Re: Help Finding ZFS snapshots
On 5 September 2011 16:58, Gene f...@brightstar.bomgardner.net wrote: On Mon, 05 Sep 2011 11:35:34 -0400, Daniel Staal wrote --As of September 5, 2011 10:23:32 AM -0500, Gene is alleged to have said: On Mon, 05 Sep 2011 10:48:22 -0400, Daniel Staal wrote --As of September 5, 2011 8:13:52 AM -0500, Gene is alleged to have said: Using FreeBSD 8.1, amd64 - I wanted to recover files from a snapshot of usr/home. Everything I've found via googling refers to a link such as path/zfs/.snapshot --As for the rest, it is mine. Try path/.zfs. ;) (Which, on my system, then has a 'snapshot' directory, which holds all the snapshots.) Daniel T. Staal No such luck. The following: cd / ls -R | grep -i zfs finds only 'zfs' directories in the source tree and ports. Other ideas? I know the snapshots exist, I can see 'em with zfs list -t snapshot. --As for the rest, it is mine. Don't check if the directory is there first. It isn't. Just 'cd' to it, and it will exist. Daniel T. Staal Well I'll be hornswaggled ... Thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org as others have posted its hidden. This is for good reason though. Just imagine you backup program trawling your 10 TB array that has 100 historical snapshots. Suddenly you are backing up 1 PB 8( ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: IPsec phase 1 and 2 negotiation in an infinite loop.
On 9/5/2011 11:58 PM, Mikhail Goriachev wrote:
(p: #1 protoid=isakmp transform=1
(t: #1 id=ike (type=lifetype value=sec)(type=lifeduration
value=7080)(type=enc value=3des)(type=auth
value=preshared)(type=hash value=sha1)(type=group desc
value=modp1024
(vid: len=16 afcad71372a1f1c96b8696fc99570100)
03:17:31.637424 IP (tos 0x0, ttl 50, id 0, offset 0, flags [DF], proto UDP
(17), length 108)
w.x.y.z.500 a.b.c.d.500: [udp sum ok] isakmp 1.0 msgid cookie -:
phase 1 R ident:
(sa: doi=ipsec situation=identity
(p: #1 protoid=isakmp transform=1
(t: #1 id=ike (type=lifetype value=sec)(type=lifeduration
value=7080)(type=enc value=3des)(type=auth
value=preshared)(type=hash value=sha1)(type=group desc
value=modp1024
OK, both sides are 3des, psk and sha1 dhgroup 1. Thats good.
Note: a.b.c.d is my end. w.x.y.z is the other end. vid:, ke: and
nonce: are scrambled.
flag=0x8000, lorv=AES-CBC
Sep 5 20:40:27 vpnmach racoon: DEBUG: encryption(aes)
Sep 5 20:40:27 vpnmach racoon: DEBUG: type=Hash Algorithm, flag=0x8000,
lorv=MD5
Sep 5 20:40:27 vpnmach racoon: DEBUG: hash(md5)
Sep 5 20:40:27 vpnmach racoon: DEBUG: type=Authentication Method,
... yet, you have AES and md5 ?? where are those coming from ? Do you
have an extra config for the remote somewhere in your files perhaps that
is matching ?
