Re: Problem completing a 9.1 release to 9.2 release upgrade

[Matthew Seaman]

On 06/10/2013 04:51, Eric Feldhusen wrote:
> I figured I'd walk through those steps from start to finish and just
> correct my main problem and any other little glitches I might have.
> 
> I'm on step 6 and when I run mergemaster -p, I get the following error.
> 
> *** Creating the temporary root environment in /var/tmp/temproot
>  *** /var/tmp/temproot ready for use
>  *** Creating and populating directory structure in /var/tmp/temproot
> 
> /usr/bin/install: Undefined symbol "gid_from_group"
> 
>   *** FATAL ERROR: Cannot copy files to the temproot environment
> 
> I found this thread on the Freebsd forums
> http://forums.freebsd.org/showthread.php?t=41779 with the same error and if
> I do the same diagnostic steps of
> 
> truss install -d -g wheel ~/testdirectory
> 
> I find an error of
> 
> lstat("/usr/local/etc/libmap.d",0x7fffb990) ERR#2 'No such file or
> directory'
> 
> Any suggestions? Thank you for the help thus far.

The 'undefined symbol' error means you have a binary which is somehow
not dynamically linking against the shared libraries it was compiled to
use.  As install(1) has pretty simple dynamic library usage -- just
libmd and libc:

# ldd /usr/bin/install
/usr/bin/install:
libmd.so.5 => /lib/libmd.so.5 (0x800822000)
libc.so.7 => /lib/libc.so.7 (0x800a33000)

... and libmd.so just contains code for computing various checksums,
nothing to do with groups and GIDs.  This suggests that your libc.so is
somehow incompatible with your /usr/bin/install.  Which really shouldn't
be the case given that you'ld previously used freebsd-update to upgrade
your userland to 9.2-RELEASE.

Things to double check:

   * you haven't been faffing about with /etc/libmap.conf -- that file
 or any file it includes should basically be empty except in quite
 unusual circumstances.  Remember folks: libmap is not your
 solution of choice.  It's what you turn to when there are no other
 viable alternatives.

   * Your freebsd-update really has been updating the source tree you
 attempted to upgrade from.  Check /etc/freebsd-update.conf.  By
 default it contains:

# Components of the base system which should be kept updated.
Components src world kernel

 If you don't have src in there your buildworld procedure will at
 best be trying to take you back down to 9.1-RELEASE-p???, and at
 worst trying to create some unholy mixture of 9.2 kernel with
 earlier bits of the system.

I think you should be able to recover to a system managed via
freebsd-update by something like:

   # vi /etc/freebsd-update.conf
   { Make sure you're getting 'src world kernel' components as shown
 above }
   # freebsd-update fetch
   # freebsd-update install

but I haven't tested that so ICBW.  In any case, this should get you
back to the state where you have a 9.2-RELEASE world but your modified
9.1-RELEASE kernel.  If you still need a custom kernel then you can
build and install it like so:

   # cd /usr/src
   # make KERNCONF=MYKERNEL buildkernel
   # make KERNCONF=MYKERNEL installkernel

and reboot.  Otherwise, I'm not sure exactly how you'ld revert from a
custom kernel to the standard generic kernel you'ld normally get via
freebsd-update.  What I'd try is moving aside my customized kernel and
re-running freebsd-update:

   # cd /boot
   # mv kernel kernel-MYKERNEL
   # freebsd-update install

If that creates a new /boot/kernel and populates with a new kernel and
many loadable modules then you're golden.  If not, move your saved
kernel back into place (mv kernel-MYKERNEL kernel) and ask here again.

The 'no such file or directory' error for /usr/local/etc/libmap.d thing
is a false problem: /usr/local/etc/libmap.d is an optional directory --
all you are seeing is install(1) trying to open it and discovering that
it doesn't exist.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: Problem completing a 9.1 release to 9.2 release upgrade

[Matthew Seaman]

On 05/10/2013 21:41, Polytropon wrote:
> On Sat, 5 Oct 2013 16:00:25 -0400, Eric Feldhusen wrote:
>>  I see my /usr/src/sys/amd64/conf/GENERIC is a 9.2 kernel, so I should just
>> be able to do a
>>
>> cd /usr/src
>> make buildworld
>> make installworld
>> reboot
>>
>> and I'll be running up on the 9.2 kernel and then I'll be all set?
> 
> No. You should follow the procedure mentioned in the
> comment header of /usr/src/Makefile. From my (old)
> b-STABLE system:
> 
> #  1.  `cd /usr/src'   (or to the directory containing your source tree).
> #  2.  `make buildworld'
> #  3.  `make buildkernel KERNCONF=YOUR_KERNEL_HERE' (default is GENERIC).
> #  4.  `make installkernel KERNCONF=YOUR_KERNEL_HERE'   (default is GENERIC).
> #   [steps 3. & 4. can be combined by using the "kernel" target]
> #  5.  `reboot'(in single user mode: boot -s from the loader prompt).
> #  6.  `mergemaster -p'
> #  7.  `make installworld'
> #  8.  `make delete-old'
> #  9.  `mergemaster'(you may wish to use -i, along with -U or -F).
> # 10.  `reboot'
> # 11.  `make delete-old-libs' (in case no 3rd party program uses them anymore)
> 
> Pick what you need to do. When kernel and world sources are
> in sync, a new kernel can always be installed in multi-user
> mode. To install world, you should drop to single-user mode
> to avoid interferences with a full-featured system running
> in the "background". This procedure (or parts of it) will
> also work when you have been using freebsd-update to modify
> your kernel, world, and sources.
> 

Errrmm... The OP is maintaining his system using freebsd-update -- just
building and installing a replacement kernel from the source tree
installed via freebsd-update is in fact perfectly OK and a supported way
to manage a FreeBSD system.

While you are quoting the official instructions from /usr/src/UPDATING
here (so they are completely correct in that sense) these are the
instructions to do something rather different to what the OP intended.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Problem completing a 9.1 release to 9.2 release upgrade

[Matthew Seaman]

On 05/10/2013 20:11, Eric Feldhusen wrote:
> I have a server that was/is running 9.1 release that I tried to upgrade to
> 9.2 release.  I missed the step of updating to the latest 9.1 patches by
> doing
> 
> freebsd-update fetch
> freebsd-update install
> 
> I went right to
> 
> freebsd-update upgrade -r 9.2-RELEASE
> freebsd-update install
> 
> rebooot
> 
> freebsd-update install
> 
> reboot again
> 
> But my system still comes up as 9.1 release.
> 
> Any suggestions on the steps to fix my goof?

Did you replace the generic kernel from 9.1-RELEASE with something you
compiled yourself?  If so, you may well have caused freebsd-update to
ignore any modifications to the kernel.

You can fix that by re-compiling a kernel using the 9.2-RELEASE sources
and basically the same kernel configuration as for 9.1 (you will need to
check for 9.2 related differences to the configuration, but these are
likely to be pretty minor or not needed at all.)

If you aren't using a customized kernel, then has the kernel in the
standard location on your system actually been updated?  You can tell if
it's a 9.2 kernel by running strings(1) against the kernel binary, like so:

   # strings /boot/kernel/kernel | grep RELEASE

If that's clearly a 9.2 kernel, then are you actually booting up from a
different kernel somewhere else on your system?   First of all, are
there any other copies of FreeBSD kernels around anywhere -- on
memsticks, or on split mirrors perhaps?  You may need to fiddle with the
bios settings or interrupt the boot sequence and type things directly at
the loader if so.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: zfs over geli over zfs

[Matthew Seaman]

On 03/10/2013 17:20, Nikos Vassiliadis wrote:
> I am after a really specific use-case and the last minute transactions
> are important. Using a zpool over geli over a zvol. I'd like to know if
> during shutdown the kernel flushes all zfs files caches in order so
> these last minutes transactions won't be lost. The unmounting order is
> far from obvious (zfs over geli over zfs) and i wonder if such a scheme
> will succeed. I can't afford losing the last transactions of my home dir
> every time i shutdown my laptop;)

If it's a normal clean shutdown, then yes, all pending transactions will
be committed to persistent storage.

Normally you'ld do something like this by creating geli devices on disk
partitions (usually via gpt nowadays), and then creating your zpool from
those geli devices.  (Typically you'ld just use one geli device in your
zvol, which doesn't offer any resilience but avoids potential
cryptographical fubars like having two crypttexts known to come from the
same plaintext: something that can make it considerably easier to break
the encryption.

Using a zfs exported as a raw device layered with geli is a good way to
get round that, but I think you're probably better off creating a
standard UFS on top of the geli partition, rather than creating a second
layer of zpool and zfses.

(I don't actually know: this is just me guessing without ever having
tried this in practice.  I'll willingly cede to anyone with actual
experience of this sort of thing.)

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Where is pkg repository for 9.2-RELEASE (amd64)?

[Matthew Seaman]

On 02/10/2013 21:07, Winston wrote:
> Summary:
> 
> Where is the (U.S.) pkg(ng) repository for amd64 9.2-RELEASE (i.e.,
> what's the right URI for PACKAGESITE in pkg.conf)?
> 
> 
> Things I tried that didn't work:
> 
> * pkg_add -r pkg  didn't create /usr/local/etc/pkg.conf
> 
> * pkg.conf.sample suggests "http://pkg.freebsd.org/${ABI}/latest";,
>   but the host name pkg.freebsd.org does not DNS resolve for me.
> 
> * URLs using pkgbeta.FreeBSD.org didn't work, and
>   http://pkgbeta.FreeBSD.org/  itself says
>   "Currently this site only contains pkg bootstrap files!"

Yeah -- and the bootstrap pkg on pkgbeta is severely out of date and has
some problems with the up to date DB schema.

Use PACKAGESITE=http://pkg-test.freebsd.org/pkg-test-${ABI}/latest

That's the kit that will form the official FreeBSD package repository;
it just lacks the crypto bits for signing the packages, which is why
it's calling itself 'pkg-test'

Oh -- there isn't an A record in the DNS for pkg-test.freebsd.org --
look up a SRV record for _http._tcp.pkg-test.freebsd.org instead.

(Yes, this is counter to RFC 2616.
https://github.com/freebsd/pkg/issues/550  There are moves afoot to
change to a new set of URL schemes: pkg+http://, pkg+https://,
pkg+ssh:// etc. but these are still under development)

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: zfs flag denoting unclean shutdown?

[Matthew Seaman]

On 02/10/2013 16:34, Nikos Vassiliadis wrote:
> Is there a way to know if a zfs pool had an unclean shutdown?
> An attribute or maybe something during mount time similar to what ufs
> does (WARNING: / was not properly dismounted)?

Other than looking at the system logs for evidence of an abnormal
shutdown, no.  (Absence of anything in the logs is pretty good evidence
for the system falling over pretty hard... Usually something to do with
the power being turned off.)

However, due to the design of ZFS unclean shutdowns like this are
nowhere near as problematic as on UFS.  Basically, you're guaranteed
that what is written on disk is always consistent.  You might lose a few
transactions -- essentially the last few seconds of file system activity
-- but that doesn't usually make a great deal of difference after the
system reboots again.  Oh, yeah -- absolutely no time will be needed to
be spent cleaning and repairing filesystems: with ZFS, reboot after
crash is as fast as a normal reboot.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: after pkgng update, daily run still using pkg_info

[Matthew Seaman]

On 30/09/2013 06:09, Gary Aitken wrote:
>>> On 09/28/13 10:52, Gary Aitken wrote:
>>> After switching to pkgng, I noticed that my daily run output constantly
>>> complains about the installed packages being corrupt, e.g.:
>>>   "pkg_info: the package info for package 'asciidoc-8.6.8_1' is corrupt"
>>>
>>> The problem is with
>>>   etc/periodic/daily/490.status-pkg-changes
>>> which is still using "pkg_info" instead of "pkg info"
>>>
>>> Was this script supposed to be automatically updated as part of the
>>> conversion?  What's the "right" way to upgrade this on a 9.1 release
>>> system?  Or should I just edit the script by hand and be done with it?
>>
>> On 09/28/13 13:57, Mark Felder wrote:
>> Run pkg_info. If there is anything listed you have not fully converted
>> to pkgng and have some old broken/corrupt packages. You'll want to clean
>> this up.
> 
> What does "clean this up" mean, and how does one go about it, given the
> system is converted to using pkgng?  There is no /var/db/pkg/pkgdb.db
> 
> Some of the packages reported as corrupt were installed *after* the
> conversion to pkgng, so why is pkg_info even noticing them?
> "pkg info" reports 705 packages installed, and installs and re-installs
> using portmaster seem to be working.  "pkg_info" reports 14 "good"
> packages and 658 "corrupt" packages.  If pkg_info is picking up packages
> installed after the conversion, why doesn't the sum of good and corrupt
> packages equal the number pkg reports?
> 
> It was my understanding that after switching to pkgng, the pkg_* cmds should
> no longer be used.  If that's the case, shouldn't the daily script have been
> modified by the upgrade process?

Hi, Gary,

Yes, you're correct that the pkg_info command should no longer be used
after pkgng-ifying your system.  Not because it's harmful or lead to any
sort of breakage but simply because it won't return any meaningful
information.

Ideally, there shouldn't really be any of the old style package metadata
left in /var/db/pkg after running pkg2ng but the conversion process may
occasionaly stumble over the odd port or two.  (In which case force the
port in question to re-install.  If you're using a package repository,
that's 'pkg install -f pkgname' -- otherwise, just
use the normal portmaster / portupgrade command you'ld have used pre-pkgng.)

If you are a portmaster user be aware that it does store various bits to
do with managing distfiles in /var/db/pkg/pkgname-ver/ subdirectories.
These shouldn't be confused with old style pkg_install metadata -- the
distinguishing feature is if they contain a +CONTENTS file.

As to why pkg2ng doesn't disable pkg_install related periodic jobs --
pretty much because no one has implemented that. pkg comes with it's own
set of periodic job scripts which should give you the equivalent set of
reports via the pkg local database, so all we'd need to do is turn off
any old pkg_install script and turn on the pkg equivalent.

I've just created a new issue on github for that:

https://github.com/freebsd/pkg/issues/599

Patches -- or even better, pull requests -- are welcome.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Gnome green screen of death

[Matthew Seaman]

On 27/09/2013 04:34, leeoliveshackelf...@surewest.net wrote:
> Good afternoon, dear FreeBSD enthusiast.  I have installed X11 and Gnome on 
> my computer equipped with FreeBSD 9.1. The X11 
> and Gnome packages were taken from the d.v.d.-r.o.m. that 
> contained the operating system.  The computer is an H.P. Z220 
> with an Intel Xeon quad-core processor.  I do not want Gnome 
> to start automatically on bootup.  I wish to call it from the 
> command line on the local console.  When I have finished 
> working with Gnome, I expect the operating system to return me 
> to console session from which Gnome was called.  I have 
> started Gnome with the command "exec gdm-session".  I do not 
> know if the "exec" keyword is necessary, but it worked.  When I 
> am finished working with Gnome, I click on the logoff (or 
> logout?) button.  The screen turns solid green with none of 
> icons, characters, image, or splash.  The computer does not 
> respond to the keyboard.  When I cut the power to the computer, 
> and then reboot, I receive a sequence of messages complaining 
> that ada0s3a, ada0s3d, and so on, are corrupt, and that I must 
> run fdsk.  What am I doing wrong here?  The following error messages, which 
> are shown only partially because they flash quickly on the screen, appear 
> before Gnome starts:  

There's a number of things:

  -- you seem to be logging into your X environment as root.
 This is not a particularly good idea.  Much better to
 create yourself a normal user account for that, and use
 su(1) or sudo(1) to take rootly powers as required.

  -- You don't say what sort of graphics card the system has.
 If you look at /var/log/Xorg.log.0 (or something similar to
 that) it will have that information amongst a lot of other
 stuff.

 The nature of the graphics card is important, because some
 models don't switch back to console mode from graphics mode
 very well.  It's a known bug, and unfortunately if you have
 one of those models the best advice at the moment is to run
 a display manager (xdm, kdm, slim) and always use a graphical
 login.

  -- The use of 'exec' in ~/.startx is correct, but not if you're
 typing that from the shell command prompt.  What exec does is
 *replace* the current process with the one you called.  That's
 fine if you're replacing the (very small) shell script that is
 ~/.startx, but not if you're replacing your login shell.

