Re: next question....
On 11/27/2010 12:06 PM, Chris Brennan wrote: You need to add yourself to the 'wheel' group to su or you need to add the proper line to /usr/local/etc/sudoers to sudo correctly. no sudoers on my system: $ cd /usr/local/etc $ cd sudoers cd: can't cd to sudoers $ ls CORBAesd.conf.defaultlynx.lsspsiconv ConsoleKitfontslynx.lss.samplerc.d PolicyKitgconfmtreerndc.key X11gnomenamed.confsound apache22gnome-vfs-2.0openldapvfs aspell.vergnome-vfs-mime-magicorbit2rcxdg avahignome.subrorbit2rc.defaultxml2Conf.sh bash_completion.dgtk-2.0pam.dxsltConf.sh bonobo-activationhalpango dbus-1lynx.cfgpolkit-1 esd.conflynx.cfg.sampleprofile.d $ pwd /usr/local/etc $ uname -a FreeBSD bsd.paulandcilla.homelinux.org 8.1-RELEASE FreeBSD 8.1-RELEASE #0: Mon Jul 19 02:55:53 UTC 2010 r...@almeida.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386 -- Paul Cartwright Registered Linux user # 367800 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Build World fails on 7-stable with cvs sources
Greetings. I have cvs'd to the most current 7-stable source tree and have compiled a kernel using these sources. However, when I attempt to complete the buildworld process, I keep getting failures in the below-listed areas. Does anyone know of an issue with these sources? I see that this release is now considered legacy so I hope I am not at end of life on this source tree. The system is just an edge router so I am just updating to the newest stable release due to the assumptions that there may be some fixes included in the sources. I have my own patched ipfirewall sources, (don't feel like writing a script for ipfw to run and figure out why it isn't running at boot, etc),however, I have not installed them yet, since I have not patched anything on this test upgrade box, yet. I have the full logs from build world and kernel build, if someone would like to see them. (very long, and don't fail until the point listed below) The kernel kept failing as well, until I used the old method by hand, in the /usr/src/sys/i386/conf directory. That is another question that I would like to ask. Why am I able to compile and install a kernel just fine using the old method, however, using the make buildkernel... method fails on some obscure module that I usually don't even have included within the config file? gnu/lib/libgomp (buildincludes) sed -e 's/@OMP_LOCK_ALIGN@/4/g' -e 's/@OMP_LOCK_KIND@/4/g' -e 's/@OMP_LOCK_SIZE@/4/g' -e 's/@OMP_NEST_LOCK_ALIGN@/4/g' -e 's/@OMP_NEST_LOCK_KIND@/8/g' -e 's/@OMP_NEST_LOCK_SIZE@/8/g' /usr/src/gnu/lib/libgomp/../../../contrib/gcclibs/libgomp/omp.h.in omp.h === gnu/lib/libregex (buildincludes) sed 's=posix/regex\.h=gnu/posix/regex.h=g' /usr/src/gnu/lib/libregex/regex.h regex.h.patched === gnu/lib/libregex/doc (buildincludes) === gnu/lib/libreadline (buildincludes) === gnu/lib/libreadline/history (buildincludes) === gnu/lib/libreadline/history/doc (buildincludes) === gnu/lib/libreadline/readline (buildincludes) === gnu/lib/libreadline/readline/doc (buildincludes) === gnu/lib/libstdc++ (buildincludes) Segmentation fault (core dumped) *** Error code 139 Stop in /usr/src/gnu/lib. *** Error code 1 Stop in /usr/src/gnu. *** Error code 1 Stop in /usr/src/gnu. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. -- Respectfully, Martes G Wigglesworth M. G. Wigglesworth Holdings, LLC www.mgwigglesworth.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: next question....