---Mike
remote w.x.y.z {
exchange_mode main;
proposal_check obey;
proposal {
encryption_algorithm 3des;
hash_algorithm sha1;
authentication_method pre_shared_key;
dh_group modp1024;
}
}
--
---
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, m...@sentex.net
Providing Internet services since 1994 www.sentex.net
Cambridge, Ontario Canada http://www.tancsa.com/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
fetchmail in system-wide mode
Hello, On the Internet there are some sites where they say to start fetchmail(1) in system-wide should put these two options in rc.conf(5) : fetchmail_enable=YES fetchmail_polling_interval=60 Although the second is optional and at first has little to do with this question because this question is addressed rather to the first option. I searched in /etc/defaults/rc.conf and rc.conf(5) manual and find no reference to these two options. I have them in my rc.conf(5) but fetchmail(1) does not start automatically. In /usr/src/UPDATING not found any reference to it. Which is the correct way to start fetchmail(1) in system-wide? Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
bb hang detected
Hello, periodically I get a ath0 bb hang detected resetting message on my console. When this happens, sometimes it sets my default route to 0.0.0.0/24. Is there a way to make my routing tables unchangeable? Or to stop the bb hang error? Thanks___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: fetchmail in system-wide mode
On Tue, Sep 06, 2011 at 03:10:50PM +0200, Xavier FreeBSD questions wrote: Hello, On the Internet there are some sites where they say to start fetchmail(1) in system-wide should put these two options in rc.conf(5) : fetchmail_enable=YES fetchmail_polling_interval=60 This has worked for me in the past when I've needed fetchmail(1). Although the second is optional and at first has little to do with this question because this question is addressed rather to the first option. I searched in /etc/defaults/rc.conf and rc.conf(5) manual and find no reference to these two options. This is to be expected. fetchmail(1) is a port, not part of the base system. I have them in my rc.conf(5) but fetchmail(1) does not start automatically. In /usr/src/UPDATING not found any reference to it. Again, what you'd expect. Which is the correct way to start fetchmail(1) in system-wide? Is fetchmail installed on your system? If so, and you still can't get it to start automatically, try this: # script fetchmail_startup sh -x /usr/local/etc/rc.d/fetchmail start You'll now have a file called `fetchmail_startup' which will contain a record of exactly what the fetchmail rc script did as it executed, which may or may not prove informative. Dan -- Daniel Bye _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ pgpqwPjWkYetD.pgp Description: PGP signature
ejabberd cannot be controlled with ejabberdctl
A while ago I upgraded ejabberd from 2.1.5 to 2.1.8, and also updated erlang to r14b03 (not sure the prior version, but it was an r14 release). Running on FreeBSD 8.2/i386. Ever since the upgrade, I cannot use the ejabberdctl program to control it. It always says Failed RPC connection to the node ejabberd@lorax: nodedown. The short host name of my server is lorax. If I log into the web interface, it does show node ejabberd@lorax is running as the only node. Up until this upgrade I was able to use ejabberdctl just fine to re-open logs and do clean shutdown. I searched the forums and mailing lists and found basically that I need to ensure that when ejabberd starts, it uses the same node name. I checked the start scripts and it does indeed (and always has) explicitly set the node name to ejabberd@lorax, so I'm pretty well stumped at this point. The only tricky part of the config is that I bound the web interface to the private IP of this machine, instead of the public (it has two NICs). I'm using the FreeBSD port version of both erlang and ejabberd. Any help would be appreciated. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FW: cpio command and schg flags
I am trying to use this code sequence to clone a directory tree. mkdir /usr/test1 cd /var find . | cpio -dmp /usr/test1 The result is /usr/test1 gets populated with the directory tree but all the schg flags get stripped off. How can I keep the schg flags in the cloned directory? Did you copy under root? BSD cpio unlike GNU cpio does preserve file flags. $ cpio --version bsdcpio 2.8.4 -- libarchive 2.8.4 $ find /lib | sudo cpio -dmp test 56525 blocks $ ls -lo test/lib | awk '$5 != -' total 15595 -r--r--r-- 1 root wheel schg 4440677 Sep 5 22:24 libc.so.7 -r--r--r-- 1 root wheel schg 131655 Sep 5 22:24 libcrypt.so.5 -r--r--r-- 1 root wheel schg 592241 Sep 5 22:24 libthr.so.3 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: A quality operating system