 The recommended way to start X from the command line is to set up
 a ~/.startx script (which could contain just your 'exec
 gdm-session' command, or quite a bit more.  Then type startx to
 (like it says on the tin...) start X.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: PKGNG

[Matthew Seaman]

On 09/20/13 10:59, Mehmet Erol Sanliturk wrote:
> The following links are not accessible ( at least from Turkey ) :
> 
> http://pkg-test.freebsd.org/
> http://pkg-test.freebsd.org/pkg-test-amd64/
> http://pkg-test.freebsd.org/pkg-test-i386/
> 

pkg-test.freebsd.org is a SRV record, not an A record[*].  pkg(8) will
be able to find the repo given the information I showed.

Also ${ABI} in pkg.conf expands to a string like freebsd:9:x86:64 which
includes more than just the CPU architecture.

Cheers,

Matthew

[*] This usage is not in compliance with RFC 2616 so the URL will need
to be changed at some point.  See https://github.com/freebsd/pkg/issues/550


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: PKGNG

[Matthew Seaman]

On 09/20/13 05:05, Ethan W. House wrote:
> What is the status of pkgng. The handbook says to use it but else were it
> says that the repos are empty due to a security incident last November.
> 
> Are there beta repos hidden somewhere that can be used? The reason I ask is
> I want to install packages like Gimp and LibreOffice which will take a
> fortnight on my laptop to compile. I tried pkg_add but that broke
> everything when I updated to 9.2.

pkgng is in rude health.  It's certainly usable -- you can enable it on
your systems and use it with the ports (portmaster, portupgrade style)
or you can try various repos which are available online.

The systems that will be the official FreeBSD pkg repo are on-line and
available for testing with:

% cat /usr/local/etc/pkg/repos/pkg-test.conf
---
pkg-test:
  URL: http://pkg-test.freebsd.org/pkg-test-${ABI}/latest
  ENABLED: YES
  MIRROR_TYPE: SRV


This doesn't have package signatures yet, but otherwise it's pretty much
what will be the official pkg repository for 10.0-RELEASE.

There are other publicly available pkg repos, such as the one provided
by Exonetric which is at

http://mirror.exonetric.net/pub/pkgng/${ABI}/latest

Cheers,

Matthew
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to log sshd access in a single file

[Matthew Seaman]

On 16/09/2013 14:36, aurikus grande wrote:
> I try to add a line in /etc/hosts.allow which would allow and log all
> attempts using SSH (sshd).

Actually, by default all logins via ssh are already logged to
/var/log/auth.log

Verb. Sap.  tcpwrappers are mostly a lot less useful than they appear to
be.  Generally there's a much better way to do whatever you want already
in the FreeBSD base system, or failing that in a readily available port,
which will be more effective, less load on the system and that doesn't
require you to run everything out of inetd or recompile it specially
with tcpwrappers support.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: howto kill x if x is running?

[Matthew Seaman]

On 15/09/2013 07:20, Gary Kline wrote:

>   I've evidently had too many pain meds; this shelll script should 
>   be easy.  say that I have a utility xxx running sometimes.  xxx is
>   soaking up a chunk of my load.  I have to use top to find if
>   xxx is running, then kill -9 to kill xxx and have a steady load of,
>   say, between 0.10 and 0.15.  what's the script that can do this?

The classic answer to this is that you need to find the pid of your
'xxx' process, and then kill it using that.  Some combination of ps(1)
and grep(1) usually sufficed.

However nowadays there's the very handy pkill(1):

pkill -9 xxx

Tying that in with the trigger based on system load:

#!/bin/sh

load=$(sysctl vm.loadavg | cut -d ' ' -f 3)
too_high=$(bc -e "$load > 0.15" < /dev/null)

if [ $too_high = '1' ]; then
pkill -9 xxx
fi

Note the use of bc(1) to compare floating point values -- the built-in
$((shell arithmetic)) or expr(1) only do integer arithmetic.

One final point -- instead of killing the xxx process when the load gets
too high, you could simply renice(1) it to very low priority.  Or even
better, use idprio(1).

This won't actually affect the system load values much as 'system load'
is an average of the number of processes requesting a CPU time slice.
What it does do is mean that your 'xxx' process is always pretty much
the last process to get any CPU time -- so everything else should remain
responsive, and your xxx process will only run when the system is
otherwise idle.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: Disappointing dependency introduced in 9.1 (from 8-STABLE)

[Matthew Seaman]

On 12/09/2013 05:53, Michael Sierchio wrote:
> Because I build a lot of embedded devices with serial consoles, I was in
> the habit of hacking /boot/loader by commenting out a line in a Makefile
> that enables terminal emulation
> 
> /sys/boot/i386/libi386/Makefile:
> 
> #CFLAGS+= -DTERM_EMU
> 
> and then in /sys/boot doing a make clean && make
> 
> unfortunately, with 9.X, this breaks the compile.  It seems a dependency
> was introduced which requires the videoconsole code.  I find this extremely
> irritating.  Of course, there's nothing to stop me (at the moment) from
> compiling loader under 8-STABLE and installing it on 9.1 machines, but...
> 
> Is there a better way now to stop the cursor from scribbling illegibly
> across the screen?

Hmmm... normally you should be controlling build options by setting
WITH_FOO style flags in /etc/src.conf, although I can't see anything
obviously relevant in src.conf(5).

Did you raise a PR about this?  Requesting a means to have a loader that
only works via a serial console sounds like something that should be
supported.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: Shared object "libaprutil-1.so.4" not found, required by "libserf-1.so.0"

[Matthew Seaman]

On 11/09/2013 21:03, Antonio Olivares wrote:
> [Info  19:57:22] Updating 'freebsd_texlive' source ports tree with method 
> 'svn'.
> Shared object "libaprutil-1.so.4" not found, required by "libserf-1.so.0"
> [Error 19:57:22] Subversion update failed.
> [Error 19:57:22] Failed to update the 'freebsd_texlive' ports tree.

Yeah -- you need to update or install the package that provides
libaprutil-1.so.  If you're using pkg(8) against a package repository
rather than compiling your own, you could use:

pkg check -d subversion-1.8.3

For portmaster dependencies should be auto-updated when you run

portmaster devel/subversion

It might be useful to run

portmaster --force-config -f devel/subversion

so you can recheck all the options settings of dependencies, but this
will rebuild portmaster and everything it depends on.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: When statically linked Abort trap: 6 (core dumped)

[Matthew Seaman]

On 09/09/13 13:21, Unga wrote:
> This is FreeBSD 9.1 on i386.
> 
> My program works well without any issue when all libraries are dynamically 
> linked.
> 
> But when some libraries are statically link and run it develops:
> Abort trap: 6 (core dumped)
> 
> How I compile and link:
> cc myprog.c -Wall -O \
> -L. -ls1 -ls2 \
> -lz -lm -lmd -lpthread \
> -o myprog
> 
> 
> libs1.a and libs2.a are static libs.
> 
> Any idea why? 

Not the foggiest, and we aren't going to be able to tell you anything
sensible without a lot more detailed debugging information.  I mean,
between us we know a lot, but we are by no means omniscient.

How about getting a back trace from the core file your program has produced?

Cheers,

Matthew


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: CURDIR-relative paths in ports' Makefiles

[Matthew Seaman]

On 27/08/2013 13:04, Koslov Sergey wrote:
> Hello
> 
> I've noticed that many ports are using ${.CURDIR}/../../some/port
> construction in their Makefiles.
> 
> But if you copy on of these ports elsewhere it won't work as expected
> because of the relative path.
> Shouldn't they use ${PORTSDIR}/some/port instead?

The use of relative paths is taken straight from The Porter's Handbook.  eg.

http://www.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/makefile-masterdir.html

So it's officially correct to do that.

While there is no direct proscription against saying
${PORTSDIR}/some/port in that circumstance that I can see in the
documentation, relative paths are generally only used in slave ports for
the ${MASTERDIR} setting or more generally for including other
Makefiles; whereas absolute paths are used for all sorts of FOO_DEPENDS
variables.  A quick (and by no means  definitive) grepping of the ports
tree I just did hasn't shown up any counter examples.

If you intend to copy a slave port to some other location in your
filesystem and have it refer to the original master port within the
default ports tree, then you're assumed to be capable of editing the
Makefile to resolve any such changes.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Finding exactly which commands, and in which order, rc is running at startup

[Matthew Seaman]

On 22/08/2013 21:07, Paul Hoffman wrote:
> Greetings again. After doing a freebsd-update, my system is starting
> up differently than it was before. I want to figure out why before I
> come here and say "it's broken".
> 
> Is there a way to say "show me all of the commands you are running
> during startup"? It would be grand if I could say "tell me what you
> would do next time (dry run)", but "what did you do last time" is OK
> too.

How much detail do you want?  You probably can't get a report on every
single process run during the boot process at all easily.  However, you
can see the console output from the boot process.

To see what the kernel emits on boot-up, look at /var/run/dmesg.boot --
if you've got an old copy of dmesg.boot around somewhere, comparing the
two should show you any changes in the devices the kernel discovers when
it probes your system.

To see the output from the rc system, the best thing is to enable the
console log.  Edit /etc/syslog.conf and uncomment the indicated line, as so:

# uncomment this to log all writes to /dev/console to /var/log/console.log
console.info/var/log/console.log

Then do:

touch /var/log/console.log
chmod 600 /var/log/console.log
/etc/rc.d/syslogd restart

Obviously, that won't help you see what happened on the previous reboot,
but on the next reboot you should see a transcript of the console output.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Way to be announced about security updates and new releases

[Matthew Seaman]

On 21/08/2013 08:10, dgmm wrote:
> On Wednesday 21 August 2013 07:54:06 Antonio Kless wrote:
>> Is there any way to be noticed, when security updates or new releases are
>> available?
>>
>> https://twitter.com/freebsd nearly would be a solution, if it did not
>> repostquestions from its
>> subscribers and other information that is not related to updates.
> 
> Mailing list
> freebsd-annou...@freebsd.org

Don't forget about securing your ports too.  There's several available
mechanisms:

   RSS feed from vuxml.freebsd.org

   portaudit(1) -- for old style packages

   pkg audit  -- for pkgng-ized systems

Cheers,

Matthew


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: pkg install on freshly installed 9.1 doesn't find any packages

[Matthew Seaman]

On 17/08/2013 05:41, Yuri wrote:
> I installed 9.1 from iso image.
> Then 'pkg' command brought pkg-1.0.11 package.
> Now commands like 'pkg install gnome2' always say:
> pkg: Package 'gnome2' was not found in the repositories.
> 
> Am I missing something? This is vanilla 9.1 from DVD image. Nothing else.

You have an old version of pkg there, and it looks like the pkg.conf
that came with that version doesn't point at a repository with any
useful contents.

Try:

pkg upgrade

which /should/ get you pkg-1.1.4_1

Then check ${LOCALBASE}/etc/pkg.conf and make sure packagesite is set to:

   http://pkg.freebsd.org/${ABI}/latest

or there are some other publicly availble repos: Exonetric has one, as
does PC-BSD.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: pkgng problem

[Matthew Seaman]

On 16/08/2013 16:02, Michael W. Lucas wrote:
> 
> Thanks, Matt.
> 
> # pkg -vv | sed -ne '/Repositories/,$p'
> Repositories:
>   packagesite:
>  url: http://pkg-test.freebsd.org/pkg-test-freebsd:9:x86:32/latest
>  key:
>  enabled: yes
>  mirror_type: SRV
> 
> Also: 
> 
> # pkg -v
> 1.1.4
> 

Well, looks like both of those are up-to-date versions.  I wonder if the
pkg-test build system threw a wobbly at all on it's i386 builder?  Bapt
is on holiday or I'd ask him.

Cheers,

Matthew


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: pkgng problem

[Matthew Seaman]

On 16/08/2013 13:43, Michael W. Lucas wrote:
> Hi,
> 
> I'm sure someone has had this before, but I can't find any reference
> to it.
> 
> # pkg upgrade
> Updating repository catalogue
> digests.txz 100%  997KB 997.1KB/s 997.1KB/s   00:00
> packagesite.txz 100% 5530KB   1.8MB/s   3.2MB/s   00:03
> pkg: Invalid manifest format: mapping values are not allowed in this context
> Incremental update completed, 0 packages processed:
> 0 packages updated, 0 removed and 22568 added.
> pkg: No digest falling back on legacy catalog format
> packagesite repository catalogue is up-to-date, no need to fetch fresh copy
> Nothing to do
> 
> This is from a machine freshly converted to pkgng.
> 
> Any suggestions?

What repositories are you using?  Please show us the result of:

pkg -vv | sed -ne '/Repositories/,$p'

I'd hazard a guess that the repository either had a bit of a flail when
creating the catalogue, or it's running some ancient version of pkg.

"mapping values are not allowed in this context" is an error message
from libyaml, so you've got a +MANIFEST file (or the partial copy of it
that gets incorporated into the repository catalogue) which it thinks
contains a mapping ( a sequence of key : value pairs ) when the YAML
parser was expecting an array or whatever.

Cheers,

Matthew



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: High availability on remote site

[Matthew Seaman]

On 15/08/2013 12:19, Olivier Nicole wrote:
> I have been assigned to offer HA on a 3 tiers architecture.
> 
> Data storage tier will be MySQL, so replication is easy.
> 
> HA should be implemented only on the Data storage tier, Active/Active,
> but one of the sites is remote!
> 
> When everything is working, each application accesses the local MySQL
> tier, but when the local MySQL becomes unavailable, it should be able
> to automatically move to the other database server.
> 
> I have no access to the application, so I cannot modify it to test if
> local MySQL is working. So I should have an HA mechanism that enforces
> changing the IP address on the database server.
> 
> If both servers are installed at different places, with different
> addresses, would there be a way beside establishing an IP tunnel/VPN
> between both places to have all machines in a single subnet?
> 
> An image is here http://www.cs.ait.ac.th/~on/HA.gif
> 
> I am really bothered by the IP tunnel, but that's the only way I see to keep 
> HA.
> 
> Any idea welcome.

Depending on the technology use in you middle layer, it may be quite
simple.  Some application languages, eg Java allow you to specify a
list of servers in a DB connection string.  The server names will be
tried in order until a successful connection is made.

Other languages may provide a similar facility, or it should be pretty
easy to code up with minimal intervention in your codebase required.

Cheers,

Matthew
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to Fix Port Audit showing ports not installed on a system

[Matthew Seaman]

On 06/08/2013 19:23, dweimer wrote:
> Of course I have WITH_PKGNG="YES" in the make.conf, and I believe that
> has been there ever since the server was built.  Is my best option to
> get the correct list from pkg info use rm -r /var/db/pkg/* to clear
> everything out and then reinstall all of the ports?

If you've had WITH_PKGNG="YES" ever since the server was built then you
shouldn't have any of the old-style pkg_tools entries in /var/db/pkg.

Unless, that is, you've been using pkg_add(1) directly.  Don't do that.
 You just end up with a complete mess.  Remember folks -- pkgng is like
getting married.  Once you go with pkgng, you're not meant to dally with
other package tools, but to stay faithful to pkgng from henceforth.

I hope you've got the old-style pkg_tools per-package subdirectories in
/var/db/pkg because either (i) you used to use pkg_tools and you ran
pkg2ng to convert or (ii) you've been using portmaster, in which case
those sub-directories only /look/ like the result of what pkg_tools
generates, but are really just a place for portmaster to stash a few things.

If those sub-directories contain files called thing like +CONTENTS or
+COMMENT or other names beginning with '+' then you do have a messed up
mixture of old pkg_tools and pkgng.

First: remove all the subdirectories but *not* local.sqlite or
repo.sqlite -- those are rather important bits of pkgng.
Then you can force a reinstall of all packages by

   pkg upgrade -f

Obviusly, you'll need pkg(8) configured to use a repo with all the
appropriate packages available.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Update /usr/src with subversion

[Matthew Seaman]

On 05/08/2013 14:22, Warren Block wrote:
>> Your solution looks a bit cleaner than the one proposed there: "rm -r
>> /usr/src/.svn, and then check out the new branch".
>>
>> I'll check out the man for svn switch.
> 
> The new form is just 'svn relocate':
> http://forums.freebsd.org/showpost.php?p=224243&postcount=5

Just to be clear:

  'svn relocate' is the new form for 'svn switch --relocate', used to
   change the servers or the protocol (or both) used to access the
   repository.

  'svn switch' (without the --relocate argument) is still valid and is
   used to switch between branches within the repo.

It's just 'svn switch --relocate' which is deprecated.

