define TOPIC BSD build system tricks

On Wednesday 20 May 2009 21:57:02 Polytropon wrote:

  DPADD=${LIBUTIL}

 Needs to compile what ${LIBUTIL} point to, usually the
 libutil directory in the src/ tree.

This is the actual build dependency and the var is defined in bsd.libnames.mk.


  LDADD=-lutil

 Additional info for the linker: link against libutil.
 This indicates that libutil is a build dependency for
 the date program.

It's a linker statement, while it's logical that libutil has to be built 
before it can be linked against, this does in fact not have to be the same 
libutil, so what this line really cares about is that libutil.so or libutil.a 
is resolvable via the various linker rules.

One can in fact do:
LDFLAGS=-L/usr/local/lib
LDADD=${LIBUTIL} -lutil

This will link the static libutil from bsd.libnames.mk and then try to link 
with /usr/local/lib/libutil.so, before looking elsewhere.

-- 
Mel
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: proftpd TLS

2009-05-20 Thread alexus
On Wed, May 20, 2009 at 10:47 AM, Mel Flynn
mel.flynn+fbsd.questi...@mailing.thruhere.net wrote:
 On Wednesday 20 May 2009 16:13:15 alexus wrote:
 On Wed, May 20, 2009 at 7:46 AM, Mel Flynn

 mel.flynn+fbsd.questi...@mailing.thruhere.net wrote:
  On Tuesday 19 May 2009 21:18:48 alexus wrote:
  On Tue, May 19, 2009 at 2:26 PM, Mehul Ved mehul.n@gmail.com wrote:
   On Tue, May 19, 2009 at 11:14 PM, alexus ale...@gmail.com wrote:
   i start it as a root, but it switchs to non-root
  
   nobody 52346  0.0  0.1 11820  4208  ??  SsJ  Sun06PM   0:00.66
   proftpd: (accepting connections) (proftpd)
  
   Check the value for 'user' in proftpd.conf. It will be nobody. Change
   it to root.
  
   --
  
   Dyslexics have more fnu.  -
   http://kingsly.net/tmp/fortune.php/1242364116
 
  wouldn't it sort of make it more risky in terms of security to run
  ftpd as root vs nobody?
  in general daemon do not run as root and thats for a reason..
 
  Yes, don't do it. Is proftpd started as root? Then this shouldn't occur,
  although a forum post[1] suggests that mod_cap can fiddle with this.
 
  [1] http://forums.proftpd.org/smf/index.php?topic=1315.0
  --
  Mel

 if i set User in proftpd.conf to root, then it runs as a root

 I said *start* as root. Theoretically, the pass phrase part for your
 certificate comes before dropping privileges. But maybe there's a bug in the
 code. Is proftpd running jailed or not?

 --
 Mel


yes, proftpd runs inside of jail

-- 
http://alexus.org/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: proftpd TLS

2009-05-20 Thread alexus
On Wed, May 20, 2009 at 4:57 PM, alexus ale...@gmail.com wrote:
 On Wed, May 20, 2009 at 10:47 AM, Mel Flynn
 mel.flynn+fbsd.questi...@mailing.thruhere.net wrote:
 On Wednesday 20 May 2009 16:13:15 alexus wrote:
 On Wed, May 20, 2009 at 7:46 AM, Mel Flynn

 mel.flynn+fbsd.questi...@mailing.thruhere.net wrote:
  On Tuesday 19 May 2009 21:18:48 alexus wrote:
  On Tue, May 19, 2009 at 2:26 PM, Mehul Ved mehul.n@gmail.com wrote:
   On Tue, May 19, 2009 at 11:14 PM, alexus ale...@gmail.com wrote:
   i start it as a root, but it switchs to non-root
  
   nobody 52346  0.0  0.1 11820  4208  ??  SsJ  Sun06PM   0:00.66
   proftpd: (accepting connections) (proftpd)
  
   Check the value for 'user' in proftpd.conf. It will be nobody. Change
   it to root.
  
   --
  
   Dyslexics have more fnu.  -
   http://kingsly.net/tmp/fortune.php/1242364116
 
  wouldn't it sort of make it more risky in terms of security to run
  ftpd as root vs nobody?
  in general daemon do not run as root and thats for a reason..
 
  Yes, don't do it. Is proftpd started as root? Then this shouldn't occur,
  although a forum post[1] suggests that mod_cap can fiddle with this.
 
  [1] http://forums.proftpd.org/smf/index.php?topic=1315.0
  --
  Mel

 if i set User in proftpd.conf to root, then it runs as a root

 I said *start* as root. Theoretically, the pass phrase part for your
 certificate comes before dropping privileges. But maybe there's a bug in the
 code. Is proftpd running jailed or not?