Lots of other people have given good answers. I'm just chiming in on points 3 and 7 On 20 Aug 2011, at 05:47, Evan Busch wrote: What is a quality operating system? I work as a database developer in an SME. I support end users on Mac OSX and Windows XP .. Windows Vista clients, and Windows 2008, FreeBSD and SuSE linux servers. Of these, the FreeBSD servers give least trouble. For non-techie users, usually but not always the OS X people have fewer problems. In his view, and now mine, a quality operating system is reliable, streamlined and clearly organized. That is hard to disagree with (3) Horrible documentation. This is my specialty and has been since the early 1980s. The FreeBSD documentation is wordy, disorganized, inconsistent and highly selective in what it mentions. It is not the product of professionals but it also not the product of volunteers with a focus on communication. It seems pro-forma, as in, it's in the documentation, so don't bother me. The web site compounds this error by pointing us in multiple directions instead of to a singular resource. It is bad enough that man pages are separate from your main documentation tree, but now you have doubled or trebled the workload required of you without any benefit to the end user. I personally find the documentation that comes as part of the install and the documentation on the FreeBSD website EASIER to use and more complete than any alternatives I use on a regular basis. (7) Disorganized website. Again, what are you comparing it to? I can often find my way to exactly the information I am looking for on the FreeBSD site using the search tool and menu structure within that site. To search for answers about Windows server, Windows desktop or OSX problems, I tend to rely on external search engines (Bing, Google) to trawl through the sites, and it takes longer to find the answers I need Michael Doyle mdo...@cooperationireland.org -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
wheel group mkdir
I have a user that belongs to the wheel group but when the user tries to issue mkdir command it gets a permission denied error. How do I fix this? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: wheel group mkdir
On 06/09/2011 16:49, Fbsd8 wrote: I have a user that belongs to the wheel group but when the user tries to issue mkdir command it gets a permission denied error. How do I fix this? Make the directory that contains where your user is trying to create a new subdirectory writable by group wheel. Either that, or teach your user to use su(1) or sudo(1) so they can mkdir as root. (Adding users to group wheel so they are permitted to run su(1) is a BSD-ism, and is the usual reason for adding anyone to wheel.) Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: IPsec phase 1 and 2 negotiation in an infinite loop.
Mike Tancsa wrote:
On 9/5/2011 11:58 PM, Mikhail Goriachev wrote:
(p: #1 protoid=isakmp transform=1
(t: #1 id=ike (type=lifetype value=sec)(type=lifeduration
value=7080)(type=enc value=3des)(type=auth
value=preshared)(type=hash value=sha1)(type=group desc
value=modp1024
(vid: len=16 afcad71372a1f1c96b8696fc99570100)
03:17:31.637424 IP (tos 0x0, ttl 50, id 0, offset 0, flags [DF], proto
UDP
(17), length 108)
w.x.y.z.500 a.b.c.d.500: [udp sum ok] isakmp 1.0 msgid cookie -:
phase 1 R ident:
(sa: doi=ipsec situation=identity
(p: #1 protoid=isakmp transform=1
(t: #1 id=ike (type=lifetype value=sec)(type=lifeduration
value=7080)(type=enc value=3des)(type=auth
value=preshared)(type=hash value=sha1)(type=group desc
value=modp1024
OK, both sides are 3des, psk and sha1 dhgroup 1. Thats good.
Note: a.b.c.d is my end. w.x.y.z is the other end. vid:, ke: and
nonce: are scrambled.
flag=0x8000, lorv=AES-CBC
Sep 5 20:40:27 vpnmach racoon: DEBUG: encryption(aes)
Sep 5 20:40:27 vpnmach racoon: DEBUG: type=Hash Algorithm, flag=0x8000,
lorv=MD5
Sep 5 20:40:27 vpnmach racoon: DEBUG: hash(md5)
Sep 5 20:40:27 vpnmach racoon: DEBUG: type=Authentication Method,
... yet, you have AES and md5 ?? where are those coming from ? Do you
have an extra config for the remote somewhere in your files perhaps that
is matching ?
Nop. There're no extra files. The only thing the other guys gave me was:
Operation Mode: Tunnel (Net to Net)
Authentication Type: Pre shared secret
Phase 1: 3DES/SHA1, DH Group=2
Phase 2: 3DES/SHA1, PFS=no, DH Group=any
Based on that I got it working.
So, do you reckon the other end suddenly began advertising/requesting aes
and md5 instead of 3des and sha1?