Cheers,

Matthew
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: deleting managed content using svn

[Matthew Seaman]

On 05/08/2013 13:18, Robert Huff wrote:
> 
>   I have a system that uses svn to track src+ports+doc.
>   For reasons I won't get into, I want to scrub all svn-managed
> material under src in preparation for grabbing a completely clean
> copy.

In principle SVN will be able to tell you if your checked out copy
differs at all from what is in the repo.  However, given you've said you
don't want to do that

>   Neither on-system documentation nor the deeper documentation
> listed therein show how to do this.  Or at least not in a way my
> brain is currently processing.  :-)
>   Is there a better way than "rm -rf"?

Nope.  rm -rf of the checked out filesystem is going to blow away
everything you had and let you start again from scratch.  The only
things that could remain are entries under ~/.subversion (or
/root/.subversion) which will contain such things as records of SSL keys
to trust or login details if you needed a password for access.  You
probably don't need to worry about doing anything to those.

Cheers,

Matthew




___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Update /usr/src with subversion

[Matthew Seaman]

On 05/08/2013 09:00, David Noel wrote:
> Does anyone know how a workaround for having to rm -rf /usr/src every
> time the source URL changes? I'm updating from 8.3 to 8.4 with
> subversion and got a message along the lines of "Error: /usr/src/
> contains files from a different URL". -David

You need 'svn switch' -- so, if you've got some other branch checked
out, and you want to have 8.4-RELEASE instead, then it's something like:

   # svn switch ^/base/releng/8.4

This will speedily change your checked out tree with minimal network IO.

You can also use 'svn switch --relocate' to change which svn servers you
have the tree checked out from or the protocol (svn://, https:// etc)
used.  See the output of 'svn help switch' for details.

Cheers,

Matthew

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: learn

[Matthew Seaman]

On 01/08/2013 14:12, Anton Shterenlikht wrote:
>> From: "Teymur.Rahimzade" 
>> To: 
>> Subject: learn
>> Date: Thu, 1 Aug 2013 16:35:57 +0500
> 
>> Hi.
>> Please help me to learn freebsd unix. 
>> Many thanks.
> 
> RTFM:
>  http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/index.html

Reading the manual is a good place to begin.  The other thing to do is
just play with the system -- try and do stuff with it.

You'll find this mailing list is a lot more useful if you ask more
specific questions.  'Help me learn this '
is a bit nebulous, especially for people on this mailing list who are
volunteering their time and expertise for free.  Questions like 'How do
I do ' will get you a lot further.

Cheers,

Matthew


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Fwd: Glen Peterson from Wisconsin. Some questions

[Matthew Seaman]

On 31/07/2013 03:56, peterso...@aol.com wrote:
> I have been thinking about installing your FreeBSD onto some of my
> extra PC's that I have laying around, just to see what that Unix OS
> can do on my PC. I have a few questions, though, before I order your
> Install Disk to do that. I spoke to your receptionist there on 30
> July, and she suggested that I write to you with my detailed
> questions before I went ahead an purchased your well-recommended OS:

Receptionist? I don't believe we (FreeBSD) have anything like that.
We're not a business; just a bunch of people that write an OS and make
it available for anyone to use.  Perhaps you spoke to one of the
companies that sell FreeBSD derived products?

Note that you can simply download FreeBSD CD and USB stick images for
free (well, not counting anything you'ld have to pay for bandwidth) --
pre-written CDs come from third parties, but buying them will generally
result in some money going to the FreeBSD foundation.

> 1. I have a Dell Dimension 3000 PC with a 32-bit Intel processor in
> it. It has 2G's of RAM, and a 250GB hard drive under Windows OS,
> currently. I use A.T.&T. as my ISP and I have a DSL line supplied by
> A.T.& T. May I install your OS onto an external 80 GB Seagate
> Barracuda ATA IV Model ST380021A hard drive, and boot off of that
> into BSD and have it run on that Dell computer? The BIOS Chip seems
> to support external drives and USB sticks, since I have successfully
> used the later to boot this PC into Debian Linux.

Should work fine with FreeBSD.  The best way to test for full
compatibility is to boot from a USB stick or a live CD before installing
on your hard drive.

> 2. Do you have a version of your free BSD program with a graphical
> user interface (like that seen on Mac's and Windows boxes) that will
> run on that same Dell Dimension 300, mentioned above?

FreeBSD itself is just the basic operating system without any frills.
Graphical environments are certainly available, but they are considered
as add-ons and not part of FreeBSD itself.

I suggest that instead of FreeBSD itself, you start with PC-BSD
(http://www.pcbsd.org/) This is an integrated desktop system with all
the graphical bits layered on top of the basic FreeBSD operating system.
 It's much more like what you'll have see when you tried out Debian, and
as it has a nice graphical interface, it tends to be a lot easier for
people new to the Unix command line.

> 3. How much does the install CD cost me, including shipping to the
> Milwaukee area, for the Free BSD OS that will run on said computer?

It's free to download.  You can buy a boxed set of CDs or a DVD from here:

https://www.freebsdmall.com/cgi-bin/fm

Looks like about $30 for CDs, $40 for a DVD.  Plus shipping nd handling
and the usual taxes.

> 4. I have another PC at work that has a 32-bit AMD chip in it with
> 1GB RAM and 250 GB under Vista OS, currently. Do you likewise have a
> version of your latest Free BSD that will run on THIS machine in a
> graphical environment like that mentioned for the Dell computer above
> from the same external 80 GB Seagate hard drive?

Yes, FreeBSD has versions for both the i386 (Intel 32 bit) and amd64 (64
bit) architectures.  Note that you'ld use amd64 for any 64bit capable
intel type CPU, including ones from Intel specifically and not just ones
from AMD.

> 5. Does the OS come with an application, like I have observed with
> some Linux distros, that enables me to get updates as they become
> available?

Yes, in fact there are several different ways of doing this.  If you try
out PC-BSD as I suggest, it has built-in update mechanisms which will
allow you to update from the net.

> Does your FreeBSD come with its own browser? If not, may I still
> connect to the web by some means to obtain a BSD-compatible browser
> (e.g., Firefox) that will run on this OS on either of the two
> computers above?

FireFox and Chrome and a number of other web browsers certainly are
available either as native FreeBSD applications, or by running the Linux
applications under emulation.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: 2 lines

[Matthew Seaman]

On 29/07/2013 17:38, Zyumbilev, Peter wrote:
> Not sure what is the best way nowadays to get own /24 or at least /26 ?
> I wonder if there is "second hand" ip market :-)


Get a /64 or a /48 and subnet it...?

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Delete a directory, crash the system

[Matthew Seaman]

On 28/07/2013 06:38, David Noel wrote:
> Ok folks, thanks again for all the help. Using the feedback I
> submitted a PR (#180894) --
> http://www.freebsd.org/cgi/query-pr.cgi?pr=180894. I also submitted a
> follow-up to it with Frank's code and notes. What next? I don't really
> know what happens from here, but I'm guessing/hoping that someone's
> monitoring the PR system and will move this forward.
> 
> Crossing my fingers, though if anyone knows any better methods of
> getting PR's addressed I'm all ears.

You've already done the right things: raising a PR and posing about your
problem on freebsd...@freebsd.org, where it is going to come to the
attention of developers working on that area of the system.

You're next move should be to provide whatever additional information
the developers might need to diagnose or reproduce the problem.  This is
really the crucial bit: unless a dev can understand what happened and
how your system came to break in that particular way, it's unlikely
they'll be able to fix it.

If you don't understand what's being asked for, or how to roduce any
required information, don't be shy about asking -- either here, or over
on freebsd-fs@...  It's sometimes hard to remember that the sort of
debugging things you'ld do routinely and without a second thought as a
developer can appear as pretty arcane mysteries to the uninitiated.

You may find these bits of documentation useful:

http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/debugging.html

http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/kerneldebug.html
   (especially section 10.1 about obtaining a kernel core dump, and
10.2 about using kgdb.)

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: HOWTO monitor changes in installed packages within jails?

[Matthew Seaman]

On 20/07/2013 12:09, Michael Grimm wrote:
> I did migrate to pkgng some month ago, and ever since I am curious
> how to monitor changes in installed packages within jails. I am
> looking for a functionality/port that works like 490.status-
> pkg-changes for my host.
> 
> Question: is there any functionality within the periodic system or a
> port that I might have missed to find?

You can't just run 490.status-pkg-changes directly in your jail?

Try this patch:

lucid-nonsense:/tmp:% diff -u 490.status-pkg-changes{.orig,}
--- 490.status-pkg-changes.orig 2013-07-20 13:43:44.306303775 +0100
+++ 490.status-pkg-changes  2013-07-20 13:44:42.055327506 +0100
@@ -10,7 +10,7 @@

 case "$daily_status_pkg_changes_enable" in
[Yy][Ee][Ss])
-   pkgcmd=/usr/local/sbin/pkg
+   pkgcmd=/usr/local/sbin/pkg $daily_status_pkg_changes_flags

echo
echo 'Changes in installed packages:'

Then add something like the following to /etc/periodic.conf:

daily_status_pkg_changes_flags='-j jailname'

Of course, this only lets you monitor changes in one jail at a time.
You can cover more by copying the script and changing its name eg.

sed -e 's/daily_status_pkg_changes/daily_status_pkg_changes2/g' \
< 490.status-pkg-changes > 490.status-pkg-changes2

Then add appropriate "daily_status_pkg_changes2_flags='-j otherjail'"
settings to periodic.conf

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: textproc/hunspell and readline?

[Matthew Seaman]

On 19/07/2013 09:30, Walter Hurry wrote:
> On Thu, 18 Jul 2013 11:58:59 +0100, Matthew Seaman wrote:
> 
>> On 18/07/2013 10:42, Walter Hurry wrote:
>>> I note that the Makefile for textproc/hunspell has '--with-readline' in
>>> the CONFIGURE_ARGS, but on 9.1 it doesn't seem to be honoured (or maybe
>>> it is, but at any rate it isn't recorded as a dependency or a shlib).
>>>
>>> 9.1-RELEASE-p4 amd64 with pkgng.
>>>
>>> Is there a reason for this?
>>
>> libreadline.so is in base
>>
> Thanks, Matthew. Noted. So why on 10.0-CURRENT does it insist on 
> installing readline from the port?

I don't have a 10.x system handy to confirm this, but I'd guess the
libreadline.so stuff was maybe dropped from current.  Although it seems
the libreadline code is still in head:

http://svnweb.freebsd.org/base/head/contrib/libreadline/

Is there a /lib/libreadline.so.* shared library on your 10.0-CURRENT system?

Cheers,

Matthew

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Is pkgng supposed to upgrade a dependency of a locked package?

[Matthew Seaman]

On 18/07/2013 13:42, Paul Mather wrote:
> I am using pkgng 1.1.4_1 on RELENG_9 (r252725), operating on a local repo I 
> maintain using poudriere 3.0.4.
> 
> Recently, I wanted to upgrade all packages on a client except two whose 
> update I want to defer for now as they potentially impact locally-developed 
> applications.  I figured I would use the pkgng "lock" functionality on those 
> two packages (apache-solr and py27-Jinja2) to prevent them from being 
> updated.  I ran "pkg upgrade" on the client and, as expected, the locked 
> packages weren't upgraded.  However, I was surprised to see that packages 
> upon which the locked packages depended were upgraded.  Unless I'm 
> misunderstanding something, the man page for pkg-lock states this should not 
> happen:
> 
> =
>  The impact of locking a package is wider than simply preventing modifica-
>  tions to the package itself.  Any operation implying modification of the
>  locked package will be blocked.  This includes:
> [[...]]
>  o   Deletion, up- or downgrade of any package the locked package depends
>  upon, either directly or as a consequence of installing or upgrading
>  some third package.
> =
> 
> In my case, the following dependencies of apache-solr were updated, even 
> though apache-solr is locked: java-zoneinfo: 2013.c -> 2013.d; libXi: 
> 1.7.1_1,1 -> 1.7.2,1; libXrender: 0.9.7_1 -> 0.9.8; and openjdk: 7.21.11 -> 
> 7.25.15.  In the case of the locked py27-Jinja2, these dependencies were 
> updated: gettext: 0.18.1.1_1 -> 0.18.3; and py27-MarkupSafe: 0.15 -> 0.18.  
> Dependency information in the two locked packages was updated to reflect 
> these new, upgraded dependencies.
> 
> Is this a bug, or am I misreading the man page?

That's a bug, definitely.  The way the man page describes the effect of
locking is what should happen -- nothing a locked package depends on
should be modified by pkg without some extra input from the
administrator to allow the change to happen.

Cheers,

Matthew

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: textproc/hunspell and readline?

[Matthew Seaman]

On 18/07/2013 10:42, Walter Hurry wrote:
> I note that the Makefile for textproc/hunspell has '--with-readline' in 
> the CONFIGURE_ARGS, but on 9.1 it doesn't seem to be honoured (or maybe 
> it is, but at any rate it isn't recorded as a dependency or a shlib).
> 
> 9.1-RELEASE-p4 amd64 with pkgng.
> 
> Is there a reason for this? 

libreadline.so is in base

Cheers,

Matthew

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: pkg: Unable to open ports directory /usr/ports: No such file or directory

[Matthew Seaman]

On 13/07/2013 11:17, Leslie Jensen wrote:

> 2013-07-12 13:25, Leslie Jensen skrev:
>>
>> When I run
>>
>> portsnap fetch update
>>
>> pkg version -vIL=
>>
>>
>> It returns
>>
>> pkg: Unable to open ports directory /usr/ports: No such file or directory
>>
>>
>> The directory is there and I can list the contents.
>>
>> What's going on?

> 
> I get this as well
> 
> gunzip: can't stat:
> files/30173a70f7852dc247fda74d2d4babaae21067417fc17e67dc388c9ec85a8e8a.gz:
> No such file or directory
> gunzip: can't stat:
> /var/db/portsnap/files/845df3602aa1742b771872ffbe945ee60e0c834ae1540ba0dab02f224cce56f5.gz:
> No such file or directory
> pkg: Unable to open ports directory /usr/ports: No such file or directory
> 
> I'm a bit lost. Do I have to remove something for this command to succeed?

Let's look at the command line you're using:

pkg version -vIL=

That -I means it's going to try and read the ports INDEX specifically --
ie. /usr/ports/INDEX

Does that file exist?  Does it have sensible contents?

Now, given your further comments, it seems something relatively
significant is wrong.  There's on obvious (but fairly easy to fix) thing
it might be.  Have you run out of space on any of your partitions?
What goes 'df -h' report?  Any real partition reporting 100% full is a
problem.  (Don't worry about synthetic filesystems like devfs reporting
100% usage: that's normal.)  If some filesystem is full, then you need
to either delete stuff, or move it onto a filesystem with more space.

You also seem to be having problems with portsnap(8) -- be aware there
was a problem reported recently.  See the thread on freebsd-ports@...
subject 'Latest snapshot' starting with this message:

http://lists.freebsd.org/pipermail/freebsd-ports/2013-July/084833.html

but to summarize several people saw the problem, and the cure was to
delete the files portsnap was using by 'rm -Rf /var/db/portsnap/files'
and then re-run 'portsnap fetch' and 'portsnap extract' -- warning: this
will wipe out everything you have in /usr/ports and download a complete
set of replacements.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: Cannot Update Source Tree After Move To Subversion 1.8

[Matthew Seaman]

On 24/06/2013 20:28, Tim Daneliuk wrote:
> After the update to svn 1.8, I did a new svn co of the FBSD 9-STABLE
> source branch.  When I try to do an update to it, I see this now:
> 
>svn: E155005: Working copy not locked at /usr/scr
>svn co svn://svn.freebsd.org/base/stable/9 /usr/src
> 
> /usr/src is a symlink to another directory in a separate filesystem,
> but this historically worked, so I'm guess that is not the problem.
> 
> Ideas?
> 

svn upgrade

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: What is the correct CPUTYPE for this machine?