 --
 Mel


 yes, proftpd runs inside of jail

 --
 http://alexus.org/


this is proftpd started as root then it switch to nobody

nobody 52346  0.0  0.1 11820  4208  ??  SsJ  Sun06PM   0:00.66
proftpd: (accepting connections) (proftpd)

SsJ = j means jail


-- 
http://alexus.org/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: jail's adjkerntz

2009-05-20 Thread Mel Flynn
On Wednesday 20 May 2009 22:56:26 alexus wrote:
 On Wed, May 20, 2009 at 5:31 AM, Herbert J. Skuhra h.sku...@gmail.com 
wrote:
  2009/5/20 alexus ale...@gmail.com:
  inside of my jail i get following emails...
 
  adjkerntz[25058]: sysctl(set: machdep.adjkerntz): Operation not
  permitted
 
  i dont remember getting these before...
  i did changed time zone recently though...
 
  Hi!
 
  You can disable adjkerntz in /etc/crontab:
 
  #1,31   0-5 *   *   *   rootadjkerntz -a
 
  And then run '/etc/rc.d/cron restart'.
 
  - Herbert
  ___
  freebsd-questions@freebsd.org mailing list
  http://lists.freebsd.org/mailman/listinfo/freebsd-questions
  To unsubscribe, send any mail to
  freebsd-questions-unsubscr...@freebsd.org

 would it brake something?
 i didn't find it in manual, if this is normal shouldn't it be cover there?

There are various things in cron and periodic that don't make sense to run in 
a jail, because a jail cannot modify kernel time and read various /dev 
devices. I have this line commented out in my jails and nothing breaks, just 
less annoying emails.

You might find this list useful as well:
# cat /data/jails/tpl/RELENG_7/etc/periodic.conf
daily_clean_rwho_enable=NO
daily_accounting_enable=NO
daily_status_disks_enable=NO
daily_status_rwho_enable=NO
daily_status_security_chksetuid_enable=NO
daily_status_security_chkmounts_enable=NO
daily_status_security_ipfwdenied_enable=NO
daily_status_security_ipfdenied_enable=NO
daily_status_security_pfdenied_enable=NO
daily_status_security_ipf6denied_enable=NO
daily_status_security_kernelmsg_enable=NO
monthly_accounting_enable=NO

-- 
Mel
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: pthread_detach doesn't release memory

2009-05-20 Thread Dan Nelson
In the last episode (May 20), Peter Steele said:
 I should have provided a little more detail. Even if I strip my thread
 function down to nothing more than this:
 
 void *mythread(void* param) 
 { 
   pthread_exit(NULL); 
 } 
 
 my application still grows by 128 bytes each time I spawn a thread with
 this function.  There is no explicit memory for me to deallocate, and my
 understanding was that by using pthread_detach then any temporary
 structures allocated by the OS would be released when the thread
 terminates.  This doesn't seem to be the case though, so I'm assuming I'm
 doing something wrong but I do not know what.
 
 I use the follow simple app to test this behavior: 
 
 int main() 
 { 
   getchar(); 
   pthread_t thread; 
   pthread_create(thread, NULL, mythread, NULL); 
   getchar(); 
   printf(done); 
   getchar(); 
 } 
 
 When I hit the first getchar, I check the application's size using ps from
 another terminal window.  It shows 12312k.  I then allow the application
 to proceed to the next getchar, and again check its size with ps.  It
 shows 12440k.  Finally, I let it proceed to the final getchar, and again
 ps shows 12440k.  Even if I wait a while the size remains at 12440, and if
 I create additional threads, then each one adds to the application's
 footprint.
 
 What am I missing? 

The free() function isn't guaranteed to release memory back to the OS; it
just makes it available to the process for another malloc().  Large
allocations that libc used mmap() to allocate memory for might actually get
returned to the OS immediately.  Small allocations are placed in pages with
similar-sized ones, and all would have to be freed before the page can be
reclaimed.  Even when the page does free, libc won't return it immediately
to the OS, to avoid extra overhead if your process calls a similar malloc()
again.

If I add a loop to your main() function, and add your missing
pthread_detach() call, here's the memory usage I see on each iteration:

 2220 
 2348 
 2476 
 2604 
 2732 
 2860 
 2860 ... no change after here

So it reached a steady state after 5 loops.

See these links for the gory details:

http://svn.freebsd.org/viewvc/base/head/lib/libc/stdlib/malloc.c?view=markup
http://people.freebsd.org/~jasone/jemalloc/bsdcan2006/jemalloc.pdf


-- 
Dan Nelson
dnel...@allantgroup.com
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: pthread_detach doesn't release memory

2009-05-20 Thread Peter Steele
If I add a loop to your main() function, and add your missing 
pthread_detach() call, here's the memory usage I see on each iteration: 

That was a typo in my posting. I in fact did use pthread_detach; the line got 
deleted as I was composing my email. 

So it reached a steady state after 5 loops. 

That was my problem. I only tested for 3 or 4 iterations; I should have when a 
few more times and I would have observed this steady. I just verified this with 
my own app. 

Thanks for helping me solve this mystery... 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: ndis0 interrrupt storm

2009-05-20 Thread Chris Whitehouse

Chris Whitehouse wrote:

Paul B. Mahol wrote:

On 5/13/09, Chris Whitehouse cwhi...@onetel.com wrote:

Paul B. Mahol wrote:

On 5/12/09, Chris Whitehouse cwhi...@onetel.com wrote:

Paul B. Mahol wrote:

Just typing bt on db prompt for now should be enough.

panic: sleeping thread
cpuid = 0
KDB: enter: panic
[thread pid 1497 tid 100073 ]
Stopped atkdb_enter+0x3a: movl$0,kdb_why
db bt
Tracing pid 1497 tid 100073 td 0xc356c900
kdb_enter(c0c3d8fa,c0c3d8fa,c0c42726,d4001b68,0,...) at kdb_enter+0x3a
panic(c0c42726,,0,cc,4,...) at panic+0x136
propagate_priority(c0d9df84,0,c0c4249e,2e1,c356d180,...) at
propagate_priority+0x18c
turnstile_wait(c356d180,c37b2240,0,18d,c34fc06c,...) at
turnstile_wait+0x44d
_mtx_lock_sleep(c34fc06c,c356c900,0,c38de072,6b4,...) at
mtx_lock_sleep+0x18e
_mtx_lock_flags(c34fc06c,0,c38de072,6b4,c089dc98,...) at
mtx_lock_flags+0xf7
ndis_ticktask(c3821700,c34fc000,c37e8e3c,c3916bd0,c38fc6e0,...) at
ndis_ticktask+0x3a
_end(c37e8e3c,d4001d38,c0c39438,333,c37ab548,...) at _end+0x321d
fork_exit(c38fc600,c37e8e3c,d4001d38) at fork_exit+0xb8
fork_trampoline() at fork_trampoline+0x8
--- trap 0, eip = 0 esp = 0xd4001d70, ebp = 0 ---


Typed by hand but I'm pretty sure it is correct.

Don't know if it is significant but repeating the panic gave quite 
a few

different values.

Post them too. If only numbers are different and stack is same that
could help even more.

Is photos ok or do you need text?


Whatever, just let it be complete.


http://www.fishercroft.plus.com/ndis.panic.bt.1
http://www.fishercroft.plus.com/ndis.panic.bt.2
http://www.fishercroft.plus.com/ndis.panic.bt.3
http://www.fishercroft.plus.com/ndis.panic.bt.4






This is on i386?


yes


has this died a death? Anything else I can do? Should I file a PR?

I don't mind waiting if something is happening, just don't want to get 
stuck in /dev/void.


Chris
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: xview problem

2009-05-20 Thread Rudolf Koenig

 and I get the same error for any other application using xview.

IMHO it is a libX11 bug. The current libX11 version is compiled with
USE_XCB, and the XCB implementation of XAllocID(dpy) (in the famous
xcb_io.c) requires you to call the (private) _XIDHandler(dpy) function
before calling it again. But our beloved XView library calls XAllocID 4
times in a row. Adding an _XIDHandler after each XAllocID in
xview/server/server.c solved the problem for me. My question is where to
post this bug, as it should be fixed in libX11 and not in libxview.

Regards,
  Rudi
-- 
View this message in context: 
http://www.nabble.com/xview-problem-tp22807229p23645545.html
Sent from the freebsd-questions mailing list archive at Nabble.com.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: proftpd TLS

2009-05-20 Thread perryh
alexus ale...@gmail.com wrote:
 ... i guess my main concern it not to run it as root now

AFAIK it is normal for a daemon to run as root if it expects to
receive login credentials:

* For any but the most minimal authentication scheme, it must be
  root to authenticate the credentials.  (A scheme which enables an
  untrusted program to authenticate login credentials is vulnerable
  to brute-force attacks.)

* Regardless of the authentication scheme, it must be root in
  order to assume the identity of the newly logged in user.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: compiling FreeBSD date on Linux

2009-05-20 Thread Giorgos Keramidas
On Wed, 20 May 2009 14:45:59 -0300, francis keyes fke...@gmail.com wrote:
 Hmm... the date program looks pretty simple but I don't understand the
 Makfile:

 #@(#)Makefile8.1 (Berkeley) 5/31/93
 # $FreeBSD: src/bin/date/Makefile,v 1.11.30.1 2009/04/15 03:14:26 kensmith
 Exp $

 PROG=date
 SRCS=date.c netdate.c vary.c
 DPADD=${LIBUTIL}
 LDADD=-lutil

 .include bsd.prog.mk

 Would it be possible to compile this without a makefile?

Yes, but you will also need bits of code from libutil.  If you have all
the necessary bits in a new file, i.e. util.c, then you should be able
to use:

cc -o date date.c netdate.c vary.c util.c

Extracting the minimal parts of libutil and writing the new util.c file
is an interesting and amusing exercise for a budding C programmer, but
it should be both possible and relatively ``easy''.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: proftpd TLS

2009-05-20 Thread alexus
On Wed, May 20, 2009 at 5:43 PM,  per...@pluto.rain.com wrote:
 alexus ale...@gmail.com wrote:
 ... i guess my main concern it not to run it as root now

 AFAIK it is normal for a daemon to run as root if it expects to
 receive login credentials:

 * For any but the most minimal authentication scheme, it must be
  root to authenticate the credentials.  (A scheme which enables an
  untrusted program to authenticate login credentials is vulnerable
  to brute-force attacks.)

 * Regardless of the authentication scheme, it must be root in
  order to assume the identity of the newly logged in user.


all my users are virtual users to begin with, so that's not really a
concern, but i'd like to keep it running as non root thats for sure

-- 
http://alexus.org/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: jail's adjkerntz

2009-05-20 Thread alexus
On Wed, May 20, 2009 at 5:04 PM, Mel Flynn
mel.flynn+fbsd.questi...@mailing.thruhere.net wrote:
 On Wednesday 20 May 2009 22:56:26 alexus wrote:
 On Wed, May 20, 2009 at 5:31 AM, Herbert J. Skuhra h.sku...@gmail.com
 wrote:
  2009/5/20 alexus ale...@gmail.com:
  inside of my jail i get following emails...
 
  adjkerntz[25058]: sysctl(set: machdep.adjkerntz): Operation not
  permitted
 
  i dont remember getting these before...
  i did changed time zone recently though...
 
  Hi!
 
  You can disable adjkerntz in /etc/crontab:
 
  #1,31   0-5     *       *       *       root    adjkerntz -a
 
  And then run '/etc/rc.d/cron restart'.
 
  - Herbert
  ___
  freebsd-questions@freebsd.org mailing list
  http://lists.freebsd.org/mailman/listinfo/freebsd-questions
  To unsubscribe, send any mail to
  freebsd-questions-unsubscr...@freebsd.org

 would it brake something?
 i didn't find it in manual, if this is normal shouldn't it be cover there?

 There are various things in cron and periodic that don't make sense to run in
 a jail, because a jail cannot modify kernel time and read various /dev
 devices. I have this line commented out in my jails and nothing breaks, just
 less annoying emails.

 You might find this list useful as well:
 # cat /data/jails/tpl/RELENG_7/etc/periodic.conf
 daily_clean_rwho_enable=NO
 daily_accounting_enable=NO
 daily_status_disks_enable=NO
 daily_status_rwho_enable=NO
 daily_status_security_chksetuid_enable=NO
 daily_status_security_chkmounts_enable=NO
 daily_status_security_ipfwdenied_enable=NO
 daily_status_security_ipfdenied_enable=NO
 daily_status_security_pfdenied_enable=NO
 daily_status_security_ipf6denied_enable=NO
 daily_status_security_kernelmsg_enable=NO
 monthly_accounting_enable=NO

 --
 Mel


what's weird is that i didn't get 'em before and now I do...

-- 
http://alexus.org/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


Re: jail's adjkerntz

2009-05-20 Thread Steve Bertrand
alexus wrote:

 what's weird is that i didn't get 'em before and now I do...

Given all that you've ignored already, does that mean that:

a) you knew about facts in your current implementation that failed
recently in an upgrade

b) you neglected to upgrade your documentation throughout the procedure

c) you assume that the *manual* will have everything. I'm sure you've
read it thoroughly.

d) you are prepared to provide everyone on this list with the fact that
your Apache server is pretty much wide open...

It's more important to understand TFM than it is to read it.

Coin and understand that phrase... UTFM...

- stevieb


smime.p7s
Description: S/MIME Cryptographic Signature