---Mike
remote w.x.y.z {
exchange_mode main;
proposal_check obey;
proposal {
encryption_algorithm 3des;
hash_algorithm sha1;
authentication_method pre_shared_key;
dh_group modp1024;
}
}
--
---
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, m...@sentex.net
Providing Internet services since 1994 www.sentex.net
Cambridge, Ontario Canada http://www.tancsa.com/
--
Mikhail Goriachev
Webanoide
Mobile: +56 9 78772741
Web: www.webanoide.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: wheel group mkdir
On Tue, 06 Sep 2011 17:49:32 +0100, Matthew Seaman wrote: Either that, or teach your user to use su(1) or sudo(1) so they can mkdir as root. (Adding users to group wheel so they are permitted to run su(1) is a BSD-ism, and is the usual reason for adding anyone to wheel.) Just an addition: In regards of what sudo does, see super (it's in the ports, same category as sudo). It allows a fine control over _what_ commands can be executed. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: wheel group mkdir
From owner-freebsd-questi...@freebsd.org Tue Sep 6 11:07:48 2011 Date: Tue, 06 Sep 2011 11:49:04 -0400 From: Fbsd8 fb...@a1poweruser.com To: Freebsd-questions@freebsd.org Cc: Subject: wheel group mkdir I have a user that belongs to the wheel group but when the user tries to issue mkdir command it gets a permission denied error. How do I fix this? First, figure out _why_ the user is getting that error. grin exactly -what- executable named 'mkdir' are they trying to run? 'which mkdir' What are the permissions on that file *WHERE* are they trying to create the file, and what are the permissions on -that- directory? Note: Including the _exact_ error message is a GOOD IDEA(tm). There is a *SIGNIFICANT* difference between: $ mkdir foo mkdir: permission denied and $ mkdir foo mkdir: foo: permission denied ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: wheel group mkdir
Matthew Seaman wrote: On 06/09/2011 16:49, Fbsd8 wrote: I have a user that belongs to the wheel group but when the user tries to issue mkdir command it gets a permission denied error. How do I fix this? Make the directory that contains where your user is trying to create a new subdirectory writable by group wheel. Either that, or teach your user to use su(1) or sudo(1) so they can mkdir as root. (Adding users to group wheel so they are permitted to run su(1) is a BSD-ism, and is the usual reason for adding anyone to wheel.) Cheers, Matthew Matthew Thanks for your reply. I have a user id that is in the wheel group. I su and get prompted for the user id's password after which I get returned to the command line. Running the script with the mkdir command embedded still returns Permission Denied message. I have read the su man page to no joy. Could you please explain the sequence of events to get su to work. Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: wheel group mkdir
On 9/6/11 7:13 PM, Fbsd8 wrote: Thanks for your reply. I have a user id that is in the wheel group. I su and get prompted for the user id's password after which I get returned to the command line. Running the script with the mkdir command embedded still returns Permission Denied message. I have read the su man page to no joy. Could you please explain the sequence of events to get su to work. Since you're the one having the issue you wish to have resolved, you might want to take it upon yourself to tell us *exactly* what you're typing, what the results are, and what you'd prefer to have happen instead. We can guess what you're doing when you say I su and get prompted for the user id's password after which I get returned to the command line, but given the root problem is that you don't fully understand the su command, it's hard to be certain what you mean by that. Going out on a limb, however, I'll point out that, when you're logged in as fred su - fred doesn't do much for you as you remain fred, whereas, what was meant in the suggestion to you was something more along the lines of su - which, if you enter root's password, leaves you as root. (Or gives you a shell with root's privileges to be a bit more precise.) But, again, I'd suggest that this would go faster if you provide what you're doing and what the results are rather than what you think you're doing and what you think the results mean. To recap: Cut and paste what's actually happening, not your summary of same. -- --Jon Radel j...@radel.com
Re: wheel group mkdir