[Matthew Seaman]

On 08/06/2013 17:02, Michael Gass wrote:
> On Sat, Jun 08, 2013 at 10:10:10AM -0400, ill...@gmail.com wrote:
>> On 8 June 2013 09:34, Michael Gass  wrote:
>>
>>> I have an old laptop:
>>>
>>> FreeBSD 9.1-RELEASE #0 r243826: Tue Dec  4 06:55:39 UTC 2012
>>> r...@obrian.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
>>> CPU: Mobile AMD Duron(tm) Processor (1096.23-MHz 686-class CPU)
>>> Origin = "AuthenticAMD"  Id = 0x671  Family = 6  Model = 7  Stepping = 1
>>>
>>> Features=0x383f9ff
>>> AMD Features=0xc0480800
>>>
>>> What is the correct value for CPUTYPE in make.conf?
>>>
>>>
>> Duron was just a low-cost Athlon, da?
>>
> OK, checking the internet, looks like I should use
> CPUTYPE?=k7
> as the mobile amd duron 1.1G is a k7 group,
> but the make.conf example only lists values like
> k8, k6-3, k6-2, k6, and k5.
> Which should I use?

CPUTYPE?=   native

Why fret when the computer can work it out for itself?

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: pkgng dependencies change / update

[Matthew Seaman]

On 31/05/2013 16:26, b...@todoo.biz wrote:
> Hi, 
> 
> I am trying to figure out how to change / update the dependencies on a 
> package. 
> 
> I have a postfix package which comes from a server where mysql-client is in 
> version 5.1 
> And I would like to install the same package on a server where mysql-client 
> is in version 5.6 
> 
> I am not sure if this is feasible. 
> 
> Of course when I try to install this package on the server, it tells me : 
> 
> 
>> jail: ns3 15:03:57 /home/gregober # pkg add postfix-2.10.0,1.txz 
>> Installing postfix-2.10.0,1...missing dependency mysql-client-5.1.68
>> Failed to install the following 1 package(s): postfix-2.10.0,1.txz
> 
> 
> I have tried to set the dependency to an updated version of the port : 
> 
>> jail: ns3 15:04:16 /home/gregober # pkg set -o 
>> databases/mysql51-client:databases/mysql56-client
>> Change origin from databases/mysql51-client to databases/mysql56-client for 
>> all dependencies? [y/N]: y
> 
> 
> But no luck !! 
> 
> 
> Any idea how to do that ? 

Well, the best way is generally to use a package compiled against the
correct set of dependencies in the first place.

postfix will be linking against the MySQL client shared libraries.
Those have different ABI versions between mysql51 and mysql56.  Meaning
you can't simply swap one for the other and expect things to still work.

'pkg set -o' looks like it does what you want, but really, it doesn't.
What it does is allow smoothly replacing one complete dependency tree
with another.   So, running:

# pkg set -o databases/mysql51-client:databases/mysql56-client

is fine and dandy, and a necessary prerequisite to then running an
upgrade against a package repo where everything that links against mysql
client has been linked against mysql56-client specifically.

In fact, you're doing things the wrong way round.  'pkg set -o' works on
what has already been installed.  You could in principle use 'pkg set
-o' to switch your mysql56-client machine to using mysql51-client --
which means running 'pkg set -o ...' and then *reinstalling all the
packages that depend on mysql56-client with equivalent packages linked
against mysql51-client*.  After that, your postfix package should
install OK.

Ultimate plans are that the need to use 'pkg set -o' should disappear
entirely, as the package dependency solver should be clever enough to
work out all this stuff for itself.  There's also ideas about making
more finely grained binary packages -- several packages from one port
essentially.   So out of each mysqlXX-client port there'd be several
packages created, one of which contains just the shared libraries.  The
good thing about that is it will be possible to install shared libraries
for several different mysqlXX versions simultaneously, which would make
your postfix problem fairly trivial to solve.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: BSD sleep

[Matthew Seaman]

On 29/05/2013 05:59, Michael Sierchio wrote:
> On Tue, May 28, 2013 at 4:45 PM, Joshua Isom  wrote:
> 
> 
>> You think it's trivial until you read this:
>>
>> http://infiniteundo.com/post/**25326999628/falsehoods-**
>> programmers-believe-about-time
>>
>>
> Some days have 86400 seconds, some have 86401.  There is a provision for
> two leap seconds to be applied at once, but that hasn't ever happened.
>  Still, a truly correct clock, set to UTC, might someday read
> 
> 23:59:59
> 23:59:60
> 23:59:61
> 00:00:00
> 
> How many seconds did that hour have?

Right.  The fact that on very rare occasions a minute may not have 60
seconds in it plus many other corner cases in calculating the current
wall-clock time is an amusing irrelevance.

First of all, sleep deals in local elapsed time, which is a well defined
property even if the displayed wall-clock time would be all over the
place due to DST changes or relativistic effects or whatever.

In this case, I'd be pretty surprised if GNU sleep's algorithm was
anything more complicated than to convert the stated time into seconds
and then sleep that number of seconds.  And to do that conversion, it
wwould just define one minute as 60 seconds, one hour as 60 minutes, one
day as 24 hours, one week as 7 days, perhaps one month as 30 days, one
year as 365 days[*].  Sure, it's simplistic and unsophisticated, but as
an engineering solution it's good enough for the vast majority of
purposes.

Cheers,

Matthew

[*] I haven't checked on GNU sleep, but (for example) this is exactly
what dnssec-keygen(8) does.

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: pkg_version says my ports need to be updated?

[Matthew Seaman]

On 27/05/2013 19:00, Ed Flecko wrote:
> Clearly, I'm doing something wrong.
> 
> :-)
> 
> I thought I was using svn to keep my ports, src and docs up to date, but
> pkg_version seems to disagree.
> 
> I'm running 9.1 and I've installed ports, src, and docs as part of my
> install. After that, I use subversion to (I thought) make sure everything
> was up to date.
> 
> I ran these commands:
> 
> /usr/local/bin/svn up /usr/src
> 
> /usr/local/bin/svn up /usr/ports
> 
> /usr/local/bin/svn up /usr/doc
> 
> and then I ran:
> 
> 
> pkg_version -vIL =
> 
> 
> 
> and it says "< needs updating (index has ...) on about 1 dozen items. So my
> "index" is out of sync with my ports???
> 
> What did I screw up and how do I correct it?

You seem to have updated the ports tree, which is a collection of
recipes for how to build ported software, but not actually updated by
rebuilding any of the ported software that has become out of date.

Try installing ports-mgmt/portmaster and then running

portmaster -a

Cheers,

Matthew
-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: "swap" partition leads to instability?

[Matthew Seaman]

On 26/05/2013 09:58, M. V. wrote:
> hi everyone,
> 
> I have a 24/7 network server/gateway with FreeBSD-8.2 on a SSD drive. it's 
> partitioned as normal (/ , /tmp, /var , /usr and swap) for a long time now. 
> But recently I heard from a FreeBSD expert that I shouldn't have swap 
> partition for my server, and having swap partition could make my server 
> unstable. this was so strange for me, and I searched a lot but couldn't find 
> a reason for this claim.
> 
> 
> so my question is simple:
> - could having a "swap" partition, be a bad thing for my FreeBSD server? and 
> if so, why and in what conditions?

Having a swap partition is absolutely standard for server or workstation
class machines, and should be implemented as a matter of course.  Even
if the machine has much more memory than it would generally ever use and
so have no actual need to swap.

About the only circumstances where you wouldn't want swap is if you were
creating an embedded appliance and eg. didn't have any writable disk
space.  That's pretty extraordinary and as such a system would have to
be heavily customized over stock FreeBSD anyhow, so not having swap
would fade into insignificance compared to the other changes that would
be required.

Why is swap needed?  Nowadays, memory is sufficiently cheap and system
boards are capable of loading so much of it, that the only sensible
strategy is to have more physical RAM than is required to keep your
normal application load working.  So a swap partition should not be
routinely involved in swapping memory pages back and forth.

Even so, idle pages can be swapped out -- there's no point in having an
unreferenced memory page sitting in RAM taking up space that could be
used productively by an active process.  A small amount of swap usage
like this is standard.  A large amount of swap usage like this indicates
you need to switch to using better written software.

Swap is also useful to buffer against unexpected spikes in memory usage.
 Sure, performance generally nosedives once a system starts actively
swapping, but that may be a better outcome than the alternative if there
is no swap capacity available: which is for the kernel to start killing
off processes in an attempt to reduce memory pressure.

Finally, swap is used as the place to record kernel state in the event
of system crashes.  You could use any otherwise unused disk partition
for that, but swap is traditional.  This is where the hoary old recipe
of 'swap = twice ram' came from, although nowadays what with minidumps
and the generally larger amounts of RAM in use you don't need to provide
anything like as much as that.

If you're bothered by having a few GiB of disk allocated as swap but
basically idle, then look into tmpfs or mdmfs for /tmp -- that will let
you make productive use the space while still keeping the ability to
save crashdumps if needed.

Some caveats about where to put a swap area:

   * If your system is under memory pressure, then your swap area can be
extremely active.  In these circumstances putting swap on a SSD card or
other device with a limited number of write-cycles is not a good choice.

   * If you are using ZFS, and again, if you are under memory pressure,
then putting swap on a ZFS can lead to a deadlock where the system needs
to allocate more memory to deal with an out-of-memory condition.  In
this case, it is recommended to create a separate swap partition not
managed by ZFS.

Otherwise, swap can go anywhere.  A dedicated partition will give better
performance than swapping to a file, but file-backed swap is handy if
you need to add swap in a hurry.

For resilience, mirror swap partitions in pairs -- gmirror(8) is a good
tool for that.  Don't try using any of the higher RAID levels for swap
areas -- their performance characteristics are not a good match to the
sort of IO a swap area does.

For best performance, you should spread swap areas over as many disk
spindles as possible.  You can create numerous swap areas and the system
will automatically stripe any IO across them.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: /etc/jail.conf for automatically started jails listed in /etc/rc.conf

[Matthew Seaman]

On 14/05/2013 14:31, dweimer wrote:
> I can confirm that PostgreSQL will not run in a jail without sysvipc
> enabled, I just setup a jail running PostgreSQL a few weeks ago and had
> to do that as well.  PostgreSQL will not start without it enabled,
> though perhaps there is some setting change in PostgreSQL that will make
> it not require this.  In my case its the only jail, and I am the only
> user with access to both the base system and the jail so I wasn't to
> concerned about it allowing more access to the base system from the jail.

postgresql-9.3beta1 was announced a few days ago, and one of the key new
features is switching largely away from sysvipc to mmap for shared memory.

http://www.postgresql.org/docs/devel/static/release-9-3.html

Unfortunately I don't think it's entirely sysV IPC free yet. But
postgresql93 is available in ports.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: WANTED: Tool to verify installed package/port consistancy

[Matthew Seaman]

On 10/05/2013 21:04, Ronald F. Guilmette wrote:
> Anyway, at the moment, and for me at least, my results remain entirely
> perplexing.  I cannot imagine what might possibly be the explanation for
> the results attached below.  If anyone can offer a theory, I'm all ears.
> Meanwhile, I'll be cleaning up my script a little bit and then, in short
> order I hope, posting it here so that others can perhaps give it a try and
> tell me if their results from it are at all similar to mine.

I'd very much like to see results from a pkgng system with an equivalent
number and types of packages and that has been maintained for a similar
amount of time.  But I think that's impossible: Ronald's machine almost
certainly predates the availability of pkgng.

Obviously the script would have to be modified, as you'll need to do a
DB query to get all the checksums, rather than reading +CONTENTS files.
 Plus this shouldn't be a system that was converted to pkgng but that
has used pkgng from the start.

One of the big drivers for switching to using sqlite in pkgng rather
than a collection of files is that it does give better protection
against accidental corruption of package meta-data during normal package
updates.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Downgrading a port

[Matthew Seaman]

On 10/05/2013 07:32, Polytropon wrote:
> On Thu, 9 May 2013 18:03:22 +0200, b...@todoo.biz wrote:
>> > I wanted to know if there is a way to simply downgrade a package
>> > I have installed with pkgng ?

> There is no such thing as a "simple downgrade". :-)

All too true.

> The primary goal of the new pkg system is to provide as
> "bleeding edge" possible in binary precompiled form, with
> the ability of binary upgrades. Switching to older versions
> has not been a direct concern, I think.

The primary goal of pkgng is to provide a state of the art binary
package management system allowing users to maintain a coherent and
consistent set of packages over time.

Yes, the focus has primarily been on how to upgrade to the latest
available packages, because that's the vast majority of what routine
package maintenance entails.  However, it's not the whole story.  We've
got the ability to 'hold' specific packages coming in release 1.1,
on-going work on the package solver to be able to find an arbitrary set
of packages out of what is available that fulfils specific requirements
(eg. that libreoffice version x.y.z is installed, together with the most
up to date possible version of firefox consistent with that) and with
all the package dependencies met, plus I'm thinking about a feature for
having an 'undo' capability.  Much of that can involve installing or
leaving in place older versions of packages.

Cheers,

Matthew

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: X11 screen grabber from cmd line

[Matthew Seaman]

On 10/05/2013 07:09, Polytropon wrote:
> On Thu, 9 May 2013 20:41:45 +0200, Matthias Apitz wrote:
>> Do we have something in the ports which could do a screen shoot of $DISPLAY, 
>> but
>> from the cmd line of an alpha console, and save it as PNG or JPEG?
> 
>   % xwd -out screen.xwd
>   % convert screen.xwd screen.png
>   -or-
>   % convert screen.xwd screen.jpg
> 
> But if you've got installed ImageMagic (the "convert" command)
> anyway, you can also use
> 
>   % import screen.jpg
>   -or-
>   % import screen.png
> 
> For a whole screen capture, "xwd -root" or "import -screen" can
> be used.

You're somewhat missing the point here, I'm afraid.  There are many
alternatives for grabbing screen shots from *within* an X session
itself.  What the OP wants is a way to grab a screenshot of an X session
from a different, non-graphical terminal.

Now, if you know the $DISPLAY setting for the screen in question, and
you can wrangle xauth(1) into letting you have access to that display,
then you should be able to run any of the suggested programs from any
separate command line interface on the system.

The xauth(1) man page is reasonably clear, and if you're logged into the
same Unix accout as the user running the display, it might just work
only by setting $DISPLAY appropriately in your environment.

Note that allowing other users to access your X session like this means
they can snoop on anything you do in that session, including recording
any passwords you type and so forth.  Don't give out such access except
to people you trust.

Cheers,

Matthew


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: pwd.db/spwd.db file corupption when having unsafe system poweroff

[Matthew Seaman]

On 05/05/2013 07:12, takCoder wrote:
>> > Furthermore, file system corruption due to an abrupt
>> > cut of power should be avoided. Whenever the system comes
>> > up in a non-clean state, fsck should be run first, _then_
>> > the boot process should continue. Still it's possible that
>> > this process leaves truncated files behind (e. g. the
>> > binary database files with a length of zero, which implies
>> > they will have to be rebuilt by pwd_mkdb).

> i added fsck_background=no to rc.conf but i still see the error.. and i
> don't see any differance in system startup output! how should i know it's
> working??

You won't see any difference if things are all running smoothly --
that's because fsck is only required in the case of an unclean shutdown.
and that simply won't happen at all for an ordinary system reboot.

The main difference you'ld see with fsck_background=no is that the
system will take longer to come on-line after a crash.  Depending on the
size of your filesystems and how much you have stored in them, it can be
very much longer: I've seen filesystems take hours to run a fsck.

That's why background fsck exists -- it's better in many cases for a
machine to be up and running and productive again quickly, even at the
slight risk of problems due to filesystem corruption during the crash.
With techniques like soft updates, which ensures file system meta-data
consistency, the risks of such corruption are very much lower than
without.  Journalling effectively extends the same guarantee to data as
well as to meta-data.  And then there's the ZFS approach, where the
copy-on-write semantics means that what is on disk is always coherent,
although an unclean shutdown can lose the last few uncommitted changes.

All in all, however you manage your disks the problem remains that in an
unclean shutdown, filesystem changes in progress at the time of the
crash will be lost.  The best thing you can do to preserve your data is
to minimize the chances of unclean shutdown.  Which could be as
expensive as installing UPSes everywhere, or as cheap as re-educating
your users that pulling the plug or pressing and holding the power
button is a "bad thing(tm)."[*]

Cheers,

Matthew

[*] Some might suggest that this re-education is best achieved by a form
of Pavlovian conditioning using severe negative reinforcement involving
blunt force trauma.



