fuser(1): do FIFOs and sockets count as named files?
fuser(1) man page mentions the tool is supposed to list processes that have specified named file(s) open. As there are several types of files (according to stat(2)) it's not clear which are supported, e.g. $ (mkfifo foo.fifo; cat foo.fifo) nc -lU foo.socket $ fuser foo.* foo.fifo: foo.socket: $ procstat -af | awk 'NR == 1 || /foo/' PID COMM FD T V FLAGSREF OFFSET PRO NAME 6672 cat 0 f - rw-- 2 0 - /home/luser/foo.fifo 11493 nc 3 s - rw-- 2 0 UDS foo.socket $ fstat | awk 'NR == 1 || $2 ~ /cat/ $4 ~ 0 || $2 ~ /nc/ $4 ~ 3' USER CMD PID FD MOUNT INUM MODE SZ|DV R/W luser nc 114933* local stream fe00a980d690 luser cat 66720 /home/luser 5982 prw-r--r-- 0 rw fuser(1) on BusyBox/Linux does show open FIFOs, not sure about sockets. -- FreeBSD 9.0-CURRENT r47M amd64 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Trouble with LDAP-authentication to Apple Open Directory
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello! Yesterday I finally managed to get my FreeBSD 8.2-STABLE box to actually authenticate to the Xserve, running Open Directory on Mac OS X 10.5 Server. I was able to log in to the FreeBSD box (egil.kreativsone.no) as a directory user via SSH and also via netatalk. Unfortunately, after a while, it stopped working. I can't remember doing anything at all... As far as I know, I made no changes in the configuration neither on the Xserve nor on the FreeBSD box. This is what happens when I try to log in via SSH. mp-aleks:~ aleksander$ ssh aleks...@egil.kreativsone.no Password: aleks...@egil.kreativsone.no's password: Connection closed by 192.168.3.6 Notice that I enter the password once, and then it asks for the password once more, but it won't accept the password. Here is the auth.log on egil.kreativsone.no: May 26 13:18:24 egil sshd[5347]: error: PAM: user account has expired for alekstef from 192.168.3.16 May 26 13:18:28 egil sshd[5347]: Failed password for alekstef from 192.168.3.16 port 62114 ssh2 I know for a fact that the user account is not expired in Open Directory. I have also checked the logs on the Xserve, but can't find anything relevant to the problem, so I assume the problem is on the FreeBSD-box. Here's the part of my nss_ldap.conf file on egil.kreativsone.no, that is not commented out. Everything else is the default: host jangunnar.kreativsone.no base dc=jangunnar,dc=kreativsone,dc=no ldap_version 3 port 389 scope one bind_policy soft pam_filter objectclass=posixAccount pam_login_attribute uid pam_groupdn cn=lagring,cn=groups,dc=jangunnar,dc=kreativsone,dc=no pam_member_attribute memberUid pam_password crypt nss_base_passwd cn=users,dc=jangunnar,dc=kreativsone,dc=no?one nss_base_shadow cn=users,dc=jangunnar,dc=kreativsone,dc=no?one nss_base_group cn=groups,dc=jangunnar,dc=kreativsone,dc=no?one ssl off I tried commenting out the pam_groupdn and pam_member_attributes with no success. I was hoping to restrict login to to the group lagring, but it didn't seem to work. /etc/pam.d/sshd: authsufficient pam_opie.so no_warn no_fake_prompts authrequisite pam_opieaccess.so no_warn allow_local authsufficient /usr/local/lib/pam_ldap.so no_warn authrequiredpam_unix.so no_warn try_first_pass # account account requiredpam_nologin.so account requiredpam_login_access.so account required/usr/local/lib/pam_ldap.so no_warn ignore_authinfo_unavail ignore_unknown_user account requiredpam_unix.so # session session requiredpam_permit.so # password passwordrequiredpam_unix.so no_warn try_first_pass /etc/pam.d/netatalk authsufficient /usr/local/lib/pam_ldap.so no_warn authinclude system account include system passwordinclude system session include system account required/usr/local/lib/pam_ldap.so no_warn ignore_authinfo_unavail ignore_unknown_user I really need to get this working again. Any help is highly appreciated. Please ask if you need more information. Thanks! Best regards, Aleksander Steffensen -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJN3j4xAAoJELxlbnDhBkKI7jEIAJqUquhmHVO4IDiTBXRERTIR qjv1zsWpUg1d/gps222hKxypN6NqIWDhSvZmRu2BWTgPek6nKjxOmlui4ZsMhhKS uU9jUDghQMijeXPNSxx6eUMb0b0FQ43UJaJQR/vK3ogpDq01SCAzYUAA5/N+vqME VSG1YxZDcCV+lbIYWZF8/IJLPVqr0BEeUgWNvWXSLqRBlXebNmbGl5dbL3MCnI9D JkLbpTeKcVjpaot6fgtkLt03Jk72l+MkpVbKABnb8fHOUBLXRkgHOC0VPIrSQ37X iYwvGQsSs8iHTCRyMUtLuJHrN8o2qCxZ7zatp3Pj15UlSpGFDDZkvWY10WfCmjw= =y51P -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: Trouble with LDAP-authentication to Apple Open Directory
