Security report question

[Kurt Buff]

I've noted in a security mail from one of my machines the following log entries:

+++ /tmp/security.yEepp7hR  Sat Sep 29 03:02:07 2007
+Limiting closed port RST response from 253 to 200 packets/sec
+Limiting closed port RST response from 233 to 200 packets/sec
+Limiting closed port RST response from 262 to 200 packets/sec
+Limiting closed port RST response from 283 to 200 packets/sec


I don't know what this means, though I suspect it could mean that I'm
being port scanned. Is this a reasonable guess?

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Security report question

[Kurt Buff]

On 9/30/07, Chuck Swiger <[EMAIL PROTECTED]> wrote:
> Kurt Buff wrote:
> [ ... ]
> > +Limiting closed port RST response from 283 to 200 packets/sec
> >
> > I don't know what this means, though I suspect it could mean that I'm
> > being port scanned. Is this a reasonable guess?
>
> Yes.  It could also be something beating really hard on a single closed port, 
> too.
>
> --
> -Chuck

Thanks. This, coupled with some invalid SSH login attempts from a
known user, has made me quite suspicious. I think, though, that this
is all that I can call it at this point - suspcious.

Anything further I could turn up to monitor/log what's going on?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Security report question

[Kurt Buff]

On 9/30/07, Ian Smith <[EMAIL PROTECTED]> wrote:
> On Sun, 30 Sep 2007 09:41:00 -0700 Kurt Buff <[EMAIL PROTECTED]> wrote:
>  > On 9/30/07, Chuck Swiger <[EMAIL PROTECTED]> wrote:
>  > > Kurt Buff wrote:
>  > > [ ... ]
>  > > > +Limiting closed port RST response from 283 to 200 packets/sec
>  > > >
>  > > > I don't know what this means, though I suspect it could mean that I'm
>  > > > being port scanned. Is this a reasonable guess?
>  > >
>  > > Yes.  It could also be something beating really hard on a single closed 
> port, too.
>  > >
>  > > --
>  > > -Chuck
>  >
>  > Thanks. This, coupled with some invalid SSH login attempts from a
>  > known user, has made me quite suspicious. I think, though, that this
>  > is all that I can call it at this point - suspcious.
>  >
>  > Anything further I could turn up to monitor/log what's going on?
>
> It may help in spotting unwanted stuff getting past your firewall,
> to either add to /etc/rc.conf:
>  log_in_vain="1"
>
> or (coming to the same thing) add to /etc/sysctl.conf:
>  net.inet.tcp.log_in_vain=1
>  net.inet.udp.log_in_vain=1
>
> You can set the latter two sysctls immediately, of course.
>
> Cheers, Ian

Looks like it's time to learn how to set up PF. This machine is
internal to our enterprise, but in its own subnet separate from the
server and the end-user subnets, between our firewall and our main
router. The only ports open on it are SSH and SMTP, so I hadn't had
the inclination, amongst all my other tasks, to set up that up.

Handbook, here I come.

Thanks for the help.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: best spam filter port(s) for postfix?

[Kurt Buff]

On 9/30/07, Joe in MPLS <[EMAIL PROTECTED]> wrote:
> I'm running 6.2-STABLE with postfix with cyrus-sasl, imap-uw & horde for
> mail. I'd like to stop depending on clients(Thunderbird & PDAs) for
> primary spam control (especially because our PDAs don't do any). AV
> scanning would be a plus too.
>
>...jgm

Maia Mailguard. It's a fork (sorta) of amavisd-new, and integrates
SpamAssassin and ClamAV.

It can be set to quarantine emails that are suspected to be spam, and
also those with attachments that you consider to be suspicious, and
presents end-users with reminder emails and a good web interface for
managing their emails.

It Rocks.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

iSCSI and multi-terabyte support?

[Kurt Buff]

At my place of work, we're looking at implementing a SAN, most likely
with iSCSI, some time next year, and likely about 5-10TBytes.

I was wondering if FreeBSD could provide this on COTS hardware, but my
googling hasn't been successful.

>From my reading of this list over the past couple of years, it seems
that both parts of the solution - iSCSI support and large disk support
- are still problematic, but I'd like to hear more informed opinion,
as the potential cost savings is quite large.

Anyone have recent-ish experience putting something like this together?

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: iSCSI and multi-terabyte support?

[Kurt Buff]

On 10/10/07, pete wright <[EMAIL PROTECTED]> wrote:
> On 10/10/07, Kurt Buff <[EMAIL PROTECTED]> wrote:
> > At my place of work, we're looking at implementing a SAN, most likely
> > with iSCSI, some time next year, and likely about 5-10TBytes.
> >
> > I was wondering if FreeBSD could provide this on COTS hardware, but my
> > googling hasn't been successful.
> >
> > >From my reading of this list over the past couple of years, it seems
> > that both parts of the solution - iSCSI support and large disk support
> > - are still problematic, but I'd like to hear more informed opinion,
> > as the potential cost savings is quite large.
> >
> > Anyone have recent-ish experience putting something like this together?
> >
>
> IMHO opinion I do not think FreeBSD is there...yet.  ZFS is addressing
> many of the enterprise filesystem features that would be needed to
> implement something on this scale, and there is the iSCSI target from
> NetBSD available in the ports tree.
>
> I think 7-RELEASE is going to be a solid foundation for building
> solutions like this - but in the mean time it may be worth considering
> OpenSolaris if are considering going the COTS path.
>
> or - you can take a look at a company like Isilon Systems
> (http://www.isilon.com/) which builds very scalable filers based on
> FreeBSD.  I have beta tested their iSCSI implementation and it does
> look good.
>
> HTH
> -pete

Thanks - being a noob at this particular part of IT, I appreciate the feedback.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: postfix problem

[Kurt Buff]

Let's try that again, shall we?

In main.cf, what do the following lines say?

mydomain =
myorigin =
mynetworks =
mydestination =

Fixing these will likely fix your problem. My postfix box is a mail
gateway to our Exchange server, and my main.cf say these things:

mydomain = mycompany.com
myorigin = $mydomain
mynetworks = [list of IP addresses of internal servers allowed to
relay though this box]
mydestination = [null, because I don't host accounts on this box]

If you're still having problems after doing this, I suggest either
getting The Book Of Postfix (ISBN 1593270011 - www.bookpool.com is my
favorite source for technical books) and perusing that, or subscribing
to the postfix list - they're quite helpful.

Kurt

On 10/18/07, Bill Banks <[EMAIL PROTECTED]> wrote:
> Hi, Im installing postfix on a server. It accept mail from my own
> network but not from the outside. It said "relay access denied". Any clue.
>
> --
> ---
> Bill Banks 508-829-2005
> Wachusett Programming  Ourweb
> http://www.ourweb.net
> http://www.ourwebtemplates.com
>
>
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

cups-base upgrade and samba

[Kurt Buff]

According to my portaudit, cups-base has security problems, and I
can't get samba going because of it.

http://www.FreeBSD.org/ports/portaudit/8dd9722c-8e97-11dc-b8f6-001c2514716c.html

According to the above URL, this problem affects v1.3.4, and 1.3.3_1
is the latest port, from the CVSUP I did today, and it errors out when
doing a 'portupgrad -aRr'

Seems I can't get there from here.

Any suggestions on how to move forward with this?

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: cups-base upgrade and samba

[Kurt Buff]

On Nov 12, 2007 1:36 PM, Gerard <[EMAIL PROTECTED]> wrote:
>
> On November 12, 2007 at 02:42PM Kurt Buff wrote:
>
>
> > According to my portaudit, cups-base has security problems, and I
> > can't get samba going because of it.
> >
> > http://www.FreeBSD.org/ports/portaudit/8dd9722c-8e97-11dc-b8f6-001c2514716c.html
> >
> > According to the above URL, this problem affects v1.3.4, and 1.3.3_1
> > is the latest port, from the CVSUP I did today, and it errors out when
> > doing a 'portupgrad -aRr'
> >
> > Seems I can't get there from here.
> >
> > Any suggestions on how to move forward with this?
>
> Have you tried adding the following to your /etc/make.conf file?
>
> DISABLE_VULNERABILITIES=yes
>
>
> --
> Gerard

Well, that certainly seems to work, but...

I'm out of luck on security until someone updates the port, correct?

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: cups-base upgrade and samba

[Kurt Buff]

-- Forwarded message --
From: Kurt Buff <[EMAIL PROTECTED]>
Date: Nov 12, 2007 3:07 PM
Subject: Re: cups-base upgrade and samba
To: David Horn <[EMAIL PROTECTED]>


On Nov 12, 2007 1:30 PM, David Horn <[EMAIL PROTECTED]> wrote:
> I just upgraded my cups-base install to 1.3.3_1, and ran into similar issues
> at first.
>
> Try:
>
> "portaudit -F" to upgrade your audit database.  I believe portaudit
> originally thought 1.3.3_1 fell into the "affected" versions, but looks to
> be the fixed version in the latest database.
>
> http://www.freshports.org/print/cups-base/
>
> Good Luck.
>
> --_Dave

This worked, thanks.

zrouter# portaudit -aF
auditfile.tbz 100% of   45 kB  130 kBps
New database installed.
0 problem(s) in your installed packages found.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: cups-base upgrade and samba

[Kurt Buff]

On Nov 12, 2007 2:02 PM, Yuri Pankov <[EMAIL PROTECTED]> wrote:
>
> On Tuesday 13 November 2007 00:53:22 Kurt Buff wrote:
> > On Nov 12, 2007 1:36 PM, Gerard <[EMAIL PROTECTED]> wrote:
> > > On November 12, 2007 at 02:42PM Kurt Buff wrote:
> > > > According to my portaudit, cups-base has security problems, and I
> > > > can't get samba going because of it.
> > > >
> > > > http://www.FreeBSD.org/ports/portaudit/8dd9722c-8e97-11dc-b8f6-001c2514
> > > >716c.html
> > > >
> > > > According to the above URL, this problem affects v1.3.4, and 1.3.3_1
> > > > is the latest port, from the CVSUP I did today, and it errors out when
> > > > doing a 'portupgrad -aRr'
> > > >
> > > > Seems I can't get there from here.
> > > >
> > > > Any suggestions on how to move forward with this?
> > >
> > > Have you tried adding the following to your /etc/make.conf file?
> > >
> > > DISABLE_VULNERABILITIES=yes
> > >
> > >
> > > --
> > > Gerard
> >
> > Well, that certainly seems to work, but...
> >
> > I'm out of luck on security until someone updates the port, correct?
> >
> > Kurt
>
> It is already patched, please see
> http://lists.freebsd.org/pipermail/cvs-ports/2007-November/137633.html
> http://lists.freebsd.org/pipermail/cvs-ports/2007-November/137639.html
>
>
> Yuri

Excellent - Thanks so much.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: cups builds on one, but rejected by another?

[Kurt Buff]

On 11/14/07, Jonathan Horne <[EMAIL PROTECTED]> wrote:
> On Wednesday 14 November 2007 03:57:26 pm Kris Kennaway wrote:
> > Jonathan Horne wrote:
> > > On Wednesday 14 November 2007 03:39:47 pm Jonathan Horne wrote:
> > >> my jails server (6.2-p8) just ran portupgrade fine, and cups was one of
> > >> its items it updated:
> > >>
> > >> [EMAIL PROTECTED] ~]# pkg_info | grep cups-
> > >> cups-base-1.3.3_2   Common UNIX Printing System
> > >>
> > >> but my 7.0-b2 desktop, refuses to build the same package:
> > >>
> > >> ===>  cups-base-1.3.3_2 has known vulnerabilities:
> > >> => cups -- off-by-one buffer overflow.
> > >>Reference:
> > >>  > >>716 c.html> => Please update your ports tree and try again.
> > >> *** Error code 1
> > >>
> > >> what would be the differences between the 2 systems that one would build
> > >> it, and the other reject the same port?  ive not tweaked any port
> > >> security settings on either one, so this is some curious behavior to me.
> > >>
> > >> thanks,
> > >
> > > another interesting thing, when you read the portaudit page for this, it
> > > says:
> > >
> > > Affects:
> > > cups-base <1.3.3_1
> > >
> > > but yet 1.3.3_2 still is rejected.
> >
> > One or the other has either a stale portaudit database or ports tree.
> >
> > Kris
>
> what is the method for updating the portaudit database?  both have had their
> ports trees updated today, the 7.0 box multiple times.
>
> thanks,
> --
> Jonathan Horne
> http://dfwlpiki.dfwlp.org
> [EMAIL PROTECTED]

I ran into a similar issue with cups - what does 'portaudit -aF' give
on each machine?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: cups builds on one, but rejected by another?

[Kurt Buff]

On 11/14/07, Jonathan Horne <[EMAIL PROTECTED]> wrote:
> On Wednesday 14 November 2007 04:32:12 pm Kurt Buff wrote:
> > On 11/14/07, Jonathan Horne <[EMAIL PROTECTED]> wrote:
> > > On Wednesday 14 November 2007 03:57:26 pm Kris Kennaway wrote:
> > > > Jonathan Horne wrote:
> > > > > On Wednesday 14 November 2007 03:39:47 pm Jonathan Horne wrote:
> > > > >> my jails server (6.2-p8) just ran portupgrade fine, and cups was one
> > > > >> of its items it updated:
> > > > >>
> > > > >> [EMAIL PROTECTED] ~]# pkg_info | grep cups-
> > > > >> cups-base-1.3.3_2   Common UNIX Printing System
> > > > >>
> > > > >> but my 7.0-b2 desktop, refuses to build the same package:
> > > > >>
> > > > >> ===>  cups-base-1.3.3_2 has known vulnerabilities:
> > > > >> => cups -- off-by-one buffer overflow.
> > > > >>Reference:
> > > > >> <http://www.FreeBSD.org/ports/portaudit/8dd9722c-8e97-11dc-b8f6-001c
> > > > >>2514 716 c.html> => Please update your ports tree and try again.
> > > > >> *** Error code 1
> > > > >>
> > > > >> what would be the differences between the 2 systems that one would
> > > > >> build it, and the other reject the same port?  ive not tweaked any
> > > > >> port security settings on either one, so this is some curious
> > > > >> behavior to me.
> > > > >>
> > > > >> thanks,
> > > > >
> > > > > another interesting thing, when you read the portaudit page for this,
> > > > > it says:
> > > > >
> > > > > Affects:
> > > > > cups-base <1.3.3_1
> > > > >
> > > > > but yet 1.3.3_2 still is rejected.
> > > >
> > > > One or the other has either a stale portaudit database or ports tree.
> > > >
> > > > Kris
> > >
> > > what is the method for updating the portaudit database?  both have had
> > > their ports trees updated today, the 7.0 box multiple times.
> > >
> > > thanks,
> > > --
> > > Jonathan Horne
> > > http://dfwlpiki.dfwlp.org
> > > [EMAIL PROTECTED]
> >
> > I ran into a similar issue with cups - what does 'portaudit -aF' give
> > on each machine?
> > ___
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to
> > "[EMAIL PROTECTED]"
>
> interesting, portaudit seems to be part of the 7.0 base system now.  on my
> BETA2 box:
>
> [EMAIL PROTECTED] /usr/ports]# portaudit -aF
> auditfile.tbz 100% of   45 kB  100 kBps
> New database installed.
> Affected package: cups-base-1.3.3
> Type of problem: xpdf -- multiple remote Stream.CC vulnerabilities.
> Reference:
> <http://www.FreeBSD.org/ports/portaudit/2747fc39-915b-11dc-9239-001c2514716c.html>
>
> Affected package: cups-base-1.3.3
> Type of problem: cups -- off-by-one buffer overflow.
> Reference:
> <http://www.FreeBSD.org/ports/portaudit/8dd9722c-8e97-11dc-b8f6-001c2514716c.html>
>
> 2 problem(s) in your installed packages found.
>
> You are advised to update or deinstall the affected package(s) immediately.
>
> portaudit is not installed on my 6.2 server, so i have no data to print for
> that one.
>
> thanks,
> --
> Jonathan Horne
> http://dfwlpiki.dfwlp.org
> [EMAIL PROTECTED]

That lack of portaudit on your 6.2 system is probably why it doesn't
care. I'll bet that if you had installed portaudit on your 6.2 system
before trying to update, it wouldn't build either, until the port was
updated, which happened a day or so ago. Further, I'll guess that the
ports tree on your 7.0 system doesn't contain the updated port for
cups - I don't have a 7.0 system on which to test, and don't have a
sophisticated understanding of how all that works, but it's possible
that the ports tree for 7.0 doesn't have the updates.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Updating samba fails

[Kurt Buff]

router# uname -a
FreeBSD router.zetron.com 6.2-STABLE FreeBSD 6.2-STABLE #0: Tue Sep 11
15:38:55 PDT 2007 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/SMP
 i386

Received a warning in my daily security report, so I used cvsup to
fetch the latest ports tree this morning, and did a 'portupgrade
-aRr', which errors out as shown below. What might I do to correct
this?