On Tuesday 06 September 2011 15:13:48 Fbsd8 wrote: Matthew Seaman wrote: On 06/09/2011 16:49, Fbsd8 wrote: I have a user that belongs to the wheel group but when the user tries to issue mkdir command it gets a permission denied error. How do I fix this? Make the directory that contains where your user is trying to create a new subdirectory writable by group wheel. Either that, or teach your user to use su(1) or sudo(1) so they can mkdir as root. (Adding users to group wheel so they are permitted to run su(1) is a BSD-ism, and is the usual reason for adding anyone to wheel.) Cheers, Matthew Matthew Thanks for your reply. I have a user id that is in the wheel group. I su and get prompted for the user id's password after which I get returned to the command line. Running the script with the mkdir command embedded still returns Permission Denied message. I have read the su man page to no joy. Could you please explain the sequence of events to get su to work. user# su Pass: root password root# Beech -- --- Beech Rintoul - FreeBSD Developer - be...@freebsd.org /\ ASCII Ribbon Campaign | FreeBSD Since 4.x \ / - NO HTML/RTF in e-mail | http://people.freebsd.org/~beech X - NO Word docs in e-mail | Skype: akbeech / \ - http://www.FreeBSD.org/releases/8.2R/announce.html --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: cpio command and schg flags
I am trying to use this code sequence to clone a directory tree. mkdir /usr/test1 cd /var find . | cpio -dmp /usr/test1 The result is /usr/test1 gets populated with the directory tree but all the schg flags get stripped off. How can I keep the schg flags in the cloned directory? Did you copy under root? BSD cpio unlike GNU cpio does preserve file flags. $ cpio --version bsdcpio 2.8.4 -- libarchive 2.8.4 $ find /lib | sudo cpio -dmp test 56525 blocks $ ls -lo test/lib | awk '$5 != -' total 15595 -r--r--r-- 1 root wheel schg 4440677 Sep 5 22:24 libc.so.7 -r--r--r-- 1 root wheel schg 131655 Sep 5 22:24 libcrypt.so.5 -r--r--r-- 1 root wheel schg 592241 Sep 5 22:24 libthr.so.3 I am running release 8.2 and $ cpio --version returns bsdcpio 2.7.0 -- libarchive 2.7.0 This version seems not to copy the schg flag maybe cpio got upgraded in release 9.0 which you must be running. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: wheel group mkdir
Beech Rintoul wrote: On Tuesday 06 September 2011 15:13:48 Fbsd8 wrote: Matthew Seaman wrote: On 06/09/2011 16:49, Fbsd8 wrote: I have a user that belongs to the wheel group but when the user tries to issue mkdir command it gets a permission denied error. How do I fix this? Make the directory that contains where your user is trying to create a new subdirectory writable by group wheel. Either that, or teach your user to use su(1) or sudo(1) so they can mkdir as root. (Adding users to group wheel so they are permitted to run su(1) is a BSD-ism, and is the usual reason for adding anyone to wheel.) Cheers, Matthew Matthew Thanks for your reply. I have a user id that is in the wheel group. I su and get prompted for the user id's password after which I get returned to the command line. Running the script with the mkdir command embedded still returns Permission Denied message. I have read the su man page to no joy. Could you please explain the sequence of events to get su to work. user# su Pass: root password root# Beech Thank you Beech. I was entering the password of the user. When I entered root's password the script containing mkdir worked. One remaining question. Is there any time limit on having root access? I mean will root access remain until the user exits? Thanks again ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
SV: wheel group mkdir
-Oprindelig meddelelse- Fra: owner-freebsd-questi...@freebsd.org [mailto:owner-freebsd-questi...@freebsd.org] På vegne af Fbsd8 Sendt: den 7 september 2011 01:14 Til: Matthew Seaman Cc: Freebsd-questions@freebsd.org Emne: Re: wheel group mkdir Matthew Seaman wrote: On 06/09/2011 16:49, Fbsd8 wrote: I have a user that belongs to the wheel group but when the user tries to issue mkdir command it gets a permission denied error. How do I fix this? Make the directory that contains where your user is trying to create a new subdirectory writable by group wheel. Either that, or teach your user to use su(1) or sudo(1) so they can mkdir as root. (Adding users to group wheel so they are permitted to run su(1) is a BSD-ism, and is the usual reason for adding anyone to wheel.) Cheers, Matthew Matthew Thanks for your reply. I have a user id that is in the wheel group. I su and get prompted for the user id's password after which I get returned to the command line. Running the script with the mkdir command embedded still returns Permission Denied message. I have read the su man page to no joy. Could you please explain the sequence of events to get su to work. Thanks Hello. If I've got the correct impression of it, to be in the wheel group, able you to su to root, meaning get root privilieges. BUT you have to know and use the root password. If you have installed the sudo port, which is very easy to config, just by removing some hash # marks some common privilieges of the wheel group, to obtain almost root power configurable by you. And also configuarable is, if you like the group to use their own passwords or none, just belonging to the wheel group, when issuing the sudo command. According to my humble understanding, just belonging to the wheel group without further configuration, don't get you much more. /Hasse ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SV: wheel group mkdir