Hello! Yesterday I finally managed to get my FreeBSD 8.2-STABLE box to actually authenticate to the Xserve, running Open Directory on Mac OS X 10.5 Server. I was able to log in to the FreeBSD box (egil.kreativsone.no) as a directory user via SSH and also via netatalk. Unfortunately, after a while, it stopped working. I can't remember doing anything at all... As far as I know, I made no changes in the configuration neither on the Xserve nor on the FreeBSD box. This is what happens when I try to log in via SSH. Are the two units timesync'd to the same time server? If the BSD box drifts out to the X-Server then Kerberos will fail... Marci ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
zfs newbie question
hi, i have a new fbsd-8.2 install (dual boot with win7, just desktop general use) on entirely ufs disk, and am not sure how to mount a zfs formatted disk from a previous install, without loosing what is on there. (freebsd-zfs). in short, the zfs disk was from a previous freebsd install, same version, just needed to wipe/reinstall, which was also entirely ufs. To try out zfs i used a full separate disk, partiitoned and setup as freebsd-zfs through gpt, then created the pool specifying it. i.e zpool create foo /dev/ad10. atm i dont have a pool at all and dont know if i use that command, if it will simple create one and mount ad10, retaining the data on it or whether that will just reinitialise, wiping the data in the process. to avoid surprises, i have been looking around to see if u can create an empty pool (without specifying disk space or w/e), then try the ‘add’ command instead, to add it there, but i dont see that thats possible so far; and i dont have spare space to use in creating a new pool. so, is it entirely safe to use zpool create foo /dev/ad10 to mount it and retain data, or is there some way to create an empty pool? thanks in advance ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Trouble with LDAP-authentication to Apple Open Directory
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 They were not, but I synced them both to the same time server. I don't use Kerberos anyways, I use nss_ldap, so it didn't work. Best regards, Aleksander Steffensen Den 26. mai 2011 kl. 14.42 skrev mcoyles: Hello! Yesterday I finally managed to get my FreeBSD 8.2-STABLE box to actually authenticate to the Xserve, running Open Directory on Mac OS X 10.5 Server. I was able to log in to the FreeBSD box (egil.kreativsone.no) as a directory user via SSH and also via netatalk. Unfortunately, after a while, it stopped working. I can't remember doing anything at all... As far as I know, I made no changes in the configuration neither on the Xserve nor on the FreeBSD box. This is what happens when I try to log in via SSH. Are the two units timesync'd to the same time server? If the BSD box drifts out to the X-Server then Kerberos will fail... Marci ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJN3mVlAAoJELxlbnDhBkKI6r8IALI/P5p9RP1GrFb4mZgBcokz O2oBOarQGcRFF4hWySfgs+doin0ZGIh8OeyPgMtNK+Ci3A7ek8LdXlm5isrjgCMt HWYkP40whLnOHHIh+GJ3OrFSslkJuytmtTpwwqO5VAfXg1Ft0E+kQmBZrHNVVvuy fwXGMT5NjhzZ5lgXZwGLOoTXd2hpRgXFUK492pJGAYSk6HFMFIdi9SGZuYJQ9W1j l+GUYBZlnovfoQDvXB3zBqOD9bBuxPb0mLRg2+djOh5/qo+WPlFeV/pds45s24v8 cYf+JCeB6wmGbT1HFR5mGlZmW6/clKKQTTVaKUGWYdiPxMeWYv54I7IrR85KyMI= =3DaI -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Can net.inet.tcp.msl be set per interface?