Compiling libsmb/clikrb5.c
libsmb/clikrb5.c: In function `krb5_set_real_time':
libsmb/clikrb5.c:128: error: dereferencing pointer to incomplete type
libsmb/clikrb5.c:129: error: dereferencing pointer to incomplete type
libsmb/clikrb5.c: In function `create_kerberos_key_from_string_direct':
libsmb/clikrb5.c:213: error: syntax error before "salt"
libsmb/clikrb5.c:215: error: `salt' undeclared (first use in this function)
libsmb/clikrb5.c:215: error: (Each undeclared identifier is reported only once
libsmb/clikrb5.c:215: error: for each function it appears in.)
libsmb/clikrb5.c: In function `smb_krb5_renew_ticket':
libsmb/clikrb5.c:1161: error: syntax error before "flags"
libsmb/clikrb5.c:1163: error: `krb5_realm' undeclared (first use in
this function)
libsmb/clikrb5.c:1163: error: `client_realm' undeclared (first use in
this function)
libsmb/clikrb5.c:1198: error: `flags' undeclared (first use in this function)
The following command failed:
cc -I. -I/usr/ports/net/samba3/work/samba-3.0.26a/source  -O2
-fno-strict-aliasing -pipe -D_SAMBA_BUILD_=3 -I/usr/local/include
-I/usr/ports/net/samba3/work/samba-3.0.26a/source/iniparser/src
-Iinclude -I./include  -I. -I. -I./lib/replace -I./lib/talloc
-I./tdb/include -I./libaddns -I./librpc -DHAVE_CONFIG_H
-I/usr/local/include -DLDAP_DEPRECATED
-I/usr/ports/net/samba3/work/samba-3.0.26a/source/lib
-D_SAMBA_BUILD_=3 -fPIC -DPIC -c libsmb/clikrb5.c -o libsmb/clikrb5.o
*** Error code 1

Stop in /usr/ports/net/samba3/work/samba-3.0.26a/source.
*** Error code 1

Stop in /usr/ports/net/samba3.
*** Error code 1

Stop in /usr/ports/net/samba3.
** Command failed [exit code 1]: /usr/bin/script -qa
/tmp/portupgrade.54445.99 env UPGRADE_TOOL=portupgrade
UPGRADE_PORT=samba-3.0.26a_1,1 UPGRADE_PORT_VER=3.0.26a_1,1 make
** Fix the problem and try again.
** Listing the failed packages (*:skipped / !:failed)
! net/samba3 (samba-3.0.26a_1,1)(compiler error)
--->  Packages processed: 0 done, 121 ignored, 0 skipped and 1 failed
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: looking for online text editor

[Kurt Buff]

On Dec 4, 2007 1:05 PM, Aryeh M. Friedman <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
> > PuTTY has no installer - It's just a binary.
>
> Actually there is a windows installer for putty

But you don't need to use it. All you need is the executable.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: (postfix) SPAM filter?

[Kurt Buff]

On 12/12/07, Sten Daniel Soersdal <[EMAIL PROTECTED]> wrote:
> We have a need for a relatively painless anti-spam solution that would
> reduce the amount of incoming spam (via postfix mail router). The
> problem is that i have little knowledge on what this actually means.
> Googling reveals a whole "universe" of interesting ways but what should
> i pursue?
> The things that are important to me is:
>
> * Once it is setup then it would require no additional maintenance.
> * Potential spam messages are marked with a special header that can be
> filtered on user discretion on their local mail client software.
>
> Neither performance, scalability, license nor cost is of much importance
> to me at this point.
>
> Any hints?

Yes, one recommendation for sure. Give up on your first goal. It'll
never happen, because fighting spam is an arms race, with new tactics
needing to be adopted.

As for the second goal, spamassassin along with one of several
packages will do well for you - I use Maia Mailguard, but I've heard
good things about MailZu with Amavisd-new as well.

Others will talk about other packages. It's worth taking a look at
each of them to figure out what works for you.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

scp between windows and freebsd

[KURT BUFF]

All,

I'm following the directions here:

http://www.unixwiz.net/techtips/postfix-exchange-users.html

to improve the gateway to our Exchange box, and am stuck on a particular
step.

I just can't seem to make the Putty SCP work from my workstation.

I used Putty's window copy function to paste into vi to create the .pub
file, then used the command line:

"ssh-keygen -i -f /tmp/exchupdate.pub >> /root/.ssh/authorized_keys2"

on the FreeBSD box per the instructions to convert to an openssh key,
then use the following command line to do the copy:

"pscp -2 -i exchupdate.ppk exchusers.txt [EMAIL PROTECTED]:/etc"

but I keep getting the following two messages on the Windows box:

"Authenticating with public key "postfix update users key"
"Fatal: Lost connection"

and the following on the FreeBSD box:

"server2 sshd[36802]: fatal: monitor_read: unsupported request:"

This, even though I've made certain to enter a edit the public key to
add a comment (using vi) into the public key on the FreeBSD box.

I've done some googling, and read some man pages, but can't seem to find
out what the heck I'm doing wrong. I've put the authorized_keys2 file
into /etc/ssh, /root/.ssh and even /root hoping that it was simply a
matter of location, but still no go.

Help?

Thanks,

Kurt



___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: scp between windows and freebsd

[KURT BUFF]

Thank you Malcom!

I've found that specifying another account (didn't want to enable remote
root login) and putting either authorized_keys or authorized_keys2 into
the proper directory worked like a champ.

On to more and better work.

Kurt

|
| On Thu, 11 Dec 2003 07:20, KURT BUFF wrote:
| > All,
| >
| > I'm following the directions here:
| >
| > http://www.unixwiz.net/techtips/postfix-exchange-users.html
| >
| > to improve the gateway to our Exchange box, and am stuck on
| a particular
| > step.
| >
| > I just can't seem to make the Putty SCP work from my workstation.
| >
| > I used Putty's window copy function to paste into vi to
| create the .pub
| > file, then used the command line:
| >
| > "ssh-keygen -i -f /tmp/exchupdate.pub >>
| /root/.ssh/authorized_keys2"
| >
|
| Later versions of OpenSSH expect all keys in authorized_keys including
| protocol level 2. Which version do you have?
|
| > on the FreeBSD box per the instructions to convert to an
| openssh key,
| > then use the following command line to do the copy:
| >
| > "pscp -2 -i exchupdate.ppk exchusers.txt [EMAIL PROTECTED]:/etc"
| >
|
| Are you aware that by default sshd does not accept
| connections to user root?
| You must set this specifically in /etc/sshd_config.
|   PermitRootLogin yes
|
| Possibly one of these (or both) is your problem. But then again
| it might be something quite different.
|
| Malcolm
|





___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

can't figure out a problem with sudo

[KURT BUFF]

All,

I'm starting to lose some hair, running a command through sudo. Other
commands work just fine through sudo, just one of them doesn't work.

The command is this:

sudo cp /home/filter/pfm/relay_recipients /usr/local/etc/postfix.

It fails with the following error message:

Sorry, user filter is not allowed to execute '/bin/cp
/home/filter/pfm/relay_recipients /usr/local/etc/postfix' as root on
mail2.


The command that comes after that:

sudo /usr/local/sbin/postmap /usr/local/etc/postfix/relay_recipients

works just fine.

I've included the directory listing below, and the sudoers file.

Any help would be greatly appreciated.

Thanks,

Kurt

--snip here--
mail2% ls -al /usr/local/etc/postfix
total 298
drwxr-xr-x  3 root  wheel   2048 Dec 17 17:46 .
drwxr-xr-x  4 root  wheel512 Dec 17 18:05 ..
-rw-r--r--  1 root  wheel  11942 Jun 27 15:38 LICENSE
-rw-r--r--  1 root  wheel   8652 Jun 27 15:38 access
-rw-r--r--  1 root  wheel245 Jun 28 20:18 aliases
-rw-r--r--  1 root  wheel  65536 Jun 28 20:46 aliases.db
-rw-r--r--  1 root  wheel   7559 Jun 27 15:38 canonical
-rw-r--r--  1 root  wheel   1152 Dec 17 17:46 main.cf
-rw-r--r--  1 root  wheel   9176 Jun 27 15:38 main.cf.default
-rw-r--r--  1 root  wheel   9176 Nov 25 17:07 main.cf.original
-rw-r--r--  1 root  wheel   2001 Dec  8 15:11 master.2003-12-08
-rw-r--r--  1 root  wheel   2001 Dec  8 16:05 master.cf
-rw-r--r--  1 root  wheel   5859 Jun 27 15:41 master.cf.original
-rwxr-xr-x  1 root  wheel   6035 Jun 27 15:43 master.cf.updated
-rw-r--r--  1 root  wheel   7676 Jun 27 15:38 pcre_table
-rwxr-xr-x  1 root  wheel  18866 Jun 27 15:38 post-install
-rw-r--r--  1 root  wheel   8643 Jun 27 15:38 postfix-files
-rwxr-xr-x  1 root  wheel   5424 Jun 27 15:38 postfix-script
-rw-r--r--  1 root  wheel   4901 Jun 27 15:38 regexp_table
-rw-r--r--  1 root  wheel  0 Dec 17 17:46 relay_recipients
-rw-r--r--  1 root  wheel  65536 Dec 17 17:54 relay_recipients.db
-rw-r--r--  1 root  wheel   5070 Jun 27 15:38 relocated
drwxr-xr-x  2 root  wheel   1536 Dec 15 16:47 samples
-rw-r--r--  1 root  wheel499 Jun 27 15:44 transport
-rw-r--r--  1 root  wheel  65536 Jun 28 14:07 transport.db
-rw-r--r--  1 root  wheel   9131 Jun 27 15:43 transport.original
-rw-r--r--  1 root  wheel   9682 Jun 27 15:38 virtual
--snip here--



--snip here--
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification
User_Alias   FILTER = filter

# Cmnd alias specification
Cmnd_Alias   RELOAD = /usr/local/sbin/postfix reload
Cmnd_Alias   MAP = /usr/local/sbin/postmap
/usr/local/etc/postfix/relay_recipients
Cmnd_Alias   RECIPS = /usr/local/etc/postfix/relay_recipients
Cmnd_Alias   DB = /usr/local/etc/etc/postfix/relay_recipients.db
Cmnd_Alias   COPYRELAY = /bin/cp /usr/local/etc/postfix
Cmnd_Alias   RMRELAY = /bin/rm /usr/local/etc/postfix

# Defaults specification
Defaults  syslog=auth
Defaults:filter   !authenticate

# User privilege specification
rootALL=(ALL) ALL
FILTER  ALL=RELOAD, MAP, RECIPS, DB, COPYRELAY, RMRELAY

# Uncomment to allow people in group wheel to run all commands
# %wheelALL=(ALL)   ALL

# Same thing without a password
# %wheelALL=(ALL)   NOPASSWD: ALL

# Samples
# %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users  localhost=/sbin/shutdown -h now
--snip here--




___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: can't figure out a problem with sudo - SOLVED

[KURT BUFF]

Lowell,

Well, as I'm sure you (and anyone else who's been working with it) know,
sudo is a picky little beast. This was my first attempt at setting it
up.

After banging my head against this for a while longer this morning, I
changed my sudoers file with the following:

Old:
| > # Cmnd alias specification
| > Cmnd_Alias   RELOAD = /usr/local/sbin/postfix reload
| > Cmnd_Alias   MAP = /usr/local/sbin/postmap
| /usr/local/etc/postfix/relay_recipients
| > Cmnd_Alias   RECIPS = /usr/local/etc/postfix/relay_recipients
| > Cmnd_Alias   DB = /usr/local/etc/etc/postfix/relay_recipients.db
| > Cmnd_Alias   COPYRELAY = /bin/cp /usr/local/etc/postfix

New:
# Cmnd alias specification
Cmnd_Alias   RELOAD = /usr/local/sbin/postfix reload
Cmnd_Alias   MAP = /usr/local/sbin/postmap
/usr/local/etc/postfix/relay_recipien
ts
Cmnd_Alias   RECIPS = /usr/local/etc/postfix/relay_recipients
Cmnd_Alias   DB = /usr/local/etc/etc/postfix/relay_recipients.db
Cmnd_Alias   COPYRELAY = /bin/cp /home/filter/pfm/relay_recipients
/usr/local/et
c/postfix/relay_recipients

It now works as I wanted.

Sigh. Learning is hard, but rewarding.

Kurt






___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

[no subject]

[KURT BUFF]

Markus said:
| Are 13yrs old people in highschool? :-p

I was, 30+ years ago. Depends in large part at which point of the year you
were born, and just how smart you are.


Robert said"
| I am no
| sure totally what he means by OS purism? What does it mean to
| be a purist and like BSD so much because of this belief? Also

I don't know either. Don't worry about it. It's probably some sort of
snobbery, which he'll probably lose once he encounters the real world.
However, it's worth concentrating on one OS for a while, to get to know it
well.

| I was checking out BSD on the web at the OS world and I dont
| get something. I dont get why you guys call your OS FREEBSD
| when OPENBSD is free as well. I just dont see why there is
| two different OS's here within BSD. What is the difference.

There are more than 2 types of BSD. I'm also aware of at least two others,
NetBSD, and Macintosh OS X, which isn't a "pure" BSD, but is based on
FreeBSD.

I don't know much at all about NetBSD, but I believe (I'm willing to be
corrected on all of this) that FreeBSD came first, then NetBSD and
OpenBSD. One of NetBSD's aims is to run on as many different types of CPUs
a possible, so that what's created on one platform will work almost
everywhere, if you're using NetBSD. OpenBSD is all about security, and has
achieved an excellent reputation in that area.

All of them cooperate, though, and share code amongst themselves. They are
a community of OSes, and don't really compete with each other.

| Will you guys write back to me so I dont have to do
| something stupid and get involved with an OS I dont want to
| and get lost in thte wrong thingz?Robert, Hillsboro OR USA

The only stupid mistake is the one you refuse to learn from.

Find yourself a computer, and start working at installing FreeBSD, or
NetBSD, or OpenBSD (I recommend FreeBSD, because it seems to be more
widely supported, but that's just my opinion.) Learn how to use 'make',
and one (or more) of the shells, such as BASH or ZSH, and either vi or
emacs for editing. Learn some C or C++ programming, and also one or more
of the popular scripting languages, such as PERL, RUBY or PYTHON.

Ask lots of questions, in a respectful manner, on this listserv and
elsewhere.

Don't be afraid to make mistakes, and don't have too much ego about being
corrected. If you're wrong, you're wrong - pick up the pieces, correct
your mistake, and move on. If you can, thank the person who corrected you,
and offer gentle instruction and corrections to others who ask. Ignore
flames, and don't flame others. Also, don't be too proud of what you know.
We are all ignorant, to one degree or another.

The first step to knowledge and wisdom is being able to truthfully say the
following 7 words: "I don't know, but I'll find out."

Offer help wherever and whenever you can. Do it not because you're a
goody-two-shoes, but because it's the way you'll learn the most. Feeling
good about helping others is all fine, but teaching others is the best way
to learn what you don't know.

Kurt



___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

periodic not working?

[Kurt Buff]

I've got a recently configured machine, running 7.0-RELEASE.

Somehow I've munged it, as I'm not getting the emails from periodic.

I've checked what I am aware of to check against a working machine,
and can't figure this out.

I've got postfix installed for the MTA, and the main.cf, master.cf,
alias db hash and transport.db hash all look fine

crontab looks just fine, too.

I've run 'periodic daily' by hand from a root prompt, and get nothing,
whereas on the working machine I do get my email.

Where might I start looking to fix this problem?

Thanks,

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: periodic not working?

[Kurt Buff]

On Thu, Sep 25, 2008 at 2:35 AM, Mel
<[EMAIL PROTECTED]> wrote:
> On Thursday 25 September 2008 03:07:13 Kurt Buff wrote:
>
>> I've got postfix installed for the MTA, and the main.cf, master.cf,
>> alias db hash and transport.db hash all look fine
>>
>> crontab looks just fine, too.
>>
>> I've run 'periodic daily' by hand from a root prompt, and get nothing,
>> whereas on the working machine I do get my email.
>>
>> Where might I start looking to fix this problem?
>
> They are in not in mailq? How about /var/mail/root then?
>
> --
> Mel

I've not found a directory called mailq. /var/mail/root does not exist either.

I've also checked in /var/spool/postfix/* and all directories are
empty or have zero-length files with dates from the installation of
postfix.

And, now I think I've found the problem - in /var/log/maillog, I find
the following:

Sep 25 03:01:21 loki postfix/smtp[24894]: D92DB1A4C67:
to=<[EMAIL PROTECTED]>, relay=none, delay=0.12,
delays=0.11/0.01/0/0, dsn=5.4.6, status=bounced (mail for
loki.mycompany.com loops back to myself)

All I have to do is figure this out, and I think I've got it.

More research...

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: periodic not working?