Hasse Hansson wrote: -Oprindelig meddelelse- Fra: owner-freebsd-questi...@freebsd.org [mailto:owner-freebsd-questi...@freebsd.org] På vegne af Fbsd8 Sendt: den 7 september 2011 01:14 Til: Matthew Seaman Cc: Freebsd-questions@freebsd.org Emne: Re: wheel group mkdir Matthew Seaman wrote: On 06/09/2011 16:49, Fbsd8 wrote: I have a user that belongs to the wheel group but when the user tries to issue mkdir command it gets a permission denied error. How do I fix this? Make the directory that contains where your user is trying to create a new subdirectory writable by group wheel. Either that, or teach your user to use su(1) or sudo(1) so they can mkdir as root. (Adding users to group wheel so they are permitted to run su(1) is a BSD-ism, and is the usual reason for adding anyone to wheel.) Cheers, Matthew Matthew Thanks for your reply. I have a user id that is in the wheel group. I su and get prompted for the user id's password after which I get returned to the command line. Running the script with the mkdir command embedded still returns Permission Denied message. I have read the su man page to no joy. Could you please explain the sequence of events to get su to work. Thanks Hello. If I've got the correct impression of it, to be in the wheel group, able you to su to root, meaning get root privilieges. BUT you have to know and use the root password. If you have installed the sudo port, which is very easy to config, just by removing some hash # marks some common privilieges of the wheel group, to obtain almost root power configurable by you. And also configuarable is, if you like the group to use their own passwords or none, just belonging to the wheel group, when issuing the sudo command. According to my humble understanding, just belonging to the wheel group without further configuration, don't get you much more. /Hasse Thank you Hasse You gave me the solution. I was entering the password of the user and should have been entering the root password. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: nss-3.12.11.with.ckbi.1.87.tar.gz: File unavailable (e.g., file not found, no access)
On Mon, Sep 5, 2011 at 8:33 PM, Dan Nelson dnel...@allantgroup.com wrote: In the last episode (Sep 05), Antonio Olivares said: Dear folks, sorry to bother you guys, but I am encountering a problem updating I need 4 ports only, but can't get past the error above: Building new INDEX files... done. === New version available: ca_root_nss-3.12.11_1 === New version available: gtk-2.24.6 === New version available: gtk-update-icon-cache-2.24.6 === New version available: firefox-6.0.1,1 === 402 total installed ports === 4 have new versions available grullahighschool# portmaster -a === License check disabled, port has not defined LICENSE === Found saved configuration for ca_root_nss-3.12.9 = nss-3.12.11.with.ckbi.1.87.tar.gz doesn't seem to exist in /usr/ports/distfiles//. = Attempting to fetch http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_12_11_WITH_CKBI_1_87_RTM/src/nss-3.12.11.with.ckbi.1.87.tar.gz fetch: http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_12_11_WITH_CKBI_1_87_RTM/src/nss-3.12.11.with.ckbi.1.87.tar.gz: No address record This is your main problem; you aren't able to resolve ftp.mozilla.org for some reason. The other sites are mirrors that either aren't mirroring the security subdirectory, or haven't updated their mirror recently enough to have a copy of that file. I tried to get the file manually, but it does not exist. Thanks for advice/suggestions/comments. It definitely does exist at the above url. Since you seem to be having DNS issues, try putting 63.245.209.137 ftp.mozilla.org in your /etc/hosts file and try fetching again, since that's what ftp.mozilla.org currently resolves to. Remember to remove the line after fetching, since the IP may change later. http://www.robtex.com/dns/ftp.mozilla.org#records -- Thank you very much Dan :) Adding the line to /etc/hosts does get the package and installs it. I am updated to latest. Appreciate the help. Regards, Antonio ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Best Server OS for Someone That Does not Want to Touch a Shell on a Regular Basis?
On Mon, Sep 05, 2011 at 04:36:23PM +0200, Polytropon wrote: On Mon, 05 Sep 2011 10:20:22 -0400, Pierre-Luc Drouin wrote: How well does it work to use binary packages only to maintain a FreeBSD web server in general (I am thinking of package availability, but also and in particular as a quasi-automated updating tool)? Quite well - as long as you're satisfied with the default building options. You know that a binary package is a port, compiled with the default set of options. This is okay in most cases, but there may be situations where you explicitely need to enable or disable a certain feature at compile time. You also may encounter a situation where _no_ package is available for a port (e. g. too many options, or licensing restrictions). This can be solved by portmaster which has an option to go through all interactive configuration screens _before_ starting any action. Those settings can be saved for the next update run. The portmaster program itself can be instructed to _use_ binary packages (just as pkg_add -r would do) with the -P and -PP options. In this case, binary packages will be used as long as possible, and only those ports that require building (as no package exists) will be compiled. See man portmaster for details. This is a good approach in combination with freebsd-update. I have used that concept on some servers myself (especially on smaller ones with low resources where compiling would be too problematic). I noticed that in the past few years, updating softwares through ports has been requiring more user intervention, due to the way some dependencies are being updated from one version to the next. Would using binary packages allow to avoid more such user intervention? Yes. All dependencies would be incorporated automatically. Only ports without equivalent package that additionally have OPTIONS to set would invoke a configuration screen, and this screen would have to be dealt with only in the first run of the updating process. There are also options for portmaster that can be used to control program behaviour in case of problems (e. g. some package not found, conflicting ports, versioning problem, or port marked broken). Those solutions can also easily be scripted, e. g. check one a week for possible updates and get the packages, but do not install them automatically (which can be a security requirement). If the list is approved, the updates will be installed during night, creating a fallback copy just in case something went wrong (e. g. malfunctioning new software). Reports can be generated automatically and mailed to the system administrator. I would also suggest to frequently check the mailing lists of the software in use for bugs and security updates that might be interesting in terms of system security. This sould be done for any major server software (Apache, PHP, MySQL and the services utilizing those software, whatever you want to run on the server). I'd recommend installing ports-mgmt/portaudit to keep an eye out on any vulnerabilities that require an update of the ports/packages. Personally, I'd go for ports rather than packages. As long as your friend reads /usr/ports/UPDATING and he uses either portupgrade or portmaster, he shouldn't go too far wrong. Also couldn't your friend give you a key for his server so that you can ssh into it and fix things if it goes wrong? Regards, -- Frank Contact info: http://www.shute.org.uk/misc/contact.html pgpCyzp8FB6dy.pgp Description: PGP signature
Re: fetchmail in system-wide mode
On Tue, Sep 06, 2011 at 03:19:36PM +0100, Daniel Bye wrote: Hi Daniel, On Tue, Sep 06, 2011 at 03:10:50PM +0200, Xavier FreeBSD questions wrote: Hello, On the Internet there are some sites where they say to start fetchmail(1) in system-wide should put these two options in rc.conf(5) : fetchmail_enable=YES fetchmail_polling_interval=60 This has worked for me in the past when I've needed fetchmail(1). Although the second is optional and at first has little to do with this question because this question is addressed rather to the first option. I searched in /etc/defaults/rc.conf and rc.conf(5) manual and find no reference to these two options. This is to be expected. fetchmail(1) is a port, not part of the base system. I have them in my rc.conf(5) but fetchmail(1) does not start automatically. In /usr/src/UPDATING not found any reference to it. Again, what you'd expect. Which is the correct way to start fetchmail(1) in system-wide? Is fetchmail installed on your system? If so, and you still can't get it to start automatically, try this: # script fetchmail_startup sh -x /usr/local/etc/rc.d/fetchmail start You'll now have a file called `fetchmail_startup' which will contain a record of exactly what the fetchmail rc script did as it executed, which may or may not prove informative. I paste the fetchmail_startup in: http://pastebin.com/vFqdhwfg For you, the answer of why don't worked for me fetchmail is lines 502 and 503 ? Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Can someone help me with Ghostscript9?
Hello,
Trying to build ghostscript9 it fails because it is unable to make
./obj/../soobj/ld.tr.
I've looked in UPDATING and also googled, with no luck. I've appended
the output from make at the end.
Thanks in advance
Scott
gmake[1]: Entering directory
`/usr/ports/print/ghostscript9/work/ghostscript-9.02'
./obj/../soobj/genconf ./obj/../soobj/devs.tr -h /dev/stdout -p %ss -pl
-l%ss -pL -L%ss -ol ./obj/../soobj/ld.tr | awk 'BEGIN{j=0; p=1;}
/jpeg_device/ {if(j++ 0) p=0;} // {if(p==1) { print; } else { p=1 } }'
./obj/../soobj/gconfxx.h
Can't open /dev/stdout for output.