If a server has one interface to the Internet and another interface to a switch connecting to a few other servers, it seems TCP's MSL value might reasonably be set a lot lower on the private interface. I'm specifically thinking of a lot of short MySQL connections between the servers on the private LAN. The average number of MySQL client connections in TIME_WAIT will be proportional to MSL. And, while the circumstances under which a long MSL would help anything are unimaginable on the LAN, they are not on the Internet. So can net.inet.tcp.msl be set per interface? Tom ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: zfs newbie question
Hi, zpool create is a destructive command to data on the disks, ie any preexisting pool, but it would normally warn you if it found an existing pool on the disks you are trying to use. Run: # zpool import and it will scan any attached disks for pools that are importable, if it detects your old pool then you can import it again via the zpool import poolname command, cheers Andy. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Hardware Recovery Company
Hi Polytropon cc list, I wrote: You could look at man fsdb FreeBSD offers a lot of versatile diagnostic and rescue tools, and surely fsdb is one of them. Others, provided by the base system, are fetch -rR device and also recoverdisk. In the ports collection you'll find tools like ddrescue, dd_rescue, ffs2recov, magicrescue, testdisk, scan_ffs, recoverjpeg, foremost and photorec. And finally there is The Sleuth Kit (with its tools fls, dls, ils and autopsy). Could you please submit a send-pr to add that useful list to man fsdb ? (If you dont want to i would, but as you obviously know this area better ... :-) I saw no answer to this none in archive beyond this http://docs.FreeBSD.org/cgi/mid.cgi?201105211952.p4LJqHcX091659 So I searched, sent a send-pr Polytropon, 2 tools you mentioned I couldnt find, if you or others have info please add to http://www.freebsd.org/cgi/query-pr.cgi?pr=157351 Thanks Cheers, Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com Mail plain text; Not quoted-printable, Not HTML, Not base 64. Reply below text sections not at top, to avoid breaking cumulative context. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: zfs newbie question
On 05/26/11 17:29, a.sm...@ukgrid.net wrote: Hi, zpool create is a destructive command to data on the disks, ie any preexisting pool, but it would normally warn you if it found an existing pool on the disks you are trying to use. Run: # zpool import and it will scan any attached disks for pools that are importable, if it detects your old pool then you can import it again via the zpool import poolname command, cheers Andy. thank u vm took 2secs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Dell R210 no disks found
I am attempting to install FreeBSD 8.2 amd64 from a CD onto a Dell R210 server. When I boot and run fdisk from sysinstall (under Custom), it tells me No disks found! and then points me to the hardware guide. Nothing in the hardware guide really seems to apply. Any one else get FreeBSD installed on an R210? Is there a BIOS setting that I need to check or something? I've spent about a week on this and will need to return both R210s soon if I can't get them working. Thanks, Jaime Kikpole -- Network Administrator Cairo-Durham Central School District http://cns.cairodurham.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Dell R210 no disks found
On 05/26/11 15:16, Jaime Kikpole wrote: I am attempting to install FreeBSD 8.2 amd64 from a CD onto a Dell R210 server. When I boot and run fdisk from sysinstall (under Custom), it tells me No disks found! and then points me to the hardware guide. Nothing in the hardware guide really seems to apply. Any one else get FreeBSD installed on an R210? Is there a BIOS setting that I need to check or something? I've spent about a week on this and will need to return both R210s soon if I can't get them working. I'm assuming these have the PERC H200 cards in them. If so, you will need the mps(4) driver which is only available in FreeBSD 8-STABLE built sometime after the 8.2 release. You can find ISO snapshots of 8-STABLE builds here http://pub.allbsd.org/FreeBSD-snapshots/. Search the list archives for PERC H200 for more information. Steve Polyack ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Dell R210 no disks found