[Kurt Buff]

On Thu, Sep 25, 2008 at 9:33 AM, Mel
<[EMAIL PROTECTED]> wrote:
> On Thursday 25 September 2008 17:55:39 Kurt Buff wrote:
>> On Thu, Sep 25, 2008 at 2:35 AM, Mel
>>
>> <[EMAIL PROTECTED]> wrote:
>> > On Thursday 25 September 2008 03:07:13 Kurt Buff wrote:
>> >> I've got postfix installed for the MTA, and the main.cf, master.cf,
>> >> alias db hash and transport.db hash all look fine
>> >>
>> >> crontab looks just fine, too.
>> >>
>> >> I've run 'periodic daily' by hand from a root prompt, and get nothing,
>> >> whereas on the working machine I do get my email.
>> >>
>> >> Where might I start looking to fix this problem?
>> >
>> > They are in not in mailq? How about /var/mail/root then?
>> >
>> > --
>> > Mel
>>
>> I've not found a directory called mailq. /var/mail/root does not exist
>> either.
>>
>> I've also checked in /var/spool/postfix/* and all directories are
>> empty or have zero-length files with dates from the installation of
>> postfix.
>>
>> And, now I think I've found the problem - in /var/log/maillog, I find
>> the following:
>>
>> Sep 25 03:01:21 loki postfix/smtp[24894]: D92DB1A4C67:
>> to=<[EMAIL PROTECTED]>, relay=none, delay=0.12,
>> delays=0.11/0.01/0/0, dsn=5.4.6, status=bounced (mail for
>> loki.mycompany.com loops back to myself)
>>
>> All I have to do is figure this out, and I think I've got it.
>
> a) You run the relay_host in a jail, don't have inet_interfaces hardcoded to
> the main IP, and postfix sees the jail IP on the local interface (that's the
> tricky one).
>
> or
>
> b) Your /usr/local/etc/postfix/transport is not as correct as you think
>
> --
> Mel

Not a), certainly. Perhaps b), but it's a single line, and looks the
same on both machines. Using spaces instead of tabs in both cases.

I've posed the question on the postfix list. We'll see what happens.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: uptime 2 years!

[Kurt Buff]

Nice, but what does port audit say?

On Wed, Oct 8, 2008 at 8:54 AM, Chad Marshall <[EMAIL PROTECTED]> wrote:
>
> Hello,
>
> Would like to share a success story which I'm sure you've had in the past
> but one of my servers running FreeBSD will have an uptime of 2 years
> tomorrow. I plan on putting on my blog but as it doesn't have much reach but
> wanted to share with you since your community has made this possible. Please
> indicate where I could post this to have a bit more reach or if you'd like
> to put a link to my blog, I'd be more than happy to provide that.
>
>
> Best Regards,
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: shrink ntfs

[Kurt Buff]

I doubt the FreeBSD install CD will do that.

However, I'd get a copy gparted on a live CD. That'll do what you want.



On Mon, Nov 17, 2008 at 4:39 PM, Albert Shih <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> Newbie question from a not newbie (well I think ;-) )
>
> I've install many FreeBSD, but I always use the all disk.
>
> If I've a laptop come with winxp  ? How can I shrink the
> WinNT partition ? Can the FreeBSD install CD do that ?
>
> If he can't what's your advice for some software to do that ?
>
> Regards.
> --
> Albert SHIH
> SIO batiment 15
> Observatoire de Paris Meudon
> 5 Place Jules Janssen
> 92195 Meudon Cedex
> Heure local/Local time:
> Mar 18 nov 2008 01:35:38 CET
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ZFS Recovery Tools

[Kurt Buff]

On Thu, Nov 20, 2008 at 11:51 AM, Wojciech Puchar
<[EMAIL PROTECTED]> wrote:
> UFS performs excellent on large drives/volumes. not in theory but in
> practice, i use it every place, on volumes up to 3GB
>
> NO PROBLEMS.

Do you mean 3TB instead?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Why is sendmail is part of the system and not a package?

[Kurt Buff]

On Mon, Oct 26, 2009 at 12:32, Bill Moran  wrote:
> In response to Yuri :
> Besides, if it's not there, how are you going to send mail from things
> like cron?

Postfix.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Why is sendmail is part of the system and not a package?

[Kurt Buff]

On Tue, Oct 27, 2009 at 00:16, Jonathan McKeown  wrote:
> On Monday 26 October 2009 21:29:27 Yuri wrote:
>> It's in /usr/sbin/sendmail.
>>
>> How many people actually use it? Very few.
>> Why isn't it moved to ports?
>
> What is this anti-sendmail obsession people have?
>
> Almost everyone I've ever spoken to about why they dislike sendmail trots out
> a bunch of cliches based on sendmail 8.8. People, we're up to sendmail 8.14
> now. Get over it!
>
> Just as a matter of interest, if you want to rip sendmail out of the base
> system, which MTA would you like to replace it with? Or are you suggesting
> the system ship with no way to handle mail?

I tried sendmail about 8 years ago. Don't know what the version was.
Found it opaque and obscure.

Went to Postfix, and have never looked back.

Can't comment on sendmail's current state or practice, but postfix
Just Works(tm) for me.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: breakthru, maybe....

[Kurt Buff]

On Wed, Oct 28, 2009 at 16:08, Gary Kline  wrote:
> On Wed, Oct 28, 2009 at 11:02:37PM +0100, Polytropon wrote:
>> On Wed, 28 Oct 2009 14:48:46 -0700, Gary Kline  wrote:
>> >     so: what is the URL to download the 8.0-PRE freebsd?
>>
>> ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/ISO-IMAGES/8.0/
>> ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/ISO-IMAGES/8.0/
>
>        wait, i thought the duo core is 64bits.  still 32?

This:

ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/ISO-IMAGES/8.0/

is indeed 64bit.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

7.2R and Firefox 3.5.3 and Flash/Java - something odd I can't quite figure out...

[Kurt Buff]

All,

I've gotten Flash and Java going with Firefox, as root, using the
directions here:

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/desktop-browsers.html

However, I can't get it going as a standard user. When I run

 'nspluginwrapper -v -a -i'

I get the following:

 Auto-install plugins from /usr/local/lib/browser_plugins
 Looking for plugins in /usr/local/lib/browser_plugins
 Auto-install plugins from /usr/local/lib/npapi/linux-flashplugin
 Looking for plugins in /usr/local/lib/npapi/linux-flashplugin
 Install plugin /usr/local/lib/npapi/linux-flashplugin/libflashplayer.so
  ... already installed system-wide, skipping
 Auto-install plugins from /home/kurt/.mozilla/plugins
 Looking for plugins in /home/kurt/.mozilla/plugins

and 'about:plugins' only shows libnullplugin.so as enabled for all MIME types.

 'nspluginwrapper -l'

shows

 /usr/local/lib/browser_plugins/npwrapper.libflashplayer.so
   Original plugin: /usr/local/lib/npapi/linux-flashplugin/libflashplayer.so
   Wrapper version string: 1.2.2

Any ideas?

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: 7.2R and Firefox 3.5.3 and Flash/Java - something odd I can't quite figure out...

[Kurt Buff]

On Wed, Dec 2, 2009 at 01:16, Tijl Coosemans  wrote:
> On Sunday 29 November 2009 22:47:56 Kurt Buff wrote:
>> I've gotten Flash and Java going with Firefox, as root, using the
>> directions here:
>>
>> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/desktop-browsers.html
>>
>> However, I can't get it going as a standard user. When I run
>>
>>      'nspluginwrapper -v -a -i'
>>
>> I get the following:
>>
>>      Auto-install plugins from /usr/local/lib/browser_plugins
>>      Looking for plugins in /usr/local/lib/browser_plugins
>>      Auto-install plugins from /usr/local/lib/npapi/linux-flashplugin
>>      Looking for plugins in /usr/local/lib/npapi/linux-flashplugin
>>      Install plugin /usr/local/lib/npapi/linux-flashplugin/libflashplayer.so
>>       ... already installed system-wide, skipping
>>      Auto-install plugins from /home/kurt/.mozilla/plugins
>>      Looking for plugins in /home/kurt/.mozilla/plugins
>>
>> and 'about:plugins' only shows libnullplugin.so as enabled for all MIME 
>> types.
>>
>>      'nspluginwrapper -l'
>>
>> shows
>>
>>      /usr/local/lib/browser_plugins/npwrapper.libflashplayer.so
>>        Original plugin: 
>> /usr/local/lib/npapi/linux-flashplugin/libflashplayer.so
>>        Wrapper version string: 1.2.2
>
> Check the permissions on 
> /usr/local/lib/browser_plugins/npwrapper.libflashplayer.so


It's set to root:wheel - my account is a member of wheel.

Should it be something else?


Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: 7.2R and Firefox 3.5.3 and Flash/Java - something odd I can't quite figure out...

[Kurt Buff]

Hmm...

# ll /usr/local/lib/browser_plugins
total 128
lrwxr-xr-x  1 root  wheel  68 Sep 13 09:44 libjavaplugin_oji.so ->
/usr/local/diablo-jdk1.6.0/jre/plugin/amd64/ns7/libjavaplugin_oji.so
-rwxr-xr-x  1 root  wheel  130658 Sep 13 13:12 npwrapper.libflashplayer.so

# ll /usr/local/lib/firefox3/plugins
total 24
-rwxr-xr-x  1 root  wheel  22808 Sep 12 22:05 libnullplugin.so

So, should I link the files in browser_plugins to the plugins directory?

Kurt


On Wed, Dec 2, 2009 at 06:53, Samuel Martín Moro  wrote:
>
> I had this problem too.
> I didn't have browser_plugins/ into /usr/local/lib, so I linked it to
> /usr/local/lib/firefox3/plugins/
> I don't remember exactly, but I think this would work
>
> Also, my user is not a member of wheel.
> But plugins are owned by root:wheel, 755 chmoded, and it works.
>
>
> (other subject, but still about firefox)
> Ssome windowmanager have problems when searching for firefox
> I add this to my installation script:
>
> for dir in /usr/local/include /usr/local/bin /usr/local/include
> /usr/local/share/idl /usr/local/share/pixmap
> do
>     ln $dir/firefox3 $dir/firefox
> done
>
> But maybe this could be managed into firefox3 package?
>
>
> Samuel Martín Moro
> CamTrace
> {EPITECH.} tek4
>
> "Nobody wants to say how this works.
> Maybe nobody knows ..."
>                      Xorg.conf(5)
>
>
> On Wed, Dec 2, 2009 at 3:33 PM, Kurt Buff  wrote:
>>
>> On Wed, Dec 2, 2009 at 01:16, Tijl Coosemans  wrote:
>> > On Sunday 29 November 2009 22:47:56 Kurt Buff wrote:
>> >> I've gotten Flash and Java going with Firefox, as root, using the
>> >> directions here:
>> >>
>> >>
>> >> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/desktop-browsers.html
>> >>
>> >> However, I can't get it going as a standard user. When I run
>> >>
>> >>      'nspluginwrapper -v -a -i'
>> >>
>> >> I get the following:
>> >>
>> >>      Auto-install plugins from /usr/local/lib/browser_plugins
>> >>      Looking for plugins in /usr/local/lib/browser_plugins
>> >>      Auto-install plugins from /usr/local/lib/npapi/linux-flashplugin
>> >>      Looking for plugins in /usr/local/lib/npapi/linux-flashplugin
>> >>      Install plugin
>> >> /usr/local/lib/npapi/linux-flashplugin/libflashplayer.so
>> >>       ... already installed system-wide, skipping
>> >>      Auto-install plugins from /home/kurt/.mozilla/plugins
>> >>      Looking for plugins in /home/kurt/.mozilla/plugins
>> >>
>> >> and 'about:plugins' only shows libnullplugin.so as enabled for all MIME
>> >> types.
>> >>
>> >>      'nspluginwrapper -l'
>> >>
>> >> shows
>> >>
>> >>      /usr/local/lib/browser_plugins/npwrapper.libflashplayer.so
>> >>        Original plugin:
>> >> /usr/local/lib/npapi/linux-flashplugin/libflashplayer.so
>> >>        Wrapper version string: 1.2.2
>> >
>> > Check the permissions on
>> > /usr/local/lib/browser_plugins/npwrapper.libflashplayer.so
>>
>>
>> It's set to root:wheel - my account is a member of wheel.
>>
>> Should it be something else?
>>
>>
>> Kurt
>> ___
>> freebsd-questions@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>> To unsubscribe, send any mail to
>> "freebsd-questions-unsubscr...@freebsd.org"
>
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

OTish: Alternative to MS Live?

[Kurt Buff]

All,

Our new CEO wants me to poke holes in the firewall and install the MS
client on a number of desktops to facilitate IM/videoconferencing for
this.

That makes me vaguely nauseous, for several security reasons (the
client is historically vulnerable, poking holes in firewalls is risky,
and internal corporate communications should stay internal - that'll
do for a start...)

I'm looking to stick an IM/Videoconference system in a DMZ instead.

Does anyone know of a good alternative - preferably with a web
interface, though that's not absolutely required?

Thanks,

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: OTish: Alternative to MS Live?

[Kurt Buff]

On Tue, Dec 8, 2009 at 15:03, Dimitri Yioulos  wrote:
> On Tuesday 08 December 2009 5:50:46 pm Kurt Buff
> wrote:
>> All,
>>
>> Our new CEO wants me to poke holes in the
>> firewall and install the MS client on a number
>> of desktops to facilitate IM/videoconferencing
>> for this.
>>
>> That makes me vaguely nauseous, for several
>> security reasons (the client is historically
>> vulnerable, poking holes in firewalls is risky,
>> and internal corporate communications should
>> stay internal - that'll do for a start...)
>>
>> I'm looking to stick an IM/Videoconference
>> system in a DMZ instead.
>>
>> Does anyone know of a good alternative -
>> preferably with a web interface, though that's
>> not absolutely required?
>>
>> Thanks,
>>
>> Kurt
>> ___
>
>
> Others may come up with better solutions, but you
> might want to look at OpenFire for your IM needs
> (I use it in my shop; it's secure and works
> great), and maybe dimdim for vidconf (both
> hosted - free for up to 20 conferees, and locally
> installed options).
>
> Dimitri

The locally installed option would be what I'm interested in. I'll
check those out.

Thanks.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Root exploit for FreeBSD

[Kurt Buff]

On Fri, Dec 11, 2009 at 11:53, J Sisson  wrote:
> 2009/12/11 Svein Skogen (Listmail Account) 
>
>> The easiest way of brute-forcing access to a FreeBSD server includes
>> locating the sysadmin and applying the common desk drawer. It's that
>> simple.
>>
>
> http://xkcd.com/538/
>
> indeed.

Well, yes, except this assumes one has access to the sysadmin...

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to enable network manager in KDE?

[Kurt Buff]

On Mon, Dec 21, 2009 at 06:17, Eric Le Goff  wrote:
>> Have a look at ports/net-mgmt/wifimgr
>
> I had a look at ports/net-mgmt/wifimgr
> I am quite new in FreeBsd but in my case it does not work , ie :
>
> I start a xfce4 session for a (non-root) user
> open the wifimgr from  the 'network' menu
> provide root password as requested
>
> but then it hangs forever on my laptop
>
> Did anyone successfully used wifimgr ? If yes, what could I check to
> make it work ?
>
> PS : I am using FreeBsd 8.0 on an (old) Thinkpad laptop with ipw-2100
> wireless card

This worked just fine for me on my T61 with xfce4. It's just the wpi0
interface itself I'm having problems with at the moment.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: freebsd for children

[Kurt Buff]

On Fri, Dec 25, 2009 at 03:33, Anton Shterenlikht  wrote:
> Can somebody recommend a graphical port which could be used
> to teach kids 6-8 years programming? I know it's a very
> vague question, but what I have in mind (possibly) is
> say an interpreter linked with some graphical enviroment,
> perhaps drawing with commands, or making animations,
> or maybe music?
>
> Something that would make kids or that age curious,
> some programming environment that they can easily
> understand and enjoy. A programming game of sorts?
>
> many thanks

This is much like what you're looking for, but I don't know if it's
been ported to FreeBSD:

http://scratch.mit.edu/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: New user - small file server questions and quick GUI question

[Kurt Buff]

On Mon, Dec 28, 2009 at 14:42, Kaya Saman  wrote:
>
>>
>> Running with no xorg.conf is fine, but you need to make sure dbus and hal
>> are started at boot.  Follow the handbook for best results.
>>
>> http://www.freebsd.org/doc/en/books/handbook/x-config.html
>
> I'm sure I started them as this doc is exactly what I followed.. I think
> if I recall correctly or at least something like it?? Anyway as explained I
> will use Vbox to check 100% and then at least have proper logs and cli
> output to compare to and give everyone an idea of what's going on unlike
> now!

I can't speak to the rest, but WRT the GUI, I suspect you'll find it a
lot easier if you install a Window Manager to handle a lot of this. I
have found xfce4 to be a good one for me - gnome and kde were a bit
much. Once I installed /usr/ports/x11-wm/xfce4 with a 'make
config-recursive' then chose my options, then 'make install', the GUI
fired up just fine, and all of the hal/dbus stuff was handled for me.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: New user - small file server questions and quick GUI question

[Kurt Buff]

On Mon, Dec 28, 2009 at 15:29, Kaya Saman  wrote:
>
>> I can't speak to the rest, but WRT the GUI, I suspect you'll find it a
>> lot easier if you install a Window Manager to handle a lot of this. I
>> have found xfce4 to be a good one for me - gnome and kde were a bit
>> much. Once I installed /usr/ports/x11-wm/xfce4 with a 'make
>> config-recursive' then chose my options, then 'make install', the GUI
>> fired up just fine, and all of the hal/dbus stuff was handled for me.
>>
>> Kurt
>>
>
> I thought Gnome already came with Nautilus as Window manager??? Or in
> FreeBSD is it extra?

I see I didn't completely read your original message. Indulge me a
moment while I ramble here, and probably expose my ignorance...

 Xorg/X11 <> Gnome

Nautilis is a file manager, unless I misremember. The native file
manager for xfce4 is Thunar.

Gnome, like xfce4 (and ratpoison, kde, etc.) is a Window Manager,
which depends on Xorg/X11 to function. WMs are usually installed
installed after Xorg.