-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: pkg question

[Matthew Seaman]

On 03/05/2013 21:26, Walter Hurry wrote:
> Quoting from /usr/ports/UPDATING:
> 
> 20130502:
>   AFFECTS: users of ports-mgmt/pkg, ports-mgmt/poudriere, ports-mgmt/
> tinderbox
>   AUTHOR: bdrew...@freebsd.org
> 
> This only affects people who are _building_ binary packages for pkgng. If 
> you are building from ports please ignore this. This step is optional.
> 
> It is recommended to rebuild all packages and then have your users run 
> 'pkg check -Ba' and 'pkg upgrade' on their servers once. This will allow 
> the new shlib tracking to reinstall packages that have changed shlib 
> requirements.
> 

> Does 'rebuild all packages' mean we have to recompile from scratch, or 
> merely do a 'pkg create' for each?

If you have packages installed, but without shlib info in the database,
then you can:

pkg upgrade

or whatever, to get pkg-1.0.12 installed

pkg check -Ba

-- scans everything you have installed and adds the SHLIB info to your
local database

pkg create -a -o /usr/ports/packages/

-- create pkg tarballs (including shlib info) out of everything known in
your local database.

   pkg repo -f /usr/ports/packages

-- build a repo out of those package tarballs.

However, this only works for what you have installed on that one
machine, which is generally a sub-set of what you'ld like to have in a
pkg repo.  To build a more comprehensive set of packages as you'ld
normally find in a repo, it's cleanest to just tell poudriere or
tinderbox to build everything again from scratch.  Timeconsuming, but
you end up with a consistent repository fully populated with all the
SHLIBS info you could want.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: update from apache22 to apache24

[Matthew Seaman]

On 03/05/2013 15:47, Jerry wrote:
> I was just wondering if anyone had updated from apache22 to apache24.
> Specifically, are there any problems to be overcome? Does the existing
> httpd.conf file work with the apache24 branch.

httpd.conf might or might not work -- there are some incompatible changes.

For example:

   Options -all  (2.2)

should become:

   Options none (2.4)

If you use on-the-fly compression:  the syntax of FilterProvider is
different now.  That's just two examples I've heard about.  Probably the
best thing to do is grab yourself a jail or a VM somewhere, install
apache-2.4 and keep configtest'ing and fixing your conf until you have
something that works, and that you can put on your live system when you
upgrade.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Updating package from www.freshports.org

[Matthew Seaman]

On 29/04/2013 19:33, Anthony Campbell wrote:
> I'm a longtime Debian user who is trying out FreeBSD, so very much a
> newbie here.
> 
> I wanted to get spectrwm-2.2.0 which I found on www.freshports.org.
> After a lot of googling I tried first cvsup and then svn, using the
> command
> 
> svn co svn://svn.freshports.org/x11-wm/spectrwm
> 
> but it keeps timing out wo I think I must have misunderstood something.
> Any advice please? Is there some other way to get ports from
> freshports.org?

Freshports just shows information about the status and history of
various ports.  It is not itself a package repository or a source code
mirror.

If you want to check out just one port like that (which won't actually
be a lot of use on it's own -- usually it's best to download the whole
ports tree) then read these sections of the handbook:

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/svn.html
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/svn-mirrors.html

and your command would be something like:

  svn co https://svn0.us-east.FreeBSD.org/ports/head/x11-wm/spectrwm \
 /usr/ports/x11-wm/spectrwm

us-east is generally the best choice of SVN mirror for people in Europe
at the moment.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: Sendmail 8.14.5/8.14.5 on fbsd-9.1R (EC2)

[Matthew Seaman]

On 27/04/2013 17:43, doug wrote:
>>> DAEMON_OPTIONS(`Port=587, Addr= 111.222.333.444, Name=MSA, M=E')

> If sendmail is listening on port 587, it will relay for any valid sender
> who can reach that port.

You see where it says 'M=E' in that DAEMON_OPTIONS line?  That should
probably be changed to 'M=Ea' meaning 'require authentication'.  That's
usually the right thing to do for a message submission agent, and the
use of authentication will allow senders to relay through the daemon
without the usual anti-relaying checks.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Why is "pkg_glob" no longer working for me?

[Matthew Seaman]

On 27/04/2013 14:43, Robert Huff wrote:
>   I use portupgrade for two features: portsclean (for which there
> is probably a pkgng replacement, I just haven't bothered to check)
> and pkg_sort (for which there is no alternative) which is necessary
> for certain scripts.

Well, given that pkgng is a binary package management system, it
achieves the required aim of keeping the ports tree nice and clean by
the simple expedient of not downloading distfiles or using the ports to
compile them.  No mess created means none to be cleared up.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Sendmail 8.14.5/8.14.5 on fbsd-9.1R (EC2)

[Matthew Seaman]

On 26/04/2013 16:51, jflowers wrote:
> All I want to do is have the MTA listen on 127.0.0.1 port 1025 and have no
> sendmail process listen on the server interface.  That's being done by assp
> which proxies messages to 127.0.0.1:1025.  Unfortunately, I haven't been able
> to figure out how to turn off the default.  Sockstat shows:
> 
> root sendmail   1672  4  tcp4   *:25  *:*
> root sendmail   1672  5  tcp6   *:25  *:*
> root sendmail   1672  6  tcp4   127.0.0.1:1025*:*
> root sendmail   1672  7  tcp4   111.222.333.444:587   *:*
> 
> The relevant mc entries are:
> 
> DAEMON_OPTIONS(`Name=IPv4, Family=inet')
> DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O')
> DAEMON_OPTIONS(`Port=1025, Addr=127.0.0.1, Name=MTA')
> VIRTUSER_DOMAIN_FILE(`/etc/mail/virtual-domains')
> FEATURE(`no_default_msa')
> DAEMON_OPTIONS(`Port=587, Addr= 111.222.333.444, Name=MSA, M=E')
> 
> The MSA isn't strictly necessary now but I thought might have a future use.
> 
> So, what am I missing?  How do I turn *:25 off so that when assp goes down (as
> it frequently does) I'm not running an open relay (all user/domain validation
> is done in assp).
> 
> Any pointers in the right direction appreciated.

You pretty much already have the answer already.  Add 'Addr=127.0.0.1'
or 'Addr=::1' clauses to your first two DAEMON_OPTIONS lines.  That will
limit sendmail to listening on port 25 only on the loopback interface.

Or indeed, remove those two lines entirely to leave sendmail only
listening on port 587.  This should not prevent sendmail from sending
outgoing messages, but will prevent any incoming.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: Managing conflicts between ports (same package with multiple maintained versions)

[Matthew Seaman]

On 21/04/2013 10:24, Matthias Petermann wrote:
> root@compaq:/usr/ports/finance/trytond # portlint -AC
> [...]
> FATAL: Package conflicts with itself. You should remove "trytond-*" from
> CONFLICTS.
> 1 fatal error and 4 warnings found.
> root@compaq:/usr/ports/finance/trytond #
> 
> So it looks like I need to explicitly specify the conflicting versions,
> e.g. in Tryton 2.4 Makefile put:
> 
> CONFLICTS=  trytond-2.6.*
> 
> But this will force me to update the 2.4 Ports everytime a new series of
> Tryton gets introduced.

The usual idiom would be to use a more complex globbing expression,
perhaps like so:

CONFLICTS=  trytond-2.[012356789].*

However clearly this won't account for all possible future versions.
The thing you have to ask yourself is 'will the upstream be releasing
new version series so frequently that I need to add code to all the
tryton ports to account for it?'  It may well be the case that updating
the CONFLICTS setting in all the ports for the different streams
whenerver a new stream is released really is the most effective solution.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Keeping FreeBSD uptodate with svn, freebsd-update complaining

[Matthew Seaman]

On 12/04/2013 09:19, Melanie Schulte wrote:
> [I wasn't sure what the most appropriate list for this issue is...]
> 
> Hello!
> 
> Recently (after the latest OpenSSL security issue) I have updated my
> FreeBSD install from source. i.e., I have updated my source tree
> (under /usr/src) with svn and did the
> buildworld/buildkernel/installkernel/mergemaster/installworld/mergemaster
> procedure. For completeness: My source tree contains this code
> revision:
> 
>   URL: https://svn0.us-west.freebsd.org/base/releng/9.1
>   Repository Root: https://svn0.us-west.freebsd.org/base
>   Repository UUID: ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
>   Revision: 249029
> 
> This was my first time, but I was following the handbook closely and
> everything seems to have worked just fine.
> 
> # uname -a
> FreeBSD XXX 9.1-RELEASE-p2 FreeBSD 9.1-RELEASE-p2 #5 r249029: Wed Apr  3
> 12:29:28 CEST 2013 root@XXX:/usr/obj/usr/src/sys/FUGLOS  amd64
> 
> But what I don't understand is the following. Whenever I execute
> 'freebsd-update fetch' (I had added a 'freebsd-update cron' to my
> crontab), the output below(!) is generated.
> 
> It's not clear to me what this actually means:
> 
> * Why does freebsd-update want to update my system to 9.1-RELEASE-p2,
>   although I _am_ running that version already?
> 
> * Why does it want to update that specific list of files? This is just
>   a subset of of the the binary files which should have been installed
>   from installworld. What is special about this subset?
> 
> * What is the proper way to 'resolve' this situation?
> 
> I would be happy about some insights/pointers/help here!
> Thank you very much,
> melanie
> 

Hi, Melanie,

Your main problem here is trying to mix usage of SVN with usage of
freebsd-update.  You can use either one of those methods but not both.

Unless you prefer to build your own, I'd recommend sticking with
freebsd-update.  It's much simpler and quicker to keep your systems up
to date than the alternative.

To recover from the mix of files you have from freebsd-update and
self-compiled, it should be sufficient to run 'freebsd-update install'
This is going to rewrite all the files that freebsd-update knows about
that were altered by your self-built update: ie. most of the OS.
Definitely make sure you have good backups before doing that.

Yes, it may say 'upgrading to 9.1-RELEASE-p2' but that's because it is
comparing against the previous version you got from freebsd-update, not
what you compiled yourself.

The list of files it shows are specifically the files that were changed
between FreeBSD 9.1-RELEASE-p1 and 9.1-RELEASE-p2.  freebsd-update is
fast largely because it only installs the changed bits onto your system.

Cheers,

Matthew


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Moving to pkg

[Matthew Seaman]

On 01/04/2013 06:37, Leslie Jensen wrote:
> Are pkg dependent on FreeBSD Version?
> 
> I've moved two 9.1 machines and I have one 8.2 that I would like to move
> to pkg.
> 
> So can I move the 8.2 machine also?

Yes, you can.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Operation timed out with smtp.gmail.com - please help

[Matthew Seaman]

On 30/03/2013 10:14, Anton Shterenlikht wrote:
> The university IT support page:
> http://www.bristol.ac.uk/it-services/applications/email/gmail/manual-config-gmail.html
> 
> actually says that port 465 SSL should be used,
> so I also tried:
> 
> $ openssl s_client -connect smtp.gmail.com:465 -starttls smtp
> CONNECTED(0003)
> ^C
> $ 
> 
> Not sure what to make of this.
> 
> Is the port set by sendmail config files?
> 
> Many thanks for your help
> 

Port 465 wouldn't use STARTTLS -- it requires SSL straight away.  Try:

% openssl s_client -connect  smtp.gmail.com:465

If it works you should see output to do with setting up session keys etc.

However, SMTP on port 465 seems to be mostly a windows thing, and
generally discouraged -- use of STARTTLS or equivalent to allow both SSL
and plaintext without having to allocate a separate port for SSL is
preferred.   I'm pretty sure that gmail does support STARTTLS...

> $ openssl s_client -connect smtp.gmail.com:587 -starttls smtp
> CONNECTED(0003)
> depth=1 C = US, O = Google Inc, CN = Google Internet Authority
> verify error:num=20:unable to get local issuer certificate
> verify return:0
> ---
> Certificate chain
>  0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=smtp.gmail.com
>i:/C=US/O=Google Inc/CN=Google Internet Authority
>  1 s:/C=US/O=Google Inc/CN=Google Internet Authority
>i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
> ---

Given you're seeing that CONNECTED message there, it certainly does.
The problem with that openssl command seems to be the 'unable to get
local issuer certificate' part.  That's possibly openssl being pickier
about verifying certs than sendmail would be, but that certificate
verification step is probably where you're coming adrift.  You need to
have the intermediate certs used by Google in your cacert.pem file, so
sendmail will trust the smtp.gmail.com cert.  Check the 'confCACERT'
setting in your sendmail.mc.  I have a block of code like this:

define(`CERT_DIR', `MAIL_SETTINGS_DIR`'certs')dnl
define(`confCACERT_PATH', `CERT_DIR')dnl
define(`confCACERT', `CERT_DIR/cacert.pem')dnl
define(`confSERVER_CERT', `CERT_DIR/cert.pem')dnl
define(`confSERVER_KEY', `CERT_DIR/key.pem')dnl
define(`confCLIENT_CERT', `CERT_DIR/cert.pem')dnl
define(`confCLIENT_KEY', `CERT_DIR/key.pem')dnl

which allows me to put all the keys and certs in /etc/mail/certs/

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Ah crap! pkg_version: the package info for package '...' is corrupt

[Matthew Seaman]

On 30/03/2013 08:17, Ronald F. Guilmette wrote:
> 
> 
> Today my system crashed twice while I was doing "portupgrade -a".
> 
> I'm not sure but I suspect the new cards I have installed recently may
> just be a bit too much for the old power supply I have.  (When the thing
> crashed, the machine just simply shut itself off.  This exact same thing
> has also happened a couple of other times in the past week.)
> 
> I'll deal with the power issue soon, but right now I am more worried about
> this new, different, and additional problem I seem to have created for
> myself.  When I run pkg_version, I am getting a bunch of messages of
> the following general form:
> 
>pkg_version: the package info for package 'PKG' is corrupt
> 
> where `PKG' is the name of some package or another that I have installed.
> 
> I have at least 6 such messages for different packages I have installed...
> and probably more.

Are you using pkgng?  If so, you'll get the "'PKG' is corrupt" message
for everything when you use pkg_version.  That's because on a pkgng-ized
you should instead be using 'pkg version'.  Same command flags, just
s/_/ /.

> I googled around a bit and did not find any good explanation for the
> above error or, more importantly, what to do about it.
> 
> I gather however that my package data base has become corrupted.
> 
> OK, so how does one rebuild that from scratch?
> 
> Please don't tell me that I have to reinstall every bleedin' port from
> scratch!
> 
> 
> Regards,
> rfg
> 
> 
> P.S.  Oh!  I just remembered.  I made a full system backup quite recently...
> thank god.  Do I just simply need to get the entire contents of /var/db/pkg/
> from that and then do "rm -fr /var/db/pkg" and then copy my backup copy
> of /var/db/pkg to the real /var/db/pkg ?
> 
> Hummm.. that won't reflect the several things that _did_ managed to get
> updated, you know, before my system crashed.

Assuming you *aren't* on a pkgng-ized system:

If you have a recent backup of /var/db/pkg then you should restore from
there.  If you installed or updated any ports between taking the backup
and the crash, then reinstalling those ports will fixup the /var/db/pkg
entries for them.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Moving to pkg

[Matthew Seaman]

On 30/03/2013 06:30, Leslie Jensen wrote:
> 
> I've done pkg2ng and added WITH_PKGNG=yes to /etc/make.conf
> 
> When I do
> 
> portsnap fetch update
> and
> pkg_version -vIL=
> 
> To check which ports needs updating, I now get a message for all
> installed ports that the info are corrupt.
> 
> Like this
> 
> pkg_version: the package info for package 'zip-3.0' is corrupt
> 
> 
> Have I missed something?

Yes.

In a pkgng-ized world, 'pkg_version' is redundant.

Instead use:

pkg version -vIL=

(note: no underscore character)

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: EOL

[Matthew Seaman]

On 29/03/2013 15:19, David Thurber wrote:
> I have 5 XP machines on my node that are used to crunch data 24/7. So,
> I'm looking for an OS platform that has a 10 year EOL to replace XP/3.
> 
> What I got from your website appears to be a year or two at most on
> freebsd 8.3, and we really don't want to repeat the travails of the
> transition from 98SE to XP/3 after this one because the research team
> will be mostly mid 80's early 90"s by then.  It's a lot of data fetched
> over the web so we need security updates to keep the OS secure with
> minimal interaction.

10 years is an eternity in computing terms.  In 10 years your five
machines will be easily outclassed by a single machine costing a
fraction as much, if Moore's Law holds up.  In fact, by then you could
probably virtualize all five onto the same platform and still come out
ahead.

Might I suggest that your best option is not to look for an OS which has
a 10-year release lifetime; something I think you'ld struggle to find
from any FOSS project, and would probably have to pay exhorbitantly for
from a commercial provider.