Jaime, If you are using the on board controller, try changing the BIOS settings between AHCI and ATA. An issue you may have with ATA, the internal DVDROM may not work. I always had an external USB CDROM so I can't say for certain. Hope that helps. Barrett W. Clark On Thu, May 26, 2011 at 2:16 PM, Jaime Kikpole jkikp...@cairodurham.org wrote: I am attempting to install FreeBSD 8.2 amd64 from a CD onto a Dell R210 server. When I boot and run fdisk from sysinstall (under Custom), it tells me No disks found! and then points me to the hardware guide. Nothing in the hardware guide really seems to apply. Any one else get FreeBSD installed on an R210? Is there a BIOS setting that I need to check or something? I've spent about a week on this and will need to return both R210s soon if I can't get them working. Thanks, Jaime Kikpole -- Network Administrator Cairo-Durham Central School District http://cns.cairodurham.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
ports problem in an old system ver 4.9
I have an old FreeBSD 4.9 installation that I cannot upgrade. I wanted to install something from the ports, but I am getting this error on almost every port; # make === Vulnerability check disabled, database not found === License check disabled, port has not defined LICENSE === Extracting for rsnapshot-1.3.1 /sbin/sha256: not found *** Error code 127 Stop in /usr/ports/sysutils/rsnapshot. Wondering if anyone has an idea where to look. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ports problem in an old system ver 4.9
On May 26, 2011, at 3:01 PM, David Banning wrote: I have an old FreeBSD 4.9 installation that I cannot upgrade. You've also got a FreeBSD installation which the ports tree does not support. I wanted to install something from the ports, but I am getting this error on almost every port; # make === Vulnerability check disabled, database not found === License check disabled, port has not defined LICENSE === Extracting for rsnapshot-1.3.1 /sbin/sha256: not found *** Error code 127 Stop in /usr/ports/sysutils/rsnapshot. I believe you can obtain a sha256 binary from GNU coreutils (although GNU calls it sha256sum), and then install it to /sbin. Regards, -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ports problem in an old system ver 4.9
On Thu, 26 May 2011 15:40:09 -0700 Chuck Swiger cswi...@mac.com wrote: On May 26, 2011, at 3:01 PM, David Banning wrote: I have an old FreeBSD 4.9 installation that I cannot upgrade. You've also got a FreeBSD installation which the ports tree does not support. I wanted to install something from the ports, but I am getting this error on almost every port; # make === Vulnerability check disabled, database not found === License check disabled, port has not defined LICENSE === Extracting for rsnapshot-1.3.1 /sbin/sha256: not found *** Error code 127 Stop in /usr/ports/sysutils/rsnapshot. I believe you can obtain a sha256 binary from GNU coreutils (although GNU calls it sha256sum), and then install it to /sbin. It's not drop-in replacement. The FreeBSD version sensibly just outputs the hash when hashing from stdin, but the gnu version prints a trailing -. It may be that the ports makefiles ignore the extra field, but it may require a wrapper script. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RAM needed for DHCP + router?
Hello list, I'm looking to build a NAT / DHCP box for a lab network for my company. My question is, how do I estimate the amount of RAM the machine will need? This box will be running isc-dhcpd, doing NAT either via natd or pf, and not much else. I expect the amount of traffic (throughput) to be very small, but the address space involved is quite large, at least by my standards. It seems to me that this will require potentially large amounts of memory for routing tables, etc., but not much disk. I'll be installing the latest -RELEASE; 32-bit if I can, 64-bit if I must, depending on how much memory it looks like I'll need. I may also install webmin for the benefit of my computer-literate-but-not-unix-savvy coworkers. Thanks! -- Chris Hill ch...@monochrome.org ** [ Busy Expunging / ] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: RAM needed for DHCP + router?
On May 26, 2011, at 4:46 PM, Chris Hill wrote: I'm looking to build a NAT / DHCP box for a lab network for my company. My question is, how do I estimate the amount of RAM the machine will need? How many DHCP leases and NAT clients? ISC's DHCPd typically runs a few tens of MB unless you have many tens of thousands of leases. State table for natd doesn't require much memory either, but it scales more with the number of network flows rather than just # of clients. One client pounding away with BitTorrent will use more NAT session states than a dozen clients under normal desktop use. Regards, -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: RAM needed for DHCP + router?