Did you install gnome from source, or did you use 'pkg_add -r'? I
don't know why, but I seem to have better luck, though it takes much
longer, if I use 'make install' from the ports tree.

> Sorry am not used to doing things from scratch but soon I will get the hang
> of it - just give me a couple of days to get the file server I am on about
> up and running then will transfer the stuff clogging my notebooks HD over
> there and install a VM through Vbox and really have a go at understanding
> the GUI.

I'm not far along that learning curve myself. Heh.

I started on an old Toshiba laptop with 256mbytes RAM, and Freesbie
worked well on that. I then learned how to install from scratch. That
was, um, interesting. I hated Linux, as it seems so arcane. Well,
perhaps 'hate' is too strong a word, but it left a bad taste in my
mouth. Once I worked with FreeBSD, it became much more clear. Things
seem to be done more sanely in FreeBSD. Now I have a nice 4gbyte
Lenovo T61, and I still like xfce4 - it does what I want, and I didn't
want to expend the effort to learn anything new.

> I did play around with FreeBSIE which is FreeBSD with the GUI installed as a
> live CD which was really cool and light and worked especially well on my
> 512MB RAM laptop. Now I don't have a memory issue as I have 6GB on a newer
> machine running 64bit OS's all the way but still need to get to grips with
> this :-)

If you're very familiar with gnome, you might wish to stay with it. If
you're just learning, for both gnome and xfce4, my preference would be
for xfce4. But that's just me, and you'll get at least 10 different
answers from the first 8 people you meet.

> Thanks for the tip Kurt!
>
> Regards,
>
> --Kaya
>
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: New user - small file server questions and quick GUI question

[Kurt Buff]

On Mon, Dec 28, 2009 at 16:23, Kaya Saman  wrote:


So, given what you've written below, you probably know more about this
stuff than I do. Cool. I will echo the advice already given, however:

add

dbus_enable="YES"
hald_enable="YES"

to your /etc/rc.conf. That will most likely clear your problem.

>> Did you install gnome from source, or did you use 'pkg_add -r'? I
>> don't know why, but I seem to have better luck, though it takes much
>> longer, if I use 'make install' from the ports tree.
>>
>
> I used pkg_add! Am such a package manager guy as although have compiled
> quite a bit of stuff I find on some systems such as Sun Solaris compiling
> can be a nightmare. Especially if it means hacking out source code and using
> special make parameters as I'm not a programmer but also not that far
> advanced when it comes down to building software from scratch!
>
>>
>> I'm not far along that learning curve myself. Heh.
>>
>> I started on an old Toshiba laptop with 256mbytes RAM, and Freesbie
>> worked well on that. I then learned how to install from scratch. That
>> was, um, interesting. I hated Linux, as it seems so arcane. Well,
>> perhaps 'hate' is too strong a word, but it left a bad taste in my
>> mouth. Once I worked with FreeBSD, it became much more clear. Things
>> seem to be done more sanely in FreeBSD. Now I have a nice 4gbyte
>> Lenovo T61, and I still like xfce4 - it does what I want, and I didn't
>> want to expend the effort to learn anything new.
>>
>
> Well, Linux has its advantages and for the last 2 years have completely used
> it as an M$ Windowz replacement as one can do almost everything on it. When
> I meant; not used to doing things from scratch I meant building the OS. I
> actually prefer doing a minimal install of CentOS with no software or GUI at
> all and then building the system up to what I need when it comes down to
> servers!!!
>
> Means I can fine tune the system that way and only use the system resources
> for what I need.

That's what I do with mine under FreeBSD, for both servers and workstations.

> Being a user of both Solaris and Linux though, they are both pretty cool
> with Solaris only hindered by lack of software and multimedia apps.
> Otherwise I think Solaris in Open guise would win anyday provided that the
> H/W support was as vast as Linux.

I need to dive back into Linux - I want to figure out Xen now that it
can do live migrations/failover, and FreeBSD doesn't do Dom0 - yet.
So, I'll probably try out CentOS, though I suppose I could use NetBSD.

> Wish there was something more, new and interesting but they're all a bit
> bland after a while. Gnome I find is more functional!
>
> If anyone has any idea of getting something like they use on TV shows like
> NCIS and CSI that would be really cool (not Hollywood OS) or something they
> use in the military that one sees on the discovery channel say on the US
> Navy ships.
>
> I mean I do develop GUI's for the OpenSolaris spin-off distro Belenix which
> can be seen here:
>
> http://www.optiplex-networks.com/belenix/index_belenix.html
>
> under themes.
>
> But really need a new concept of completely tricked out geeky 'suped' up WM.
> Lot's of bar graphs, text outputs and other really cool stuff embedded into
> it :-) - no need for Gkrellm or Conky or Torsmo anymore!

Eh. I just want something that works and keeps out of my way - xfce
seems to do that just fine. For me, 'cool' is the apps and what I can
do with them.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: sslexplorer setup - just so the archives have it...

[Kurt Buff]

Sigh. Let's try that again - fat-fingered it and sent it before it was ready.

Followed the procedure found in this link:

http://n3ncy.com/UNIX/FreeBSD/SSLExplorer.htm

Installed Java, and it went through setup, connected to my Active
directory just fine. Found a problem with that - I suspect that the
app doesn't like either a very long password, or it doesn't like
spaces in the password, so I shortened it to a 20 character passphrase
- basically a sentence with the spaces removed from it.

Then, when starting the app via /usr/local/etc/rc.d/sslexplorer got
the following error:

usr/libexec/ld-elf.so.1: Shared object "libm.so.2" not found, required
 by "wrapper"

A quick bit of googling indicated that I needed to install compat4x.

 cd /usr/ports/misc/compat4x
 make install
rehash

That takes care of the problem.

Kurt


On Thu, Apr 17, 2008 at 10:05 AM, Kurt Buff <[EMAIL PROTECTED]> wrote:
> Setting up sslexplorer 1.0.0 RC18 on 6.3-STABLE.
>
>  iNSTALLED
>  Got an error:
>
>  usr/libexec/ld-elf.so.1: Shared object "libm.so.2" not found, required
>  by "wrapper"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

sslexplorer setup - just so the archives have it...

[Kurt Buff]

Setting up sslexplorer 1.0.0 RC18 on 6.3-STABLE.

iNSTALLED
Got an error:

usr/libexec/ld-elf.so.1: Shared object "libm.so.2" not found, required
by "wrapper"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: [SSHd] Limiting access from authorized IP's

[Kurt Buff]

On Fri, Apr 18, 2008 at 8:59 AM, Matthew Seaman
<[EMAIL PROTECTED]> wrote:
> Paul Schmehl wrote:
>
>
> > I have maintained publicly available servers for a small hobby domain for
> almost ten years now.  Initially, I bought in to this logic and ran a
> firewall. (At that time we only had one server.)  What it cost me was CPU
> and memory. What it gained me was nothing.  I turned it off.  I have never
> run a firewall on a publicly available host since.
> >
> > Firewalls are for preventing access to running services.  By definition,
> if you are running a service, you want it to be accessed.  So firewalls are
> self-defeating or completely useless at the host level **unless** you don't
> know what you're doing.  For an enterprise they make a great deal of sense.
> No matter what a user inside your network might do, you can prevent access
> by simply not allowing traffic on that port.
> >
>
>  On the whole I agree with you -- you should be able to view a firewall as
>  a luxury rather than a necessity on a well configured server.  However
> there
>  is one rather nasty loophole that you can block with a firewall which
> otherwise
>  is pretty impossible to deal with, at least on FreeBSD machines.
>
>  It's all to do with the weak routing model -- that is, a network packet to
>  an IP on one of a host's interfaces will be accepted on *any* interface on
>  that host[*].  So even though you protect services that are not meant to be
>  for public consumption by binding them to the loopback address, some one
>  can still send you a spoofed packet to 127.0.0.1 that arrives on your
> external
>  network i/f /and it will let you connect to the service bound to the
> loopback/
>  The attacker has to have access to the same layer 2 network as your host,
>  but sending the spoofed packet is as simple as tweaking the routing table.
>  See eg:
>http://seclists.org/bugtraq/2001/Mar/0042.html
>
>  Blocking this sort of attack against the loopback address can be done with
>  the following 3 line PF firewall config.  Extending this to back-end
> networks
>  etc. is left as an exercise for the student:
>
>   scrub in all
>   pass all
>   antispoof log quick for lo0
>
> Cheers,
>
> Matthew
>
>  [*] Which is not without its legitimate uses, as anyone who as ever
> configured
>  a load balancer using DSR mode will attest.
>
>  --
>  Dr Matthew J Seaman MA, D.Phil.   7 Priory Courtyard
>  Flat 3
>  PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
>  Kent, CT11 9PW

Not to detour this conversation too much, I hope, but I'm in a
different situation, and this is going to be an issue for me. I'm
putting together a box that's going to be a router for our company,
using BGP to give access to our T1 and frac DS3. That's all it should
be doing, it will have no other services. It'll be in our server room,
though, so I won't have to get at it from anywhere, except perhaps
home, and even that could be avoided by simply traveling the 10 miles
to work.

So, I'm wondering how to lock it down - I'm even contemplating
eliminating any MTA and sshd, and just running the routing daemon, but
sshd is just so useful that it's hard to do without, and eliminating
the MTA denies me the goodness of the periodic reports. 'Casting
syslog to my internal syslog host is also problematic, but possible, I
suppose. Then there's the problem of managing and monitoring the thing
once it's installed. Being able to use mrtg/cacti/something to query
SNMP would be extraordinarily useful, as we will be paying extra for
bandwidth above our fractional rate on the DS3, and also to monitor
the health of the box.

I haven't found any good guides for this, but I do have "Security
Power Tools", "Mastering FreeBSD and OpenBSD Security", and a couple
of other books, including one on OpenBSD and PF, but haven't teased
out all that I need from them regarding doing this in a sane/secure
manner.

At any rate, locking down ssh access is one of my concerns, for sure,
so this discussion is helpful.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

OSS webex-style program?

[Kurt Buff]

All,

I seem to recall discussion of this sort of program recently, but
can't remember where.

I've got some mobile remote users who could use support (they're on
Windows laptops) and would like to set something up like this.

Does anyone know of something like this?

Thanks,

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: OSS webex-style program?

[Kurt Buff]

I don't remember, either, but this is worth taking a look at.

Thanks for the help!

Kurt

On Mon, May 12, 2008 at 3:09 PM, Dimitri Yioulos <[EMAIL PROTECTED]> wrote:
>
> On Monday 12 May 2008 4:06 pm, Kurt Buff wrote:
>  > All,
>  >
>  > I seem to recall discussion of this sort of program recently, but
>  > can't remember where.
>  >
>  > I've got some mobile remote users who could use support (they're on
>  > Windows laptops) and would like to set something up like this.
>  >
>  > Does anyone know of something like this?
>  >
>  > Thanks,
>  >
>  > Kurt
>  > ___
>  > freebsd-questions@freebsd.org mailing list
>  > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>  > To unsubscribe, send any mail to
>  > "[EMAIL PROTECTED]"
>
>  I don't know which program you're refering to, but you might want to take a
>  look at OpenMeetings (code.google.com/p/openmeetings/).  IMHO, the install's
>  a little tough.
>
>  --
>  This message has been scanned for viruses and
>  dangerous content by MailScanner, and is
>  believed to be clean.
>
>  ___
>  freebsd-questions@freebsd.org mailing list
>  http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>  To unsubscribe, send any mail to "[EMAIL PROTECTED]"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD based router ...

[Kurt Buff]

On Tue, May 27, 2008 at 6:56 PM, Marc G. Fournier <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
> Does anyone know of anyone make an enterprise level router based off of 
> FreeBSD?
>
> - --
> Marc G. FournierHub.Org Hosting Solutions S.A. (http://www.hub.org)
> Email . [EMAIL PROTECTED]  MSN . [EMAIL PROTECTED]
> Yahoo . yscrappy   Skype: hub.orgICQ . 7615664
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v2.0.9 (FreeBSD)
>
> iEYEARECAAYFAkg8u+cACgkQ4QvfyHIvDvMF8wCg25K5IaX4/DIHk8KFIAfKXe/b
> decAoOqllLM7c6ty7wwXcwuPlEk/xSo6
> =O+GR
> -END PGP SIGNATURE-

Where are you heading with your question?

I'm in the middle of putting together a router with a white box and 3
NICs (onboard, add-in Intel, and a Sangoma A301), doing BGP4 with a
DS3 and a T1. It'll be running FreeBSD 7.0, and probably OpenBGP or
quagga.

I'm having to learn the BGP stuff from scratch, but I've got people to
put questions to, including the ISPs.

I suppose, though, that this doesn't meet your definition of 'enterprise level'.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Unix command-line tools to edit SharePoint site?

[Kurt Buff]

On Wed, May 28, 2008 at 4:01 PM, Chris Whitehouse <[EMAIL PROTECTED]> wrote:
> Kurt Buff wrote:
>>
>> On Sat, May 24, 2008 at 3:35 PM, Chris Whitehouse <[EMAIL PROTECTED]>
>> wrote:
>>>
>>> Kelly Jones wrote:
>>>>
>>>> I begrudgingly use a Windows SharePoint server at a customer's request.
>>>>
>>>> I'd like to automate (command-line) updating and creating documents,
>>>> lists, etc.
>>>>
>>>> Is there a Unix tool that does this?
>>>>
>>>> I know SharePoint has an "API", which basically spoofs the GET/POST
>>>> calls that your browser would make(?).
>>>>
>>>> Has anyone written a Unix command-line tool (or Perl module, etc) that
>>>> abstracts this?
>>>
>>> Is this what you want?
>>>
>>> http://unxutils.sourceforge.net/
>>>
>>> Chris
>>
>> If you want to use some/many/most of the core utils on Windows, you'll
>> be much better off with http://gnuwin32.sourceforge.net
>>
>> unxutils seems pretty moribund, and I have not been successful
>> downloading the updates from that site for a while.
>>
>> Kurt
>
> I'll have a look at these, thanks for the suggestion. I have to say though
> the unxutils commands that I have used work perfectly well despite their
> age, don't require cygwin and don't do silly registry things on windows. I
> need this as I'm using them on a work computer which I am not allowed to
> install software on :P
>
> Chris

The unxutils work well, but the gnuwin32 stuff is a bit more current,
and more complete. They don't require any registry fiddling nor extra
DLLs, either, just like the unxutils stuff. I stick them in a
directory, and set my path up with that. Works well for me, anyway.


HTH,

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Duplex printer advice

[Kurt Buff]

All,

I'm looking to replace my current printer - a Dell 1700n - because I
can't make it work with FreeBSD/Linux.

To replace it, I'd like to get a duplex printer, as I really hate to
waste paper. Does anyone have good experience with one that isn't
terribly expensive (expensive to me means more than US$500) and that
works with with FreeBSD? Even better if it has Ethernet.

I'm only finding (on ostg.pricegrabber.com) the Lexmark Optra T622DN
and T522DN, but don't know much about them.

Anyone care to share?

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Duplex printer advice

[Kurt Buff]

On Sun, Jun 1, 2008 at 11:26 AM, David Kelly <[EMAIL PROTECTED]> wrote:
>
> On May 31, 2008, at 6:34 PM, Derek Ragona wrote:
>
>> At 04:12 PM 5/31/2008, Kurt Buff wrote:
>>>
>>> All,
>>>
>>> I'm looking to replace my current printer - a Dell 1700n - because I
>>> can't make it work with FreeBSD/Linux.
>>>
>>> To replace it, I'd like to get a duplex printer, as I really hate to
>>> waste paper. Does anyone have good experience with one that isn't
>>> terribly expensive (expensive to me means more than US$500) and that
>>> works with with FreeBSD? Even better if it has Ethernet.
>>>
>>> I'm only finding (on ostg.pricegrabber.com) the Lexmark Optra T622DN
>>> and T522DN, but don't know much about them.
>>>
>>> Anyone care to share?
>>>
>>> Kurt
>>
>> My 2 cents is I'd looks for a printer with a built-in network interface
>> and that has postscript and pcl emulations.  In addition look at the
>> replacement toner cost and figure out the cost of ownership across 3-5
>> years.
>>
>> I would look at lexmark, and samsung.  Lexmark have higher duty cycles
>> (pages per month) and take larger toner cartidges.  The samsung's make nice
>> work group low duty cycle printers.
>
> Lexmark and Dell are infamous for expensive toner-lock-ins.
>
> We had this discussion months ago where I recommended a Brother HL-5250DN. I
> have about 12,000 trouble free pages on mine, just don't bother trying to
> print envelopes.
>
> Has ethernet, duplex, postscript emulation, PCL-6, just about everything but
> a paper tray large enough to hold a full ream. Multiple paper trays are an
> available but expensive and rare option.
>
> Readily available from Staples and other places for $250. Refurbished units
> occasionally appear for $100. The usual 3rd party toner places have refills
> for under $20 that I've found are good for about 6,000 dense pages.
>
> $187: http://bensbargains.net/deal/66407/
>
> Staples recently (no longer) had refurbished Brother MFC-8660DN on sale for
> $200. Appears to be the same printer and features plus scanner with paper
> feed, and fax.
>
> --
> David Kelly N4HHE, [EMAIL PROTECTED]
> 
> Whom computers would destroy, they must first drive mad.

I am staring at the buy.com page now, card in hand.