On 27 November 2010 17:12, Paul Cartwright p...@pcartwright.com wrote: On 11/27/2010 12:06 PM, Chris Brennan wrote: You need to add yourself to the 'wheel' group to su or you need to add the proper line to /usr/local/etc/sudoers to sudo correctly. no sudoers on my system: $ cd /usr/local/etc $ cd sudoers cd: can't cd to sudoers Yeah, you need to install sudo: # pkg_add -r sudo Then use visudo as root to edit sudoers. Do NOT edit sudoers without using visudo, you can lock yourself out if you mess up the syntax (yes, the voice of experience)! Chris -- Paul Cartwright Registered Linux user # 367800 Hope you're enjoying the switch ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Digital camera (Canon)
On Sat, 27 Nov 2010 22:03:02 -0600 Ryan Coleman ryan.cole...@cwis.biz wrote: It's FAT32, so I'd try... mount_msdosfs /dev/ugen2.2 You can't mount ugen devices! It seems umass hasn't attached so I guess the camera might use the Picture Transfer Protocol instead - see http://en.wikipedia.org/wiki/Picture_Transfer_Protocol . -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Digital camera (Canon)
On Sun, 28 Nov 2010 12:51:41 + Bruce Cran br...@cran.org.uk articulated: On Sat, 27 Nov 2010 22:03:02 -0600 Ryan Coleman ryan.cole...@cwis.biz wrote: It's FAT32, so I'd try... mount_msdosfs /dev/ugen2.2 You can't mount ugen devices! It seems umass hasn't attached so I guess the camera might use the Picture Transfer Protocol instead - see http://en.wikipedia.org/wiki/Picture_Transfer_Protocol . It looks like libptp2 might be interesting http://libptp.sourceforge.net/; however, I don't see any support for it in FBSD. -- Jerry ✌ freebsd.u...@seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Digital camera (Canon)
On Sun, Nov 28, 2010 at 12:51:41PM +, Bruce Cran wrote: On Sat, 27 Nov 2010 22:03:02 -0600 Ryan Coleman ryan.cole...@cwis.biz wrote: It's FAT32, so I'd try... mount_msdosfs /dev/ugen2.2 You can't mount ugen devices! It seems umass hasn't attached so I guess the camera might use the Picture Transfer Protocol instead - see http://en.wikipedia.org/wiki/Picture_Transfer_Protocol . Use the graphics/gphoto2 port. You'll need read/write access to the USB devices. Create a group called 'usb', and add your user-id to it using pw(8); pw groupadd usb -m your username Edit devfs.rules(5) to give the usb group write access to the usb and ugen devices: # excerpt from /etc/devfs.rules [myrules=10] add path 'usb/*' mode 0660 group usb add path 'ugen*' mode 0660 group usb Do not forget to activate the ruleset in /etc/rc.conf; # excerpt from /etc/rc.conf devfs_system_ruleset=myrules After a reboot, the permissions are fixed. You can of course also use chown(8) and chmod(1) to fix the permissions without rebooting. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgpUD0hum3xUs.pgp Description: PGP signature
Re: Digital camera (Canon)
Chris Hill ch...@monochrome.org writes: I have a Canon Powershot S5IS that behaves similarly. I have found that it can't be mounted like a disk drive, even though you would think it should work that way. Instead, I have to use gtkam to get the pictures off of it - /usr/ports/graphics/gtkam I prefer extracting the memory card from the camera and loading it through a card reader. The advantages are speed and lack of battery drain on the camera. This only matters when there are a lot of pictures involved. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Digital camera (Canon)
On Sat, 27 Nov 2010 23:21:55 -0500 (EST), Chris Hill ch...@monochrome.org wrote: On Sun, 28 Nov 2010, Bernt Hansson wrote: I have a digital camera, Canon powershoot sx130 is. That I wish to mount. The camera contains an sd-card that I wish to extract the photos from. ugen2.2: canon inc. at usbus2 I have a Canon Powershot S5IS that behaves similarly. I have found that it can't be mounted like a disk drive, even though you would think it should work that way. Instead, I have to use gtkam to get the pictures off of it - /usr/ports/graphics/gtkam Yes, the camera is PTP. I have the Canon PowerShot S3 IS myself and went the following way: I remove the SD card from the camera and use the internal reader of my machine. :-) Instead of using Gtkam, a GUI application, you will be happy being able to use a non-interactive way, provided by gphoto2. You can even automate copying with (or without) deleting the photos. The gphoto2 program also has a good manpage. Oh, and check if the camera provides a menu entry to select which personality it will come up with when connected to USB. Some cameras have the ability to be either a PTP compatible (use gphoto2 and gtkam) or DA compatible (use mount_msdosfs). -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Console Messages
Grant Peel gp...@thenetnow.com writes: I am using FreeBSD 8.0 and am getting lots of these: negative sbsize for uid = 0 +negative sbsize for uid = 0 +negative sbsize for uid = 0 +negative sbsize for uid = 0 +negative sbsize for uid = 0 any ideas what it means or how to cure it? Hmm. Interesting. You may need to go -hackers for this... Apparently a socket buffer is claiming to use a negative amount of space. Offhand I'd guess that it wrapped around, but there seem to be checks in place to avoid that. It's something running as root, which should help you track it down (most network daemons should be run as other users anyway). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Web mail for not local domains.