Your biggest consumers would be FBSD itself and the routing tables. I *think* full internet routing tables are still less than 512MB, (google to check), so unless you have more routes than that - 512MB may work, 1GB most likely will. Too many unknowns, like; is this ipv4 only or 6 and 4 routes? Tweaked/minimal kernel, etc. - Original Message - From: Chris Hill [mailto:ch...@monochrome.org] Sent: Thursday, May 26, 2011 06:46 PM To: FreeBSD Questions List questi...@freebsd.org Subject: RAM needed for DHCP + router? Hello list, I'm looking to build a NAT / DHCP box for a lab network for my company. My question is, how do I estimate the amount of RAM the machine will need? This box will be running isc-dhcpd, doing NAT either via natd or pf, and not much else. I expect the amount of traffic (throughput) to be very small, but the address space involved is quite large, at least by my standards. It seems to me that this will require potentially large amounts of memory for routing tables, etc., but not much disk. I'll be installing the latest -RELEASE; 32-bit if I can, 64-bit if I must, depending on how much memory it looks like I'll need. I may also install webmin for the benefit of my computer-literate-but-not-unix-savvy coworkers. Thanks! -- Chris Hill ch...@monochrome.org ** [ Busy Expunging / ] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org font size=1 div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in' /div This email is intended to be reviewed by only the intended recipient and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, disclosure or copying of this email and its attachments, if any, is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system. /font ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: RAM needed for DHCP + router?
On Thu, 26 May 2011, Gary Gatten wrote: Your biggest consumers would be FBSD itself and the routing tables. I *think* full internet routing tables are still less than 512MB, (google to check), so unless you have more routes than that - 512MB may work, 1GB most likely will. Too many unknowns, like; is this ipv4 only or 6 and 4 routes? Tweaked/minimal kernel, etc. Sorry, forgot to mention: inet4 for now, probably mixed with v6 in years to come. GENERIC kernel if at all possible (trying to minimize maintenance and general fussiness level). And in reponse to Chuck, How many DHCP leases and NAT clients? At any one time, probably dozens (maybe hundreds) of leases and hundreds (maybe thousands) of NAT clients, but not tens of thousands. Leases and NAT clients will come and go on a daily or weekly basis as equipment is tested, configured and shipped out. - Original Message - From: Chris Hill [mailto:ch...@monochrome.org] Sent: Thursday, May 26, 2011 06:46 PM To: FreeBSD Questions List questi...@freebsd.org Subject: RAM needed for DHCP + router? Hello list, I'm looking to build a NAT / DHCP box for a lab network for my company. My question is, how do I estimate the amount of RAM the machine will need? This box will be running isc-dhcpd, doing NAT either via natd or pf, and not much else. I expect the amount of traffic (throughput) to be very small, but the address space involved is quite large, at least by my standards. It seems to me that this will require potentially large amounts of memory for routing tables, etc., but not much disk. I'll be installing the latest -RELEASE; 32-bit if I can, 64-bit if I must, depending on how much memory it looks like I'll need. I may also install webmin for the benefit of my computer-literate-but-not-unix-savvy coworkers. Thanks! -- Chris Hill ch...@monochrome.org ** [ Busy Expunging / ] -- Chris Hill ch...@monochrome.org ** [ Busy Expunging / ] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Disable or limit email in root?
Hello all. Is it possible that the root user can be limited to send email only for activities realetd to the server and only locally? or limit the amount of root user can send. I have a 7.3 small server working as secondary dns, 3 domains for http and email. very few traffic. Using sendmail, the default one. IN some way a spammer could tell root to send LOT emailes. I detect it , I guess when they started.I did not know how they did it, apparently with a program injection or similar strategy since it seems they do not enter the server, for what I have checked until now. Can be restricted the root user? ON the side of the OS or the sendmail. Suggestions on how to avoid this again. The password for root was VERY strong. I do not think they access it. I guess when I configured the email and server let something open so root was forced to do that. Thanks in advance Jorge BIquez ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Disable or limit email in root?
I don't remember for sendmail but if you install postfix root cannot receive any email Le 27/05/2011 05:03, Jorge Biquez a écrit : Hello all. Is it possible that the root user can be limited to send email only for activities realetd to the server and only locally? or limit the amount of root user can send. I have a 7.3 small server working as secondary dns, 3 domains for http and email. very few traffic. Using sendmail, the default one. IN some way a spammer could tell root to send LOT emailes. I detect it , I guess when they started.I did not know how they did it, apparently with a program injection or similar strategy since it seems they do not enter the server, for what I have checked until now. Can be restricted the root user? ON the side of the OS or the sendmail. Suggestions on how to avoid this again. The password for root was VERY strong. I do not think they access it. I guess when I configured the email and server let something open so root was forced to do that. Thanks in advance Jorge BIquez ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Disable or limit email in root?