Thanks - this is the kind of recommendation I needed.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Duplex printer advice

[Kurt Buff]

On Sun, Jun 1, 2008 at 3:23 PM, Ted Mittelstaedt <[EMAIL PROTECTED]> wrote:
>
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Gary Kline
> Sent: Sunday, June 01, 2008 12:23 PM
> To: FreeBSD Questions
> Cc: Kurt Buff; Derek Ragona
> Subject: Re: Duplex printer advice
>
>
>>I second this suggestion since my Brother HL-5250DN just-worked once it
>>was plugged into my hub.  It was $179 at Costco a few months back, has
>>all the features that David mentions, and builtin Postscript|clone.
>>It just prints--nothing fancy--but then hey... .
>
> Just one warning about these.
>
> The toner empty light blinks use the same pattern as the
> fuser fail.  And, unlike the HP units, you usually can't
> "shake down" the cartridge to get an extra hundred or
> so pages out of it.  Don't jump to conclusions that the
> fuser is bad when it's out of toner.
>
> Ted


Good to know. Thanks.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Duplex printer advice

[Kurt Buff]

On Sun, Jun 1, 2008 at 11:26 AM, David Kelly <[EMAIL PROTECTED]> wrote:
>
> On May 31, 2008, at 6:34 PM, Derek Ragona wrote:
>
>> At 04:12 PM 5/31/2008, Kurt Buff wrote:
>>>
>>> All,
>>>
>>> I'm looking to replace my current printer - a Dell 1700n - because I
>>> can't make it work with FreeBSD/Linux.
>>>
>>> To replace it, I'd like to get a duplex printer, as I really hate to
>>> waste paper. Does anyone have good experience with one that isn't
>>> terribly expensive (expensive to me means more than US$500) and that
>>> works with with FreeBSD? Even better if it has Ethernet.
>>>
>>> I'm only finding (on ostg.pricegrabber.com) the Lexmark Optra T622DN
>>> and T522DN, but don't know much about them.
>>>
>>> Anyone care to share?
>>>
>>> Kurt
>>
>> My 2 cents is I'd looks for a printer with a built-in network interface
>> and that has postscript and pcl emulations.  In addition look at the
>> replacement toner cost and figure out the cost of ownership across 3-5
>> years.
>>
>> I would look at lexmark, and samsung.  Lexmark have higher duty cycles
>> (pages per month) and take larger toner cartidges.  The samsung's make nice
>> work group low duty cycle printers.
>
> Lexmark and Dell are infamous for expensive toner-lock-ins.
>
> We had this discussion months ago where I recommended a Brother HL-5250DN. I
> have about 12,000 trouble free pages on mine, just don't bother trying to
> print envelopes.
>
> Has ethernet, duplex, postscript emulation, PCL-6, just about everything but
> a paper tray large enough to hold a full ream. Multiple paper trays are an
> available but expensive and rare option.
>
> Readily available from Staples and other places for $250. Refurbished units
> occasionally appear for $100. The usual 3rd party toner places have refills
> for under $20 that I've found are good for about 6,000 dense pages.
>
> $187: http://bensbargains.net/deal/66407/
>
> Staples recently (no longer) had refurbished Brother MFC-8660DN on sale for
> $200. Appears to be the same printer and features plus scanner with paper
> feed, and fax.
>
> --
> David Kelly N4HHE, [EMAIL PROTECTED]
> 
> Whom computers would destroy, they must first drive mad.

As a matter of not going mad - what driver are you using for this printer?

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Duplex printer advice

[Kurt Buff]

On Mon, Jun 2, 2008 at 6:38 AM, Bill Moran <[EMAIL PROTECTED]> wrote:
> In response to "Kurt Buff" <[EMAIL PROTECTED]>:
>>
>> I'm looking to replace my current printer - a Dell 1700n - because I
>> can't make it work with FreeBSD/Linux.
>
> I think you're doing it wrong.  I have a 1700 series Dell printer and it
> works just fine with FreeBSD.  Did you install CUPS and the ppd files?
>
> --
> Bill Moran
> http://www.potentialtech.com

Cups came installed with Suse's gnome desktop - I don't have FreeBSD
installed yet - and I can't find a ppd file that makes it talk, though
the installer does connect to port 9000 when testing. I could very
well be doing something wrong, or at least insufficiently right, but
it's not happening for me. Which ppd file are you using?

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: VPN (IPSEC)

[Kurt Buff]

On Mon, Jun 2, 2008 at 9:13 AM, alexus <[EMAIL PROTECTED]> wrote:
> anyone?
>
>
> On Sat, May 31, 2008 at 7:49 PM, alexus <[EMAIL PROTECTED]> wrote:
>> Hello,
>>
>> I'm trying to establish a VPN tunnel over internet, I read a
>> http://www.freebsd.org/doc/en/books/handbook/ipsec.html on how to set
>> it up, I'm some what strangeling if my setup will work at all.
>>
>> i have box #1 that have 1 primary IP, which is private IP but in front
>> of my box, I have a device that translate a public IP address into
>> private IP, so "technicaly" its a public IP not a private, yet system
>> sees it as private, yet my box #2 has interface with real public ip
>> and another interface with private ip, i created GIF0 interface, yet i
>> can't ping private range on other box.
>>
>>
>> box#1
>>
>> fxp0: flags=8843 metric 0 mtu 1500
>>options=8
>>ether 00:0f:fe:aa:f4:61
>>inet 192.168.1.251 netmask 0xff00 broadcast 192.168.1.255
>>inet 172.16.172.16 netmask 0x broadcast 172.16.172.16
>>media: Ethernet autoselect (100baseTX )
>>status: active
>> plip0: flags=108810 metric 0 mtu 
>> 1500
>> lo0: flags=8049 metric 0 mtu 16384
>>inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
>>inet6 ::1 prefixlen 128
>>inet 127.0.0.1 netmask 0xff00
>> gif0: flags=8051 metric 0 mtu 1280
>>tunnel inet 38.96.123.42 --> 74.2.252.194
>>inet 192.168.1.251 --> 192.168.2.252 netmask 0x
>> [EMAIL PROTECTED] ~ 503$ netstat -rn | grep gif0
>> 192.168.2.252  192.168.1.251  UH  0   15   gif0
>> [EMAIL PROTECTED] ~ 504$
>>
>> box#2
>>
>> su-3.2# ifconfig
>> dc0: flags=8943 metric
>> 0 mtu 1500
>>options=8
>>ether 00:1a:70:10:e3:89
>>inet 74.2.252.194 netmask 0xfff8 broadcast 74.2.252.199
>>media: Ethernet autoselect (100baseTX)
>>status: active
>> fxp0: flags=8843 metric 0 mtu 1500
>>options=8
>>ether 00:13:20:09:53:31
>>inet 192.168.2.252 netmask 0xff00 broadcast 192.168.2.255
>>media: Ethernet autoselect (100baseTX )
>>status: active
>> lo0: flags=8049 metric 0 mtu 16384
>>inet 127.0.0.1 netmask 0xff00
>> gif0: flags=8051 metric 0 mtu 1280
>>tunnel inet 74.2.252.194 --> 38.96.132.42
>>inet 192.168.2.252 --> 192.168.1.251 netmask 0x
>> su-3.2# netstat -rn | grep gif0
>> 192.168.1.251  192.168.2.252  UH  0  602   gif0
>> su-3.2#
>>
>>
>> any suggestions are welcome, thanks!
>> --
>> http://alexus.org/

google for "ipsec nat traversal freebsd"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: which FF ad blocker?

[Kurt Buff]

On Wed, Feb 29, 2012 at 17:06, Jason Garrett  wrote:
> On Wed, Feb 29, 2012 at 18:57, Gary Kline  wrote:
>
>> which of the many adblockers should i try?
>>
>> thanks in advance for your insights!
>>
> imho Add Block Plus is the best

Agreed, and for further security, I also use NoScript and Request Policy.

Many folks won't like the latter two, as they tend to block an awful
lot until you get them tuned, but they make me happ(y|ier) while
browsing. If you do use them, you will at least begin to see how
complex web browsing has become...

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Is this something we (as consumers of FreeBSD) need to be aware of?

[Kurt Buff]

UEFI considerations drive Fedora to pay MSFT to sign their kernel binaries
http://cwonline.computerworld.com/t/8035515/1292406/565573/0/

This would seem to make compiling from source difficult.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: UEFI Secure Boot Specs - And some sanity

[Kurt Buff]

Thank you for this.

I didn't realize that a simple (somewhat technical) question asked in
all innocence would generate so much flammage.

Kurt

On Wed, Jun 6, 2012 at 1:13 PM, grarpamp  wrote:
> Isn't there a lot of needless handwaving going on when the spec is
> pretty clear that installing your own complete PKI tree will all
> boil down to what is effectively a jumper on the motherboard?
>
>
> First, some sanity...
>
> Users could fully utilize the UEFI Secure Boot hardware by say:
>
> - Using openssl to generate their keys
> - Jumper the board, burn it into the BIOS in UEFI SB SetupMode
> - Have all the MBR, slice, partition, installkernel, etc tools
> install and manage the signed disk/loader/kernel/module bits
> - Have the BIOS check sigs on whatever first comes off the media
>
> I don't see that the user will actually NOT be able to do this on
> anything but 'designed for windows only' ARM systems. Seeing how
> open Android/Linux is firmly in that space, this will just devalue
> the non open windows product.
>
> There have been 25 years of generic mass produced motherboards.
> And 25 years of open source OS commits to utilize them.
> That is not changing anytime soon. Non generic attempts fail.
>
> Even corporate kings Dell and HP know they would be foolish to sell
> motherboards that will not allow their buyers to swap out the PK
> keys... because they know their buyers run more than just windows
> and that they need various security models.
>
> And if they really were that dumb, there's Gigabyte, Asus, Msi,
> Supermicro, Biostar, etc who will not be so dumb and will soak up
> all the remaining sales gravy.
>
> The masses have seen and now want openness, open systems, sharing.
> The old models are but speed bumps on their own way out the door.
>
> Though it seems a non issue to me, if you want to protest, protest
> for 'Setup Mode'. And not here on this list, but to the hardware
> makers.
>
> We should want to use this PKI in our systems. Not disable it. Not
> pay $100 to terminate the PKI chain early. Not pay $100 to lock us
> into unmodifiable releases (aka: BSD corporate version).
>
> I look forward to seeing the UEFI SB PK SetupMode AMD and Intel
> generic motherboard list :)
>
>
> On to facts...
>
> http://www.uefi.org/
>  Spec Chapter 27 Secure Boot, SetupMode, PK, Shell, etc
>
> https://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface
> https://en.wikipedia.org/wiki/Unified_EFI_Forum
> http://ozlabs.org/docs/uefi-secure-boot-impact-on-linux.pdf
> https://www.fsf.org/campaigns/secure-boot-vs-restricted-boot
> http://mjg59.dreamwidth.org/12368.html
> http://mjg59.livejournal.com/
> https://www.tianocore.org/
> http://www.avrfreaks.net/index.php?name=PNphpBB2&file=viewtopic&p=962584
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Remote access to Freebsd server

[Kurt Buff]

On Wed, Apr 13, 2011 at 09:40, Matthew Seaman
 wrote:
> On 13/04/2011 16:37, afiddler10 wrote:



> Edit the file /etc/rc.conf and add the line:
>
> sshd_enable="YES"
>
> Then run this command as root:
>
> # /etc/rc.d/sshd start
>
> (you only need to do that as a one-off -- adding the line to rc.conf
> means the daemon will be started automatically on reboot from now on)
>
> Then you can use a SSH client from windows to remote login to your
> FreeBSD box.  If you need a client, try putty from
>
> http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
>
> Nb. by default, you won't be able to SSH in as root -- so set yourself
> up a normal user account, add it to the wheel group and then use su(1)
> once you've logged in.  As ever, the Handbook is your friend for
> instructions on how to do this sort of stuff.

In the interest of preventing newb pain:

 Please note that the entry for /etc/rc.conf  must be exact.

In particular, *do not* miss either of the quote marks, or your
machine will hang at next boot, and force you to boot into single user
mode to recover from it by adding the missing quote mark and booting
again. This is not the end of the world, but until you figure it out,
it can induce feelings of fear, nausea, helplessness and acute
embarrassment.

However, about the third time you've done it, and recovered from it by
your own efforts, it's no longer a big thing.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Probably working too hard for this cron question

[Kurt Buff]

All,

I've googled a bunch, read some freebsd.org docs, and just can't
figure this out.

I have a script that should read the current date into a variable,
append the time/date stamp at the beginning of the file created with
the date in the variable, do a bunch of cURL stuff, then append a
time/date stamp at the end of the file.

It works if I run it manually, but not from cron.

Here are the batchfile and the cron entry:

--begin script--
dt=`/bin/date "+%Y-%m-%d"`
/bin/date > /root/$dt-external1.txt
/usr/local/bin/curl -K /root/urls.txt >> /root/$dt-external1.txt
/bin/date >> /root/$dt-external1.txt
--end script--

--begin crontab--
15 12 * * */root/do-curl.sh
--end crontab--

I'm doing all of this as root, as you can see.

The job launches - I can see an entry for cURL in top - but no file in /root.

I've tried several variations on the first line of the script, but I'm
getting nowhere, though I'm sure it's something stupidly simple that
I'm missing.

What am I missing?

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Probably working too hard for this cron question

[Kurt Buff]

On Mon, Jun 13, 2011 at 13:25, pete wright  wrote:
> On Mon, Jun 13, 2011 at 12:52 PM, Kurt Buff  wrote:
>> All,
>>
>> I've googled a bunch, read some freebsd.org docs, and just can't
>> figure this out.
>>
>> I have a script that should read the current date into a variable,
>> append the time/date stamp at the beginning of the file created with
>> the date in the variable, do a bunch of cURL stuff, then append a
>> time/date stamp at the end of the file.
>>
>> It works if I run it manually, but not from cron.
>>
>> Here are the batchfile and the cron entry:
>>
>> --begin script--
>> dt=`/bin/date "+%Y-%m-%d"`
>> /bin/date > /root/$dt-external1.txt
>> /usr/local/bin/curl -K /root/urls.txt >> /root/$dt-external1.txt
>> /bin/date >> /root/$dt-external1.txt
>> --end script--
>>
>> --begin crontab--
>> 15 12 * * *        /root/do-curl.sh
>> --end crontab--
>>
>> I'm doing all of this as root, as you can see.
>>
>> The job launches - I can see an entry for cURL in top - but no file in /root.
>>
>> I've tried several variations on the first line of the script, but I'm
>> getting nowhere, though I'm sure it's something stupidly simple that
>> I'm missing.
>>
>> What am I missing?
>
> #!/bin/sh ?

Definitely closer...

Per the handbook, I added

 SHELL=/bin/sh

to crontab, and I also added

 #!/bin/sh

as the first line in the script

But, while a file is being created, it's just

 /root/-external1.txt

not

 /root/2011-06-13-external1.txt

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Probably working too hard for this cron question

[Kurt Buff]

Indeed. Brain fade comes with age - and long weekends with the 2 year old boy...

Kurt

On Mon, Jun 13, 2011 at 14:14, Gary Gatten  wrote:
> Yeah Pete, kinda need that huh.  Kurt, If that turns out to be the only 
> issue, don't feel bad - I've forgotten it myself several times!  I'm sure 
> many others have as well!
>
> G
>
>
> -Original Message-
> From: owner-freebsd-questi...@freebsd.org 
> [mailto:owner-freebsd-questi...@freebsd.org] On Behalf Of pete wright
> Sent: Monday, June 13, 2011 3:25 PM
> To: Kurt Buff
> Cc: FreeBSD Questions
> Subject: Re: Probably working too hard for this cron question
>
> On Mon, Jun 13, 2011 at 12:52 PM, Kurt Buff  wrote:
>> All,
>>
>> I've googled a bunch, read some freebsd.org docs, and just can't
>> figure this out.
>>
>> I have a script that should read the current date into a variable,
>> append the time/date stamp at the beginning of the file created with
>> the date in the variable, do a bunch of cURL stuff, then append a
>> time/date stamp at the end of the file.
>>
>> It works if I run it manually, but not from cron.
>>
>> Here are the batchfile and the cron entry:
>>
>> --begin script--
>> dt=`/bin/date "+%Y-%m-%d"`
>> /bin/date > /root/$dt-external1.txt
>> /usr/local/bin/curl -K /root/urls.txt >> /root/$dt-external1.txt
>> /bin/date >> /root/$dt-external1.txt
>> --end script--
>>
>> --begin crontab--
>> 15 12 * * *        /root/do-curl.sh
>> --end crontab--
>>
>> I'm doing all of this as root, as you can see.
>>
>> The job launches - I can see an entry for cURL in top - but no file in /root.
>>
>> I've tried several variations on the first line of the script, but I'm
>> getting nowhere, though I'm sure it's something stupidly simple that
>> I'm missing.
>>
>> What am I missing?
>
> #!/bin/sh ?
>
> -pete
>
>
>
> --
> pete wright
> www.nycbug.org
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
>
>
>
>
>
> 
> 
> 
> "This email is intended to be reviewed by only the intended recipient
>  and may contain information that is privileged and/or confidential.
>  If you are not the intended recipient, you are hereby notified that
>  any review, use, dissemination, disclosure or copying of this email
>  and its attachments, if any, is strictly prohibited.  If you have
>  received this email in error, please immediately notify the sender by
>  return email and delete this email from your system."
> 
>
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Probably working too hard for this cron question

[Kurt Buff]

On Mon, Jun 13, 2011 at 15:02, Polytropon  wrote:
> On Mon, 13 Jun 2011 14:44:29 -0700, Kurt Buff  wrote:
>> Per the handbook, I added
>>
>>      SHELL=/bin/sh
>>
>> to crontab, and I also added
>>
>>      #!/bin/sh
>>
>> as the first line in the script
>>
>> But, while a file is being created, it's just
>>
>>      /root/-external1.txt
>>
>> not
>>
>>      /root/2011-06-13-external1.txt
>
> Just a wild guess: How about adding {} to the variable
> identifiers? There are some restrictions in how far a
> character following the variable name will be treated
> as a "stop sign", e. g. variable x, literal y, and you
> have $xy which won't work, but $x_y may work, so you
> use ${x}y to make sure the name is properly scoped.
>
> Refering to your original script:
>
> #!/bin/sh
> dt=`/bin/date "+%Y-%m-%d"`
> /bin/date > /root/${dt}-external1.txt
> /usr/local/bin/curl -K /root/urls.txt >> /root/${dt}-external1.txt
> /bin/date >> /root/${dt}-external1.txt
>
> Could you try that?

Can, and did, and it works like a champ. That solves the last issue.



My thank to you Polytropon, and to those who replied privately.

Now all I have to do is pin down whether the name resolution slowness
is in our firewall, or web filter, or external router, or perhaps
something at the ISP.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

fubar'ed it good this time...

[Kurt Buff]

Sitrep: Lenovo T61, dual booting WinXP and FreeBSD (amd64 8.1-RELEASE)
on a 500gb drive. Just did a freebsd-update from 8.1 to 8.2, just
doing the second boot to do 'freebsd-update install' for the second
time, and got dumped into the mountroot prompt.

AFAICT, I managed somehow to write something strange into /etc/fstab.
Can't tell what it is, because during boot it passes by too quickly
for me to read, and the boot process dumps me into the mountroot
prompt.

WinXP still boots just fine, and the FreeBSD boot manager is in place,
and was working before the update.

FreeBSD was booting just fine from /dev/ad0s2a, prior to running freebsd-update.

Now, however, when I select f1 to boot FreeBSD, I get the boot menu,
output from the boot process, and (as I've mentioned) then I get the
mountroot prompt.

I've even downloaded and burned the 8.2 live boot iso, but it says it
can't find a hard drive from sysinstall - both the Fdisk and Label
options say
 "No disks found! Please verify that your disk controller
 is being properly probed at boot time. See the Hardware
 guide on the Documentation menu for clues on
 diagnosing this type of problem."

I get no love from the Fixit shell, either, with /dev being void of
any reference to the hard drive - just acd0.

I'm pretty sure that if I can mount the disk that I can just edit the
cruft out of /etc/fstab, and it will all be fine, but I can't get
there...

Anyone have a thought on how to get this running? I've googled myself
silly on this, and am getting nowhere.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: fubar'ed it good this time...

[Kurt Buff]

On Mon, Jun 27, 2011 at 03:03, Damien Fleuriot  wrote:
> On 6/27/11 8:17 AM, Kurt Buff wrote:

>> I've even downloaded and burned the 8.2 live boot iso, but it says it
>> can't find a hard drive from sysinstall - both the Fdisk and Label
>> options say
>>      "No disks found! Please verify that your disk controller
>>      is being properly probed at boot time. See the Hardware
>>      guide on the Documentation menu for clues on
>>      diagnosing this type of problem."
>>
>> I get no love from the Fixit shell, either, with /dev being void of
>> any reference to the hard drive - just acd0.
>>
>> I'm pretty sure that if I can mount the disk that I can just edit the
>> cruft out of /etc/fstab, and it will all be fine, but I can't get
>> there...

>
>
> You'll want to download a live CD with UFS support :)
>
> MFSBSD comes to mind:
>
> http://mfsbsd.vx.sk/

Your advice sounds reasonable, but that site seems devoted to zfs bootables.

I wonder if an 8.1 livefs iso will do the trick...

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Fwd: fubar'ed it good this time...

[Kurt Buff]

This should have gone to the list - sorry.


-- Forwarded message --
From: Kurt Buff 
Date: Mon, Jun 27, 2011 at 07:17
Subject: Re: fubar'ed it good this time...
To: Warren Block 


On Mon, Jun 27, 2011 at 06:40, Warren Block  wrote:
> On Sun, 26 Jun 2011, Kurt Buff wrote:
>
>> Sitrep: Lenovo T61, dual booting WinXP and FreeBSD (amd64 8.1-RELEASE)
>> on a 500gb drive. Just did a freebsd-update from 8.1 to 8.2, just
>> doing the second boot to do 'freebsd-update install' for the second
>> time, and got dumped into the mountroot prompt.
>>
>> AFAICT, I managed somehow to write something strange into /etc/fstab.
>> Can't tell what it is, because during boot it passes by too quickly
>> for me to read, and the boot process dumps me into the mountroot
>> prompt.
>
> Scroll Lock and Page Up/Down should work there to scroll back to see the
> disk device numbers.

Scroll lok and page up work, and what I see is the following, copied by hand:

    atapci0:  port
0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0x1c30-0x1c3f,0x1c20,0x1x2f at
decive 31.2 on pci0
    ata0:  on atapci0
    ata0: [ITHREAD]
    ata1:  on atapci0
    ata1: [ITHREAD]

Then, at the end, I show:

    Trying to mount root from ufs:/dev/ad0s2a
    ROOT MOUNT ERROR:
    If you have invalid mount options, reboot, and first thre the
following from the loader prompt:

etc.

>> WinXP still boots just fine, and the FreeBSD boot manager is in place,
>> and was working before the update.
>>
>> FreeBSD was booting just fine from /dev/ad0s2a, prior to running
>> freebsd-update.
>
> Don't know what would cause that.  Custom kernels could have the
> ATA_STATIC_ID option removed, which might give the disk a different number,
> ad2 or ad4 usually.
>
> The BIOS could have AHCI mode set, but that should not change with 8.2. That
> would make the disk ada0.
>
> I second the suggestion of mfsBSD.

OK - when I get home from work, I'll download and see what that does for me.

Thanks,

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: fubar'ed it good this time...

[Kurt Buff]

On Mon, Jun 27, 2011 at 10:21, Warren Block  wrote:
> On Mon, 27 Jun 2011, Kurt Buff wrote:
>
>> On Mon, Jun 27, 2011 at 06:40, Warren Block  wrote:
>>>
>>> On Sun, 26 Jun 2011, Kurt Buff wrote:
>>>
>>>> Sitrep: Lenovo T61, dual booting WinXP and FreeBSD (amd64 8.1-RELEASE)
>>>> on a 500gb drive. Just did a freebsd-update from 8.1 to 8.2, just
>>>> doing the second boot to do 'freebsd-update install' for the second
>>>> time, and got dumped into the mountroot prompt.
>>>>
>>>> AFAICT, I managed somehow to write something strange into /etc/fstab.
>>>> Can't tell what it is, because during boot it passes by too quickly
>>>> for me to read, and the boot process dumps me into the mountroot
>>>> prompt.
>>>
>>> Scroll Lock and Page Up/Down should work there to scroll back to see the
>>> disk device numbers.
>>
>> Scroll lok and page up work, and what I see is the following, copied by
>> hand:
>>
>>    atapci0:  port
>> 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0x1c30-0x1c3f,0x1c20,0x1x2f at
>> decive 31.2 on pci0
>>    ata0:  on atapci0
>>    ata0: [ITHREAD]
>>    ata1:  on atapci0
>>    ata1: [ITHREAD]
>
> SATA... are there any ad or ada devices shown?  Something else worth trying
> is breaking into the loader and loading the ahci driver.  XP isn't normally
> found using AHCI, but Lenovo might have set that up. Check the BIOS for disk
> mode settings.

No ad or ada devices. Disk mode is set for compatibility, not AHCI.

> Still, I don't know what would be different from 8.1 to 8.2.  Did you have a
> custom kernel?

Stone stock kernel, no mods.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: fubar'ed it good this time...

[Kurt Buff]

On Mon, Jun 27, 2011 at 20:24, Polytropon  wrote:
> On Mon, 27 Jun 2011 06:40:27 -0700, Kurt Buff wrote:
>> Your advice sounds reasonable, but that site seems devoted to zfs bootables.
>>
>> I wonder if an 8.1 livefs iso will do the trick...
>
> Check if you can download FreeSBIE somewhere. It's a live system
> using the 5.x and 6.x kernel which should be fine. Next to two
> GUI modes (light, heavy) it also has a versatile "maintenance mode"
> for such operations. I have already successfully used this system
> for solving similar situations, for diagnostics, and for data
> recovery preparation.

I'll google for that later - I like that suggestion.

I'm pressed for time this morning, so I'm downloading the 7.4 livefs
iso, and will see if that will do the trick this evening.

Thanks,

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Fwd: fubar'ed it good this time...

[Kurt Buff]

One more that should have made it to the list...

Kurt

On Mon, Jun 27, 2011 at 08:21, Damien Fleuriot  wrote:
> On 6/27/11 3:40 PM, Kurt Buff wrote:
>> On Mon, Jun 27, 2011 at 03:03, Damien Fleuriot  wrote:
>>> On 6/27/11 8:17 AM, Kurt Buff wrote:
>> 
>>>> I've even downloaded and burned the 8.2 live boot iso, but it says it
>>>> can't find a hard drive from sysinstall - both the Fdisk and Label
>>>> options say
>>>>      "No disks found! Please verify that your disk controller
>>>>      is being properly probed at boot time. See the Hardware
>>>>      guide on the Documentation menu for clues on
>>>>      diagnosing this type of problem."
>>>>
>>>> I get no love from the Fixit shell, either, with /dev being void of
>>>> any reference to the hard drive - just acd0.
>>>>
>>>> I'm pretty sure that if I can mount the disk that I can just edit the
>>>> cruft out of /etc/fstab, and it will all be fine, but I can't get
>>>> there...
>> 
>>>
>>>
>>> You'll want to download a live CD with UFS support :)
>>>
>>> MFSBSD comes to mind:
>>>
>>> http://mfsbsd.vx.sk/
>>
>> Your advice sounds reasonable, but that site seems devoted to zfs bootables.
>>
>> I wonder if an 8.1 livefs iso will do the trick...
>>
>> Kurt
>
>
>
> Works just fine for non ZFS stuff, we actually use it here with PXE to
> install new firewalls.
>
> Really, it'll do what you want, it has "ee" which is all you need.

Oh, how I wish you had been right, but no such luck. It doesn't find
any 'da' devices - just acd, again.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: fubar'ed it good this time...

[Kurt Buff]

On Mon, Jun 27, 2011 at 20:24, Polytropon  wrote:
> On Mon, 27 Jun 2011 06:40:27 -0700, Kurt Buff wrote:
>> Your advice sounds reasonable, but that site seems devoted to zfs bootables.
>>
>> I wonder if an 8.1 livefs iso will do the trick...
>
> Check if you can download FreeSBIE somewhere. It's a live system
> using the 5.x and 6.x kernel which should be fine. Next to two
> GUI modes (light, heavy) it also has a versatile "maintenance mode"
> for such operations. I have already successfully used this system
> for solving similar situations, for diagnostics, and for data
> recovery preparation.

The 7.4 livefs CD finds the hardware, and there was much rejoicing!

I mounted the hard drive under /mnt, and I looked at /mnt/etc/fstab,
and it's clean, and I also looked at /mnt/boot/loader.conf, and it's
clean as well. So is /mnt/boot/loader.rc.

However, during the boot process from the hard drive, I still saw
scrolling by a reference to a syntax error, but it went too fast and I
can't see what file was referenced.

So, I started looking at the handbook to see if I could figure out
which file might have been updated incorrectly.

One was boot/device.hints - there was a string of equal signs as the
first line of that file.

How they got there I don't know, but I deleted that line, and that
seems to have helped, because now I don't see the syntax error - but
I'm still getting the mountroot prompt, and it's very possible that
some other error is occuring in the quick boot process before the
user-selectable menu is displayed.

It's late, so I'm going to bed now, but I'll keep working it tomorrow.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: fubar'ed it good this time...

[Kurt Buff]

On Tue, Jun 28, 2011 at 06:50, Dr. A. Haakh  wrote:
> Polytropon schrieb:
>>
>> On Mon, 27 Jun 2011 06:40:27 -0700, Kurt Buff wrote:
>>
>>>
>>> Your advice sounds reasonable, but that site seems devoted to zfs
>>> bootables.
>>>
>>> I wonder if an 8.1 livefs iso will do the trick...
>>>
>>
>> Check if you can download FreeSBIE somewhere. It's a live system
>> using the 5.x and 6.x kernel which should be fine. Next to two
>> GUI modes (light, heavy) it also has a versatile "maintenance mode"
>> for such operations. I have already successfully used this system
>> for solving similar situations, for diagnostics, and for data
>> recovery preparation.
>>
>>
>
> The loader obviously knows how to deal with the filesystem because he loads
> the failing new kernel. So the easiest solution would be to boot an older
> kernel if available. I don't know how freebsd-update deals with older
> kernels,
> he should still be around. First guess is /boot/kernel.old/kernel.
> So get the loader-prompt, "unload kernel" and try "load
> /boot/kernel.old/kernel".
>
> Andreas


That seems like a worthy thing to try. I'll do that tomorrow.

Thanks,

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: fubar'ed it good this time...

[Kurt Buff]

On Tue, Jun 28, 2011 at 06:50, Dr. A. Haakh  wrote:
> Polytropon schrieb:
>>
>> On Mon, 27 Jun 2011 06:40:27 -0700, Kurt Buff wrote:
>>
>>>
>>> Your advice sounds reasonable, but that site seems devoted to zfs
>>> bootables.
>>>
>>> I wonder if an 8.1 livefs iso will do the trick...
>>>
>>
>> Check if you can download FreeSBIE somewhere. It's a live system
>> using the 5.x and 6.x kernel which should be fine. Next to two
>> GUI modes (light, heavy) it also has a versatile "maintenance mode"
>> for such operations. I have already successfully used this system
>> for solving similar situations, for diagnostics, and for data
>> recovery preparation.
>
> The loader obviously knows how to deal with the filesystem because he loads
> the failing new kernel. So the easiest solution would be to boot an older
> kernel if available. I don't know how freebsd-update deals with older
> kernels,
> he should still be around. First guess is /boot/kernel.old/kernel.
> So get the loader-prompt, "unload kernel" and try "load
> /boot/kernel.old/kernel".
>
> Andreas

OK - to continue, while I have a few free minutes.

I have been able to load the old kernel by going to the loader prompt
from the boot menu, and doing
 unload kernel
 load /boot/kernel.old/kernel

That barked about linproc in fstab, so I edited that out.

Then, the next go-round: It complained about mismatches on
daemon_saver.ko - a version mismatch, so I've commented that out of
/etc/rc.conf. It also complained about linux.ko, so that's been
commented out in /etc/rc.conf as well.

I'm now able to reboot cleanly with the old kernel.

After doing 'freebsd-update install' for the second time, I still
can't get 8.2 to boot - same issue, only acd0 is recognized. However,
I'm logged in as root under the old kernel, though I haven't start
XFCE4, and don't have wireless running.

This one is getting to be fun...

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: fubar'ed it good this time...

[Kurt Buff]

On Thu, Jun 30, 2011 at 17:31, Kurt Buff  wrote:
> On Tue, Jun 28, 2011 at 06:50, Dr. A. Haakh  wrote:
>> Polytropon schrieb:
>>>
>>> On Mon, 27 Jun 2011 06:40:27 -0700, Kurt Buff wrote:
>>>
>>>>
>>>> Your advice sounds reasonable, but that site seems devoted to zfs
>>>> bootables.
>>>>
>>>> I wonder if an 8.1 livefs iso will do the trick...
>>>>
>>>
>>> Check if you can download FreeSBIE somewhere. It's a live system
>>> using the 5.x and 6.x kernel which should be fine. Next to two
>>> GUI modes (light, heavy) it also has a versatile "maintenance mode"
>>> for such operations. I have already successfully used this system
>>> for solving similar situations, for diagnostics, and for data
>>> recovery preparation.
>>
>> The loader obviously knows how to deal with the filesystem because he loads
>> the failing new kernel. So the easiest solution would be to boot an older
>> kernel if available. I don't know how freebsd-update deals with older
>> kernels,
>> he should still be around. First guess is /boot/kernel.old/kernel.
>> So get the loader-prompt, "unload kernel" and try "load
>> /boot/kernel.old/kernel".
>>
>> Andreas
>
> OK - to continue, while I have a few free minutes.
>
> I have been able to load the old kernel by going to the loader prompt
> from the boot menu, and doing
>     unload kernel
>     load /boot/kernel.old/kernel
>
> That barked about linproc in fstab, so I edited that out.
>
> Then, the next go-round: It complained about mismatches on
> daemon_saver.ko - a version mismatch, so I've commented that out of
> /etc/rc.conf. It also complained about linux.ko, so that's been
> commented out in /etc/rc.conf as well.
>
> I'm now able to reboot cleanly with the old kernel.
>
> After doing 'freebsd-update install' for the second time, I still
> can't get 8.2 to boot - same issue, only acd0 is recognized. However,
> I'm logged in as root under the old kernel, though I haven't start
> XFCE4, and don't have wireless running.
>
> This one is getting to be fun...
>
> Kurt

So, I tried booting from the old kernel again, and then did a
'freebsd-update rollback', and that worked just fine. I thought I'd
try again, but first did a 'freebsd-update fetch' and 'freebsd-update
install' to get the latest 8.1 updates.