Instead, look for an OS where you can maintain a configuration
environment for the lifetime of your project.  By that I mean you can
still run the original binaries.  In this respect, I think FreeBSD would
be one of the better choices.

I mean, 10 years ago, FreeBSD 5.0 and 5.1 were the latest releases.
Now, that release branch had its problems, but it marked the last hugely
incompatible change across major version updates (as seen in the 3 -> 4
and 4 -> 5 upgrades).  In principle, given a suitable set of compat5x
libraries (ie. the misc/compat5x port) and a kernel compiled with
'options COMPAT_FREEBSD5' (which is in the default kernel), you could
run software compiled for 5.x on a contemporary system.

Of course, there can't be any guarantees that your project running on
FreeBSD 9.2 now could be supported in compat9x mode on FreeBSD 15.x in
2023.  But I'd suggest the FreeBSD is probably one of your best bets for
achieving that.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Still a problem with 'pkg check -Ba'

[Matthew Seaman]

On 26/03/2013 21:36, Matthew Seaman wrote:
> On 26/03/2013 19:18, Walter Hurry wrote:
>> On Tue, 26 Mar 2013 19:13:04 +, Walter Hurry wrote:
>>
>>> I hope Matthew Seaman sees this:
>>>
>>> All the files are of course present and correct in /usr/local/lib/
>>> virtualbox
>>
>> 
>>
>> Should have mentioned: This is pkg-1.0.9_2
> 
> I see it.  There haven't been any changes to the shlib code in pkg-1.0.x
> -- however, things have been improved in pkg-1.1.  Still not perfect though:
> 
> worm:...matthew/src/pkgng:# pkg check -B virtualbox-ose
> pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxAutostart -
> shared library VBoxRT.so not found
> pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxAutostart -
> shared library VBoxXPCOM.so not found
> pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxBalloonCtrl -
> shared library VBoxRT.so not found
> pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxBalloonCtrl -
> shared library VBoxXPCOM.so not found
> pkg: (virtualbox-ose-4.2.6)
> /usr/local/lib/virtualbox/VBoxExtPackHelperApp - shared library
> VBoxRT.so not found
> pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxManage -
> shared library VBoxDDU.so not found
> pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxManage -
> shared library VBoxRT.so not found
> pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxManage -
> shared library VBoxXPCOM.so not found
> pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxSVC - shared
> library VBoxDDU.so not found
> pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxSVC - shared
> library VBoxRT.so not found
> pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxSVC - shared
> library VBoxXPCOM.so not found
> pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxXPCOMIPCD -
> shared library VBoxXPCOM.so not found
> pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxXPCOMIPCD -
> shared library VBoxRT.so not found
> 
> Still working on it...

Actually, fixed that problem and just pushed the commit to master...

worm:...matthew/src/pkgng:# pkg check -vB virtualbox-ose
Reanalyzing files for shlibs: virtualbox-ose
worm:...matthew/src/pkgng:# pkg info -B virtualbox-ose
virtualbox-ose-4.2.6:
libxml2.so.5
libvncserver.so.0
libssl.so.8
libpng15.so.15
libiconv.so.3
libcurl.so.6
libcrypto.so.8
VBoxXPCOM.so
VBoxVMM.so
VBoxRT.so
VBoxREM.so
VBoxDDU.so
VBoxDD2.so

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: Still a problem with 'pkg check -Ba'

[Matthew Seaman]

On 26/03/2013 19:18, Walter Hurry wrote:
> On Tue, 26 Mar 2013 19:13:04 +, Walter Hurry wrote:
> 
>> I hope Matthew Seaman sees this:
>>
>> All the files are of course present and correct in /usr/local/lib/
>> virtualbox
> 
> 
> 
> Should have mentioned: This is pkg-1.0.9_2

I see it.  There haven't been any changes to the shlib code in pkg-1.0.x
-- however, things have been improved in pkg-1.1.  Still not perfect though:

worm:...matthew/src/pkgng:# pkg check -B virtualbox-ose
pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxAutostart -
shared library VBoxRT.so not found
pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxAutostart -
shared library VBoxXPCOM.so not found
pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxBalloonCtrl -
shared library VBoxRT.so not found
pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxBalloonCtrl -
shared library VBoxXPCOM.so not found
pkg: (virtualbox-ose-4.2.6)
/usr/local/lib/virtualbox/VBoxExtPackHelperApp - shared library
VBoxRT.so not found
pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxManage -
shared library VBoxDDU.so not found
pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxManage -
shared library VBoxRT.so not found
pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxManage -
shared library VBoxXPCOM.so not found
pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxSVC - shared
library VBoxDDU.so not found
pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxSVC - shared
library VBoxRT.so not found
pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxSVC - shared
library VBoxXPCOM.so not found
pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxXPCOMIPCD -
shared library VBoxXPCOM.so not found
pkg: (virtualbox-ose-4.2.6) /usr/local/lib/virtualbox/VBoxXPCOMIPCD -
shared library VBoxRT.so not found

Still working on it...

Cheers,

Matthew




-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: software support

[Matthew Seaman]

On 26/03/2013 14:10, Oblitey, Edmund wrote:
> I am trying to install FreeBSD on a E7520/6300ESB chipset. Program
> freezes during probing devices. It always restart when it gets to the
> atkbd0. Want to know if u can help me on it.

Sounds like there's something on-board that either isn't supported or
that doesn't get the right driver bound to it.  Or that might possibly
be defective.

What version of FreeBSD are you trying to install?

Can you definitely run other OSes without problems on this same hardware?

Can you try disconnecting as many non-essential peripherals as possible
and see if that allows FreeBSD to boot?

Cheers,

Matthew


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: "Leaking" disk space

[Matthew Seaman]

On 20/03/2013 15:23, Dan Thomas wrote:
> Hi Guys,
> 
> We're seeing a problem with some of our FreeBSD/PostgreSQL servers
> "leaking" quite significant amounts of disk space:
> 
> > df -h /usr/local/pgsql/
> Filesystem   SizeUsed   Avail Capacity  Mounted on
> /dev/mfid1s1d1.1T772G222G78%/usr/local/pgsql
> 
> > du -sh /usr/local/pgsql/
> 741G/usr/local/pgsql/
> 
> Stopping Postgres doesn't fix it, but rebooting does which points at
> the OS rather than PG to me. However, the leak is only apparent in the
> dedicated pgsql partition, and only on our database servers, so
> PostgreSQL seems to at least be involved. The partition itself is a
> relatively standard UFS partition:

Hi, Dan

You're not the first person to report that.  Please see the thread:

"leaking lots of unreferenced inodes (pg_xlog files?), maybe after
moving tables and indexes to tablespace on different volume"

on the freebsd...@freebsd.org mailing list.

Kirk McKusick was investigating the original report: CC'd.

Cheers,

Matthew

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: "make deinstall" within /usr/ports/lang - need to recover default language installs

[Matthew Seaman]

On 19/03/2013 07:54, Rob Navarro wrote:
> Hi Chaps,
> 
> I typed "make deinstall" within the /usr/ports/lang directory of a
> FreeBSD 9.0 and mistakenly lost Perl, Python, Ruby and a whole host of
> default compiled languages.
> 
> How can I get back to the default FreeBSD default installed language
> state (with Perl installed etc)?

Ummm the default state is with just the base system installed: no
extra languages like perl or python and no other additional software
packages.

> Crossing my fingers that I need not re-install the OS...

Nope.  You absolutely do not need to do that -- all you did will have
affected the ports, which on FreeBSD is a distinct entity from the base
system.

To recover, you simply need to re-install the appropriate ports.  If you
know what you want installed, then it's easy: you can just feed a list
of those ports into portmaster(8) or portupgrade(8).

If you don't know what you need installed in order to support various
end user programs, then there are various ways of checking that the
dependencies of the required ports are installed.  For instance, if
you're using pkgng, you could run 'pkg check -da'  At worst, and
requiring the least amount of extra software, just try re-installing the
packages in question.  This should work, but you might end up doing a
lot of strictly unnecessary recompiling.

Matthew



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Error: shared library "mysqlclient.18" does not exist

[Matthew Seaman]

On 11/03/2013 16:59, Jeff Tipton wrote:
> I'm trying to set up security/maia, and this is the error message I get:
> 
> Error: shared library "mysqlclient.18" does not exist
> 
> Of course, the library does exist :(
> 
> # ls /usr/local/lib/mysql/
> libmysqlclient.a   libmysqlclient_r.a libmysqld.a
> libmysqlclient.so  libmysqlclient_r.solibmysqlservices.a
> libmysqlclient.so.18   libmysqlclient_r.so.18 plugin
> 
> I googled about this, and I found 3 things to try but none of that was
> helpful here:

One other thing to try: examine the output of 'ldconfig -r' -- you
should see -libmysqlclient.18 somewhere in the listing.

The default location the ports will install that library is

/usr/local/lib/mysql/libmysqlclient.so.18

which, you'll notice is in a subdirectory of /usr/local/lib -- not on
the default shared library search path.  If it's been correctly
installed however you should see /usr/local/lib/mysql amongst the search
directories around the 2nd line of the ldconfig -r output.

If not, you can run this:

  ldconfig -m /usr/local/lib/mysql

You only need to do that once, and the system should remember it.
Installing from the port or packages (old or pkgng style) should do that
automatically.  How did you install mysql-client?

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: "make package" vs "pkg create"

[Matthew Seaman]

On 24/02/2013 16:33, Joshua Isom wrote:
> I tried making a build jail, not with pourdriere or tinderbox.  I just
> went to the ports and ran `make -DBATCH package-recursive clean` to get
> packages created.  I ran `pkg add *` in the packages/All directory, but
> all failed because of MANIFEST missing.  I'm guessing this is a bug in
> the .mk files, since I do have WITH_PKGNG set.  Is this a known problem
> or is there supposed to be a different way to do it?  Am I just supposed
> to use pourdriere or the source to keep my ports up to date until all
> the packages are rebuilt on freebsd.org?

'MANIFEST' is pretty fundamental to pkgs -- probably the error you are
seeing is because there are some other sort of files that aren't pkgng
packages present.  That's going to upset pkg add.  What's the history of
this jail?  Did it start out using pkgng, or did it get converted from
pkg_tools?  If the latter, did the conversion go smoothly?  Can you use
eg. 'pkg info' in your jail to get an accurate listing of the packages
installed there?

If 'WITH_PKGNG' is set in your make.conf, then 'make package' will
certainly use pkgng to generate packages.  I do that a lot in testing,
and it works just fine.

If you can clear out the non-pkgng stuff, the recommended way to do what
you intend is to generate a repository catalogue, and then use 'pkg
install'.  'pkg add' really should only be considered for installing
single packages when there is absolutely no alternative.

You should be able to run 'pkg repo /usr/ports/packages' to build a
repository catalogue for all the pkgng packages you've built in your
jail.  Then you can either mount the jail's package tree on the machine
where you want to install packages, or make it available through a web
server.  Set PACKAGESITE appropriately in ${LOCALBASE}/etc/pkg.conf --
for instance, this is what you'ld set to use a repo made as above and
mounted in the same location:

   PACKAGESITE : file:/usr/ports/packages

You can then use 'pkg install' or 'pkg upgrade' in the usual way.

Note: you won't need to install every package in your repo -- many of
them will exist solely in order to facilitate building other packages.
 If you choose the packages you specifically want, pkgng will sort out
installing the required dependencies, and moreover will set the
autoremove flags appropriately, so you could later purge things
installed solely as dependencies of packages you no longer want.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: PERL problem installing SQLgrey

[Matthew Seaman]

On 20/02/2013 21:22, lcon...@go2france.com wrote:
> ===>   p5-Date-Calc-6.3 depends on package: p5-Bit-Vector>=7.1 - not found
> ===>Verifying install for p5-Bit-Vector>=7.1 in
> /usr/ports/math/p5-Bit-Vector
> ===>  Extracting for p5-Bit-Vector-7.2_2
> => SHA256 Checksum mismatch for Bit-Vector-7.2.tar.gz.
> 
> 
> and it can't find it anywhere else.
> 
> bombs out with:
> 
> fetch:
> ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/Bit-Vector-7.2.tar.gz:
> size mismatch: expected 135586, actual 137817
> => Couldn't fetch it - please try to retrieve this
> => port manually into /usr/ports/distfiles/ and try again.
> *** Error code 1

Did you try updating your ports to the latest and:

   cd /usr/ports/math/p5-Bit-Vector
   make distclean

and then try and install sqlgrey again?  If you get the same error
repeatably, then it's possibly a bug in the p5-Bit-Vector port --
perhaps the distfile was changed, in which case the port maintainer
would have to update the distinfo to match.

In any case, if you're still having problems, please ask again on
freebsd-po...@freebsd.org

Cheers,

Matthew

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Cannot resolve localhost

[Matthew Seaman]

On 14/02/2013 22:35, Martin Pola wrote:
> I'm trying to get my FreeBSD system to resolve localhost into
> 127.0.0.1, but unfortunately it doesn't work. It appears the resolver is
> never reading from /etc/hosts, where I have this line:
> 127.0.0.1 localhost
> 
> Here's a sample output of what I get when I try to resolve the name:
> $ nslookup localhost
> ;; Got recursion not available from 91.90.24.250, trying next server
> Server: 8.8.8.8
> Address:8.8.8.8#53
>  
> ** server can't find localhost: NXDOMAIN
>  
> What am I missing?

The understanding that looking stuff up in the DNS[*] is never going to
return anything from the contents of your /etc/hosts file?

You can do a more generic lookup using whatever means are configured in
your /etc/nsswitch.conf by:

% getent hosts localhost
::1   localhost
127.0.0.1 localhost

although with localhost, that really should also be available in the
DNS, both forwards and reverse:

% dig +short IN A localhost
127.0.0.1
% dig +short IN  localhost
::1
% dig +short -x 127.0.0.1
localhost.
% dig +short -x ::1
localhost.

Although I note that Google's DNS resolver specifically *doesn't* have it...

% dig +short @8.8.8.8 -x ::1
% dig +short @8.8.8.8 -x 127.0.0.1
% dig +short @8.8.8.8 localhost
% dig +short @8.8.8.8 IN  localhost

Just a peculiarity of the Google DNS service.

Cheers,

Matthew

[*] BTW. nslookup is *so* 20th Century.  All the cool kids are using
dig(1) or drill(1) nowadays.

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: pkg -c/pkg -j question

[Matthew Seaman]

On 13/02/2013 15:58, Arthur Chance wrote:
> A question for pkgng gurus. When using pkg -c or pkg -j to work within
> chroots or jails, how much of the pkg infrastructure needs to be present
> in the chroot/jail?
> 
> The reason I ask is because I'm thinking of building a server which has
> all services running in jails, with the necessary packages being
> manipulated from above.

You need /bin/sh in each jail for pkg to be able to workout what ${ABI}
should be.

You need /var/db/pkg and /var/cache/pkg available and writable in the
jail / chroot (ie. relative to the chroot or root of the jail)

That's basically it.

You might run into problems running some package scripts if you're
trying to manage a chroot designed for a very different CPU arch / OS
version than your system is running: this is something we haven't really
put much thought into yet.

Cheers,

Matthew

PS.  This sort of question is what the new freebsd-...@freebsd.org list
is for.


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: pkgng

[Matthew Seaman]

On 12/02/2013 17:43, Walter Hurry wrote:
> On Sat, 15 Dec 2012 18:54:00 +0000, Matthew Seaman wrote:
> 
>> On 15/12/2012 18:23, Walter Hurry wrote:
>>> On Sat, 15 Dec 2012 15:31:03 +, Matthew Seaman wrote:
>>>
>>>> 'm slowly collecting examples of applications where the shlib analysis
>>>> doesn't work properly
>>>
>>> In case you don't already have them in your list: opnjdk7 libreoffice
>>
>> Thanks.  Added to the list.  It always has to be the really big projects
>> (and tedious to debug because of that) doesn't it.
> 
> Matthew,
> 
> pkg check -Ba is still showing a number of false alarms for virtualbox-
> ose-4.2.6.

Ah.  OK.  I'll investigate, at the weekend probably.  Just to be sure,
you are running pkgng master from Github, and not the release from ports?

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: packages listing

[Matthew Seaman]

On 10/02/2013 06:52, Dánielisz László wrote:

> Do you have any idea how can I list those installed packages that are not 
> required by any other?