Hello. I am trying to find if sendmail was the problem or what... thing is not that root receive email but that root was used to send email to a list of address... JB At 11:07 p.m. 26/05/2011, you wrote: I don't remember for sendmail but if you install postfix root cannot receive any email Le 27/05/2011 05:03, Jorge Biquez a écrit : Hello all. Is it possible that the root user can be limited to send email only for activities realetd to the server and only locally? or limit the amount of root user can send. I have a 7.3 small server working as secondary dns, 3 domains for http and email. very few traffic. Using sendmail, the default one. IN some way a spammer could tell root to send LOT emailes. I detect it , I guess when they started.I did not know how they did it, apparently with a program injection or similar strategy since it seems they do not enter the server, for what I have checked until now. Can be restricted the root user? ON the side of the OS or the sendmail. Suggestions on how to avoid this again. The password for root was VERY strong. I do not think they access it. I guess when I configured the email and server let something open so root was forced to do that. Thanks in advance Jorge BIquez ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Disable or limit email in root?
On Fri, May 27, 2011 at 12:16 AM, Jorge Biquez jbiq...@intranet.com.mx wrote: I am trying to find if sendmail was the problem or what... thing is not that root receive email but that root was used to send email to a list of address... Was the root account on the box actually used, or did someone spoof email coming from root on the box? Did you receive a spam report about email coming from the IP address of the box? Do you have the header of the email/s in question? Is sendmail running locally, or is it running SMTP on an open port? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Disable or limit email in root?
On 5/27/11 12:16 AM, Jorge Biquez wrote: Hello. I am trying to find if sendmail was the problem or what... thing is not that root receive email but that root was used to send email to a list of address... And what does it say in the logs? We'll help you interpret them if you wish, but right now I've heard nothing but speculation and I've heard nothing to distinguish between: 1) Somebody sent e-mail with root@ as the return address, or 2) Somebody generated e-mail with a process running as root, or 3) both. Your sendmail log should tell you where sendmail thinks the e-mail came from and where it thinks it sent it. Or you could start by telling us HOW you detected this problem. --Jon Radel j...@radel.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Disable or limit email in root?
At 11:27 p.m. 26/05/2011, Jon Radel wrote: On 5/27/11 12:16 AM, Jorge Biquez wrote: Hello. I am trying to find if sendmail was the problem or what... thing is not that root receive email but that root was used to send email to a list of address... And what does it say in the logs? We'll help you interpret them if you wish, but right now I've heard nothing but speculation and I've heard nothing to distinguish between: 1) Somebody sent e-mail with root@ as the return address, or 2) Somebody generated e-mail with a process running as root, or 3) both. Your sendmail log should tell you where sendmail thinks the e-mail came from and where it thinks it sent it. Or you could start by telling us HOW you detected this problem. --Jon Radel j...@radel.com Hello 1) Somebody sent e-mail with root@ as the return address, or - They send it from the machine, a big queue has to be deleted before processing. 2) Somebody generated e-mail with a process running as root, or Yes, I guess that happened, the emailes where in the queue waiting to be sent... thing is the server has only 4 account for email users... all strong passwords using the last -10 command showed only the last 10 times I logged in. No new users were created apparently. I changed passwords and restricted that only my user can have ssh login and my user can the su to root. root can not login using ssh... I tested again at this moment Jorge Biquez ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Disable or limit email in root?
At 11:25 p.m. 26/05/2011, you wrote: On Fri, May 27, 2011 at 12:16 AM, Jorge Biquez jbiq...@intranet.com.mx wrote: I am trying to find if sendmail was the problem or what... thing is not that root receive email but that root was used to send email to a list of address... Was the root account on the box actually used, or did someone spoof email coming from root on the box? Did you receive a spam report about email coming from the IP address of the box? Do you have the header of the email/s in question? Is sendmail running locally, or is it running SMTP on an open port? Yes the user root was actually used. I noticed becasue since the machine is too small (an old pentium III) the mail queue grows too much and the service for nomal email was very slow. When I logged to the server the mail queue was big and all the emailes were sent by the root user. I have not received, yet, spam reports but I sure will do, I guess a least some thousand of emailes were sent. Sendmail is running on port 587 and 25 At the end a small part of the log (all the entries the same), when I logged in and disabled bind (I thought that could help to stop the emailes. I killed sendmail processes but the system was too slow and there were too many snedmail process running that it took a while to stop them all. May 26 18:22:42 krusty sendmail[36370]: p4P5EjU0070745: to=superlet...@yahoo.com.mx, delay=1+18:06:12, xdelay=00:00:00, mailer=esmtp, pri=1290845, relay=l.mx.mail.yahoo.com., dsn=4.0.0, stat=Deferred: Name server: l.mx.mail.yahoo.com.: host name lookup failure May 26 18:22:42 krusty sendmail[69923]: p4PK75tT069923: to=tuempresacr...@yahoo.com, delay=00:00:04, xdelay=00:00:00, mailer=esmtp, pri=32151, relay=l.mx.mail.yahoo.com., dsn=4.0.0, stat=Deferred: Name server: l.mx.mail.yahoo.com.: host name lookup failure May 26 18:22:43 krusty sendmail[58754]: p4P7Y2SC035537: to=inamex...@infosel.net.mx, delay=1+15:18:04, xdelay=00:00:00, mailer=esmtp, pri=1380845, relay=mx.vmx.terra.com., dsn=4.0.0, stat=Deferred: Name server: mx.vmx.terra.com.: host name lookup failure May 26 18:22:43 krusty sendmail[67814]: p4P6wdj8025797: to=consen...@infosel.com.mx, delay=1+16:18:24, xdelay=00:00:00, mailer=esmtp, pri=1650845, relay=mx.terra.com.br., dsn=4.0.0, stat=Deferred: Name server: mx.terra.com.br.: host name lookup failure May 26 18:22:43 krusty sendmail[25300]: p4P7R0qe033668: to=fferna...@infosel.net.mx, delay=1+15:19:29, xdelay=00:00:00, mailer=esmtp, pri=930845, relay=mx.vmx.terra.com., dsn=4.0.0, stat=Deferred: Name server: mx.vmx.terra.com.: host name lookup failure May 26 18:22:43 krusty sendmail[63747]: p4P9v9sg074187: to=claudian...@yahoo.com.mx, delay=1+13:13:37, xdelay=00:00:00, mailer=esmtp, pri=1560845, relay=h.mx.mail.yahoo.com., dsn=4.0.0, stat=Deferred: Name server: h.mx.mail.yahoo.com.: host name lookup failure May 26 18:22:43 krusty sendmail[17900]: p4P9MGns065419: to=eballeste...@terra.com.mx, delay=1+13:57:01, xdelay=00:00:00, mailer=esmtp, pri=210846, relay=mx.vmx.terra.com., dsn=4.0.0, stat=Deferred: Name server: mx.vmx.terra.com.: host name lookup failure May 26 18:22:46 krusty sendmail[41317]: p4P8BXIs045878: to=juliorte...@yahoo.com.mx, delay=1+14:38:56, xdelay=00:00:00, mailer=esmtp, pri=1470845, relay=b.mx.mail.yahoo.com., dsn=4.0.0, stat=Deferred: Name server: b.mx.mail.yahoo.com.: host name lookup failure May 26 18:22:47 krusty sendmail[4586]: p4P3wNVF036046: to=albertnov...@yahoo.com.mx, delay=1+19:23:15, xdelay=00:00:00, mailer=esmtp, pri=570846, relay=e.mx.mail.yahoo.com., dsn=4.0.0, stat=Deferred: Name server: e.mx.mail.yahoo.com.: host name lookup failure May 26 18:22:47 krusty sendmail[87746]: p4P6vbd5025549: to=andrealte...@yahoo.com.mx, delay=1+16:07:29, xdelay=00:00:00, mailer=esmtp, pri=390846, relay=j.mx.mail.yahoo.com., dsn=4.0.0, stat=Deferred: Name server: j.mx.mail.yahoo.com.: host name lookup failure May 26 18:22:47 krusty sendmail[41819]: p4P9YOFb068525: to=conimazz...@yahoo.com.mx, delay=1+13:45:19, xdelay=00:00:00, mailer=esmtp, pri=1650845, relay=k.mx.mail.yahoo.com., dsn=4.0.0, stat=Deferred: Name server: k.mx.mail.yahoo.com.: host name lookup failure May 26 18:22:47 krusty sendmail[66017]: p4PJ75P2066017: to=tuempresacr...@yahoo.com, delay=00:00:05, xdelay=00:00:00, mailer=esmtp, pri=32151, ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Disable or limit email in root?
Thanks for your comments, tomorow morning will check it again, now is normal . I was thinking on shutting it down but I guess it is better to leave it running and even with the risk , the server will have problems soon but I guess is better to tr to find how they did it will go to sleep a few hours.. jb ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org