That worked just fine, so I did a 'freebsd-update -r 8.2-RELEASE
fetch' again, then a 'freebsd-update install', which went just fine,
and after that rebooted as directed to attempt the second
'freebsd-update install'.

That's when the same thing happened - i got dumped into the mountroot
prompt again. And, again, rebooting and escaping to the loader prompt
allows me to unload the kernel, load /boot/kernel.old/kernel then
autoboot, and boot up. Same as before.

Any thoughts?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Tool to show the recent disk space consumers?

[Kurt Buff]

On Tue, Jul 5, 2011 at 12:37, Yuri  wrote:
> Hi,
>
> I hit this problem periodically when a lot of disk space is gone and it's
> hard to tell where did it go. Once it was thunderbird writing huge index
> file as a consequence of some bug, on another occasion it was the bug in KDE
> writing some huge index somewhere in ~/.kde4.
>
> Is there a tool slowly indexing the file system and showing where exactly
> did the sudden growth of consumed space occur?
>
> I know about du(1) but I am looking for some program that can detect the
> dynamics and pinpoint the offending files.
>
> Yuri

kdirstat might prove useful, if it's run periodically.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: fubar'ed it good this time...

[Kurt Buff]

On Mon, Jul 4, 2011 at 15:30, Dr. A. Haakh  wrote:
> Kurt Buff schrieb:
>>
>> On Thu, Jun 30, 2011 at 17:31, Kurt Buff  wrote:
>>
>>>
>>> On Tue, Jun 28, 2011 at 06:50, Dr. A. Haakh  wrote:
>>>
>>>>
>>>> Polytropon schrieb:
>>>>
>>>>>
>>>>> On Mon, 27 Jun 2011 06:40:27 -0700, Kurt Buff wrote:
>>>>>
>>>>>
>>>>>>
>>>>>> Your advice sounds reasonable, but that site seems devoted to zfs
>>>>>> bootables.
>>>>>>
>>>>>> I wonder if an 8.1 livefs iso will do the trick...
>>>>>>
>>>>>>
>>>>>
>>>>> Check if you can download FreeSBIE somewhere. It's a live system
>>>>> using the 5.x and 6.x kernel which should be fine. Next to two
>>>>> GUI modes (light, heavy) it also has a versatile "maintenance mode"
>>>>> for such operations. I have already successfully used this system
>>>>> for solving similar situations, for diagnostics, and for data
>>>>> recovery preparation.
>>>>>
>>>>
>>>> The loader obviously knows how to deal with the filesystem because he
>>>> loads
>>>> the failing new kernel. So the easiest solution would be to boot an
>>>> older
>>>> kernel if available. I don't know how freebsd-update deals with older
>>>> kernels,
>>>> he should still be around. First guess is /boot/kernel.old/kernel.
>>>> So get the loader-prompt, "unload kernel" and try "load
>>>> /boot/kernel.old/kernel".
>>>>
>>>> Andreas
>>>>
>>>
>>> OK - to continue, while I have a few free minutes.
>>>
>>> I have been able to load the old kernel by going to the loader prompt
>>> from the boot menu, and doing
>>>     unload kernel
>>>     load /boot/kernel.old/kernel
>>>
>>> That barked about linproc in fstab, so I edited that out.
>>>
>>> Then, the next go-round: It complained about mismatches on
>>> daemon_saver.ko - a version mismatch, so I've commented that out of
>>> /etc/rc.conf. It also complained about linux.ko, so that's been
>>> commented out in /etc/rc.conf as well.
>>>
>>> I'm now able to reboot cleanly with the old kernel.
>>>
>>> After doing 'freebsd-update install' for the second time, I still
>>> can't get 8.2 to boot - same issue, only acd0 is recognized. However,
>>> I'm logged in as root under the old kernel, though I haven't start
>>> XFCE4, and don't have wireless running.
>>>
>>> This one is getting to be fun...
>>>
>>> Kurt
>>>
>>
>> So, I tried booting from the old kernel again, and then did a
>> 'freebsd-update rollback', and that worked just fine. I thought I'd
>> try again, but first did a 'freebsd-update fetch' and 'freebsd-update
>> install' to get the latest 8.1 updates.
>>
>> That worked just fine, so I did a 'freebsd-update -r 8.2-RELEASE
>> fetch' again, then a 'freebsd-update install', which went just fine,
>> and after that rebooted as directed to attempt the second
>> 'freebsd-update install'.
>>
>> That's when the same thing happened - i got dumped into the mountroot
>> prompt again. And, again, rebooting and escaping to the loader prompt
>> allows me to unload the kernel, load /boot/kernel.old/kernel then
>> autoboot, and boot up. Same as before.
>>
>> Any thoughts?
>>
>
> Redo the rollback to 8.1 and install the 8.2-STABLE source-tree. You can
> install the 8.1-sources from cd and update them to 8.2-STABLE using csup.
>
> Put the following lines in /etc/make.conf
> SUP_UPDATE=     YES
> SUP=            /usr/bin/csup
> SUPHOST=        cvsup2.de.freebsd.org
> SUPFILE=        /usr/share/examples/cvsup/stable-supfile
>
> Make sure that stable-supfile contains the right tag
> *default release=cvs tag=RELENG_8
>
> Then goto /usr/src and "make update |tee _Update.log"
>
> Once the source-tree is up-to-date:
>
> Have a look at the FreeBSD Handbook: Chapter 8 - Configuring the FreeBSD
> Kernel.
>
> Copy GENERIC to e.g. MYKERNEL, edit MYKERNEL and add some debug-flags. See
> /sys/conf/NOTES for additional debug-options. You may as well try GENERIC -
> maybe your problem is gone...
> Then go to /usr/src and 

Re: extracting text from docx files

[Kurt Buff]

On Tue, Aug 9, 2011 at 06:36, Anton Shterenlikht  wrote:
> I often receive information in *.docx format
> from my MS using colleagues. Sometimes I can
> ask for a pdf (or similar) instead, but not always.
>
> Usually I unzip a docx and then search
> through all *xml  files to find the
> useful data. However, I can't find any
> xml styles to use, so I have to convert
> the relevant xml file(s) to plain text
> by hand. I wonder if anybody can suggest
> a better way. Perhaps there's something
> in ports that can help.

My installation of OpenOffice 3.3 on my Win7 machine will open a
Winword 2010 .docx file.

I'm guessing it will do the same on FreeBSD, but I don't have an
install with a GUI running at the moment.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

pkdgb and corrupted record(s)

[Kurt Buff]

All,

This seems fairly benign so far, but I find it happening on several
machines after switching from portupgrade to portmaster. Don't know if
that switch is actually part of the issue or not, though I'm really
liking portmaster.

Anyone have a thought on this?

Thanks,

Kurt

# pkg_info | grep pkg
pkg_info: corrupted record (pkgdep line without argument), ignoring
pkg_info: corrupted record (pkgdep line without argument), ignoring
pkg-config-0.25_1   A utility to retrieve information about installed libraries
# pkgdb -F
--->  Checking the package registry database
[Updating the pkgdb  in /var/db/pkg ... - 433
packages found (-34 +36) (...)
done]
# pkg_info | grep pkg
pkg_info: corrupted record (pkgdep line without argument), ignoring
pkg_info: corrupted record (pkgdep line without argument), ignoring
pkg-config-0.25_1   A utility to retrieve information about installed libraries
# pkgdb -fF
--->  Checking the package registry database
# pkg_info | grep pkg
pkg_info: corrupted record (pkgdep line without argument), ignoring
pkg_info: corrupted record (pkgdep line without argument), ignoring
pkg-config-0.25_1   A utility to retrieve information about installed libraries
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: pkdgb and corrupted record(s)

[Kurt Buff]

On Fri, Aug 12, 2011 at 11:17, John Webster  wrote:
>
>
> --On August 12, 2011 11:08:01 AM -0700 Kurt Buff  wrote:
>
>> All,
>>
>> This seems fairly benign so far, but I find it happening on several
>> machines after switching from portupgrade to portmaster. Don't know if
>> that switch is actually part of the issue or not, though I'm really
>> liking portmaster.
>>
>> Anyone have a thought on this?
>>
>
> <http://forums.freebsd.org/showthread.php?t=13899>

Well, now I feel silly - a bit of decent google-fu should have found that.

Thanks.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: pkdgb and corrupted record(s)

[Kurt Buff]

On Fri, Aug 12, 2011 at 11:15, Warren Block  wrote:
> On Fri, 12 Aug 2011, Kurt Buff wrote:
>
>> This seems fairly benign so far, but I find it happening on several
>> machines after switching from portupgrade to portmaster. Don't know if
>> that switch is actually part of the issue or not, though I'm really
>> liking portmaster.
>
> I'd never seen it with portupgrade, either.  Don't know the cause, but it
> can be a problem.  portmaster --check-depends might fix it.  A more
> brute-force way is to figure out which are the problems with
> find /var/db/pkg -name "+CONTENTS" -exec egrep -B1 -H 'pkgdep $' {} \;
> Then rebuild all of them by feeding the list to portmaster, which will sort
> them and rebuild in the right order to fix it.

I did a 'make deinstall clean' and 'make install' on those packages,
and all is happy now.

Thanks.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: pkdgb and corrupted record(s)

[Kurt Buff]

On Fri, Aug 12, 2011 at 12:44, Adam Vande More  wrote:
> On Fri, Aug 12, 2011 at 1:15 PM, Warren Block  wrote:
>>
>> I'd never seen it with portupgrade, either.  Don't know the cause, but it
>> can be a problem.  portmaster --check-depends might fix it.  A more
>> brute-force way is to figure out which are the problems with
>> find /var/db/pkg -name "+CONTENTS" -exec egrep -B1 -H 'pkgdep $' {} \;
>> Then rebuild all of them by feeding the list to portmaster, which will
>> sort them and rebuild in the right order to fix it.
>
> If I remember correctly, this can be caused by Ctrl-C out of a portmaster
> run early, or perhaps some other abnormal termination.  IIRC, some
> improvements have been done for this problem as it's been quite awhile since
> I've seen it personally, but your mileage may vary.
>
> --
> Adam Vande More

That sounds reasonable. Don't know that I've ever done that, but
memory dims as I grow older

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Best soloution(s) for handling all the varied media content on the web?

[Kurt Buff]

On Sun, Aug 14, 2011 at 19:14, Conrad J. Sabatier  wrote:
> I'm just wondering what practical solutions people have arrived at for
> handling all the varied types of media on the web in their browser.
> I'd really like to be able to view sites like YouTube, etc. and
> Flash-enabled sites, with a minimum of hassle.
>
> I'm running 9.0-HEAD amd64, by the way, so that cuts down my options
> somewhat, I think (for instance, 32-bit and/or Linux plugins are
> somewhat problematic).
>
> Any relatively simple solutions for handling at least the most popular
> media types?
>
> Thanks.

I've had good luck with VLC - it's in ports.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

zend.to and FreeBSD

[Kurt Buff]

All,

I'm not seeing the app from http://zend.to in ports, and my google
search reveals nobody working with it in FreeBSD.

Still, it's promising enough that I thought I'd ask about it here, and
see if anyone has tried it.

If not, does anyone know of similar functionality running in FreeBSD?

Thanks,

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

libgcrypt SHA256 mismatch?

[Kurt Buff]

All,

I've just spun up a new 8.2-RELEASE VM, and gotten a fresh ports tree.
I tried to install XFCE4, but it has ended with an error:

===>Verifying install for gcrypt.18 in /usr/ports/security/libgcrypt
===>  License GPLv2 LGPL21 accepted by the user
===>  Extracting for libgcrypt-1.5.0
=> SHA256 Checksum mismatch for libgcrypt-1.5.0.tar.bz2.
===>  Refetch for 1 more times files: libgcrypt-1.5.0.tar.bz2
===>  License GPLv2 LGPL21 accepted by the user
=> libgcrypt-1.5.0.tar.bz2 doesn't seem to exist in /usr/ports/distfiles/.
=> Attempting to fetch
http://gnupg.org.favoritelinks.net/libgcrypt/libgcrypt-1.5.0.tar.bz2
fetch: http://gnupg.org.favoritelinks.net/libgcrypt/libgcrypt-1.5.0.tar.bz2:
size unknown
fetch: http://gnupg.org.favoritelinks.net/libgcrypt/libgcrypt-1.5.0.tar.bz2:
size of remote file is not known
libgcrypt-1.5.0.tar.bz2   4634  B 5734 kBps
===>  License GPLv2 LGPL21 accepted by the user
=> SHA256 Checksum mismatch for libgcrypt-1.5.0.tar.bz2.
===>  Giving up on fetching files: libgcrypt-1.5.0.tar.bz2
Make sure the Makefile and distinfo file
(/usr/ports/security/libgcrypt/distinfo)
are up to date.  If you are absolutely sure you want to override this
check, type "make NO_CHECKSUM=yes [other args]".


Anyone else run into this?

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: libgcrypt SHA256 mismatch?

[Kurt Buff]

On Wed, Sep 28, 2011 at 18:45, Lars Eighner  wrote:
> On Wed, 28 Sep 2011, Kurt Buff wrote:
>
>> All,
>>
>> I've just spun up a new 8.2-RELEASE VM, and gotten a fresh ports tree.
>> I tried to install XFCE4, but it has ended with an error:
>>
>> ===>    Verifying install for gcrypt.18 in /usr/ports/security/libgcrypt
>> ===>  License GPLv2 LGPL21 accepted by the user
>> ===>  Extracting for libgcrypt-1.5.0
>> => SHA256 Checksum mismatch for libgcrypt-1.5.0.tar.bz2.
>> ===>  Refetch for 1 more times files: libgcrypt-1.5.0.tar.bz2
>> ===>  License GPLv2 LGPL21 accepted by the user
>> => libgcrypt-1.5.0.tar.bz2 doesn't seem to exist in /usr/ports/distfiles/.
>> => Attempting to fetch
>> http://gnupg.org.favoritelinks.net/libgcrypt/libgcrypt-1.5.0.tar.bz2
>> fetch:
>> http://gnupg.org.favoritelinks.net/libgcrypt/libgcrypt-1.5.0.tar.bz2:
>> size unknown
>> fetch:
>> http://gnupg.org.favoritelinks.net/libgcrypt/libgcrypt-1.5.0.tar.bz2:
>> size of remote file is not known
>> libgcrypt-1.5.0.tar.bz2                               4634  B 5734 kBps
>> ===>  License GPLv2 LGPL21 accepted by the user
>> => SHA256 Checksum mismatch for libgcrypt-1.5.0.tar.bz2.
>> ===>  Giving up on fetching files: libgcrypt-1.5.0.tar.bz2
>> Make sure the Makefile and distinfo file
>> (/usr/ports/security/libgcrypt/distinfo)
>> are up to date.  If you are absolutely sure you want to override this
>> check, type "make NO_CHECKSUM=yes [other args]".
>>
>>
>> Anyone else run into this?
>
> The source file is being truncated because fetch loses its connection for
> one reason or another.  Many servers now cut you off if you are at dial-up
> speeds because "net fairness" means broadband users always go to the front
> of the line.
>
> You can make a shell script to fetch the file and keep running it until you
> finally get the whole file a piece at a time or you can try ftp.  When you
> have the whole source file (check it against distinfo) place it in
> /usr/ports/distfiles. Things should go fine.
>
> "Checksum mismatch" nearly always means a truncated file.  I cannot ever
> remember seeing it otherwise.  Do not override it with NO_CHECKSUM.  That
> will be useless with a truncated file and worse than useless if a security
> port really has been tampered with.

Interesting. I found out what the problem is, but haven't figured out
how to work around it.

As a test, I put the URL
(http://gnupg.org.favoritelinks.net/libgcrypt/libgcrypt-1.5.0.tar.bz2)
into a web browser, and found that it's being blocked by our web
filter, because the site is marked as also serving adult content. The
supposed tarball in /usr/ports/distfiles is the response from the web
filter, so it's junk.

After repeated fetches, that is the only site my machine is using to
grab the tarball. How to I tell the machine to vary its download sites
(if indeed there are alternatives?)

In the Makefile I see the line

 MASTER_SITES=   ${MASTER_SITE_GNUPG}

which I'd bet controls how it finds what sites to visit, but don't
know anything beyond that.


Thanks,

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: libgcrypt SHA256 mismatch?

[Kurt Buff]

On Thu, Sep 29, 2011 at 10:32, Adam Vande More  wrote:
> On Thu, Sep 29, 2011 at 12:21 PM, Kurt Buff  wrote:
>>
>> In the Makefile I see the line
>>
>>     MASTER_SITES=   ${MASTER_SITE_GNUPG}
>>
>> which I'd bet controls how it finds what sites to visit, but don't
>> know anything beyond that.
>>
>
> Maybe RANDOMIZE_MASTER_SITES would help?

Scurries off to web to start reading...

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Upgrading from 6.2-RELEASE?