./obj/../soobj/echogs -a ./obj/../soobj/gconfxx.h
rm -f ./obj/../soobj/gconfig.c
rm -f ./obj/../soobj/gconfig.h
cp ./obj/../soobj/gconfxx.h ./obj/../soobj/gconfig.h
cp ./base/gconf.c ./obj/../soobj/gconfig.c
cc -DHAVE_MKSTEMP -DHAVE_HYPOT -DHAVE_FONTCONFIG -DHAVE_LIBIDN
-DHAVE_SETLOCALE -DHAVE_SSE2 -DHAVE_DBUS -O2 -fno-strict-aliasing -pipe -g
-fPIC -DUPD_SIGNAL=0 -I.
-I/usr/ports/print/ghostscript9/work/ghostscript-9.02/lcms/include
-I/usr/ports/print/ghostscript9/work/ghostscript-9.02/jasper/src/libjasper/include
-I/usr/local/include/libpng -I/usr/local/include
-I/usr/local/include/freetype2 -Wall -Wstrict-prototypes -Wundef
-Wmissing-declarations -Wmissing-prototypes -Wwrite-strings
-Wno-strict-aliasing -Wdeclaration-after-statement -fno-builtin -fno-common
-DHAVE_STDINT_H -DGX_COLOR_INDEX_TYPE=unsigned long int -O2
-fno-strict-aliasing -pipe -DUSE_LIBICONV_GNU -DGS_DEVS_SHARED
-DGS_DEVS_SHARED_DIR=\/usr/local/lib/ghostscript/9.02\ -fPIC -I./obj/../soobj
-I./base -o ./obj/../soobj/gconfig.o -c ./obj/../soobj/gconfig.c
./obj/../soobj/gconfig.c:189: warning: no previous prototype for
'gs_lib_register_device'
rm -f ./obj/../soobj/iconfig.c
cp ./obj/../soobj/gconfxx.h ./obj/../soobj/gconfig.h
cp ./psi/iconf.c ./obj/../soobj/iconfig.c
cc -DHAVE_MKSTEMP -DHAVE_HYPOT -DHAVE_FONTCONFIG -DHAVE_LIBIDN
-DHAVE_SETLOCALE -DHAVE_SSE2 -DHAVE_DBUS -O2 -fno-strict-aliasing -pipe -g
-fPIC -DUPD_SIGNAL=0 -I.
-I/usr/ports/print/ghostscript9/work/ghostscript-9.02/lcms/include
-I/usr/ports/print/ghostscript9/work/ghostscript-9.02/jasper/src/libjasper/include
-I/usr/local/include/libpng -I/usr/local/include
-I/usr/local/include/freetype2 -Wall -Wstrict-prototypes -Wundef
-Wmissing-declarations -Wmissing-prototypes -Wwrite-strings
-Wno-strict-aliasing -Wdeclaration-after-statement -fno-builtin -fno-common
-DHAVE_STDINT_H -DGX_COLOR_INDEX_TYPE=unsigned long int -O2
-fno-strict-aliasing -pipe -DUSE_LIBICONV_GNU -DGS_DEVS_SHARED
-DGS_DEVS_SHARED_DIR=\/usr/local/lib/ghostscript/9.02\ -I./psi
-I./obj/../soobj -I./obj/../soobj -I./base -o ./obj/../soobj/iconfig.o -c
./obj/../soobj/iconfig.c
./obj/../soobj/echogs -w ./obj/../soobj/ldt.tr -n - cc -L/usr/local/lib
-L/usr/local/lib -shared -Wl,-soname=libgs.so.9 -o ./bin/../sobin/libgs.so.9.02
./obj/../soobj/echogs -a ./obj/../soobj/ldt.tr -n -s ./obj/../soobj/gsromfs0.o
./obj/../soobj/gs.o -s
cat ./obj/../soobj/ld.tr ./obj/../soobj/ldt.tr
cat: ./obj/../soobj/ld.tr: No such file or directory
gmake[1]: *** [bin/../sobin/libgs.so.9.02] Error 1
gmake[1]: Leaving directory
`/usr/ports/print/ghostscript9/work/ghostscript-9.02'
gmake: *** [so] Error 2
*** Error code 1
Stop in /usr/ports/print/ghostscript9.
*** Error code 1
Stop in /usr/ports/print/ghostscript9.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