If you're using pkgng:

   pkg query -e "%#r==0" "%n-%v"

There isn't (as far as I know) a way of doing this directly with
pkg_tools alone, so either install an appropriate tool from ports as
others have suggested elsewhere in this thread, or if you have to use
only what comes with the base system, then something like:

   cd /var/db/pkg
   ls -1 */+REQUIRED-BY | sed -e 's,/+REQUIRED-BY,,'

(untested and from memory as I don't have any pkg_tools systems any
more.)  Note: this is not necessarily entirely accurate.  The
+REQUIRED-BY files are updated by tools like portmaster(1) or
portupgrade(1) but not if you install via pkg_add(1) or by using make(1)
directly in the ports tree.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey





signature.asc
Description: OpenPGP digital signature

Re: where is 1GB of RAM

[Matthew Seaman]

On 04/02/2013 19:44, Wojciech Puchar wrote:
> real memory  = 34359738368 (32768 MB)
> avail memory = 33167446016 (31630 MB)
> 
> 
> 
> where did 1GB of memory go?

Used by the kernel.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Delete /var/db/pkg.bak?

[Matthew Seaman]

On 30/01/2013 04:47, Walter Hurry wrote:
> Admittedly disk space is cheap, but old habits die hard and I just don't 
> like keeping stuff I no longer need.
> 
> I converted to pkgng just under a couple of months ago, and have had no 
> serious problems (even the minor issues have been promptly resolved with 
> the kind and able assistance of Matthew Seaman).
> 
> I have no intention of trying to 'go back', so my question is this: Is it 
> safe now to clear out the pkg.bak file which was created by pkg2ng at the 
> time of conversion? I'm almost sure it is, but just want to make certain.

Um... it's probably OK, but you're really the only person in a position
to know, given it's your system.

Given that you have been actively maintaining your systems using pkgng
for several months, the pkg.bak file will not contain any record of the
changes made in that time.  That makes it increasingly irrelevant.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: sh & export

[Matthew Seaman]

On 29/01/2013 01:11, kpn...@pobox.com wrote:
> On Mon, Jan 28, 2013 at 07:41:35PM -0500, Fbsd8 wrote:
>> This is what I am looking at in a sh script
>>
>> echo export jail_${jailname}_hostname=\"${jailname}\"
>> puts it into the env
>> and this brings it back out
>> eval jailname=\"\$jail_${jailname}_hostname\"
>>
>> Question is how can I display from the console command
>> line what has been exported?
>>
>> env issued on the console command line does not show
>> any thing named jail.
> 
> Environment variables are only exported to children of the shell that
> created or inherited them. When you run a script you normally have your
> command line shell start a child shell which then executes the script.
> When the child shell that runs the script finishes the script it ends and
> control returns to the parent. The child's environment at this point is
> gone, but the parent couldn't have looked at it anyway. Parents don't
> really know what their children are doing.
> 
> So, to answer your question above, "You can't display from the console
> what was set in a script."
> 

I'm afraid that's simply not true.  ps(1) has a '-e' flag which can show
you the environment for any process.  However, since printing out the
environment will easily overflow the console width that ps(1) uses by
default, it's best to combine it with a couple of 'w's.

Thus:

ps -wwwe ${pid_of_process}

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Cronjob Cvsup -> What?

[Matthew Seaman]

On 27/01/2013 10:07, Mike Clarke wrote:

> I suppose the best approach with ZFS would be to make a snapshot immediately 
> prior to running portsnap.

Yes.  That would do the trick quite neatly.  In fact, snapshot before
each time you run portsnap.

Cheers

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: Cronjob Cvsup -> What?

[Matthew Seaman]

On 27/01/2013 08:35, Zyumbilev, Peter wrote:
> Last 10 years I am using cvsup. Any good guide for the transition to
> subversion  ?

Most of the guides around freebsd.org are aimed at developers who will
be using SVN read-write.  For simple read-only use (ie. not checking
anything into the repository) the following should suffice:

  0) Install svn

 It isn't part of the base system, and it has too many external
 dependencies with different licensing terms for it to be bought
 in easily.  There's been some discussion about this, but it hasn't
 happened yet.  If it did, the imported version would be fairly
 minimal, and anyone wanting to use it for serious development
 would probably just grab the ports version anyhow.

 If all you want to do is pull down a copy of the sources then you
 can turn off most of the options to reduce the fairly large
 dependency tree to something more manageable:

 BDB=off: Berkeley Database
 BOOK=off: Install the Subversion Book
 ENHANCED_KEYWORD=on: Enhanced svn:keyword support
 FREEBSD_TEMPLATE=on: FreeBSD Project log template
 GNOME_KEYRING=off: Build with GNOME Keyring auth support
 KDE_KWALLET=off: Build with KDE KWallet auth support
 MAINTAINER_DEBUG=off: Build debug version
 MOD_DAV_SVN=off: mod_dav_svn module for Apache 2.X
 MOD_DONTDOTHAT=off: mod_dontdothat for Apache 2.X
 NEON=off: WebDAV/Delta-V repo access module (neon)
 P4_STYLE_MARKERS=off: Perforce-style conflict markers
 SASL=off: SASL support
 SERF=on: WebDAV/Delta-V repo access module (serf)
 STATIC=off: Build static version (no shared libs)
 SVNAUTHZ_VALIDATE=off: install svnauthz-validate
 SVNMUCC=off: Install Multiple URL Command Client
 SVNSERVE_WRAPPER=off: Enable svnserve wrapper
 TEST=off: Run subversion test suite

 There is the new devel/subversion-static port which does all that,
 and compiles subversion with static linkage so it has *no* runtime
 dependencies on anything else.  The disadvantage here is that if
 there is, say, a security hole discovered in the one of the
 libraries subversion links against, you won't secure the
 statically linked copy of subversion simply by updating to a fixed
 version of the shlib.  subversion-static is really only intended
 for providing a one-off binary package that people can download
 and install in order to bootstrap a more standard FreeBSD
 environment.

  1) Choose a SVN mirror close to you.  Currently there are two choices:

svn0.us-west.FreeBSD.org  -- Western USA
svn0.us-east.FreeBSD.org  -- Eastern USA

 Use whichever one gives you best performance.  Certainly from
 Europe at the moment us-east seems to be the best choice.

 The number of SVN mirrors and their global coverage should increase
 over time, but it will never need as many servers as the old cvsup
 network.

 The canonical list of SVN mirrors is here:


http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/svn-mirrors.html

  2) Choose a protocol for access the SVN servers.  Your choices in
 order of preference are

 svn://
 https://
 http://

 Use svn:// for best performance.  If you're concerned about MITM
 attacks injecting trojans into the FreeBSD sources, then use
 https and be sure to verify the certificate hashes on first
 connection.  Otherwise, if you're stuck behind a restrictive
 firewall, use http://

  3) Choose which branch you want to mirror.  It's relatively easy to
 switch between branches and doesn't involve downloading the entire
 contents of /usr/src all over again if you change your mind.
 However right now, the viable choices are

head --- Current, the bleeding edge, really only suitable
 for development purposes

stable/9 --- 9-STABLE  Still a rapidly changing development
 branch, but not quite so close to the edge, and
 with less bleeding involved.

stable/8 --- 8-STABLE  Ditto.

releng/9.1 --- 9.1-RELEASE  This tracks any security patches to
 version 9.1.  However, in this case you would be
 better advised to use freebsd-update(8) to maintain
 your /usr/src directory tree instead.

Similarly releng/9.0 releng/8.3 releng/7.4 for other supported
release versions.

 Don't be fooled into pulling down release/9.1.0 or the like --
 this is not a *branch* but a *snapshot*.  If you think you want
 release/9.1.0 then you really want releng/9.1 instead.

  4) Make sure /usr/src is empty.  Pre-existing files can cause you
 grief at some unexpected later date even if they don't cause the
 initial checkout to fail.

  5) Put it all together.  Run a command like so to check out the
 content of /usr/src for your chosen branch from your chosen 

Re: Cronjob Cvsup -> What?

[Matthew Seaman]

On 27/01/2013 00:11, W. D. wrote:
> What would be the best Cron command to keep ports updated on a daily
> basis?

Try this as a crontab entry:

0  3  *  *  *  *  /usr/sbin/portsnap cron update

Two points to note:

1) The 'cron' verb is important for anyone setting up an automated job
like this.  It causes portsnap to wait for a random number of seconds
(but less than 1 hour) before connecting to the portsnap server.  Since
the tendency is for people to schedule cron jobs to happen on the hour,
this helps to avoid everyone connecting at once and smooths out the
server load.

2) This assumes that you have previously run

   portsnap fetch extract

to get yourself a portsnap-ready copy of the ports tree.  You only need
to do that once, but you should move aside any pre-existing copy of
/usr/ports obtained by any means other than portsnap(8) before you do
(but keep anything under /usr/ports/distfiles and maybe
/usr/ports/packages).  Something like:

   cd /usr
   mv ports ports.old
   mkdir ports
   mv ports.old/distfiles ports/distfiles
   mv ports.old/packages ports/packages
   portsnap fetch extract

Although this may be complicated if any of /usr/ports,
/usr/ports/distfiles or /usr/ports/packages are on a separate partition
or ZFS.

I say 'move aside' due to the caution imbued by having been a
professional sysadmin for more years than I care to remember.  If you
are still convinced of your own infallibility, then you might find rm(1)
an acceptable alternative.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: [OT-ish] Need a Binary for lang/sml-nj

[Matthew Seaman]

On 27/01/2013 02:57, Joseph A. Nagy, Jr wrote:
> On 01/26/13 15:52, Jimmy Olgeni wrote:
>>
>> Hello,
>>
>> On Sat, 26 Jan 2013, Joseph A. Nagy, Jr wrote:
>>
>>> The pkg repo's are down. I'm not sure how you got it to work (if you
>>> did). It will not work on this end, thanks though.
>>
>> It seems to work from here. Maybe with a mirror?
>>
>> ftp://ftp1.us.freebsd.org/pub/FreeBSD/ports/i386/packages-9.0-release/lang/smlnj-110.0.7_3.tbz
>>
>>
>>
> 
> root@alex-laptop:/root # pkg add
> ftp://ftp1.us.freebsd.org/pub/FreeBSD/ports/i386/packages-9.0-release/lang/smlnj-110.0.7_3.tbz
> 
> smlnj-110.0.7_3.tbz 100% 3203KB   1.0MB/s   2.4MB/s 00:03
> pkg: ./smlnj-110.0.7_3.tbz is not a valid package: no +MANIFEST found
> pkg: ./smlnj-110.0.7_3.tbz is not a valid package: no +MANIFEST found
> 
> Failed to install the following 1 package(s):
> ftp://ftp1.us.freebsd.org/pub/FreeBSD/ports/i386/packages-9.0-release/lang/smlnj-110.0.7_3.tbz
> 

Trying to install a pkg_tools style package with pkgng is not going to work.

At least, not with pkg-1.0.6.  pkgng-1.1 will have the capability of
converting from pkg_tools to pkgng format.  And vice-versa.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: creating new user account password.

[Matthew Seaman]

On 23/01/2013 20:06, Fbsd8 wrote:
> I know I can create a new user account having a password same as the
> user name. After logging in the first time using the user account name
> as the password, I want to force the user to create a new password.
> Is there a way to do that?

You can set the password to expire virtually immediately:

   pw usermod -n username -p +1m

or add the '-p +1m' bit to the 'pw useradd' line used to create the account.

I believe this will mean the user is required to set a new password on
login after the password has expired.  Might be an idea to test that though.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: SSH on FreeBSD

[Matthew Seaman]

On 15/01/2013 10:10, Mannase Nyathi wrote:
> I have just configured FreeBSD on my server. I would like to find out
> how can I be able to login to it via ssh?

Start by editing /etc/rc.conf and add the line:

sshd_enable="YES"

(anywhere in the file -- order doesn't matter)

Then as root:

   /etc/rc.d/sshd start

It should generate some host keys and then start the sshd daemon.

That's all.  sshd will restart automatically after any reboots.  You
should be able to log into any ordinary user account remotely using the
account username and password.

Note: if your system is exposed to the internet, it will be attacked by
bots attempting to brute-force SSH username and passwords.  Make sure
you have good passwords on all user accounts -- see the archives of this
list for many, many discussions of further steps you can take to prevent
this activity filling up your logfiles...

Cheers,

Matthew


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: pkgng package repository tracking security updates

[Matthew Seaman]

On 14/01/2013 22:44, n j wrote:
> One thing to think about would be the option of port maintainers uploading
> the pre-compiled package of the updated port (or if the size of the upload
> is an issue then just the hash signature of the valid package archive so
> other people with more bandwidth can upload it) to help the package
> building cluster (at least for mainstream architectures). The idea behind
> it being that the port maintainer has to compile the port anyway and pkg
> create is not a big overhead. The result would be a sort of distributed
> package building solution.


Sorry.  Distributed package building like this is never going to be
acceptable.  Too much scope for anyone to introduce trojans into
packages.  Building packages securely is a very big deal, and as recent
events have shown, you can't take any chances.

Cheers,

Matthew


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: pkgng package repository tracking security updates

[Matthew Seaman]

On 14/01/2013 14:36, n j wrote:
> The point of my question was exactly if it was possible to elaborate on the
> "pre-compiled packages from FreeBSD official repositories" part. Would it
> be possible to have a (security-wise) up-to-date pre-compiled packages in
> the official repositories? Note, I don't expect an unreasonable effort here
> - I understand there will always be delays between upstream fix --> ports
> fix --> up-to-date package and it is acceptable for the binary package to
> lag a few days behind the port (depending on the availability of package
> building cluster or maintainer upload).

Yes, there will be a pkgng package building cluster which will track
updates to the ports and provide as up-to-date a collection of packages
as possible for at least x86, amd64 on all supporter FreeBSD branches
and head.  Possibly other architectures as well.

However, as all that is still under construction (and construction plans
have been heavily revised in the light of the earlier security
compromise) I have no good idea of what sort of turn-around will be
possible.  I expect at least as good as the old pkg build cluster
managed and probably better.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: pkgng package repository tracking security updates

[Matthew Seaman]

On 14/01/2013 13:10, Andrei Brezan wrote:
> I thing that it's good to wait for ports to compile and to be able to
> chose your configure options for the packages you install. It's good to
> know what options you need and what options you don't and why, that's
> one of the reasons why i'm using FreeBSD. I feel that the goal for pkgng
> is that you can install your locally built binary packages in a
> tinderbox on all your infrastructure so you don't have to compile every
> port on every server. IIRC it was considered too cumbersome to compile
> all the ports tree for all the architectures supported and provide the
> so called official binary repositories.

No, that's not *the* goal for pkgng.

The goal is to provide a state-of-the-art binary package management
system for FreeBSD (and anyone else who would like to use it).

For many users this will entail downloading pre-compiled packages from
FreeBSD official repositories.  But it will be possible for third
parties to set up their own repositories, in the same way that eg. the
Postgresql project has their own Yum repositories for RH-alikes.  It
will also be possible for people to compile their own packages either
for direct installation, or to create their own private repositories to
serve their own networks with their custom configured packages.

And, ideally, people will be able to use a *mix* of the above as best
suits their needs.

Cheers,

Matthew



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: pkgng - Symlinks created by portupgrade?

[Matthew Seaman]

On 11/01/2013 15:18, Walter Hurry wrote:
> On Thu, 10 Jan 2013 01:50:34 +, Walter Hurry wrote:
> 
>> Thank you yet again, Matthew. As always, you are a fount of knowledge.
>>
>> The guidance on LATEST_LINK has helped a great deal. I still have a
>> further question or two though; I shall follow up within a day or two.
> 
> Just one further question: Is there a reason why 'pkg create' doesn't  
> generate synonyms this way, even when the output directory is set to /usr/
> ports/packages/All?

Yes. 'pkg create' may be used to create arbitrary packages outside the
context of ports, so it doesn't want to assume the LATEST_LINK layout.
(All you need is an appropriate MANIFEST file... or a previously
installed package on your system.)

Like I said, for the purpose of generating a pkgng repo, this whole
question of directory structure is pretty much immaterial: pkgng doesn't
care.  Any sort of directory structure containing .txz package tarballs
will do. (Usually putting all the pkgs together in one big directory is
what happens.)

The LATEST_LINK layout is aimed at people logging into a ftp server and
hunting through the directory tree for the packages they want.  Most
pkgng repos won't let you login like that, nor will all of them
necessarily let you get a directory listing, other than the data you can
extract from repo.sqlite.