[Kurt Buff]

I have gotten custody of an old machine running the aforementioned,
and it's in production. I can take it down for a couple of hours if
necessary, but would prefer to have it down as little as possible.

What are my options for getting it to a supported release - looking at
the handbook it doesn't appear the the freebsd-update utility will
work in this case, as it's not 6.3? Can I, for instance, boot from a
CD of a supported version and do an upgrade, or am I stuck doing a
download of sorce for 7.0-RELEASE, compiling that, and then an
freebsd-update to 7.4?

Thanks,

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: My tribute to Dennis Ritchie

[Kurt Buff]

A fitting tribute, except for one line...

On Wed, Oct 19, 2011 at 08:07, Paul Schmehl  wrote:
> # grep -ir Ritchie /usr/src/*

> /usr/src/usr.bin/calendar/calendars/calendar.music:04/14        Ritchie
> Blackmore (Deep Purple, Rainbow) is born, 1945

I don't know if Dennis Ritchie was a fan of Deep Purple...

Heh.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Upgrading from 6.2-RELEASE?

[Kurt Buff]

On Wed, Oct 19, 2011 at 12:03, Chuck Swiger  wrote:
> On Oct 19, 2011, at 11:55 AM, Kurt Buff wrote:
>> I have gotten custody of an old machine running the aforementioned,
>> and it's in production. I can take it down for a couple of hours if
>> necessary, but would prefer to have it down as little as possible.
>
> The most straightforward solution would be to build out and validate a new 
> system running FreeBSD-7.4 or 8.2, and drop it in place of the old box.  If 
> all is good, decommission the old hardware.

I agree. I've already got a new VM started with 8.2. I'm trying to see
if I can migrate the data to the new host, but it's not finished yet,
and the old box's ports aren't functioning and can't be upgraded, so
I'm stuck in a bit of a scramble.

>> What are my options for getting it to a supported release - looking at
>> the handbook it doesn't appear the the freebsd-update utility will
>> work in this case, as it's not 6.3? Can I, for instance, boot from a
>> CD of a supported version and do an upgrade, or am I stuck doing a
>> download of sorce for 7.0-RELEASE, compiling that, and then an
>> freebsd-update to 7.4?
>
> You can do either.  However, it's probably easier to just download and burn 
> the 7.4 or 8.2 image, and do an upgrade directly than it would be do upgrade 
> via source to 7.0-RELEASE and then try freebsd-update.

Gotta love conflicting answers from you and Adam

I've got an ISO of 7.4. I think I'll do a dump of my data to a remote
machine, do the update, and see what that gets me.

Thanks,

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Upgrading from 6.2-RELEASE?

[Kurt Buff]

On Wed, Oct 19, 2011 at 12:49, Chuck Swiger  wrote:
> On Oct 19, 2011, at 12:45 PM, Kurt Buff wrote:
>>> You can do either.  However, it's probably easier to just download and burn 
>>> the 7.4 or 8.2 image, and do an upgrade directly than it would be do 
>>> upgrade via source to 7.0-RELEASE and then try freebsd-update.
>>
>> Gotta love conflicting answers from you and Adam
>
> Well, you did ask for opinions.  They tend to not be conflict-free :-)

Well, I *actually* asked for free technical assistance, but I know
that the same maxim applies. ;-o

> I haven't had problems doing a reinstall from a new ISO image to update a 
> FreeBSD box which was
> more than a major release out of date.  But, I was at pains to verify that I 
> had complete backups and
> time to rollback if needed, and I also made sure to rebuild all of the ports 
> after doing the OS reinstall/upgrade.

That is also definitely part of the plan...

>> I've got an ISO of 7.4. I think I'll do a dump of my data to a remote
>> machine, do the update, and see what that gets me.
>
> OK.

Thanks for your help!

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Re-sending selected e-mail messages

[Kurt Buff]

On Wed, Feb 13, 2013 at 3:49 PM, Polytropon  wrote:
> I need a way to automatically re-sent stored e-mail messages
> according to some criteria and like to ask for advice or
> suggestions for an already existing solution before I start
> reinventing the wheel. :-)
>
> The messages in question are stored in MH format. This is a
> tree where a mailbox equals a directory, and the individual
> files in that directory equal the messages. They are numbered
> 1, 2, 3, 4, ..., and so on. Each message is in
>
> Content-Type: text/plain; charset=ISO-8859-1
> Content-Transfer-Encoding: quoted-printable
>
> or
>
> Content-Type: text/plain; charset=US-ASCII
> Content-Transfer-Encoding: 7bit
>
> or maybe even
>
> Content-Type: text/plain; charset=UTF-8
> Content-Transfer-Encoding: 8bit
>
> text format. Some of them might contain an attachment, which
> is "included" in the file with something like
>
> --Multipart=...
> Content-Type: ...;
>  name="..."
> Content-Disposition: attachment;
>  filename="..."
> Content-Transfer-Encoding: base64
> --Multipart=...---
>
> Some messages are "fully multipart".
>
> So when iterating on ~/Mail/sent/1,2,3,4,5,... I get all the
> messages. Each third line, "To:", is the criteria to look at.
> If it matches a given recipient, the mail should be sent again.
> This can easily be done by the system's mailer which is properly
> configured (and uses ISP's MX), so | mail -s "maybe new subject"
> is possible. The message should already be properly pre-composed.
>
> What is the easiest way to do this without reinventing the wheel,
> or should I? :-)

Perhaps mini_sendmail? Seems fairly capable, and scriptable.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: pkg_version says my ports need to be updated?

[Kurt Buff]

Read the relevant portions of the handbook
Chapter 5:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ports.html

Chapter 25:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/updating-upgrading.html

Then also:
man portmaster
man freebsd-update


On Mon, May 27, 2013 at 11:49 AM, Ed Flecko  wrote:
> Thank you both!
>
> Since I want to know the "correct" way (or one of I'm sure many correct
> ways) of initially installing the OS and then getting it up to date (and
> staying up to date), can you tell me what I did wrong and/or what I might
> want to do differently?
>
> Ed
>
>
> On Mon, May 27, 2013 at 11:16 AM, Matthew Seaman wrote:
>
>> On 27/05/2013 19:00, Ed Flecko wrote:
>> > Clearly, I'm doing something wrong.
>> >
>> > :-)
>> >
>> > I thought I was using svn to keep my ports, src and docs up to date, but
>> > pkg_version seems to disagree.
>> >
>> > I'm running 9.1 and I've installed ports, src, and docs as part of my
>> > install. After that, I use subversion to (I thought) make sure everything
>> > was up to date.
>> >
>> > I ran these commands:
>> >
>> > /usr/local/bin/svn up /usr/src
>> >
>> > /usr/local/bin/svn up /usr/ports
>> >
>> > /usr/local/bin/svn up /usr/doc
>> >
>> > and then I ran:
>> >
>> >
>> > pkg_version -vIL =
>> >
>> >
>> >
>> > and it says "< needs updating (index has ...) on about 1 dozen items. So
>> my
>> > "index" is out of sync with my ports???
>> >
>> > What did I screw up and how do I correct it?
>>
>> You seem to have updated the ports tree, which is a collection of
>> recipes for how to build ported software, but not actually updated by
>> rebuilding any of the ported software that has become out of date.
>>
>> Try installing ports-mgmt/portmaster and then running
>>
>> portmaster -a
>>
>> Cheers,
>>
>> Matthew
>> --
>> Dr Matthew J Seaman MA, D.Phil.
>> PGP: http://www.infracaninophile.co.uk/pgpkey
>>
>>
>>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: What's wrong here? Can't reinstall graphics/lcms2

[Kurt Buff]

On Tue, Aug 20, 2013 at 10:23 AM, Walter Hurry  wrote:
> $ sudo portupgrade -f graphics/lcms2

> => Please update your ports tree and try again.
> *** [check-vulnerable] Error code 1
>
> I have of course updated the ports tree but it made no difference.

Try updating ports again. I was successful in updating lcms2 this
morning on a couple of boxes, after failures yesterday.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Network Question

[Kurt Buff]

On Thu, Sep 12, 2013 at 11:51 AM, Adam Vande More  wrote:
> On Thu, Sep 12, 2013 at 1:45 PM, Daniel Nang wrote:
>
>> Hello,
>>
>> I have two computers, both running FreeBSD, accessing the
>> web via DHCP from the router. The setup looks like this:
>>
>>
>>Internet
>> |
>> |
>> |
>> machine1.example.com --- Router --- machine.2.example.com
>>  - DHCP -- DHCP -
>>
>>
>> Both computers can access the internet with no problems.
>> So far so good...
>>
>> My question is, if I can simultaneously have the computers access
>> the net as in the given picture and also let them communicate with
>> each other e.g. via ssh?
>>
>
>
> machine1# ssh `ip of machine2`


There's the rub. How do you determine the IP address of the other machine?

DHCP, unless configured with reservations, doesn't guarantee IP
addresses to remain the with machines that request addresses.

So, there are two ways to solve this problem:

o- As I mention above, use reservations in DHCP to tie IP addresses to
MAC addresses - this is a fairly manual process, and doesn't scale
beyond a few machines..

o- Use a DNS/DHCP solution whereby DNS is dynamically updated with an
IP address by the DHCP server when a machine leases an IP address to a
machine. This requires some work up front, but then takes care of
itself, so scales fairly well.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Ntop on 6.0

[Kurt Buff]

Drew Tomlinson wrote:
> I installed ntop 3.2_1 from the ports on a machine running FBSD 6.0.  It
> appeared to install fine and seems OK when I start it.  However whenever
> I try and access it via a browser, I just get a blank page.  ntop
> reports the following warning:
> 
> Tue Dec 20 14:20:58 2005  **WARNING** gzflush error -2(stream error)
> 
> It does this with each access attempt.  I've googled and learned that
> ntop creates compressed files and uses zlib to uncompress them on the
> fly.  I assume my problem has something to do with this process?
> 
> Any ideas on what to check or how to resolve?
> 
> Thanks,
> 
> Drew
> 

Is this a fresh install of 6.0? I've got a fresh install of FBSD 6.0 and
ntop 3.2_1 from ports, and don't have this problem.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Ntop on 6.0

[Kurt Buff]

Drew Tomlinson wrote:
> On 12/20/2005 3:06 PM Kurt Buff wrote:
>> Drew Tomlinson wrote:
>>
>>> I installed ntop 3.2_1 from the ports on a machine running FBSD 6.0.  It
>>> appeared to install fine and seems OK when I start it.  However whenever
>>> I try and access it via a browser, I just get a blank page.  ntop
>>> reports the following warning:
>>>
>>> Tue Dec 20 14:20:58 2005  **WARNING** gzflush error -2(stream error)
>>>
>>> It does this with each access attempt.  I've googled and learned that
>>> ntop creates compressed files and uses zlib to uncompress them on the
>>> fly.  I assume my problem has something to do with this process?
>>>
>>> Any ideas on what to check or how to resolve?
>>>
>>> Thanks,
>>>
>>> Drew
>>
>> Is this a fresh install of 6.0? I've got a fresh install of FBSD 6.0 and
>> ntop 3.2_1 from ports, and don't have this problem.
>>
> Thanks for your reply.  Yes, it's fairly fresh.
> 
> FreeBSD blacksheep.mykitchentable.net 6.0-STABLE FreeBSD 6.0-STABLE #4:
> Thu Dec  1 11:33:29 PST 2005
> 
> Any ideas?
> 
> Thanks,
> 
> Drew

This isn't an upgrade of FBSD 4.x or 5.x, is it? Or an upgrade of an
older version of ntop? The reason I ask is that this was a problem that
was noted in ntop 2.something under 4.x and 5.x. If you google for the
specific error message:

http://www.google.com/search?hl=en&lr=&q=ntop+freebsd+%22gzflush+error%22&btnG=Search

you'll see stuff like that talked about in several places.

I just flattened the box when I upgraded the OS, starting from a fresh
install of 6.0, then cvsupping the ports to get ntop current, and all
has been well since.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Ntop on 6.0

[Kurt Buff]

Drew Tomlinson wrote:
> 
> Been Googling all day and I've seen those posts.  However I just
> realized it was you.  :)

Well, not *just* me. :)

> I just edited the Makefile to add --without-zlib and am recompiling
> now.  We'll see if that works around this problem for now.  But I'd sure
> like to know why things aren't working on my machine?  AFAIK, I did a
> standard install and haven't done much with the box since.  It just
> serves as my gateway router for my home network so there's not much on it.

I didn't need to do that. However, I've found the ntop list to be
useful, so it might be worthwhile subscribing to that for a while.

> Thanks,
> 
> Drew
> 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: freebsd as ghosting server for windows boxen

[Kurt Buff]

Peter wrote:
> What is the best way to use FreeBSD (6.0) as a centralized server to ghost
> windows client images over the network?  I have been thinking of g4u and
> there is the commercial acronis.  Any suggestions out there?
> 
> --
> Peter

http://unattended.sf.net
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Arpwatch?

[Kurt Buff]

All,

I've installed arpwatch-2.1.a13_2 on FBSD 6.0 (6.0-RELEASE #0 GENERIC
I386), and it looks like it installed just fine.

However, when I run the rc.d script (/usr/local/etc/rc.d/arpwatch.sh
start) to start it, nothing happens, except that it echoes 'meuh' and
then dies - I found that string in the script, so that seems to be
working, as far as that goes.

I'm wanting to accept defaults for the startup, so haven't edited the
script, nor am I passing any arguments on the command line.

Man arpwatch doesn't reveal anything to me - it's kinda terse, per usual.

However, I am running ntop on the same box, if that makes a difference.

Anyone out there knowledgable about this, and can tell me what goof I'm
making?

Thanks,

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Log analysis server suggestions?

[Kurt Buff]

Ashley Moran wrote:
> Until recently I had a server running syslog-ng set to archive all logs into 
> server/year/month/day/ directories.  Now the server is running in amd64, 
> we've lost our hi-res scrolling display so I want to look at a better log 
> watching system.
> 
> I've read about logging to a database.  I quite like the idea of storing our 
> logs in PostgreSQL (I don't like MySQL and don't want to get involved in 
> administering a second database).  I know I can log to a PG database quite 
> easily, but I don't know how I can get the data back out without writing 
> manual queries.
> 
> Here is what I need:
> 
> - Logs stored for the last 6 months or so, and easily searchable
> - Live log watching
> - Log analysis
> 
> I might try swatch for the live log watching as this is not affected by the 
> choice of log storage and seems the best tool for the job.
> 
> As for searching / analysis, I've seen php-syslog-ng 
> ( http://www.vermeer.org/projects/php-syslog-ng ), which looks very basic, 
> and phpLogCon ( http://www.phplogcon.com/ ), which does not support PG 
> anyway.  Is there anything better GUI-wise?
> 
> Maybe I am best keeping the logs in text files for now, and spending more 
> time 
> on swatch.
> 
> Any thoughts?
> 
> Cheers
> Ashley

http://www.loganalysis.org, and the related listserv might be well worth
your time...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

SSHD working in a funky fashion

[Kurt Buff]

All,

I have set up a desktop box with 3 dual port Intel NICs as a router,
which function it seems to be performing just fine.

I used to be able to ssh into the box from my Windows machines with no
problem, but now it hangs after I enter the user name - it won't come
back with the password prompt.

It's FreeBSD 6.0 Release, and I've installed samba/cups on it, with
nothing else on it.

I'm not seeing any particular errors in syslog or in dmesg, except
when I try to connect to via putty from my Windows boxen. Then it
says:

sshd: fatal: timeout before authentication from 192.168.11.63

I'm not having this problem with my other FreeBSD 6.0 Release boxes,
which are running things like ntop and
postfix/amavisd-new/clamav/spamassassin.

Can anyone point me in a useful direction for troubleshooting this?

Thanks

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: SSHD working in a funky fashion

[Kurt Buff]

On 2/28/06, Alex Zbyslaw <[EMAIL PROTECTED]> wrote:
> Kurt Buff wrote:
> >sshd: fatal: timeout before authentication from 192.168.11.63
> >
> Can you ssh from one of your other FreeBSD boxes to this box?  If not
> then try "ssh -v -v -v" which may point you in the right direction.

Well, today it's working, but it's veeyyy slow to log
into, from the Windows boxes. From the FreeBSD boxes it's just a bit
slow to log in.

> If it's just Windows which can't login, then try running sshd in debug
> mode and see if that tells you anything.  from man sshd
>
>  -d  Debug mode.  The server sends verbose debug output to the
> system
>  log, and does not put itself in the background.  The server
> also
>  will not fork and will only process one connection.  This
> option
>  is only intended for debugging for the server.  Multiple -d
>  options increase the debugging level.  Maximum is 3.
>
> If none of that shows anything useful, then maybe you have some network
> level problem.  Does any kind of connection from Windows work?  E.g.
> Samba shared drive?  Ftp?  Or even (for testing only) telnet, since
> putty does that too?

Don't have telnet or ftp running, but I'm able to browse the samba
shares just fine.

> If it's a network level problem, then some more info about your topology
> might be helpful.  E.g. are all these machines on the same LAN segment
> connected to the same switch?

One Windows box is on a different subnet but the same (layer3) switch,
one is on a different switch but same subnet, and the FreeBSD boxes (3
of them) are on the same switch and subnet.

> PS I assume you've tried your error message through google?

Yup - lots of hits, but not much meat.

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"