Hello all. I was wondering if you can suggest the best application you consider for the following. I am supporting a non profit organization, so the budget is less than zero. They already have a freebsd server (8.1) and are using sendmail for about 20 accounts, not big traffic. In their pc's (windows xp) they are using eudora (free version) as a client without problems (POP). I would like to install them a webmail that let them access the local accounts in the server BUT that also let them access some other accounts with another providers. No gmail, hotmail or so, but POP3 accounts that are hosted under other domains with other ISP's . Actually no problem under they eudora mail client, but the idea is that when they out in conference or so they also can have access to the accounts under the freebsd server and the other provider. Thanks in advance for your comments. Jorge Biquez ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Web mail for not local domains.
On 28/11/10 18:36, Jorge Biquez wrote: Hello all. I was wondering if you can suggest the best application you consider for the following. I am supporting a non profit organization, so the budget is less than zero. They already have a freebsd server (8.1) and are using sendmail for about 20 accounts, not big traffic. In their pc's (windows xp) they are using eudora (free version) as a client without problems (POP). I would like to install them a webmail that let them access the local accounts in the server BUT that also let them access some other accounts with another providers. No gmail, hotmail or so, but POP3 accounts that are hosted under other domains with other ISP's . Actually no problem under they eudora mail client, but the idea is that when they out in conference or so they also can have access to the accounts under the freebsd server and the other provider. Thanks in advance for your comments. Jorge Biquez Hi, I *think* (not 100% sure and I don't have one to test right now) Horde IMP can do that Firas ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: can't use godaddy SSL cert
Hi Eric and John
Thanks for your input..
As mentioned in my previous mail, there is no need to specify
TLSCACertificateFile in slapd.conf unless your server will request client
certificate for authentication. Nor is there any point in trying multiple
files, you can concatenate the CA certificates into a single file.
I have removed TLSCACertificateFile form slapd and now recognize that
this directive is only needed on the client side. Thanks for clueing
me into that.
And here is my /etc/ldap.conf file on on the CentOS 5.5 client:
[r...@vircent03:~]#cat /etc/ldap.conf
host 192.168.1.44
base dc=summitnjhome,dc=com
sudoers_base ou=sudoers,ou=Services,dc=summitnjhome,dc=com
scope sub
pam_password exop
nss_base_passwd ou=staff,dc=summitnjhome,dc=com
nss_base_shadow ou=staff,dc=summitnjhome,dc=com
TLS_CACERT /etc/openldap/cacerts/gd_sf_all.crt
And here are the contents of the cacerts directory on the CentOS 55 client:
[r...@vircent03:~]#ls -l /etc/openldap/cacerts/
total 36
-r--r--r-- 1 root root 27529 Nov 28 12:10 all.crt
lrwxrwxrwx 1 root root 7 Nov 28 12:20 b737b221.0 - all.crt
And this is the way that nsswitch is setup on the CentOS client:
passwd: files ldap
shadow: files ldap
group: files ldap
sudoers:ldap
I have revised the location of the cert files on the server noted in
slapd.conf in order to separate out the certs from the cacerts. This
is just to organize things a little more neatly.
## TLS options for slapd
TLSCipherSuite HIGH:MEDIUM:+SSLv2
TLSCertificateFile /usr/local/etc/openldap/certs/slapd.crt
TLSCertificateKeyFile /usr/local/etc/openldap/certs/slapd.pem
And here are the contents of the /usr/local/etc/openldap/certs
directory, also on the server that is referenced in the TLS lines in
slapd.conf:
-r--r--r-- 1 root ldap 2309 Nov 26 18:52 LBSD2.summitnjhome.com.crt
dr--r--r-- 3 root ldap 512 Nov 28 03:32 bak
drwxr-xr-x 2 root ldap 512 Nov 28 03:26 cacerts
-r--r--r-- 1 root ldap 2309 Nov 26 18:53 slapd.crt
-r--r--r-- 1 root ldap 1781 Nov 26 18:36 slapd.csr
-r--r--r-- 1 root ldap 3311 Nov 26 18:35 slapd.key
-r--r--r-- 1 root ldap 3243 Nov 26 18:54 slapd.pem
Here is the location of the cacert file on the server that the
/etc/ldap.conf file on the client references;
LBSD2# ls -l /usr/local/etc/openldap/certs/cacerts
-r--r--r-- 1 root ldap 27529 Nov 28 15:49 all.crt
The all.crt file is the result of concatenating these files together:
all.crtgdroot-g2.crt sf_issuing.crt
ca_bundle.crtsf_bundle.crt sfroot-g2.crt
gd_bundle.crtsf-class2-root.crt sfsroot.crt
gd-class2-root.crt sf_cross_intermediate.crt sfsroot-g2.crt
gd_intermediate.crt sf_intermediate.crt
Here is where the testing begins:
[r...@vircent03:~]#openssl s_client -connect ldap.summitnjhome.com:389
-showcerts -CAfile /usr/local/etc/openldap/certs/cacerts/all.crt
10073:error:02001002:system library:fopen:No such file or
directory:bss_file.c:122:fopen('/usr/local/etc/openldap/certs/cacerts/all.crt','r')
10073:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:125:
10073:error:0B084002:x509 certificate
routines:X509_load_cert_crl_file:system lib:by_file.c:279:
CONNECTED(0003)
10073:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
failure:s23_lib.c:188:
CONNECTED(0003)
10065:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
failure:s23_lib.c:188:
As you can see I have provided openssl the full path to the all.crt
file on the server and am still receiving a handshake failure. It
looks like
When I turn
No. I assume that your hostname is the CN indicated above, so your -h is not
the issue. When you do -ZZ then ldapsearch will fail if it cannot validate
the certificate. You can try with a single -Z to see if it works.
Yes the hostname is in the CN of the cert file. So I agree that -h is
not the issue. :)
When I try to turn on LDAP with tls on a centos machine, getent
freezes when it tries to access the information in ldap:
I have scp'd the cert file to the right location on the centos machine
(/etc/openldap/cacerts)
Here's what happens when I try to connect using openssl s_client from
a remote machine (CentOS):
[r...@lcent01 ~]# LBSD2# openssl s_client -connect
ldap.summitnjhome.com:389 -showcerts -CAfile
/usr/local/etc/openldap/certs/cacerts/gd_sf_all.crt
-bash: LBSD2#: command not found
[r...@lcent01 ~]# openssl s_client -connect ldap.summitnjhome.com:389
-showcerts -CAfile /usr/local/etc/openldap/certs/cacerts/gd_sf_all.crt
4299:error:02001002:system library:fopen:No such file or
directory:bss_file.c:122:fopen('/usr/local/etc/openldap/certs/cacerts/gd_sf_all.crt','r')
4299:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:125:
4299:error:0B084002:x509 certificate
routines:X509_load_cert_crl_file:system lib:by_file.c:279:
CONNECTED(0003)
4299:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
failure:s23_lib.c:188:
As you can
Re: can't use godaddy SSL cert
On 28/11/10 18.51, bluethundr wrote: Yes the hostname is in the CN of the cert file. So I agree that -h is not the issue. :) [r...@vircent03:~]#ldapsearch -h ldap -b dc=summitnjhome,dc=com -Z -D cn=Manager,dc=summitnjhome,dc=com (objectclass=sudoRole) -W Maybe I didn't make myself clear: the host name you use to connect to (-h), in your command line example above, ldap, must be the same as the CN of the server certificate. It is irrelevant if the servers hostname is the same as the CN. That might be why you get ldap_start_tls: Connect error (-11) additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Try -h LBSD2.summitnjhome.com BR, Erik ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Web mail for not local domains.
On 11/29/10 03:36, Jorge Biquez wrote: Hello all. I was wondering if you can suggest the best application you consider for the following. I am supporting a non profit organization, so the budget is less than zero. They already have a freebsd server (8.1) and are using sendmail for about 20 accounts, not big traffic. In their pc's (windows xp) they are using eudora (free version) as a client without problems (POP). I would like to install them a webmail that let them access the local accounts in the server BUT that also let them access some other accounts with another providers. No gmail, hotmail or so, but POP3 accounts that are hosted under other domains with other ISP's . Actually no problem under they eudora mail client, but the idea is that when they out in conference or so they also can have access to the accounts under the freebsd server and the other provider. Thanks in advance for your comments. Jorge Biquez mail/atmail no question. A little annoying for me (as I don't specifically want those features) but perfect for what you want. HTH ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: can't use godaddy SSL cert
Hi Eric,
Sorry I am clear on that now. I have tried the -h value that matches
the one in the cert, but I get the same result, unfortunately:
[r...@vircent03:~]#ldapsearch -h LBSD2.summitnjhome.com -b
dc=summitnjhome,dc=com -Z -D cn=Manager,dc=summitnjhome,dc=com
(objectclass=sudoRole) -W
ldap_start_tls: Connect error (-11)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Enter LDAP Password:
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
[r...@vircent03:~]#openssl s_client -connect
LBSD2.summitnjhome.com:389 -showcerts -CAfile
/usr/local/etc/openldap/certs/cacerts/all.crt
10504:error:02001002:system library:fopen:No such file or
directory:bss_file.c:122:fopen('/usr/local/etc/openldap/certs/cacerts/all.crt','r')
10504:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:125:
10504:error:0B084002:x509 certificate
routines:X509_load_cert_crl_file:system lib:by_file.c:279:
CONNECTED(0003)
10504:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
failure:s23_lib.c:188:
Thanks again for following up!
On Sun, Nov 28, 2010 at 1:23 PM, Erik Norgaard norga...@locolomo.org wrote:
On 28/11/10 18.51, bluethundr wrote:
Yes the hostname is in the CN of the cert file. So I agree that -h is
not the issue. :)
[r...@vircent03:~]#ldapsearch -h ldap -b dc=summitnjhome,dc=com -Z
-D cn=Manager,dc=summitnjhome,dc=com (objectclass=sudoRole) -W
Maybe I didn't make myself clear: the host name you use to connect to (-h),
in your command line example above, ldap, must be the same as the CN of the
server certificate. It is irrelevant if the servers hostname is the same as
the CN.
That might be why you get
ldap_start_tls: Connect error (-11)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Try
-h LBSD2.summitnjhome.com
BR, Erik
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
--
Here's my RSA Public key:
gpg --keyserver pgp.mit.edu --recv-keys B6D6EAC3
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: can't use godaddy SSL cert
I have also I have revised my /etc/ldap.conf on the client to read:
uri ldaps://LBSD2.summitnjhome.com/
ssl start_tls
tls_cacertdir /etc/openldap/cacerts
pam_password crypt
I have also tried using
uri ldap://LBSD2.summitnjhome.com/
with the same results as before. thanks again.
On Sun, Nov 28, 2010 at 1:49 PM, bluethundr bluethu...@gmail.com wrote:
Hi Eric,
Sorry I am clear on that now. I have tried the -h value that matches
the one in the cert, but I get the same result, unfortunately:
[r...@vircent03:~]#ldapsearch -h LBSD2.summitnjhome.com -b
dc=summitnjhome,dc=com -Z -D cn=Manager,dc=summitnjhome,dc=com
(objectclass=sudoRole) -W
ldap_start_tls: Connect error (-11)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Enter LDAP Password:
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
[r...@vircent03:~]#openssl s_client -connect
LBSD2.summitnjhome.com:389 -showcerts -CAfile
/usr/local/etc/openldap/certs/cacerts/all.crt
10504:error:02001002:system library:fopen:No such file or
directory:bss_file.c:122:fopen('/usr/local/etc/openldap/certs/cacerts/all.crt','r')
10504:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:125:
10504:error:0B084002:x509 certificate
routines:X509_load_cert_crl_file:system lib:by_file.c:279:
CONNECTED(0003)
10504:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
failure:s23_lib.c:188:
Thanks again for following up!
On Sun, Nov 28, 2010 at 1:23 PM, Erik Norgaard norga...@locolomo.org wrote:
On 28/11/10 18.51, bluethundr wrote:
Yes the hostname is in the CN of the cert file. So I agree that -h is
not the issue. :)
[r...@vircent03:~]#ldapsearch -h ldap -b dc=summitnjhome,dc=com -Z
-D cn=Manager,dc=summitnjhome,dc=com (objectclass=sudoRole) -W
Maybe I didn't make myself clear: the host name you use to connect to (-h),
in your command line example above, ldap, must be the same as the CN of the
server certificate. It is irrelevant if the servers hostname is the same as
the CN.
That might be why you get
ldap_start_tls: Connect error (-11)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Try
-h LBSD2.summitnjhome.com
BR, Erik
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
--
Here's my RSA Public key:
gpg --keyserver pgp.mit.edu --recv-keys B6D6EAC3
--
Here's my RSA Public key:
gpg --keyserver pgp.mit.edu --recv-keys B6D6EAC3
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Web mail for not local domains.
On 2010-11-28 9:36 AM, Jorge Biquez wrote: Hello all. I was wondering if you can suggest the best application you consider for the following. roundcube -- Jim Pazarena fqu...@paz.bz ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Web mail for not local domains.
Openwebmail 1.53 -Grant -Original Message- From: Jim Pazarena Sent: Sunday, November 28, 2010 2:42 PM To: freebsd-questions@freebsd.org Subject: Re: Web mail for not local domains. On 2010-11-28 9:36 AM, Jorge Biquez wrote: Hello all. I was wondering if you can suggest the best application you consider for the following. roundcube -- Jim Pazarena fqu...@paz.bz ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Console Messages
-Original Message- From: Lowell Gilbert Sent: Sunday, November 28, 2010 10:23 AM To: Grant Peel Cc: freebsd-questions@freebsd.org Subject: Re: Console Messages Grant Peel gp...@thenetnow.com writes: I am using FreeBSD 8.0 and am getting lots of these: negative sbsize for uid = 0 +negative sbsize for uid = 0 +negative sbsize for uid = 0 +negative sbsize for uid = 0 +negative sbsize for uid = 0 any ideas what it means or how to cure it? Hmm. Interesting. You may need to go -hackers for this... Apparently a socket buffer is claiming to use a negative amount of space. Offhand I'd guess that it wrapped around, but there seem to be checks in place to avoid that. It's something running as root, which should help you track it down (most network daemons should be run as other users anyway). Glibert, What is -hackers? freebsd-hack...@freebsd.org? Thanks for the reply :-) -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
IMPRESORAS HP LASER SERVICIO TECNICO
IMPRESORAS LASER HEWLETT PACKARD VISITAS Y RELEVAMIENTOS SIN CARGO HP LJ 1320N, 2420N, 2600N, 3700N, P3005, 4000, 4050N, 4250, 4350DTN, 5500DTN, 8000N, 8550N, 9000 TECNICOS CERTIFICADOS, REPUESTOS ORIGINALES Consulte por los Alcances de la Revisión Sin Cargo en Capital Federal 4982.9696 SOLARCOM srl BME. MITRE 4042 C.A.B.A. solar...@solarcomsrl.com.ar ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
firefox fails to launch
hi list I finally got KDE 4 running on my FreeBSD 8.1 box! It was a happy day as it took several days to compile... However after installing the firefox port I get a dialog box claiming that firefox is already running but not responding. To open a new window, you must first close the existing Firefox process or restart your system doing a ps -ef | grep firefox does not show any firefox processes running. how can I get firefox to work under freebsd? thanks -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys B6D6EAC3 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: firefox fails to launch
On Sun, Nov 28, 2010 at 7:50 PM, bluethundr bluethu...@gmail.com wrote: hi list I finally got KDE 4 running on my FreeBSD 8.1 box! It was a happy day as it took several days to compile... However after installing the firefox port I get a dialog box claiming that firefox is already running but not responding. To open a new window, you must first close the existing Firefox process or restart your system doing a ps -ef | grep firefox does not show any firefox processes running. how can I get firefox to work under freebsd? thanks very odd, ff worked ootb for me look around in /var/run, see if you have a mis-permissioned lockfile ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: gateway_enable=NO
Am 25.11.2010 05:38, schrieb Lamac Lamaco: The system installed now and in adresses /etc or /etc/rc.d there is no script. Does system work in default as ROUTER? I ask this question, because i tried it works. As it is written gateway_enable=NO # Set to YES if this host will be a gateway in the address - /etc/defaults/rc.conf But if I write gateway_enable=NO in the address /etc/rc.conf , my system will work in as ROUTER. I say this because the host in my system's local network can ping my system's global IP. As i know it can be only in ROUTER. Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org No, in default FreeBSD isn't working as a router. Look with sysctl at: net.inet.ip.fw.default_to_accept When is it set to 1, FreeBSD is working as a router, with a value of 0 it doesn't work as a router. Look with tcpdump where networktraffic is going. http://www.freebsd.org/doc/handbook/network-routing.html http://www.freebsd.org/doc/handbook/network-natd.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: firefox fails to launch
2010-11-29 01:50, bluethundr skrev: hi list I finally got KDE 4 running on my FreeBSD 8.1 box! It was a happy day as it took several days to compile... However after installing the firefox port I get a dialog box claiming that firefox is already running but not responding. To open a new window, you must first close the existing Firefox process or restart your system You need to remove ye olde lockfile, normally at ~/.mozilla/firefox/profilename/!lock One can even remove .parentlock in the same directory doing a ps -ef | grep firefox does not show any firefox processes running. how can I get firefox to work under freebsd? thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Console Messages
Grant Peel gp...@thenetnow.com wrote: ... You may need to go -hackers for this... What is -hackers? freebsd-hack...@freebsd.org? Yep. I've observed a tendency not to put full listn...@domain addresses in messages, perhaps in an attempt to avoid harvesting by spammers :( ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Digital camera (Canon)
2010-11-28 05:21, Chris Hill skrev: On Sun, 28 Nov 2010, Bernt Hansson wrote: I have a digital camera, Canon powershoot sx130 is. That I wish to mount. The camera contains an sd-card that I wish to extract the photos from. ugen2.2: canon inc. at usbus2 Thank you all for your input on this issue. Merry whatever your winter holiday is, and yes, the pictures is aviable to download from the camera. Thank you! I have a Canon Powershot S5IS that behaves similarly. I have found that it can't be mounted like a disk drive, even though you would think it should work that way. Instead, I have to use gtkam to get the pictures off of it - /usr/ports/graphics/gtkam Also had to change some system stuff in order to be able to do this as an ordinary user: Added to /etc/devfs.conf # Allow members of group operator to use USB own usb* root:operator perm usb* 0660 ...and here is my /etc/devfs.rules in its entirety: # Added so ordinary users can use the USB camera if they are # members of group 'usb' # [usb_devices=10] add path 'ugen*' mode 0660 group usb add path 'da*s*' mode 0660 group usb # # 20091231: added the following for 8.0, since usb is handled # differently now. Hoping this will make gtkam work. add path 'usb/*' mode 0660 group usb HTH... -- Chris Hill ch...@monochrome.org ** [ Busy Expunging | ] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Build World fails on 7-stable with cvs sources
On Sun, 2010-11-28 at 03:14 -0500, Martes G Wigglesworth wrote: Greetings. I have cvs'd to the most current 7-stable source tree and have compiled a kernel using these sources. However, when I attempt to complete the buildworld process, I keep getting failures in the below-listed areas. Does anyone know of an issue with these sources? I see that this release is now considered legacy so I hope I am not at end of life on this source tree. The system is just an edge router so I am just updating to the newest stable release due to the assumptions that there may be some fixes included in the sources. I have my own patched ipfirewall sources, (don't feel like writing a script for ipfw to run and figure out why it isn't running at boot, etc),however, I have not installed them yet, since I have not patched anything on this test upgrade box, yet. I have the full logs from build world and kernel build, if someone would like to see them. (very long, and don't fail until the point listed below) The kernel kept failing as well, until I used the old method by hand, in the /usr/src/sys/i386/conf directory. That is another question that I would like to ask. Why am I able to compile and install a kernel just fine using the old method, however, using the make buildkernel... method fails on some obscure module that I usually don't even have included within the config file? gnu/lib/libgomp (buildincludes) sed -e 's/@OMP_LOCK_ALIGN@/4/g' -e 's/@OMP_LOCK_KIND@/4/g' -e 's/@OMP_LOCK_SIZE@/4/g' -e 's/@OMP_NEST_LOCK_ALIGN@/4/g' -e 's/@OMP_NEST_LOCK_KIND@/8/g' -e 's/@OMP_NEST_LOCK_SIZE@/8/g' /usr/src/gnu/lib/libgomp/../../../contrib/gcclibs/libgomp/omp.h.in omp.h === gnu/lib/libregex (buildincludes) sed 's=posix/regex\.h=gnu/posix/regex.h=g' /usr/src/gnu/lib/libregex/regex.h regex.h.patched === gnu/lib/libregex/doc (buildincludes) === gnu/lib/libreadline (buildincludes) === gnu/lib/libreadline/history (buildincludes) === gnu/lib/libreadline/history/doc (buildincludes) === gnu/lib/libreadline/readline (buildincludes) === gnu/lib/libreadline/readline/doc (buildincludes) === gnu/lib/libstdc++ (buildincludes) Segmentation fault (core dumped) *** Error code 139 Stop in /usr/src/gnu/lib. *** Error code 1 Stop in /usr/src/gnu. *** Error code 1 Stop in /usr/src/gnu. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. Curious. What does your ``make'' command look like? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Bridging Gigabit and Fast Ethernet Interfaces
if_bridge(4) says: The if_bridge driver currently supports only Ethernet and Ethernet-like (e.g., 802.11) network devices, with exactly the same interface MTU size as the bridge device. Am I correct to assume then that I can bridge a gigabit interface and a fast ethernet interface and that one of the negatives of doing this is that Jumbo frames couldn't be used on the gigabit side? I've got an Atom based server with an onboard gigabit nic and only one PCI slot. The server sits physically close to my 10/100 switch that hangs off my firewall. I was thinking of putting a 10/100 nic into the single PCI slot and running that to the 10/100 switch for internet access and then running cable across the room from the gigabit interface to a gigabit switch on my workbench. Wired gigabit clients on the bench would then have the benefit of gigabit access to the server for doing backups but also still have internet access via the server's bridge interface right? Is there a reason I wouldn't want to do it this way? Thanks, Carl ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: firefox fails to launch
that did it!! whoo-hoo!! love it..thanks On Sun, Nov 28, 2010 at 8:07 PM, Bernt Hansson be...@bah.homeip.net wrote: 2010-11-29 01:50, bluethundr skrev: hi list I finally got KDE 4 running on my FreeBSD 8.1 box! It was a happy day as it took several days to compile... However after installing the firefox port I get a dialog box claiming that firefox is already running but not responding. To open a new window, you must first close the existing Firefox process or restart your system You need to remove ye olde lockfile, normally at ~/.mozilla/firefox/profilename/!lock One can even remove .parentlock in the same directory doing a ps -ef | grep firefox does not show any firefox processes running. how can I get firefox to work under freebsd? thanks -- Here's my RSA Public key: gpg --keyserver pgp.mit.edu --recv-keys B6D6EAC3 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: PCI Parallel Port I/O card
On Thu, Nov 25, 2010 at 9:05 PM, Jonathan Chen j...@chen.org.nz wrote: Hi, I've got a system which has a PCI I/O card with a parallel port on it. I'd like my 8-STABLE/amd64 machine to recognise this card. The relevant bits of pciconf -lcv is: no...@pci0:4:6:0: class=0x070103 card=0x2000a000 chip=0x98659710 rev=0x00 hdr=0x00 vendor = 'MosChip Semiconductors (Was: Netmos Technology)' class = simple comms subclass = parallel port cap 01[48] = powerspec 2 supports D0 D3 current D0 However, a verbose boot reveals: ppc0: cannot reserve I/O port range ppc0: Parallel port failed to probe at irq 7 on isa0 For the archives: It appears there isn't any to configure the card to be recognised out-of-box. I had to add an entry in sys/dev/ppc_pci.c with the matching chip number, and recompile the kernel. Currently, it is recognised as: ppc1: MosChip NM9865 1284 Printer port port 0xdc00-0xdc07,0xd880-0xd887 mem 0xfe8ff000-0xfe8f,0xfe8fe000-0xfe8fefff irq 21 at device 6.0 on pci4 If I had multi-I/O ports on the card, I would have had to modify sys/dev/puc/puc_data.c instead. Cheers. -- Jonathan Chen j...@chen.org.nz ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