As for special casing things when writing to ${PORTSDIR}/packages/All --
no one has seen fit to write the code to do that.  If you think this
sort of functionality would be useful, well, we always like to get pull
requests.  I would point out though that there is already perfectly good
code in bsd.port.mk et al to do this sort of thing, which you can access
by 'make package'.

Cheers,

Matthew





___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: make install package?

[Matthew Seaman]

On 10/01/2013 21:21, Fbsd8 wrote:
> Is the upcoming pkgng going to have any effect on this?

No.

The layout of /usr/ports/packages is controlled at a rather lower level
by the Makefiles in /usr/ports/Mk.  pkgng doesn't really care about this
layout in any case since pkgng repositories don't need anything like it.
Instead, they have repository catalogues which can fulfil all your
package finding needs.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Unable to install xorg using pkg_add

[Matthew Seaman]

On 10/01/2013 16:30, Scott Eberl wrote:
> Hello, I just installed FreeBSD last night using the bootonly image for
> 9.0-RELEASE. I then updated to 9.1-RELEASE using freebsd-update. Everything
> seems to have gone smoothly but now I'm getting the below error when trying
> to isntall xorg.
> 
> Error: Unable to get
> ftp://ftp.freebsd.org/pub/FreeBSD/ports/amd64/packages-9.1-release/Latest/xorg.tbz:
> File unavailable (e.g., file not found, no access)
> pkg_add: unable to fetch '
> ftp://ftp.freebsd.org/pub/FreeBSD/ports/amd64/packages-9.1-release/Latest/xorg.tbz'
> by URL
> 

Alas, this is expected.  Because of the security incident
(http://www.freebsd.org/news/2012-compromise.html) all of the package
building cluster is temporarily quarantined.  So there aren't any
packages built for 9.1-RELEASE.

You should be able to use pkg_tools packages built for any 9.x release
or stable/9 if you can locate them on the FTP servers (although these
will be at least about 2 months old by now) or you can grab the ports
(use of portsnap recommended) and build your own.

Cheers,

Matthew
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: pkgng - Symlinks created by portupgrade?

[Matthew Seaman]

On 09/01/2013 18:31, Walter Hurry wrote:
> I am using pkgng.
> 
> When I issue 'portupgrade  -p', after build and installation, it 
> builds a new package, as advertised. This (by default) is put into /usr/
> ports/packages/All.
> 
> At the same time, it installs a set of symlinks; one for each relevant 
> port category, plus one in /usr/ports/packages/Latest.
> 
> It is the naming of this last in which I am interested. Sometimes the 
> symlink seems to bear the name (absent the version) of the package, and 
> sometimes the name of the port (plus '.txz', of course).
> 
> Two questions:
> 
> 1) Does anyone know the logic used to derive the name of the symlink?
> 
> 2) Would it be considered a breach of etiquette to email the port 
> maintainer (bdrewery) and ask, or is this regarded as acceptable?
> 
> 'man portupgrade' doesn't seem to shed any light on this, and I am 
> unaware of where to seek other documentation.

The layout of /usr/ports/packages is actually down to the ports system
directly and not in the control of any add on software like portupgrade,
portmaster or pkgng.

The files under /usr/ports/packages/Latest are named according to the
LATEST_LINK variable in each port.  It's meant to be unique per-port,
but falls somewhat short.  Various ports have NO_LATEST_LINK set which
suppresses creating that link.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: Unreferenced Libraries?

[Matthew Seaman]

On 07/01/2013 14:27, Walter Hurry wrote:
> 9.1-RELEASE on amd64.
> 
> libchk reports the following libraries (among others) as unreferenced:
> 
> /usr/lib/libBlocksRuntime.so.0
> /usr/lib/libform.so.5
> /usr/lib/libformw.so.5
> /usr/lib/libgpib.so.3
> /usr/lib/libgssapi_ntlm.so.10
> /usr/lib/libgssapi_spnego.so.10
> /usr/lib/libhistory.so.8
> /usr/lib/liblwres.so.80
> /usr/lib/libmenu.so.5
> /usr/lib/libmenuw.so.5
> /usr/lib/libmilter.so.5
> /usr/lib/libpanelw.so.5
> /usr/lib/librpcsec_gss.so.1
> /usr/lib/libstdbuf.so.1
> /usr/lib/libsupc++.so.1
> /usr/lib/libthread_db.so.3
> 
> All these are part of base.
> 
> I note that in each case there is a .so symlink pointing to the 
> relevant library, as is, I believe, accepted best practice.

Yes, that's right.

> Would I be correct in assuming that the reason libchk is reporting these 
> as unreferenced is that everything which is actually using them is 
> referencing the symlink?

Actually, it is probably reporting them because nothing is actually
using them.  libmilter.so.5 for instance won't have any consumers in the
base system (not even /usr/libexec/sendmail/sendmail) but it is provided
in case you want to install any mail filters from ports or otherwise.

> Or is libchk clever enough to resolve symlinks, and there is a different 
> reason?

The shlib sym-link without the ABI version number is generally only used
at compile-time.  Once the application has been linked, the dynamic
loader will require the shared library with appended ABI version.  There
are instances of things that look at first sight like a shared library,
but that don't have an ABI version no.  In general, these are not in
fact shared libraries, but loadable modules used by various specific
programs.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: FB 9.1 boot loader problem in VirtualBox

[Matthew Seaman]

On 06/01/2013 12:09, jb wrote:
> A general question: to what extent is FB Install aware of installation env (VB
> here) ?
> If so, would it make sense to sanitize it to avoid offering install options 
> that
> are irrelevant/inappropriate ?

This is FreeBSD.  It doesn't hold your hand and wipe the drool off your
chin.  You're assumed to know what you're doing, and to be able to
configure your systems appropriately.  And when you do know, and can
configure things, then it doesn't get in your way.

The installer doesn't know about all the various possible different
execution environments it might get used in.   To do so would add a lot
of complexity for not very much gain to most users.  Instead, it is
targeted at the most common installation scenario: direct installation
onto a PC with all the standard sort of capabilities.This should
produce a working system for the vast majority of use cases, but you may
need to go in and twiddle a few knobs and generally tune things up a bit
to get the very best results.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: FB 9.1 boot loader problem in VirtualBox

[Matthew Seaman]

On 06/01/2013 11:52, jb wrote:
> Matthew Seaman  FreeBSD.org> writes:
> 
>>
>> On 06/01/2013 11:19, jb wrote:
>>> Next problem:
>>> the installation's dmesg shows net driver em0, which is Intel PRO/1000 - and
>>> this is how install offers to configure the network;
>>> but my host has Broadcom Corporation NetLink BCM5787M Gigabit Ethernet PCI
>>> Express, which is bge0 driver in FB.
>>> How to force it to discover the right net device during install, and/or 
>>> after
>>> install ?

>> This is normal for VirtualBox -- it doesn't matter what NIC the host
>> has, VB always presents it as an em(4) interface to the guest.

> OK.
> But I also could not ping:
> $ ping -c 1 google.com
> I have VM-Settings-Network
> Attached to NAT
> What is the correct setting here ?

Not really enough information there to say exactly what has gone wrong.
 NAT+DHCP should work.  You need:

  ifconfig_em0="DHCP"

in /etc/rc.conf obviously.

Try tcpdump(1) on the external interface of your host system to see if
the traffic shows up.  You will also need to have a process called
something like VBoxNetDHCP running on the host.  Process name might be
slightly different on different host OSes (I'm using MacOS X). It should
be started automatically but no harm checking.

If that hasn't led to a fix, please post the output of:

  ifconfig em0
  netstat -rn

from the guest system.

If NAT won't work, you might try bridged mode -- this effectively makes
the VM share your main host's NIC and gives it its own externally
visible IP on the network.  You generally need bridged mode if you want
to run servers in the VM.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: FB 9.1 boot loader problem in VirtualBox

[Matthew Seaman]

On 06/01/2013 11:19, jb wrote:
> Next problem:
> when I am logged out from FB, and I do (I tested it repeatedly)
> 
> Machine-Close-Power off the machine
> to cloce VM with FB, then on subsequent VM Start and FB reboot I get error
> msgs:
> ...
> Trying to mount root from ufs:/dev/ada0s1a [rw]...
> WARNING: / was not properly dismounted
> ...
> Starting file system checks:
> ** SU+J Recovering /dev/ada0s1a
> ...
> 
> but when I do
> Machine-Close-Send the shutdown signal
> there are no errors, just normal msgs:
> ...
> Trying to mount root from ufs:/dev/ada0s1a [rw]...
> ...
> Starting file system checks:
> /dev/ada0s1a: FILE SYSTEM CLEAN; SKIPPING CHECKS
> ...
> 

Ummm... what did you expect to happen?  'Machine-Close-Power off' is
essentially the same as ripping the power cord out of a physical
machine.  It's designed to stop the guest system no matter what: even if
the guest is trapped in so tight a loop it can't respond to anything else.

'Machine-Close-Send shutdown' is more like pressing the power button on
the front of most modern machines, in that what it does is signal the
guest OS to shut itself off and power down the system after that.  You
can achieve the same effect from within the guest OS by typing:

  shutdown -p now

'Machine-Close-Send shutdown' is what you want to use routinely.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: FB 9.1 boot loader problem in VirtualBox

[Matthew Seaman]

On 06/01/2013 11:19, jb wrote:
> Next problem:
> I selected powerd service during install, but after boot, there was error msg:
> starting powerd
> powerd lookup freq: No such file or directory
> /etc/rc: WARNING failed to start powerd

Again -- standard for VirtualBox hosts: powerd doesn't work -- the guest
OS can't control the frequency of the host CPU, which is what you'ld
expect thinking about it.

Just disable powerd in /etc/rc.conf to get rid of the error message.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: FB 9.1 boot loader problem in VirtualBox

[Matthew Seaman]

On 06/01/2013 11:19, jb wrote:
> Next problem:
> the installation's dmesg shows net driver em0, which is Intel PRO/1000 - and
> this is how install offers to configure the network;
> but my host has Broadcom Corporation NetLink BCM5787M Gigabit Ethernet PCI
> Express, which is bge0 driver in FB.
> How to force it to discover the right net device during install, and/or after
> install ?

This is normal for VirtualBox -- it doesn't matter what NIC the host
has, VB always presents it as an em(4) interface to the guest.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: pkgng - Obsolete Dependencies?

[Matthew Seaman]

On 03/01/2013 20:59, Walter Hurry wrote:
> On several of my boxes (set up with pkgng), libcheck was recorded as a 
> dependency of a number of (wxPython etc.) packages. However, I noticed 
> that on a fresh install, libcheck did not get pulled in.
> 
> So I returned to the older boxes and reinstalled the depending packages, 
> using 'pkg install -f'. Lo and behold, the dependencies disappeared.
> 
> Is this expected behaviour?

As far as I can see, libcheck is not currently a dependency of any of
the x11-toolkits/py-wx* ports.  As libcheck is a unit test framework, it
would  be unlikely to be anything other than a BUILD_DEPENDS anyhow --
and if you use pkgng with a repo, the only packages you'ld install and
the only dependencies pkgng would record are the RUN_DEPENDS and
LIB_DEPENDS.

So I don't know why it appeared on your older systems, but having it
disappear on the updated ones would be correct and the expected outcome.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: FreeBSD 9.1 RELEASE - does not install package

[Matthew Seaman]

On 03/01/2013 17:56, Joseph A. Nagy, Jr wrote:
> On 01/03/13 11:50, Celso Viana wrote:
>> Hi all,
>>
>> I can not install the package "subversion" with "pkg_add -r"
>>
>> pkg_add: unable to fetch
>> 'ftp://ftp.freebsd.org/pub/FreeBSD/ports/amd64/packages-9.1-release/Latest/subversion.tbz'
>>
>> by URL
>>
>> I observed that there is "packages-9.1-release" in
>> 'ftp://ftp.freebsd.org/pub/FreeBSD/ports/amd64";
>>
>> In FreeBSD 9.1 RELEASE, how do I install packages via "pkg_add"?
>>
>> Thanks!!
>>
> 
> You don't, the pkgbeta site is, to my knowledge, still down. Also, if
> pkgng is in by default, next time try 'pkg add' instead.
> 

pkgng isn't in 9.1 by default.  You've got to wait until 9.2 for that
(or upgrade to 10.x).  However, you can choose to install it from ports
if you wish.

The OP is asking about pkg_add, however the answer is basically the same
for either pkg_tools and pkgng:

The security incident: http://www.freebsd.org/news/2012-compromise.html
has meant that all of the package building systems available to the
FreeBSD project (either for pkg_tools or pkgng) have been quarantined,
pending sanitization and reinstallation.  Consequently there have hardly
been any packages built in the last month or so.

There are no packages available yet for the packages-9.1-release set.

There are no packages available from pkgbeta (except for a lonely copy
of pkg-1.0.3.txz so people can bootstrap pkgng on their machines).

For pkg_tools, there are older packages available: you should be able to
use pkg compiled for 9.0 or stable/9 pretty successfully on 9.1-RELEASE.
 For pkgng unfortunately your only choices are to wait patiently or to
compile your own.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.

PGP: http://www.infracaninophile.co.uk/pgpkey
JID: matt...@infracaninophile.co.uk



signature.asc
Description: OpenPGP digital signature

Re: freebsd-update patches custom /boot/kernel/kernel which it should not

[Matthew Seaman]

On 02/01/2013 20:55, Paul Schmehl wrote:
> I wasn't thinking when I wrote this.  Freebsd-update pulls *binary*
> copies of files, so you're not ever going to get the src files to
> rebuild your kernel from freebsd-update.  You need to pull those in
> using svn.

Not so.  Take a look at /etc/freebsd-update.conf -- if you have 'src'
listed as one of the Components, freebsd-update will keep your /usr/src
up to date.

Primarily this is intendend for people that want to do binary updates of
userland, but compile their own kernels for particular device support or
whatever reason.  However there's no reason why you couldn't just use
freebsd-update just to grab system sources, and them update by building
and installing world.

If you want to track a release brance, and you don't intend to do any
development work on the sources, then freebsd-update is going to be a
lot more efficient for you than SVN.  Outside that particular audience,
however, svn rules.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: pkg_add and 9.1 Release

[Matthew Seaman]

On 02/01/2013 14:42, Fbsd8 wrote:
> what is the status of
> ftp://ftp.freebsd.org/pub/FreeBSD/ports/amd64/packages-current/Latest/
> which is on the ftp servers?

The latest packages there are what was compiled before the security
incident.  It hasn't been updated since.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: pkg_add and 9.1 Release

[Matthew Seaman]

On 02/01/2013 08:00, Zyumbilev, Peter wrote:
> In this case for a new Nas4free machine, will you recommend to base it
> on 9.0 or 9.1 ?

Either.  Whichever one works best for you, and if you can't distinguish
them on performance or bug-fixes, choose 9.1.

However, don't fall into the trap of thinking 'because I'm running OS
version 9.0 I have to use the binary packages for 9.0.'  You don't.  And
in fact, if it's more than a month or so since the OS was released, you
should be checking for updates.

Unfortunately, since the security problem, there haven't been updates to
package sets for *any* OS versions available.  So your best recourse is
to pull down a copy of the ports tree and build what packages you need
for yourself.  This is time consuming, but not particularly difficult.

Cheers,

Matthew

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: pkg_add and 9.1 Release

[Matthew Seaman]

On 02/01/2013 05:20, doug wrote:
> Is this command being phased out? pkg_add -r uses a default environment
> of
> ftp://ftp.freebsd.org/pub/FreeBSD/ports/amd64/packages-9.1-release/Latest/

In fact, yes, pkg_add and the other pkg_tools commands are being phased
out in favour of pkgng.  However it is early days yet, and the problem
you're seeing has nothing to do with that process.  pkgng won't become
the default in 9.x until the next release: until then the status quo
ante persists.

> This path does not exist on ftp.freebsd.org.

Quite so.  It's because of this:

http://www.freebsd.org/news/2012-compromise.html

As a consequence, large parts of the package building infrastructure are
quarantined, pending reinstallation.  Also there is a lot of work going
into revising the software used to build the packages with security
enhancements in mind.  So there simply aren't packages available yet to
go with 9.1-RELEASE.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: http://localhost/phpmyadmin

[Matthew Seaman]

On 01/01/2013 13:01, Bekim's Mac wrote:
> 

It's traditional to actually ask a question...

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature